[gentoo-commits] proj/hardened-refpolicy:master commit in: policy/modules/contrib/

Jason Zaman Wed, 03 Dec 2014 04:55:45 -0800

commit:     b6fc3fcdd166ae3851c52e32a1f8f50c4b4d047e
Author:     Jason Zaman <jason <AT> perfinion <DOT> com>
AuthorDate: Wed Nov 26 06:39:15 2014 +0000
Commit:     Jason Zaman <gentoo <AT> perfinion <DOT> com>
CommitDate: Wed Dec  3 08:43:33 2014 +0000
URL:        
http://sources.gentoo.org/gitweb/?p=proj/hardened-refpolicy.git;a=commit;h=b6fc3fcd


remove pyzor_role() from pyzor_admin()

pyzor_role contains some named filetrans's which can not be applied
twice. The roles already contain pyzor_role which makes adding
pyzor_admin impossible. This removes the role so they can both be
applied.

---
 policy/modules/contrib/pyzor.if | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/policy/modules/contrib/pyzor.if b/policy/modules/contrib/pyzor.if
index 593c03d..c05a504 100644
--- a/policy/modules/contrib/pyzor.if
+++ b/policy/modules/contrib/pyzor.if
@@ -132,5 +132,6 @@ interface(`pyzor_admin',`
        files_search_var_lib($1)
        admin_pattern($1, pyzor_var_lib_t)
 
-       pyzor_role($2, $1)
+       # This makes it impossible to apply _admin if _role has already been 
applied
+       #pyzor_role($2, $1)
 ')

[gentoo-commits] proj/hardened-refpolicy:master commit in: policy/modules/contrib/

Reply via email to