LinuxLists.cc - [refpolicy] [PATCH] Mark APR build scripts as bin

2015-08-08 11:50:28

Subject: [refpolicy] [PATCH] Mark APR build scripts as bin_t

I don't know why those are in /usr/share/build-1/ instead of
/usr/share/apr-0/build/ here, but it doesn't appear to be
Gentoo-specific.
---
policy/modules/kernel/corecommands.fc | 2 ++
1 file changed, 2 insertions(+)

diff --git a/policy/modules/kernel/corecommands.fc b/policy/modules/kernel/corecommands.fc
index 958fad7..fd4fe85 100644
--- a/policy/modules/kernel/corecommands.fc
+++ b/policy/modules/kernel/corecommands.fc
@@ -282,6 +282,8 @@ ifdef(`distro_gentoo',`
/usr/share/ajaxterm/qweb.py.* -- gen_context(system_u:object_r:bin_t,s0)
/usr/share/apr-0/build/[^/]+\.sh -- gen_context(system_u:object_r:bin_t,s0)
/usr/share/apr-0/build/libtool -- gen_context(system_u:object_r:bin_t,s0)
+/usr/share/build-1/[^/]+\.sh -- gen_context(system_u:object_r:bin_t,s0)
+/usr/share/build-1/libtool -- gen_context(system_u:object_r:bin_t,s0)
/usr/share/dayplanner/dayplanner -- gen_context(system_u:object_r:bin_t,s0)
/usr/share/debconf/.+ -- gen_context(system_u:object_r:bin_t,s0)
/usr/share/denyhosts/scripts(/.*)? gen_context(system_u:object_r:bin_t,s0)
--
2.5.0

2015-08-11 12:47:50

by cpebenito

[permalink] [raw]

Subject: [refpolicy] [PATCH] Mark APR build scripts as bin_t

On 8/8/2015 7:50 AM, Luis Ressel wrote:
> I don't know why those are in /usr/share/build-1/ instead of
> /usr/share/apr-0/build/ here, but it doesn't appear to be
> Gentoo-specific.
> ---
> policy/modules/kernel/corecommands.fc | 2 ++
> 1 file changed, 2 insertions(+)
>
> diff --git a/policy/modules/kernel/corecommands.fc b/policy/modules/kernel/corecommands.fc
> index 958fad7..fd4fe85 100644
> --- a/policy/modules/kernel/corecommands.fc
> +++ b/policy/modules/kernel/corecommands.fc
> @@ -282,6 +282,8 @@ ifdef(`distro_gentoo',`
> /usr/share/ajaxterm/qweb.py.* -- gen_context(system_u:object_r:bin_t,s0)
> /usr/share/apr-0/build/[^/]+\.sh -- gen_context(system_u:object_r:bin_t,s0)
> /usr/share/apr-0/build/libtool -- gen_context(system_u:object_r:bin_t,s0)
> +/usr/share/build-1/[^/]+\.sh -- gen_context(system_u:object_r:bin_t,s0)
> +/usr/share/build-1/libtool -- gen_context(system_u:object_r:bin_t,s0)
> /usr/share/dayplanner/dayplanner -- gen_context(system_u:object_r:bin_t,s0)
> /usr/share/debconf/.+ -- gen_context(system_u:object_r:bin_t,s0)
> /usr/share/denyhosts/scripts(/.*)? gen_context(system_u:object_r:bin_t,s0)

Merged.

--
Chris PeBenito
Tresys Technology, LLC
http://www.tresys.com | oss.tresys.com