From: pebenito@ieee.org (Chris PeBenito)
Date: Fri, 8 Sep 2017 11:42:46 -0400
Subject: [refpolicy] [PATCH 2/2] corecommands: label Arch Linux pacman's
 scripts as bin_t
In-Reply-To: <20170906204417.15998-2-nicolas.iooss@m4x.org>
References: <20170906204417.15998-1-nicolas.iooss@m4x.org>
	<20170906204417.15998-2-nicolas.iooss@m4x.org>
Message-ID: <68776e88-5a9c-c2ca-5133-910d44d310af@ieee.org>
To: refpolicy@oss.tresys.com
List-Id: refpolicy.oss.tresys.com

On 09/06/2017 04:44 PM, Nicolas Iooss via refpolicy wrote:
> On Arch Linux, the package manager uses hooks which execute scripts in
> /usr/share/libalpm/scripts.
> ---
>   policy/modules/kernel/corecommands.fc | 1 +
>   1 file changed, 1 insertion(+)
> 
> diff --git a/policy/modules/kernel/corecommands.fc b/policy/modules/kernel/corecommands.fc
> index 6573d890d941..546de8eb3a84 100644
> --- a/policy/modules/kernel/corecommands.fc
> +++ b/policy/modules/kernel/corecommands.fc
> @@ -300,6 +300,7 @@ ifdef(`distro_gentoo',`
>   /usr/share/gnucash/finance-quote-helper -- gen_context(system_u:object_r:bin_t,s0)
>   /usr/share/hal/device-manager/hal-device-manager -- gen_context(system_u:object_r:bin_t,s0)
>   /usr/share/hal/scripts(/.*)?		gen_context(system_u:object_r:bin_t,s0)
> +/usr/share/libalpm/scripts(/.*)?	gen_context(system_u:object_r:bin_t,s0)
>   /usr/share/mc/extfs/.*		--	gen_context(system_u:object_r:bin_t,s0)
>   /usr/share/Modules/init(/.*)?		gen_context(system_u:object_r:bin_t,s0)
>   /usr/share/org.gnome.Weather/org\.gnome\.Weather\.Application	--	gen_context(system_u:object_r:bin_t,s0)

Merged.

-- 
Chris PeBenito