patches for file contexts in networkmanager, miscfiles, corecommands, devices, and java from Dan Walsh.
This commit is contained in:
Chris PeBenito
parent
4900fdf7d1
commit
ecc98e19e3
@ -1,7 +1,8 @@
|
||||
- Patch for kerberized telnet fixes from Dan Walsh.
|
||||
- Patch for kerberized ftp and other ftp fixes from Dan Walsh.
|
||||
- Patch for an additional wine executable from Dan Walsh.
|
||||
- Patch for additional games file contexts from Dan Walsh.
|
||||
- Eight patches for file contexts in games, wine, networkmanager, miscfiles,
|
||||
corecommands, devices, and java from Dan Walsh.
|
||||
- Add support for libselinux 2.0.5 init_selinuxmnt() changes.
|
||||
- Patch for misc fixes to bluetooth from Dan Walsh.
|
||||
- Patch for misc fixes to kerberos from Dan Walsh.
|
||||
|
||||
@ -3,6 +3,8 @@
|
||||
#
|
||||
/opt/(.*/)?bin/java[^/]* -- gen_context(system_u:object_r:java_exec_t,s0)
|
||||
/opt/ibm/java2-ppc64-50/jre/(bin|javaws)(/.*)? -- gen_context(system_u:object_r:java_exec_t,s0)
|
||||
/opt/local/matlab/bin/(.*/)?MATLAB. -- gen_context(system_u:object_r:java_exec_t,s0)
|
||||
/opt/matlab/bin/(.*/)?MATLAB. -- gen_context(system_u:object_r:java_exec_t,s0)
|
||||
|
||||
#
|
||||
# /usr
|
||||
@ -18,3 +20,5 @@
|
||||
/usr/bin/grmic -- gen_context(system_u:object_r:java_exec_t,s0)
|
||||
/usr/bin/grmiregistry -- gen_context(system_u:object_r:java_exec_t,s0)
|
||||
/usr/bin/jv-convert -- gen_context(system_u:object_r:java_exec_t,s0)
|
||||
/usr/local/matlab/bin/(.*/)?MATLAB. -- gen_context(system_u:object_r:java_exec_t,s0)
|
||||
/usr/matlab/bin/(.*/)?MATLAB. -- gen_context(system_u:object_r:java_exec_t,s0)
|
||||
|
||||
@ -1,5 +1,5 @@
|
||||
|
||||
policy_module(java,1.3.2)
|
||||
policy_module(java,1.3.3)
|
||||
|
||||
########################################
|
||||
#
|
||||
|
||||
@ -53,6 +53,8 @@ ifdef(`distro_redhat',`
|
||||
|
||||
/etc/rc\.d/init\.d/functions -- gen_context(system_u:object_r:bin_t,s0)
|
||||
|
||||
/etc/security/namespace.init -- gen_context(system_u:object_r:bin_t,s0)
|
||||
|
||||
/etc/sysconfig/network-scripts/ifup-.* -- gen_context(system_u:object_r:bin_t,s0)
|
||||
/etc/sysconfig/network-scripts/ifup-.* -l gen_context(system_u:object_r:bin_t,s0)
|
||||
/etc/sysconfig/network-scripts/ifdown-.* -- gen_context(system_u:object_r:bin_t,s0)
|
||||
@ -73,7 +75,6 @@ ifdef(`distro_debian',`
|
||||
|
||||
ifdef(`targeted_policy',`
|
||||
/etc/X11/prefdm -- gen_context(system_u:object_r:bin_t,s0)
|
||||
/usr/games/nethack-3.4.3/nethack -- gen_context(system_u:object_r:bin_t,s0)
|
||||
')
|
||||
|
||||
#
|
||||
@ -188,6 +189,7 @@ ifdef(`distro_gentoo', `
|
||||
|
||||
ifdef(`distro_redhat', `
|
||||
/usr/lib/.*/program(/.*)? gen_context(system_u:object_r:bin_t,s0)
|
||||
/usr/lib/bluetooth(/.*)? -- gen_context(system_u:object_r:bin_t,s0)
|
||||
/usr/share/authconfig/authconfig-gtk\.py -- gen_context(system_u:object_r:bin_t,s0)
|
||||
