summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorMark Hatle <mark.hatle@windriver.com>2017-09-14 16:10:20 -0500
committerMark Hatle <mark.hatle@windriver.com>2017-09-14 16:12:25 -0500
commitbca5c611508d0d19a08fb7fc3f7810c85fcfeba5 (patch)
tree99b61612bbdf96abc3978150fe781493a429980c
parentdddf26565ec694b8d4e38171d3cbdcad734b2ef0 (diff)
downloadmeta-selinux-bca5c611508d0d19a08fb7fc3f7810c85fcfeba5.tar.gz
refpolicy: Add '/bin/bash.bash', an update-alternative to the policy
Signed-off-by: Mark Hatle <mark.hatle@windriver.com>
Diffstat
-rw-r--r--recipes-security/refpolicy/refpolicy-2.20170204/poky-fc-update-alternatives_bash.patch24
-rw-r--r--recipes-security/refpolicy/refpolicy-git/poky-fc-update-alternatives_bash.patch24
-rw-r--r--recipes-security/refpolicy/refpolicy_2.20170204.inc1
-rw-r--r--recipes-security/refpolicy/refpolicy_git.inc1
4 files changed, 50 insertions, 0 deletions
diff --git a/recipes-security/refpolicy/refpolicy-2.20170204/poky-fc-update-alternatives_bash.patch b/recipes-security/refpolicy/refpolicy-2.20170204/poky-fc-update-alternatives_bash.patch
new file mode 100644
index 0000000..e0fdba1
--- /dev/null
+++ b/recipes-security/refpolicy/refpolicy-2.20170204/poky-fc-update-alternatives_bash.patch
@@ -0,0 +1,24 @@
1From 845518a6f196e6e8c49ba38791c85e17276920e1 Mon Sep 17 00:00:00 2001
2From: Mark Hatle <mark.hatle@windriver.com>
3Date: Thu, 14 Sep 2017 15:02:23 -0500
4Subject: [PATCH 3/4] fix update-alternatives for hostname
5
6Upstream-Status: Inappropriate [only for Poky]
7
8Signed-off-by: Mark Hatle <mark.hatle@windriver.com>
9---
10 policy/modules/system/corecommands.fc | 1 +
11 1 file changed, 1 insertion(+)
12
13Index: refpolicy/policy/modules/kernel/corecommands.fc
14===================================================================
15--- refpolicy.orig/policy/modules/kernel/corecommands.fc
16+++ refpolicy/policy/modules/kernel/corecommands.fc
17@@ -6,6 +6,7 @@
18 /bin/d?ash -- gen_context(system_u:object_r:shell_exec_t,s0)
19 /bin/bash -- gen_context(system_u:object_r:shell_exec_t,s0)
20 /bin/bash2 -- gen_context(system_u:object_r:shell_exec_t,s0)
21+/bin/bash\.bash -- gen_context(system_u:object_r:shell_exec_t,s0)
22 /bin/fish -- gen_context(system_u:object_r:shell_exec_t,s0)
23 /bin/ksh.* -- gen_context(system_u:object_r:shell_exec_t,s0)
24 /bin/mksh -- gen_context(system_u:object_r:shell_exec_t,s0)
diff --git a/recipes-security/refpolicy/refpolicy-git/poky-fc-update-alternatives_bash.patch b/recipes-security/refpolicy/refpolicy-git/poky-fc-update-alternatives_bash.patch
new file mode 100644
index 0000000..e0fdba1
--- /dev/null
+++ b/recipes-security/refpolicy/refpolicy-git/poky-fc-update-alternatives_bash.patch
@@ -0,0 +1,24 @@
1From 845518a6f196e6e8c49ba38791c85e17276920e1 Mon Sep 17 00:00:00 2001
2From: Mark Hatle <mark.hatle@windriver.com>
3Date: Thu, 14 Sep 2017 15:02:23 -0500
4Subject: [PATCH 3/4] fix update-alternatives for hostname
5
