trunk: Patch to clean up unescaped periods in several file context entries from Jan-Frode Myklebust.
This commit is contained in:
Chris PeBenito
parent
12e9ea1ae3
commit
6c53a10e28
|
|
@ -1,3 +1,5 @@
|
|||
- Patch to clean up unescaped periods in several file context entries from
|
||||
Jan-Frode Myklebust.
|
||||
- Merge shlib_t into lib_t.
|
||||
- Merge strict and targeted policies. The policy will now behave like the
|
||||
strict policy if the unconfined module is not present. If it is, it will
|
||||
|
|
|
|||
|
|
@ -193,7 +193,7 @@ ifdef(`distro_redhat', `
|
|||
/usr/lib64/bluetooth(/.*)? -- gen_context(system_u:object_r:bin_t,s0)
|
||||
/usr/share/authconfig/authconfig-gtk\.py -- gen_context(system_u:object_r:bin_t,s0)
|
||||
/usr/share/authconfig/authconfig-tui\.py -- gen_context(system_u:object_r:bin_t,s0)
|
||||
/usr/share/authconfig/authconfig.py -- gen_context(system_u:object_r:bin_t,s0)
|
||||
/usr/share/authconfig/authconfig\.py -- gen_context(system_u:object_r:bin_t,s0)
|
||||
/usr/share/cvs/contrib/rcs2log -- gen_context(system_u:object_r:bin_t,s0)
|
||||
/usr/share/clamav/clamd-gen -- gen_context(system_u:object_r:bin_t,s0)
|
||||
/usr/share/clamav/freshclam-sleep -- gen_context(system_u:object_r:bin_t,s0)
|
||||
|
|
|
|||
|
|
@ -1,5 +1,5 @@
|
|||
|
||||
policy_module(corecommands,1.8.1)
|
||||
policy_module(corecommands,1.8.2)
|
||||
|
||||
########################################
|
||||
#
|
||||
|
|
|
|||
|
|
@ -57,7 +57,7 @@ ifdef(`distro_suse',`
|
|||
/etc/motd -- gen_context(system_u:object_r:etc_runtime_t,s0)
|
||||
/etc/nohotplug -- gen_context(system_u:object_r:etc_runtime_t,s0)
|
||||
/etc/nologin.* -- gen_context(system_u:object_r:etc_runtime_t,s0)
|
||||
/etc/reader.conf -- gen_context(system_u:object_r:etc_runtime_t,s0)
|
||||
/etc/reader\.conf -- gen_context(system_u:object_r:etc_runtime_t,s0)
|
||||
/etc/smartd\.conf.* -- gen_context(system_u:object_r:etc_runtime_t,s0)
|
||||
|
||||
/etc/cups/client\.conf -- gen_context(system_u:object_r:etc_t,s0)
|
||||
|
|
|
|||
|
|
@ -1,5 +1,5 @@
|
|||
|
||||
policy_module(files,1.7.1)
|
||||
policy_module(files,1.7.2)
|
||||
|
||||
########################################
|
||||
#
|
||||
|
|
|
|||
|
|
@ -3,4 +3,4 @@
|
|||
/var/lib/aide(/.*) gen_context(system_u:object_r:aide_db_t,mls_systemhigh)
|
||||
|
||||
/var/log/aide(/.*)? gen_context(system_u:object_r:aide_log_t,mls_systemhigh)
|
||||
/var/log/aide.log -- gen_context(system_u:object_r:aide_log_t,mls_systemhigh)
|
||||
/var/log/aide\.log -- gen_context(system_u:object_r:aide_log_t,mls_systemhigh)
|
||||
|
|
|
|||
|
|
@ -1,5 +1,5 @@
|
|||
|
||||
policy_module(aide,1.2.0)
|
||||
policy_module(aide,1.2.1)
|
||||
|
||||
########################################