/usr/share/authconfig/authconfig-tui\.py -- gen_context(system_u:object_r:bin_t,s0)
|
||||
/usr/share/authconfig/authconfig.py -- gen_context(system_u:object_r:bin_t,s0)
|
||||
|
||||
@ -1,5 +1,5 @@
|
||||
|
||||
policy_module(corecommands,1.5.1)
|
||||
policy_module(corecommands,1.5.2)
|
||||
|
||||
########################################
|
||||
#
|
||||
|
||||
@ -30,6 +30,7 @@
|
||||
/dev/kmsg -c gen_context(system_u:object_r:kmsg_device_t,mls_systemhigh)
|
||||
/dev/logibm -c gen_context(system_u:object_r:mouse_device_t,s0)
|
||||
/dev/lp.* -c gen_context(system_u:object_r:printer_device_t,s0)
|
||||
/dev/mcelog -c gen_context(system_u:object_r:kmsg_device_t,mls_systemhigh)
|
||||
/dev/mem -c gen_context(system_u:object_r:memory_device_t,mls_systemhigh)
|
||||
/dev/mice -c gen_context(system_u:object_r:mouse_device_t,s0)
|
||||
/dev/microcode -c gen_context(system_u:object_r:cpu_device_t,s0)
|
||||
@ -40,6 +41,7 @@
|
||||
/dev/null -c gen_context(system_u:object_r:null_device_t,s0)
|
||||
/dev/nvidia.* -c gen_context(system_u:object_r:xserver_misc_device_t,s0)
|
||||
/dev/nvram -c gen_context(system_u:object_r:nvram_device_t,mls_systemhigh)
|
||||
/dev/oldmem -c gen_context(system_u:object_r:memory_device_t,mls_systemhigh)
|
||||
/dev/par.* -c gen_context(system_u:object_r:printer_device_t,s0)
|
||||
/dev/patmgr[01] -c gen_context(system_u:object_r:sound_device_t,s0)
|
||||
/dev/pmu -c gen_context(system_u:object_r:power_device_t,s0)
|
||||
@ -58,6 +60,7 @@
|
||||
/dev/srnd[0-7] -c gen_context(system_u:object_r:sound_device_t,s0)
|
||||
/dev/snapshot -c gen_context(system_u:object_r:apm_bios_t,s0)
|
||||
/dev/sndstat -c gen_context(system_u:object_r:sound_device_t,s0)
|
||||
/dev/sonypi -c gen_context(system_u:object_r:v4l_device_t,s0)
|
||||
/dev/tlk[0-3] -c gen_context(system_u:object_r:v4l_device_t,s0)
|
||||
/dev/urandom -c gen_context(system_u:object_r:urandom_device_t,s0)
|
||||
/dev/usbdev.* -c gen_context(system_u:object_r:usb_device_t,s0)
|
||||
|
||||
@ -1,5 +1,5 @@
|
||||
|
||||
policy_module(devices,1.3.0)
|
||||
policy_module(devices,1.3.1)
|
||||
|
||||
########################################
|
||||
#
|
||||
|
||||
@ -3,4 +3,4 @@
|
||||
/var/run/NetworkManager\.pid -- gen_context(system_u:object_r:NetworkManager_var_run_t,s0)
|
||||
/var/run/NetworkManager(/.*)? gen_context(system_u:object_r:NetworkManager_var_run_t,s0)
|
||||
/var/run/wpa_supplicant(/.*)? gen_context(system_u:object_r:NetworkManager_var_run_t,s0)
|
||||
/var/run/wpa_supplicant-global -- gen_context(system_u:object_r:NetworkManager_var_run_t,s0)
|
||||
/var/run/wpa_supplicant-global -s gen_context(system_u:object_r:NetworkManager_var_run_t,s0)
|
||||
|
||||
@ -1,5 +1,5 @@
|
||||
|
||||
policy_module(networkmanager,1.5.1)
|
||||
policy_module(networkmanager,1.5.2)
|
||||
|
||||
########################################
|
||||
#
|
||||
|
||||
@ -74,11 +74,12 @@ ifdef(`distro_gentoo',`
|
||||
/opt/(.*/)?lib64(/.*)? gen_context(system_u:object_r:lib_t,s0)
