commit: 66330450e5ece7ebc512aae878d224b772efd252 Author: Chris PeBenito <pebenito <AT> ieee <DOT> org> AuthorDate: Tue Mar 28 22:50:35 2017 +0000 Commit: Jason Zaman <perfinion <AT> gentoo <DOT> org> CommitDate: Thu Mar 30 14:00:10 2017 +0000 URL: https://gitweb.gentoo.org/proj/hardened-refpolicy.git/commit/?id=66330450
systemd-resolvd, sessions, and tmpfiles take2 I believe that I have addressed all the issues Chris raised, so here's a newer version of the patch which applies to today's git version. Description: systemd-resolved, sessions, and tmpfiles patches Author: Russell Coker <russell <AT> coker.com.au> Last-Update: 2017-03-26 policy/modules/contrib/xfs.if | 19 +++++++++++++++++++ policy/modules/contrib/xfs.te | 2 +- 2 files changed, 20 insertions(+), 1 deletion(-) diff --git a/policy/modules/contrib/xfs.if b/policy/modules/contrib/xfs.if index 19934060..1aafbbc1 100644 --- a/policy/modules/contrib/xfs.if +++ b/policy/modules/contrib/xfs.if @@ -60,6 +60,25 @@ interface(`xfs_exec',` ######################################## ## <summary> +## Create xfs temporary dirs +## </summary> +## <param name="domain"> +## <summary> +## Domain allowed access. +## </summary> +## </param> +# +interface(`xfs_create_tmp_dirs',` + gen_require(` + type xfs_tmp_t; + ') + + files_search_tmp($1) + allow $1 xfs_tmp_t:dir create; +') + +######################################## +## <summary> ## All of the rules required to ## administrate an xfs environment. ## </summary> diff --git a/policy/modules/contrib/xfs.te b/policy/modules/contrib/xfs.te index 3fc2a1bf..839f15cf 100644 --- a/policy/modules/contrib/xfs.te +++ b/policy/modules/contrib/xfs.te @@ -1,4 +1,4 @@ -policy_module(xfs, 1.9.0) +policy_module(xfs, 1.9.1) ######################################## #