|
||||
#
|
||||
|
|
|
|||
|
|
@ -9,7 +9,7 @@ ifdef(`distro_debian',`
|
|||
|
||||
/var/run/apcupsd\.pid -- gen_context(system_u:object_r:apcupsd_var_run_t,s0)
|
||||
|
||||
/var/www/apcupsd/multimon.cgi -- gen_context(system_u:object_r:httpd_apcupsd_cgi_script_exec_t,s0)
|
||||
/var/www/apcupsd/upsfstats.cgi -- gen_context(system_u:object_r:httpd_apcupsd_cgi_script_exec_t,s0)
|
||||
/var/www/apcupsd/upsimage.cgi -- gen_context(system_u:object_r:httpd_apcupsd_cgi_script_exec_t,s0)
|
||||
/var/www/apcupsd/upsstats.cgi -- gen_context(system_u:object_r:httpd_apcupsd_cgi_script_exec_t,s0)
|
||||
/var/www/apcupsd/multimon\.cgi -- gen_context(system_u:object_r:httpd_apcupsd_cgi_script_exec_t,s0)
|
||||
/var/www/apcupsd/upsfstats\.cgi -- gen_context(system_u:object_r:httpd_apcupsd_cgi_script_exec_t,s0)
|
||||
/var/www/apcupsd/upsimage\.cgi -- gen_context(system_u:object_r:httpd_apcupsd_cgi_script_exec_t,s0)
|
||||
/var/www/apcupsd/upsstats\.cgi -- gen_context(system_u:object_r:httpd_apcupsd_cgi_script_exec_t,s0)
|
||||
|
|
|
|||
|
|
@ -1,5 +1,5 @@
|
|||
|
||||
policy_module(apcupsd,1.2.1)
|
||||
policy_module(apcupsd,1.2.2)
|
||||
|
||||
########################################
|
||||
#
|
||||
|
|
|
|||
|
|
@ -1,3 +1,3 @@
|
|||
/usr/sbin/console-kit-daemon -- gen_context(system_u:object_r:consolekit_exec_t,s0)
|
||||
|
||||
/var/run/consolekit.pid -- gen_context(system_u:object_r:consolekit_var_run_t,s0)
|
||||
/var/run/consolekit\.pid -- gen_context(system_u:object_r:consolekit_var_run_t,s0)
|
||||
|
|
|
|||
|
|
@ -1,5 +1,5 @@
|
|||
|
||||
policy_module(consolekit,1.2.0)
|
||||
policy_module(consolekit,1.2.1)
|
||||
|
||||
########################################
|
||||
#
|
||||
|
|
|
|||
|
|
@ -1,3 +1,3 @@
|
|||
/usr/bin/fail2ban -- gen_context(system_u:object_r:fail2ban_exec_t,s0)
|
||||
/var/log/fail2ban.log -- gen_context(system_u:object_r:fail2ban_log_t,s0)
|
||||
/var/run/fail2ban.pid -- gen_context(system_u:object_r:fail2ban_var_run_t,s0)
|
||||
/var/log/fail2ban\.log -- gen_context(system_u:object_r:fail2ban_log_t,s0)
|
||||
/var/run/fail2ban\.pid -- gen_context(system_u:object_r:fail2ban_var_run_t,s0)
|
||||
|
|
|
|||
|
|
@ -1,5 +1,5 @@
|
|||
|
||||
policy_module(fail2ban,1.0.1)
|
||||
policy_module(fail2ban,1.0.2)
|
||||
|
||||
########################################
|
||||
#
|
||||
|
|
|
|||
|
|
@ -15,7 +15,7 @@
|
|||
|
||||
/var/lib/hal(/.*)? gen_context(system_u:object_r:hald_var_lib_t,s0)
|
||||
|
||||
/var/log/pm-suspend.log gen_context(system_u:object_r:hald_log_t,s0)
|
||||
/var/log/pm-suspend\.log gen_context(system_u:object_r:hald_log_t,s0)
|
||||
|
||||
/var/run/haldaemon.pid -- gen_context(system_u:object_r:hald_var_run_t,s0)
|
||||
