diff options
Diffstat (limited to 'recipes-security/refpolicy/refpolicy/0030-policy-modules-kernel-files-add-rules-for-the-symlin.patch')
-rw-r--r-- | recipes-security/refpolicy/refpolicy/0030-policy-modules-kernel-files-add-rules-for-the-symlin.patch | 24 |
1 files changed, 12 insertions, 12 deletions
diff --git a/recipes-security/refpolicy/refpolicy/0030-policy-modules-kernel-files-add-rules-for-the-symlin.patch b/recipes-security/refpolicy/refpolicy/0030-policy-modules-kernel-files-add-rules-for-the-symlin.patch index ee329b1..62c1593 100644 --- a/recipes-security/refpolicy/refpolicy/0030-policy-modules-kernel-files-add-rules-for-the-symlin.patch +++ b/recipes-security/refpolicy/refpolicy/0030-policy-modules-kernel-files-add-rules-for-the-symlin.patch | |||
@@ -1,4 +1,4 @@ | |||
1 | From b4110d4f30f6dc82c810ceaf24911b1fadb0e7c4 Mon Sep 17 00:00:00 2001 | 1 | From 1ed2b79828a7dd08079ec111b116f6d288450662 Mon Sep 17 00:00:00 2001 |
2 | From: Xin Ouyang <Xin.Ouyang@windriver.com> | 2 | From: Xin Ouyang <Xin.Ouyang@windriver.com> |
3 | Date: Thu, 22 Aug 2013 13:37:23 +0800 | 3 | Date: Thu, 22 Aug 2013 13:37:23 +0800 |
4 | Subject: [PATCH] policy/modules/kernel/files: add rules for the symlink of | 4 | Subject: [PATCH] policy/modules/kernel/files: add rules for the symlink of |
@@ -18,10 +18,10 @@ Signed-off-by: Yi Zhao <yi.zhao@windriver.com> | |||
18 | 2 files changed, 9 insertions(+) | 18 | 2 files changed, 9 insertions(+) |
19 | 19 | ||
20 | diff --git a/policy/modules/kernel/files.fc b/policy/modules/kernel/files.fc | 20 | diff --git a/policy/modules/kernel/files.fc b/policy/modules/kernel/files.fc |
21 | index 9a6f9d2d4..0f511c830 100644 | 21 | index b1728d37c..c5012e6b4 100644 |
22 | --- a/policy/modules/kernel/files.fc | 22 | --- a/policy/modules/kernel/files.fc |
23 | +++ b/policy/modules/kernel/files.fc | 23 | +++ b/policy/modules/kernel/files.fc |
24 | @@ -171,6 +171,7 @@ HOME_ROOT/lost\+found/.* <<none>> | 24 | @@ -172,6 +172,7 @@ HOME_ROOT/lost\+found/.* <<none>> |
25 | # /tmp | 25 | # /tmp |
26 | # | 26 | # |
27 | /tmp -d gen_context(system_u:object_r:tmp_t,s0-mls_systemhigh) | 27 | /tmp -d gen_context(system_u:object_r:tmp_t,s0-mls_systemhigh) |
@@ -30,10 +30,10 @@ index 9a6f9d2d4..0f511c830 100644 | |||
30 | /tmp/\.journal <<none>> | 30 | /tmp/\.journal <<none>> |
31 | 31 | ||
32 | diff --git a/policy/modules/kernel/files.if b/policy/modules/kernel/files.if | 32 | diff --git a/policy/modules/kernel/files.if b/policy/modules/kernel/files.if |
33 | index 9e4344d24..14b34a467 100644 | 33 | index 472b5bb38..a2aa85b1c 100644 |
34 | --- a/policy/modules/kernel/files.if | 34 | --- a/policy/modules/kernel/files.if |
35 | +++ b/policy/modules/kernel/files.if | 35 | +++ b/policy/modules/kernel/files.if |
36 | @@ -4780,6 +4780,7 @@ interface(`files_search_tmp',` | 36 | @@ -4819,6 +4819,7 @@ interface(`files_search_tmp',` |
37 | ') | 37 | ') |
38 | 38 | ||
39 | allow $1 tmp_t:dir search_dir_perms; | 39 | allow $1 tmp_t:dir search_dir_perms; |
@@ -41,7 +41,7 @@ index 9e4344d24..14b34a467 100644 | |||
41 | ') | 41 | ') |
