From: pebenito@ieee.org (Chris PeBenito)
Date: Sat, 23 Jun 2018 11:39:15 -0400
Subject: [refpolicy] [PATCH] Label /etc/hosts.allow as net_conf_t
In-Reply-To: <20180620093812.2558-1-bigon@debian.org>
References: <20180620093812.2558-1-bigon@debian.org>
Message-ID: <e1596d5b-7698-00e9-1215-5f2c15d19fe8@ieee.org>
To: refpolicy@oss.tresys.com
List-Id: refpolicy.oss.tresys.com

On 06/20/2018 05:38 AM, Laurent Bigonville via refpolicy wrote:
> From: Laurent Bigonville <bigon@bigon.be>
> 
> /etc/hosts.deny is labeled as net_conf_t so it makes sense to label
> hosts.allow the same way
> 
> Signed-off-by: Laurent Bigonville <bigon@bigon.be>
> ---
>   policy/modules/system/sysnetwork.fc | 1 +
>   1 file changed, 1 insertion(+)
> 
> diff --git a/policy/modules/system/sysnetwork.fc b/policy/modules/system/sysnetwork.fc
> index 91fb5160..cd528938 100644
> --- a/policy/modules/system/sysnetwork.fc
> +++ b/policy/modules/system/sysnetwork.fc
> @@ -16,6 +16,7 @@ ifdef(`distro_debian',`
>   /etc/dhcp/dhcpd\.conf	--	gen_context(system_u:object_r:dhcp_etc_t,s0)
>   /etc/ethers		--	gen_context(system_u:object_r:net_conf_t,s0)
>   /etc/hosts		--	gen_context(system_u:object_r:net_conf_t,s0)
> +/etc/hosts\.allow.*	--	gen_context(system_u:object_r:net_conf_t,s0)
>   /etc/hosts\.deny.*	--	gen_context(system_u:object_r:net_conf_t,s0)
>   /etc/denyhosts.*	--	gen_context(system_u:object_r:net_conf_t,s0)
>   /etc/resolv\.conf.*	--	gen_context(system_u:object_r:net_conf_t,s0)

Merged.

-- 
Chris PeBenito