commit: 9858e2074793ca61aed6d17f785dfe60ac9a6d0c Author: Dominick Grift <dac.override <AT> gmail <DOT> com> AuthorDate: Mon Jan 5 17:05:06 2015 +0000 Commit: Sven Vermeulen <swift <AT> gentoo <DOT> org> CommitDate: Thu Jan 29 20:51:03 2015 +0000 URL: http://sources.gentoo.org/gitweb/?p=proj/hardened-refpolicy.git;a=commit;h=9858e207
Module version bump for afs fixes from Chas Williams. --- policy/modules/contrib/afs.fc | 1 - policy/modules/contrib/afs.te | 18 +++++++++--------- 2 files changed, 9 insertions(+), 10 deletions(-) diff --git a/policy/modules/contrib/afs.fc b/policy/modules/contrib/afs.fc index 279b787..c40fe9a 100644 --- a/policy/modules/contrib/afs.fc +++ b/policy/modules/contrib/afs.fc @@ -47,4 +47,3 @@ /var/cache/(open)?afs(/.*)? gen_context(system_u:object_r:afs_cache_t,s0) /vicep[a-z][a-z]?(/.*)? gen_context(system_u:object_r:afs_files_t,s0) - diff --git a/policy/modules/contrib/afs.te b/policy/modules/contrib/afs.te index 6ba667d..69067e3 100644 --- a/policy/modules/contrib/afs.te +++ b/policy/modules/contrib/afs.te @@ -1,4 +1,4 @@ -policy_module(afs, 1.9.0) +policy_module(afs, 1.9.1) ######################################## # @@ -135,13 +135,13 @@ corenet_udp_bind_afs_bos_port(afs_bosserver_t) corenet_sendrecv_afs_bos_server_packets(afs_bosserver_t) corenet_udp_sendrecv_afs_bos_port(afs_bosserver_t) +dev_read_urand(afs_bosserver_t) + files_list_home(afs_bosserver_t) files_read_usr_files(afs_bosserver_t) seutil_read_config(afs_bosserver_t) -dev_read_urand(afs_bosserver_t) - ######################################## # # fileserver local policy @@ -190,6 +190,8 @@ corenet_udp_bind_afs_fs_port(afs_fsserver_t) corenet_tcp_sendrecv_afs_fs_port(afs_fsserver_t) corenet_udp_sendrecv_afs_fs_port(afs_fsserver_t) +dev_read_urand(afs_fsserver_t) + files_read_etc_runtime_files(afs_fsserver_t) files_list_home(afs_fsserver_t) files_read_usr_files(afs_fsserver_t) @@ -208,8 +210,6 @@ seutil_read_config(afs_fsserver_t) userdom_dontaudit_use_user_terminals(afs_fsserver_t) -dev_read_urand(afs_fsserver_t) - ######################################## # # kaserver local policy @@ -278,10 +278,10 @@ corenet_udp_bind_generic_node(afs_ptserver_t) corenet_udp_bind_afs_pt_port(afs_ptserver_t) corenet_sendrecv_afs_pt_server_packets(afs_ptserver_t) -userdom_dontaudit_use_user_terminals(afs_ptserver_t) - dev_read_urand(afs_ptserver_t) +userdom_dontaudit_use_user_terminals(afs_ptserver_t) + ######################################## # # vlserver local policy @@ -311,10 +311,10 @@ corenet_udp_bind_generic_node(afs_vlserver_t) corenet_udp_bind_afs_vl_port(afs_vlserver_t) corenet_sendrecv_afs_vl_server_packets(afs_vlserver_t) -userdom_dontaudit_use_user_terminals(afs_vlserver_t) - dev_read_urand(afs_vlserver_t) +userdom_dontaudit_use_user_terminals(afs_vlserver_t) + ######################################## # # Global local policy