42 | 42 | ||
43 | ######################################## | 43 | ######################################## |
44 | @@ -4816,6 +4817,7 @@ interface(`files_list_tmp',` | 44 | @@ -4855,6 +4856,7 @@ interface(`files_list_tmp',` |
45 | ') | 45 | ') |
46 | 46 | ||
47 | allow $1 tmp_t:dir list_dir_perms; | 47 | allow $1 tmp_t:dir list_dir_perms; |
@@ -49,7 +49,7 @@ index 9e4344d24..14b34a467 100644 | |||
49 | ') | 49 | ') |
50 | 50 | ||
51 | ######################################## | 51 | ######################################## |
52 | @@ -4852,6 +4854,7 @@ interface(`files_delete_tmp_dir_entry',` | 52 | @@ -4891,6 +4893,7 @@ interface(`files_delete_tmp_dir_entry',` |
53 | ') | 53 | ') |
54 | 54 | ||
55 | allow $1 tmp_t:dir del_entry_dir_perms; | 55 | allow $1 tmp_t:dir del_entry_dir_perms; |
@@ -57,7 +57,7 @@ index 9e4344d24..14b34a467 100644 | |||
57 | ') | 57 | ') |
58 | 58 | ||
59 | ######################################## | 59 | ######################################## |
60 | @@ -4870,6 +4873,7 @@ interface(`files_read_generic_tmp_files',` | 60 | @@ -4909,6 +4912,7 @@ interface(`files_read_generic_tmp_files',` |
61 | ') | 61 | ') |
62 | 62 | ||
63 | read_files_pattern($1, tmp_t, tmp_t) | 63 | read_files_pattern($1, tmp_t, tmp_t) |
@@ -65,7 +65,7 @@ index 9e4344d24..14b34a467 100644 | |||
65 | ') | 65 | ') |
66 | 66 | ||
67 | ######################################## | 67 | ######################################## |
68 | @@ -4888,6 +4892,7 @@ interface(`files_manage_generic_tmp_dirs',` | 68 | @@ -4927,6 +4931,7 @@ interface(`files_manage_generic_tmp_dirs',` |
69 | ') | 69 | ') |
70 | 70 | ||
71 | manage_dirs_pattern($1, tmp_t, tmp_t) | 71 | manage_dirs_pattern($1, tmp_t, tmp_t) |
@@ -73,7 +73,7 @@ index 9e4344d24..14b34a467 100644 | |||
73 | ') | 73 | ') |
74 | 74 | ||
75 | ######################################## | 75 | ######################################## |
76 | @@ -4924,6 +4929,7 @@ interface(`files_manage_generic_tmp_files',` | 76 | @@ -4963,6 +4968,7 @@ interface(`files_manage_generic_tmp_files',` |
77 | ') | 77 | ') |
78 | 78 | ||
79 | manage_files_pattern($1, tmp_t, tmp_t) | 79 | manage_files_pattern($1, tmp_t, tmp_t) |
@@ -81,7 +81,7 @@ index 9e4344d24..14b34a467 100644 | |||
81 | ') | 81 | ') |
82 | 82 | ||
83 | ######################################## | 83 | ######################################## |
84 | @@ -4960,6 +4966,7 @@ interface(`files_rw_generic_tmp_sockets',` | 84 | @@ -4999,6 +5005,7 @@ interface(`files_rw_generic_tmp_sockets',` |
85 | ') | 85 | ') |
86 | 86 | ||
87 | rw_sock_files_pattern($1, tmp_t, tmp_t) | 87 | rw_sock_files_pattern($1, tmp_t, tmp_t) |
@@ -89,7 +89,7 @@ index 9e4344d24..14b34a467 100644 | |||
89 | ') | 89 | ') |
90 | 90 | ||
91 | ######################################## | 91 | ######################################## |
92 | @@ -5167,6 +5174,7 @@ interface(`files_tmp_filetrans',` | 92 | @@ -5206,6 +5213,7 @@ interface(`files_tmp_filetrans',` |
93 | ') | 93 | ') |
94 | 94 | ||
95 | filetrans_pattern($1, tmp_t, $2, $3, $4) | 95 | filetrans_pattern($1, tmp_t, $2, $3, $4) |