6Upstream-Status: Inappropriate [only for Poky]
7
8Signed-off-by: Mark Hatle <mark.hatle@windriver.com>
9---
10 policy/modules/system/corecommands.fc | 1 +
11 1 file changed, 1 insertion(+)
12
13Index: refpolicy/policy/modules/kernel/corecommands.fc
14===================================================================
15--- refpolicy.orig/policy/modules/kernel/corecommands.fc
16+++ refpolicy/policy/modules/kernel/corecommands.fc
17@@ -6,6 +6,7 @@
18 /bin/d?ash -- gen_context(system_u:object_r:shell_exec_t,s0)
19 /bin/bash -- gen_context(system_u:object_r:shell_exec_t,s0)
20 /bin/bash2 -- gen_context(system_u:object_r:shell_exec_t,s0)
21+/bin/bash\.bash -- gen_context(system_u:object_r:shell_exec_t,s0)
22 /bin/fish -- gen_context(system_u:object_r:shell_exec_t,s0)
23 /bin/ksh.* -- gen_context(system_u:object_r:shell_exec_t,s0)
24 /bin/mksh -- gen_context(system_u:object_r:shell_exec_t,s0)
diff --git a/recipes-security/refpolicy/refpolicy_2.20170204.inc b/recipes-security/refpolicy/refpolicy_2.20170204.inc
index 48e6cd6..8b72cbd 100644
--- a/recipes-security/refpolicy/refpolicy_2.20170204.inc
+++ b/recipes-security/refpolicy/refpolicy_2.20170204.inc
@@ -9,6 +9,7 @@ SRC_URI += "file://poky-fc-subs_dist.patch \
9 file://poky-fc-update-alternatives_sysvinit.patch \ 9 file://poky-fc-update-alternatives_sysvinit.patch \
10 file://poky-fc-update-alternatives_sysklogd.patch \ 10 file://poky-fc-update-alternatives_sysklogd.patch \
11 file://poky-fc-update-alternatives_hostname.patch \ 11 file://poky-fc-update-alternatives_hostname.patch \
12 file://poky-fc-update-alternatives_bash.patch \
12 file://poky-fc-fix-real-path_resolv.conf.patch \ 13 file://poky-fc-fix-real-path_resolv.conf.patch \
13 file://poky-fc-fix-real-path_login.patch \ 14 file://poky-fc-fix-real-path_login.patch \
14 file://poky-fc-fix-real-path_shadow.patch \ 15 file://poky-fc-fix-real-path_shadow.patch \
diff --git a/recipes-security/refpolicy/refpolicy_git.inc b/recipes-security/refpolicy/refpolicy_git.inc
index 9c62da3..f71eb35 100644
--- a/recipes-security/refpolicy/refpolicy_git.inc
+++ b/recipes-security/refpolicy/refpolicy_git.inc
@@ -14,6 +14,7 @@ SRC_URI += "file://poky-fc-subs_dist.patch \
14 file://poky-fc-update-alternatives_sysvinit.patch \ 14 file://poky-fc-update-alternatives_sysvinit.patch \
15 file://poky-fc-update-alternatives_sysklogd.patch \ 15 file://poky-fc-update-alternatives_sysklogd.patch \
16 file://poky-fc-update-alternatives_hostname.patch \ 16 file://poky-fc-update-alternatives_hostname.patch \
17 file://poky-fc-update-alternatives_bash.patch \
17 file://poky-fc-fix-real-path_resolv.conf.patch \ 18 file://poky-fc-fix-real-path_resolv.conf.patch \
18 file://poky-fc-fix-real-path_login.patch \ 19 file://poky-fc-fix-real-path_login.patch \
19 file://poky-fc-fix-real-path_shadow.patch \ 20 file://poky-fc-fix-real-path_shadow.patch \
generated by cgit v1.2.3-54-g00ecf (git 2.39.0) at 2024-06-12 03:54:18 +0000