/var/run/haldaemon\.pid -- gen_context(system_u:object_r:hald_var_run_t,s0)
|
||||
/var/run/vbestate -- gen_context(system_u:object_r:hald_var_run_t,s0)
|
||||
|
|
|
|||
|
|
@ -1,5 +1,5 @@
|
|||
|
||||
policy_module(hal,1.8.1)
|
||||
policy_module(hal,1.8.2)
|
||||
|
||||
########################################
|
||||
#
|
||||
|
|
|
|||
|
|
@ -2,4 +2,4 @@
|
|||
|
||||
/usr/sbin/oddjobd -- gen_context(system_u:object_r:oddjob_exec_t,s0)
|
||||
|
||||
/var/run/oddjobd.pid gen_context(system_u:object_r:oddjob_var_run_t,s0)
|
||||
/var/run/oddjobd\.pid gen_context(system_u:object_r:oddjob_var_run_t,s0)
|
||||
|
|
|
|||
|
|
@ -1,5 +1,5 @@
|
|||
|
||||
policy_module(oddjob,1.3.1)
|
||||
policy_module(oddjob,1.3.2)
|
||||
|
||||
########################################
|
||||
#
|
||||
|
|
|
|||
|
|
@ -3,7 +3,7 @@
|
|||
/etc/cron\.(daily|weekly|monthly)/freeradius -- gen_context(system_u:object_r:radiusd_exec_t,s0)
|
||||
|
||||
/etc/raddb(/.*)? gen_context(system_u:object_r:radiusd_etc_t,s0)
|
||||
/etc/raddb/db.daily -- gen_context(system_u:object_r:radiusd_etc_rw_t,s0)
|
||||
/etc/raddb/db\.daily -- gen_context(system_u:object_r:radiusd_etc_rw_t,s0)
|
||||
|
||||
/usr/sbin/radiusd -- gen_context(system_u:object_r:radiusd_exec_t,s0)
|
||||
/usr/sbin/freeradius -- gen_context(system_u:object_r:radiusd_exec_t,s0)
|
||||
|
|
|
|||
|
|
@ -1,5 +1,5 @@
|
|||
|
||||
policy_module(radius,1.5.1)
|
||||
policy_module(radius,1.5.2)
|
||||
|
||||
########################################
|
||||
#
|
||||
|
|
|
|||
|
|
@ -9,8 +9,8 @@
|
|||
|
||||
/var/lib/ricci(/.*)? gen_context(system_u:object_r:ricci_var_lib_t,s0)
|
||||
|
||||
/var/log/clumond.log -- gen_context(system_u:object_r:ricci_modcluster_var_log_t,s0)
|
||||
/var/log/clumond\.log -- gen_context(system_u:object_r:ricci_modcluster_var_log_t,s0)
|
||||
|
||||
/var/run/clumond.sock -s gen_context(system_u:object_r:ricci_modcluster_var_run_t,s0)
|
||||
/var/run/modclusterd.pid -- gen_context(system_u:object_r:ricci_modcluster_var_run_t,s0)
|
||||
/var/run/ricci.pid -- gen_context(system_u:object_r:ricci_var_run_t,s0)
|
||||
/var/run/clumond\.sock -s gen_context(system_u:object_r:ricci_modcluster_var_run_t,s0)
|
||||
/var/run/modclusterd\.pid -- gen_context(system_u:object_r:ricci_modcluster_var_run_t,s0)
|
||||
/var/run/ricci\.pid -- gen_context(system_u:object_r:ricci_var_run_t,s0)
|
||||
|
|
|
|||
|
|
@ -1,5 +1,5 @@
|
|||
|
||||
policy_module(ricci,1.2.1)
|
||||
policy_module(ricci,1.2.2)
|
||||
|
||||
########################################
|
||||
#
|
||||
|
|
|
|||
|
|
@ -2,6 +2,6 @@
|
|||
|
||||
/var/lib/rpcbind(/.*)? gen_context(system_u:object_r:rpcbind_var_lib_t,s0)
|
||||
|
||||
