From: aranea@aixah.de (Luis Ressel)
Date: Sat, 8 Aug 2015 12:53:03 +0200
Subject: [refpolicy] apr build tools
Message-ID: <20150808125303.52818256@gentp.lnet>
To: refpolicy@oss.tresys.com
List-Id: refpolicy.oss.tresys.com

The Apache Portable Runtime (apr.apache.org), used by their httpd and
various other packages, installs some build tools
to /usr/share/build-1/, among them the two shell scripts "libtool" and
"mkdir.sh". These need a bin_t context.

In the gentoo policy, we mark them as such in contrib/apache.fc and
kernel/corecommands.fc. I'd like to move those markings to refpolicy,
but I'm not sure which *.fc is appropriate (I'd prefer something like
corecommands.fc which ends up in the base policy; it shouldn't be in
the apache module because the APR and these build scripts are used by
some programs which don't depend on a locally running httpd and
therefore shouldn't require the apache policy). I guess corecommands.fc
is an acceptable place?


Regards,
Luis Ressel