rpms/usbguard
7
0
Fork 0
Code Issues Pull Requests Releases Activity

Fixed selinux issue

Browse Source 
Signed-off-by: Radovan Sroka <rsroka@redhat.com>
This commit is contained in:
Radovan Sroka 2019-12-18 18:04:25 +01:00
parent eeccbd2e6f
commit 578d15f9f1
No known key found for this signature in database
GPG Key ID: F5778AD785E3581F
2 changed files with 40 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

32
selinux.patch Normal file
View File

@ -0,0 +1,32 @@
diff -up ./usbguard-selinux-0.0.2/usbguard.te.selinux ./usbguard-selinux-0.0.2/usbguard.te
--- ./usbguard-selinux-0.0.2/usbguard.te.selinux 2019-11-13 07:08:17.000000000 -0500
+++ ./usbguard-selinux-0.0.2/usbguard.te 2019-12-18 11:21:36.725889798 -0500
@@ -41,15 +41,18 @@ gen_tunable(usbguard_daemon_write_rules,
type usbguard_t;
type usbguard_exec_t;
init_daemon_domain(usbguard_t, usbguard_exec_t)
+init_nnp_daemon_domain(usbguard_t)
type usbguard_unit_file_t;
systemd_unit_file(usbguard_unit_file_t)
type usbguard_conf_t;
files_config_file(usbguard_conf_t)
+systemd_mount_dir(usbguard_conf_t)
type usbguard_log_t;
logging_log_file(usbguard_log_t)
+systemd_mount_dir(usbguard_log_t)
type usbguard_rules_t;
files_config_file(usbguard_rules_t)
@@ -84,7 +87,8 @@ manage_files_pattern(usbguard_t, usbguar
files_pid_filetrans(usbguard_t, usbguard_var_run_t, file)
manage_files_pattern(usbguard_t, usbguard_tmpfs_t, usbguard_tmpfs_t)
-fs_tmpfs_filetrans(usbguard_t, usbguard_tmpfs_t, file)
+fs_tmpfs_filetrans(usbguard_t, usbguard_tmpfs_t, { file dir })
+manage_dirs_pattern(usbguard_t, usbguard_tmpfs_t, usbguard_tmpfs_t)
allow usbguard_t usbguard_tmpfs_t:file map;
manage_files_pattern(usbguard_t, usbguard_log_t, usbguard_log_t)

11
usbguard.spec
View File

@ -4,7 +4,7 @@
Name: usbguard
Version: 0.7.6
Release: 5%{?dist}
Release: 6%{?dist}
Summary: A tool for implementing USB device usage policy
License: GPLv2+
## Not installed
@ -49,6 +49,7 @@ BuildRequires: libxml2
Patch1: usbguard-0.7.6-libqb.patch
Patch2: usbguard-0.7.6-sigwaitinfo.patch
Patch3: usbguard-0.7.6-servicefile.patch
Patch4: selinux.patch
%description
The USBGuard software framework helps to protect your computer against rogue USB
@ -111,6 +112,7 @@ rm -rf src/ThirdParty/{Catch,PEGTL}
%patch1 -p1 -b .libqb
%patch2 -p1 -b .sigwaitinfo
%patch3 -p1 -b .servicefile
%patch4 -p1 -b .selinux
%build
mkdir -p ./m4
@ -229,8 +231,11 @@ fi
%changelog
* Mon Dec 02 2019 RAdovan Sroka <rsroka@redhat.com> - 0.7.6-5
- added obsolete applet-qt subpackage
* Wed Dec 18 2019 Radovan Sroka <rsroka@redhat.com> - 0.7.6-6
- fix selinux problems
* Mon Dec 02 2019 Radovan Sroka <rsroka@redhat.com> - 0.7.6-5
- obsolete applet-qt subpackage
* Mon Nov 25 2019 Attila Lakatos <alakatos@redhat.com> - 0.7.6-4
- added patch for libqb related permission issues