[gentoo-commits] proj/hardened-refpolicy:master commit in: policy/modules/admin/

Jason Zaman Mon, 31 Jan 2022 11:31:26 -0800

commit:     943fe93787010a8bded9d75728cc3ab097ef3aeb
Author:     Jonathan Davies <jpds <AT> protonmail <DOT> com>
AuthorDate: Thu Jan 27 19:48:57 2022 +0000
Commit:     Jason Zaman <perfinion <AT> gentoo <DOT> org>
CommitDate: Mon Jan 31 17:55:20 2022 +0000
URL:        
https://gitweb.gentoo.org/proj/hardened-refpolicy.git/commit/?id=943fe937


portage.te: Allow gcc_config_t to manage portage_tmp_t

Allows /etc/env.d/04gcc-x86_64-gentoo-linux-musl to be correctly generated.

Closes: https://github.com/perfinion/hardened-refpolicy/pull/26
Signed-off-by: Jonathan Davies <jpds <AT> protonmail.com>
Signed-off-by: Jason Zaman <perfinion <AT> gentoo.org>

 policy/modules/admin/portage.te | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/policy/modules/admin/portage.te b/policy/modules/admin/portage.te
index cd66e6e7..9abbdc37 100644
--- a/policy/modules/admin/portage.te
+++ b/policy/modules/admin/portage.te
@@ -435,6 +435,9 @@ gen_tunable(portage_enable_test, false)
        can_exec(gcc_config_t, gcc_config_tmp_t) # libffi support
        files_tmp_filetrans(gcc_config_t, gcc_config_tmp_t, file)
 
+       allow gcc_config_t portage_tmp_t:dir manage_dir_perms;
+       allow gcc_config_t portage_tmp_t:file manage_file_perms;
+
        files_manage_etc_runtime_files(gcc_config_t)
        files_manage_etc_runtime_lnk_files(gcc_config_t)

[gentoo-commits] proj/hardened-refpolicy:master commit in: policy/modules/admin/

Reply via email to