diff options
| author |   Sven Vermeulen <swift@gentoo.org> | 2011-11-12 20:53:53 +0000 |
|---|---|---|
| committer | Sven Vermeulen <swift@gentoo.org> | 2011-11-12 20:53:53 +0000 |
| commit | c9a92a863c67335aaab995f3a7fa3cb2374103cd (patch) | |
| tree | c40a6f1a1345f8826a762554a8b4478ce9f1798d /sec-policy/selinux-pan | |
| parent | whitespace (diff) | |
| download | gentoo-2-c9a92a863c67335aaab995f3a7fa3cb2374103cd.tar.gz gentoo-2-c9a92a863c67335aaab995f3a7fa3cb2374103cd.tar.bz2 gentoo-2-c9a92a863c67335aaab995f3a7fa3cb2374103cd.zip | |
Removing the SELinux 2.20101213 policies
(Portage version: 2.1.10.11/cvs/Linux x86_64)
Diffstat (limited to 'sec-policy/selinux-pan')
| -rw-r--r-- | sec-policy/selinux-pan/ChangeLog | 4 | ||||
| -rw-r--r-- | sec-policy/selinux-pan/files/fix-apps-pan-r1.patch | 110 | ||||
| -rw-r--r-- | sec-policy/selinux-pan/selinux-pan-2.20101213-r1.ebuild | 16 |
3 files changed, 4 insertions, 126 deletions
diff --git a/sec-policy/selinux-pan/ChangeLog b/sec-policy/selinux-pan/ChangeLog index c68c5fd7d8d0..d8319803d7c9 100644 --- a/sec-policy/selinux-pan/ChangeLog +++ b/sec-policy/selinux-pan/ChangeLog @@ -1,5 +1,9 @@ + 12 Nov 2011; <swift@gentoo.org> -files/fix-apps-pan-r1.patch, + -selinux-pan-2.20101213-r1.ebuild: + Removing old policies + 23 Oct 2011; <swift@gentoo.org> selinux-pan-2.20110726-r1.ebuild: Stabilization (tracker #384231) diff --git a/sec-policy/selinux-pan/files/fix-apps-pan-r1.patch b/sec-policy/selinux-pan/files/fix-apps-pan-r1.patch deleted file mode 100644 index af477bf1db67..000000000000 --- a/sec-policy/selinux-pan/files/fix-apps-pan-r1.patch +++ /dev/null @@ -1,110 +0,0 @@ ---- apps/pan.te 1970-01-01 01:00:00.000000000 +0100 -+++ apps/pan.te 2011-07-24 18:31:32.760000849 +0200 -@@ -0,0 +1,102 @@ -+policy_module(pan, 1.0) -+ -+######################################## -+# -+# Declarations -+# -+ -+type pan_t; -+type pan_exec_t; -+application_domain(pan_t, pan_exec_t) -+ubac_constrained(pan_t) -+ -+type pan_home_t; -+userdom_user_home_content(pan_home_t) -+ -+#type pan_tmp_t; -+#files_tmp_file(pan_tmp_t) -+#ubac_constrained(pan_tmp_t) -+ -+type pan_tmpfs_t; -+files_tmpfs_file(pan_tmpfs_t) -+ubac_constrained(pan_tmpfs_t) -+ -+######################################## -+# -+# Pan local policy -+# -+allow pan_t self:process { getsched signal }; -+allow pan_t self:fifo_file rw_fifo_file_perms; -+allow pan_t pan_tmpfs_t:file { read write }; -+ -+# Allow pan to work with its ~/.pan2 location -+manage_dirs_pattern(pan_t, pan_home_t, pan_home_t) -+manage_files_pattern(pan_t, pan_home_t, pan_home_t) -+manage_lnk_files_pattern(pan_t, pan_home_t, pan_home_t) -+ -+# Support for shared memory -+fs_tmpfs_filetrans(pan_t, pan_tmpfs_t, file) -+ -+## Kernel layer calls -+# -+kernel_dontaudit_read_system_state(pan_t) -+files_read_etc_files(pan_t) -+files_read_usr_files(pan_t) -+corenet_all_recvfrom_unlabeled(pan_t) -+corenet_all_recvfrom_netlabel(pan_t) -+corenet_tcp_connect_innd_port(pan_t) -+corenet_tcp_sendrecv_generic_if(pan_t) -+corenet_tcp_sendrecv_generic_node(pan_t) -+corenet_tcp_sendrecv_innd_port(pan_t) -+corenet_sendrecv_innd_client_packets(pan_t) -+ -+## System layer calls -+# -+miscfiles_read_localization(pan_t) -+sysnet_dns_name_resolve(pan_t) -+userdom_manage_user_home_content_dirs(pan_t) -+userdom_manage_user_home_content_files(pan_t) -+ -+## Other yayer calls -+# -+xserver_user_x_domain_template(pan, pan_t, pan_tmpfs_t) -+ -+tunable_policy(`use_nfs_home_dirs',` -+ fs_manage_nfs_dirs(pan_t) -+ fs_manage_nfs_files(pan_t) -+ fs_manage_nfs_symlinks(pan_t) -+') -+ -+tunable_policy(`use_samba_home_dirs',` -+ fs_manage_cifs_dirs(pan_t) -+ fs_manage_cifs_files(pan_t) -+ fs_manage_cifs_symlinks(pan_t) -+') -+ -+optional_policy(` -+ cups_read_rw_config(pan_t) -+') -+ -+optional_policy(` -+ dbus_system_bus_client(pan_t) -+ dbus_session_bus_client(pan_t) -+') -+ -+optional_policy(` -+ gnome_stream_connect_gconf(pan_t) -+') -+ -+optional_policy(` -+ gpg_domtrans(pan_t) -+ gpg_signal(pan_t) -+') -+ -+optional_policy(` -+ lpd_domtrans_lpr(pan_t) -+') -+ -+optional_policy(` -+ mozilla_read_user_home_files(pan_t) -+ mozilla_domtrans(pan_t) -+') -+ ---- apps/pan.fc 1970-01-01 01:00:00.000000000 +0100 -+++ apps/pan.fc 2011-07-24 17:56:50.338000789 +0200 -@@ -0,0 +1,2 @@ -+/usr/bin/pan -- gen_context(system_u:object_r:pan_exec_t,s0) -+HOME_DIR/\.pan2(/.*)? gen_context(system_u:object_r:pan_home_t,s0) diff --git a/sec-policy/selinux-pan/selinux-pan-2.20101213-r1.ebuild b/sec-policy/selinux-pan/selinux-pan-2.20101213-r1.ebuild deleted file mode 100644 index 5ced9e6bdc2f..000000000000 --- a/sec-policy/selinux-pan/selinux-pan-2.20101213-r1.ebuild +++ /dev/null @@ -1,16 +0,0 @@ -# Copyright 1999-2011 Gentoo Foundation -# Distributed under the terms of the GNU General Public License v2 -# $Header: /var/cvsroot/gentoo-x86/sec-policy/selinux-pan/selinux-pan-2.20101213-r1.ebuild,v 1.1 2011/08/07 11:10:33 blueness Exp $ - -IUSE="" - -MODS="pan" - -inherit selinux-policy-2 - -DESCRIPTION="SELinux policy for general applications" - -KEYWORDS="~amd64 ~x86" - -POLICY_PATCH="${FILESDIR}/fix-apps-pan-r1.patch" -RDEPEND=">=sec-policy/selinux-base-policy-2.20101213-r22" |