/var/run/rpc.statd.pid -- gen_context(system_u:object_r:rpcbind_var_run_t,s0)
|
||||
/var/run/rpcbind.lock -- gen_context(system_u:object_r:rpcbind_var_run_t,s0)
|
||||
/var/run/rpcbind.sock -s gen_context(system_u:object_r:rpcbind_var_run_t,s0)
|
||||
/var/run/rpc.statd\.pid -- gen_context(system_u:object_r:rpcbind_var_run_t,s0)
|
||||
/var/run/rpcbind\.lock -- gen_context(system_u:object_r:rpcbind_var_run_t,s0)
|
||||
/var/run/rpcbind\.sock -s gen_context(system_u:object_r:rpcbind_var_run_t,s0)
|
||||
|
|
|
|||
|
|
@ -1,5 +1,5 @@
|
|||
|
||||
policy_module(rpcbind,1.0.0)
|
||||
policy_module(rpcbind,1.0.1)
|
||||
|
||||
########################################
|
||||
#
|
||||
|
|
|
|||
|
|
@ -3,7 +3,7 @@
|
|||
# /etc
|
||||
#
|
||||
/etc/samba/MACHINE\.SID -- gen_context(system_u:object_r:samba_secrets_t,s0)
|
||||
/etc/samba/passdb.tdb -- gen_context(system_u:object_r:samba_secrets_t,s0)
|
||||
/etc/samba/passdb\.tdb -- gen_context(system_u:object_r:samba_secrets_t,s0)
|
||||
/etc/samba/secrets\.tdb -- gen_context(system_u:object_r:samba_secrets_t,s0)
|
||||
/etc/samba/smbpasswd -- gen_context(system_u:object_r:samba_secrets_t,s0)
|
||||
/etc/samba(/.*)? gen_context(system_u:object_r:samba_etc_t,s0)
|
||||
|
|
|
|||
|
|
@ -1,5 +1,5 @@
|
|||
|
||||
policy_module(samba,1.6.1)
|
||||
policy_module(samba,1.6.2)
|
||||
|
||||
#################################
|
||||
#
|
||||
|
|
|
|||
|
|
@ -13,7 +13,7 @@
|
|||
|
||||
ifdef(`distro_gentoo',`
|
||||
/etc/vmware/init\.d/vmware -- gen_context(system_u:object_r:initrc_exec_t,s0)
|
||||
/etc/x11/startDM.sh -- gen_context(system_u:object_r:initrc_exec_t,s0)
|
||||
/etc/x11/startDM\.sh -- gen_context(system_u:object_r:initrc_exec_t,s0)
|
||||
')
|
||||
|
||||
#
|
||||
|
|
|
|||
|
|
@ -1,5 +1,5 @@
|
|||
|
||||
policy_module(init,1.8.1)
|
||||
policy_module(init,1.8.2)
|
||||
|
||||
gen_require(`
|
||||
class passwd rootok;
|
||||
|
|
|
|||
|
|
@ -2,4 +2,4 @@
|
|||
|
||||
/var/lib/iscsi(/.*)? -- gen_context(system_u:object_r:iscsi_var_lib_t,s0)
|
||||
/var/lock/iscsi(/.*)? -- gen_context(system_u:object_r:iscsi_lock_t,s0)
|
||||
/var/run/iscsid.pid -- gen_context(system_u:object_r:iscsi_var_run_t,s0)
|
||||
/var/run/iscsid\.pid -- gen_context(system_u:object_r:iscsi_var_run_t,s0)
|
||||
|
|
|
|||
|
|
@ -1,5 +1,5 @@
|
|||
|
||||
policy_module(iscsid,1.2.1)
|
||||
policy_module(iscsid,1.2.2)
|
||||
|
||||
########################################
|
||||
#
|
||||
|
|
|
|||
|
|
@ -109,8 +109,8 @@ ifdef(`distro_gentoo',`
|
|||
|
||||
/usr/(.*/)?nvidia/.+\.so(\..*)? -- gen_context(system_u:object_r:textrel_shlib_t,s0)
|
||||
|
||||
/usr/lib/vlc/codec/libdmo_plugin.so -- gen_context(system_u:object_r:textrel_shlib_t,s0)
|
||||
