1 files changed, 0 insertions, 42 deletions
diff --git a/recipes-security/refpolicy/refpolicy/0062-policy-modules-system-setrans-allow-setrans-to-acces.patch b/recipes-security/refpolicy/refpolicy/0062-policy-modules-system-setrans-allow-setrans-to-acces.patch
deleted file mode 100644
index b692012..0000000
--- a/recipes-security/refpolicy/refpolicy/0062-policy-modules-system-setrans-allow-setrans-to-acces.patch
+++ /dev/null
@@ -1,42 +0,0 @@
-From 84c69d220ffdd039b88a34f9afc127274a985541 Mon Sep 17 00:00:00 2001
-From: Roy Li <rongqing.li@windriver.com>
-Date: Sat, 22 Feb 2014 13:35:38 +0800
-Subject: [PATCH] policy/modules/system/setrans: allow setrans to access
- /sys/fs/selinux
-1. mcstransd failed to boot-up since the below permission is denied
-statfs("/sys/fs/selinux", 0x7ffff2b80370) = -1 EACCES (Permission denied)
-2. other programs can not connect to /run/setrans/.setrans-unix
-avc:  denied  { connectto } for  pid=2055 comm="ls"
-path="/run/setrans/.setrans-unix"
-scontext=root:sysadm_r:sysadm_t:s0-s15:c0.c1023
-tcontext=system_u:system_r:setrans_t:s15:c0.c1023
-tclass=unix_stream_socket
-Upstream-Status: Inappropriate [embedded specific]
-Signed-off-by: Roy Li <rongqing.li@windriver.com>
-Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
---
- policy/modules/system/setrans.te | 4 +---
- 1 file changed, 1 insertion(+), 3 deletions(-)
-diff --git a/policy/modules/system/setrans.te b/policy/modules/system/setrans.te
-index 25aadfc5f..78bd6e2eb 100644
--- a/policy/modules/system/setrans.te
-+++ b/policy/modules/system/setrans.te
-@@ -23,9 +23,7 @@ mls_trusted_object(setrans_runtime_t)
- type setrans_unit_t;
- init_unit_file(setrans_unit_t)
- 
-ifdef(`distro_debian',`
-       init_daemon_runtime_file(setrans_runtime_t, dir, "setrans")
-')
-+init_daemon_runtime_file(setrans_runtime_t, dir, "setrans")
- 
- ifdef(`enable_mcs',`
-        init_ranged_daemon_domain(setrans_t, setrans_exec_t, s0 - mcs_systemhigh)
-- 
-2.17.1

diff --git a/recipes-security/refpolicy/refpolicy/0062-policy-modules-system-setrans-allow-setrans-to-acces.patch b/recipes-security/refpolicy/refpolicy/0062-policy-modules-system-setrans-allow-setrans-to-acces.patch deleted file mode 100644 index b692012..0000000 --- a/recipes-security/refpolicy/refpolicy/0062-policy-modules-system-setrans-allow-setrans-to-acces.patch +++ /dev/null
@@ -1,42 +0,0 @@
1	From 84c69d220ffdd039b88a34f9afc127274a985541 Mon Sep 17 00:00:00 2001
2	From: Roy Li <rongqing.li@windriver.com>
3	Date: Sat, 22 Feb 2014 13:35:38 +0800
4	Subject: [PATCH] policy/modules/system/setrans: allow setrans to access
5	/sys/fs/selinux
6
7	1. mcstransd failed to boot-up since the below permission is denied
8	statfs("/sys/fs/selinux", 0x7ffff2b80370) = -1 EACCES (Permission denied)
9
10	2. other programs can not connect to /run/setrans/.setrans-unix
11	avc: denied { connectto } for pid=2055 comm="ls"
12	path="/run/setrans/.setrans-unix"
13	scontext=root:sysadm_r:sysadm_t:s0-s15:c0.c1023
14	tcontext=system_u:system_r:setrans_t:s15:c0.c1023
15	tclass=unix_stream_socket
16
17	Upstream-Status: Inappropriate [embedded specific]
18
19	Signed-off-by: Roy Li <rongqing.li@windriver.com>
20	Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
21	---
22	policy/modules/system/setrans.te \| 4 +---
23	1 file changed, 1 insertion(+), 3 deletions(-)
24
25	diff --git a/policy/modules/system/setrans.te b/policy/modules/system/setrans.te
26	index 25aadfc5f..78bd6e2eb 100644
27	--- a/policy/modules/system/setrans.te
28	+++ b/policy/modules/system/setrans.te
29	@@ -23,9 +23,7 @@ mls_trusted_object(setrans_runtime_t)
30	type setrans_unit_t;
31	init_unit_file(setrans_unit_t)
32
33	-ifdef(`distro_debian',`
34	- init_daemon_runtime_file(setrans_runtime_t, dir, "setrans")
35	-')
36	+init_daemon_runtime_file(setrans_runtime_t, dir, "setrans")
37
38	ifdef(`enable_mcs',`
39	init_ranged_daemon_domain(setrans_t, setrans_exec_t, s0 - mcs_systemhigh)
40	--
41	2.17.1
42