LinuxLists.cc - [refpolicy] [PATCH] Use xattr-labeling for squashfs.

2014-02-15 12:24:55

Subject: [refpolicy] [PATCH] Use xattr-labeling for squashfs.

This is taken from the Fedora policy (authors: Dan Walsh, Miroslav
Grepl) and dates back to 2011 there.
---
policy/modules/kernel/filesystem.te | 8 ++------
1 file changed, 2 insertions(+), 6 deletions(-)

diff --git a/policy/modules/kernel/filesystem.te b/policy/modules/kernel/filesystem.te
index e7d1738..aaf0506 100644
--- a/policy/modules/kernel/filesystem.te
+++ b/policy/modules/kernel/filesystem.te
@@ -1,4 +1,4 @@
-policy_module(filesystem, 1.17.2)
+policy_module(filesystem, 1.17.3)

########################################
#
@@ -32,6 +32,7 @@ fs_use_xattr gpfs gen_context(system_u:object_r:fs_t,s0);
fs_use_xattr jffs2 gen_context(system_u:object_r:fs_t,s0);
fs_use_xattr jfs gen_context(system_u:object_r:fs_t,s0);
fs_use_xattr lustre gen_context(system_u:object_r:fs_t,s0);
+fs_use_xattr squashfs gen_context(system_u:object_r:fs_t,s0);
fs_use_xattr xfs gen_context(system_u:object_r:fs_t,s0);
fs_use_xattr zfs gen_context(system_u:object_r:fs_t,s0);

@@ -150,11 +151,6 @@ fs_type(spufs_t)
genfscon spufs / gen_context(system_u:object_r:spufs_t,s0)
files_mountpoint(spufs_t)

-type squash_t;
-fs_type(squash_t)
-genfscon squash / gen_context(system_u:object_r:squash_t,s0)
-files_mountpoint(squash_t)
-
type sysv_t;
fs_noxattr_type(sysv_t)
files_mountpoint(sysv_t)
--
1.8.5.4

2014-02-15 19:35:15

by cpebenito

[permalink] [raw]

Subject: [refpolicy] [PATCH] Use xattr-labeling for squashfs.

On 2/15/2014 7:24 AM, Luis Ressel wrote:
> This is taken from the Fedora policy (authors: Dan Walsh, Miroslav
> Grepl) and dates back to 2011 there.

Merged.

> ---
> policy/modules/kernel/filesystem.te | 8 ++------
> 1 file changed, 2 insertions(+), 6 deletions(-)
>
> diff --git a/policy/modules/kernel/filesystem.te b/policy/modules/kernel/filesystem.te
> index e7d1738..aaf0506 100644
> --- a/policy/modules/kernel/filesystem.te
> +++ b/policy/modules/kernel/filesystem.te
> @@ -1,4 +1,4 @@
> -policy_module(filesystem, 1.17.2)
> +policy_module(filesystem, 1.17.3)
>
> ########################################
> #
> @@ -32,6 +32,7 @@ fs_use_xattr gpfs gen_context(system_u:object_r:fs_t,s0);
> fs_use_xattr jffs2 gen_context(system_u:object_r:fs_t,s0);
> fs_use_xattr jfs gen_context(system_u:object_r:fs_t,s0);
> fs_use_xattr lustre gen_context(system_u:object_r:fs_t,s0);
> +fs_use_xattr squashfs gen_context(system_u:object_r:fs_t,s0);
> fs_use_xattr xfs gen_context(system_u:object_r:fs_t,s0);
> fs_use_xattr zfs gen_context(system_u:object_r:fs_t,s0);
>
> @@ -150,11 +151,6 @@ fs_type(spufs_t)
> genfscon spufs / gen_context(system_u:object_r:spufs_t,s0)
> files_mountpoint(spufs_t)
>
> -type squash_t;
> -fs_type(squash_t)
> -genfscon squash / gen_context(system_u:object_r:squash_t,s0)
> -files_mountpoint(squash_t)
> -
> type sysv_t;
> fs_noxattr_type(sysv_t)
> files_mountpoint(sysv_t)
>

--
Chris PeBenito
Tresys Technology, LLC
http://www.tresys.com | oss.tresys.com