From: pebenito@ieee.org (Chris PeBenito)
Date: Tue, 12 Sep 2017 19:08:59 -0400
Subject: [refpolicy] [PATCH] portage: Transition to ldconfig_t when
 calling ldconfig
In-Reply-To: <20170912071657.22276-1-aranea@aixah.de>
References: <20170912071657.22276-1-aranea@aixah.de>
Message-ID: <4e5505fe-b780-d3cd-75cd-535debf7e8cb@ieee.org>
To: refpolicy@oss.tresys.com
List-Id: refpolicy.oss.tresys.com

On 09/12/2017 03:16 AM, Luis Ressel via refpolicy wrote:
> portage_t used to have all neccessary permissions to run ldconfig in its
> own domain, but ldconfig now needs map access to its cache, so it's
> either this or allowing portage_t to map ldconfig_cache_t.
> ---
>   portage.te | 2 ++
>   1 file changed, 2 insertions(+)
> 
> diff --git a/portage.te b/portage.te
> index 79f2e3e..98caa2f 100644
> --- a/portage.te
> +++ b/portage.te
> @@ -194,6 +194,8 @@ auth_manage_shadow(portage_t)
>   # merging baselayout will need this:
>   init_exec(portage_t)
>   
> +libs_run_ldconfig(portage_t, portage_roles)
> +


Merged.

-- 
Chris PeBenito