/usr/lib/vlc/codec/librealaudio_plugin.so -- gen_context(system_u:object_r:textrel_shlib_t,s0)
|
||||
/usr/lib/vlc/codec/libdmo_plugin\.so -- gen_context(system_u:object_r:textrel_shlib_t,s0)
|
||||
/usr/lib/vlc/codec/librealaudio_plugin\.so -- gen_context(system_u:object_r:textrel_shlib_t,s0)
|
||||
|
||||
/usr/(.*/)?lib(64)?(/.*)?/nvidia/.+\.so(\..*)? -- gen_context(system_u:object_r:textrel_shlib_t,s0)
|
||||
/usr/lib(64)?(/.*)?/nvidia/.+\.so(\..*)? -- gen_context(system_u:object_r:textrel_shlib_t,s0)
|
||||
|
|
@ -255,10 +255,10 @@ HOME_DIR/.*/plugins/nprhapengine\.so.* -- gen_context(system_u:object_r:textrel_
|
|||
/usr/(local/)?Adobe/(.*/)?lib/[^/]*\.so(\.[^/]*)* -- gen_context(system_u:object_r:textrel_shlib_t,s0)
|
||||
/usr/(local/)?acroread/(.*/)?lib/[^/]*\.so(\.[^/]*)* -- gen_context(system_u:object_r:textrel_shlib_t,s0)
|
||||
/usr/(local/)?Adobe/.*\.api -- gen_context(system_u:object_r:textrel_shlib_t,s0)
|
||||
/usr/(local/)?lib/xchat/plugins/systray.so -- gen_context(system_u:object_r:textrel_shlib_t,s0)
|
||||
/usr/(local/)?lib/xchat/plugins/systray\.so -- gen_context(system_u:object_r:textrel_shlib_t,s0)
|
||||
/usr/(local/)?matlab.*/bin/glnx86/libmwlapack\.so -- gen_context(system_u:object_r:textrel_shlib_t,s0)
|
||||
/usr/(local/)?matlab.*/bin/glnx86/(libmw(lapack|mathutil|services)|lapack|libmkl).so -- gen_context(system_u:object_r:textrel_shlib_t,s0)
|
||||
/usr/(local/)?matlab.*/sys/os/glnx86/libtermcap.so -- gen_context(system_u:object_r:textrel_shlib_t,s0)
|
||||
/usr/(local/)?matlab.*/bin/glnx86/(libmw(lapack|mathutil|services)|lapack|libmkl)\.so -- gen_context(system_u:object_r:textrel_shlib_t,s0)
|
||||
/usr/(local/)?matlab.*/sys/os/glnx86/libtermcap\.so -- gen_context(system_u:object_r:textrel_shlib_t,s0)
|
||||
|
||||
/usr/(.*/)?intellinux/SPPlugins/ADMPlugin\.apl -- gen_context(system_u:object_r:textrel_shlib_t,s0)
|
||||
|
||||
|
|
|
|||
|
|
@ -1,5 +1,5 @@
|
|||
|
||||
policy_module(libraries,1.7.1)
|
||||
policy_module(libraries,1.7.2)
|
||||
|
||||
########################################
|
||||
#
|
||||
|
|
|
|||
|
|
@ -94,5 +94,5 @@ ifdef(`distro_gentoo',`
|
|||
#
|
||||
/var/cache/multipathd(/.*)? gen_context(system_u:object_r:lvm_metadata_t,s0)
|
||||
/var/lock/lvm(/.*)? gen_context(system_u:object_r:lvm_lock_t,s0)
|
||||
/var/run/multipathd.sock -s gen_context(system_u:object_r:lvm_var_run_t,s0)
|
||||
/var/run/multipathd\.sock -s gen_context(system_u:object_r:lvm_var_run_t,s0)
|
||||
/var/lib/multipath(/.*)? gen_context(system_u:object_r:lvm_var_lib_t,s0)
|
||||
|
|
|
|||
|
|
@ -1,5 +1,5 @@
|
|||
|
||||
policy_module(lvm,1.7.1)
|
||||
policy_module(lvm,1.7.2)
|
||||
|
||||
########################################
|
||||
#
|
||||
|
|
|
|||
Loading…
Reference in New Issue