commit: fa247cca2d228e0eee5cc6c1cbf812a1dfd1adbb Author: Chris PeBenito <pebenito <AT> ieee <DOT> org> AuthorDate: Fri Oct 9 13:42:31 2020 +0000 Commit: Jason Zaman <perfinion <AT> gentoo <DOT> org> CommitDate: Sun Oct 11 21:14:40 2020 +0000 URL: https://gitweb.gentoo.org/proj/hardened-refpolicy.git/commit/?id=fa247cca
systemd: Move systemd-pstore block up in alphabetical order. No rule change. Signed-off-by: Chris PeBenito <pebenito <AT> ieee.org> Signed-off-by: Jason Zaman <perfinion <AT> gentoo.org> policy/modules/system/systemd.te | 46 ++++++++++++++++++++-------------------- 1 file changed, 23 insertions(+), 23 deletions(-) diff --git a/policy/modules/system/systemd.te b/policy/modules/system/systemd.te index b7f25594..7acbc551 100644 --- a/policy/modules/system/systemd.te +++ b/policy/modules/system/systemd.te @@ -1046,6 +1046,29 @@ optional_policy(` ') +######################################### +# +# systemd-pstore local policy +# + +dontaudit systemd_pstore_t self:capability net_admin; + +manage_files_pattern(systemd_pstore_t, systemd_pstore_var_lib_t, systemd_pstore_var_lib_t) + +files_read_etc_files(systemd_pstore_t) +files_search_var_lib(systemd_pstore_t) + +fs_list_pstore_dirs(systemd_pstore_t) +fs_read_pstore_files(systemd_pstore_t) +fs_delete_pstore_files(systemd_pstore_t) + +init_search_run(systemd_pstore_t) +init_list_var_lib_dirs(systemd_pstore_t) + +kernel_read_system_state(systemd_pstore_t) + +logging_send_syslog_msg(systemd_pstore_t) + ####################################### # # Rfkill local policy @@ -1428,26 +1451,3 @@ userdom_mounton_user_runtime_dirs(systemd_user_runtime_dir_t) userdom_relabelto_user_runtime_dirs(systemd_user_runtime_dir_t) dbus_system_bus_client(systemd_user_runtime_dir_t) - -######################################### -# -# systemd-pstore local policy -# - -dontaudit systemd_pstore_t self:capability net_admin; - -manage_files_pattern(systemd_pstore_t, systemd_pstore_var_lib_t, systemd_pstore_var_lib_t) - -files_read_etc_files(systemd_pstore_t) -files_search_var_lib(systemd_pstore_t) - -fs_list_pstore_dirs(systemd_pstore_t) -fs_read_pstore_files(systemd_pstore_t) -fs_delete_pstore_files(systemd_pstore_t) - -init_search_run(systemd_pstore_t) -init_list_var_lib_dirs(systemd_pstore_t) - -kernel_read_system_state(systemd_pstore_t) - -logging_send_syslog_msg(systemd_pstore_t)