|
||||
/opt/(.*/)?lib64/.+\.so -- gen_context(system_u:object_r:shlib_t,s0)
|
||||
/opt/(.*/)?lib64/.+\.so\.[^/]* -- gen_context(system_u:object_r:shlib_t,s0)
|
||||
/opt/(.*/)?java/.+\.jar -- gen_context(system_u:object_r:shlib_t,s0)
|
||||
/opt/(.*/)?jre.*/.+\.so(\.[^/]*)* -- gen_context(system_u:object_r:textrel_shlib_t,s0)
|
||||
/opt/(.*/)?jre/.+\.jar -- gen_context(system_u:object_r:shlib_t,s0)
|
||||
/opt/cisco-vpnclient/lib/libvpnapi\.so -- gen_context(system_u:object_r:textrel_shlib_t,s0)
|
||||
/opt/netbeans(.*/)?jdk.*/linux/.+\.so(\.[^/]*)* -- gen_context(system_u:object_r:textrel_shlib_t,s0)
|
||||
/opt/(.*/)?java/.+\.jar -- gen_context(system_u:object_r:shlib_t,s0)
|
||||
/opt/(.*/)?jre/.+\.jar -- gen_context(system_u:object_r:shlib_t,s0)
|
||||
/opt/cxoffice/lib/wine/.+\.so -- gen_context(system_u:object_r:textrel_shlib_t,s0)
|
||||
/opt/ibm/java2-ppc64-50/jre/bin/.+\.so(\.[^/]*)* -- gen_context(system_u:object_r:textrel_shlib_t,s0)
|
||||
|
||||
ifdef(`distro_gentoo',`
|
||||
@ -276,7 +277,10 @@ HOME_DIR/.*/plugins/nprhapengine\.so.* -- gen_context(system_u:object_r:textrel_
|
||||
/usr/(local/)?acroread/(.*/)?lib/[^/]*\.so(\.[^/]*)* -- gen_context(system_u:object_r:textrel_shlib_t,s0)
|
||||
/usr/(local/)?Adobe/.*\.api -- gen_context(system_u:object_r:textrel_shlib_t,s0)
|
||||
/usr/(local/)?lib/xchat/plugins/systray.so -- gen_context(system_u:object_r:textrel_shlib_t,s0)
|
||||
/usr/local/matlab.*/bin/glnx86/libmwlapack\.so -- gen_context(system_u:object_r:textrel_shlib_t,s0)
|
||||
/usr/(local/)?matlab.*/bin/glnx86/libmwlapack\.so -- gen_context(system_u:object_r:textrel_shlib_t,s0)
|
||||
/usr/(local/)?matlab.*/bin/glnx86/(libmw(lapack|mathutil|services)|lapack|libmkl).so -- gen_context(system_u:object_r:textrel_shlib_t,s0)
|
||||
/usr/(local/)?matlab.*/sys/os/glnx86/libtermcap.so -- gen_context(system_u:object_r:textrel_shlib_t,s0)
|
||||
|
||||
/usr/(.*/)?intellinux/SPPlugins/ADMPlugin\.apl -- gen_context(system_u:object_r:textrel_shlib_t,s0)
|
||||
|
||||
/usr/lib/acroread/(.*/)?sidecars/* -- gen_context(system_u:object_r:textrel_shlib_t,s0)
|
||||
|
||||
@ -1,5 +1,5 @@
|
||||
|
||||
policy_module(libraries,1.5.1)
|
||||
policy_module(libraries,1.5.2)
|
||||
|
||||
########################################
|
||||
#
|
||||
|
||||
@ -74,3 +74,8 @@ ifdef(`distro_debian',`
|
||||
/var/lib/msttcorefonts(/.*)? gen_context(system_u:object_r:fonts_t,s0)
|
||||
/var/lib/usbutils(/.*)? gen_context(system_u:object_r:hwdata_t,s0)
|
||||
')
|
||||
|
||||
ifdef(`distro_redhat',`
|
||||
/var/empty/sshd/etc/localtime -- gen_context(system_u:object_r:locale_t,s0)
|
||||
/var/spool/postfix/etc/localtime -- gen_context(system_u:object_r:locale_t,s0)
|
||||
')
|
||||
|
||||
@ -1,5 +1,5 @@
|
||||
|
||||
policy_module(miscfiles,1.2.1)
|
||||
policy_module(miscfiles,1.2.2)
|
||||
|
||||
########################################
|
||||
#
|
||||
|
||||
Loading…
Reference in New Issue
Block a user