[selinux-policy: 224/3172] rpmbuild_t is not a system domain. also mark it as most likely dead.
Daniel J Walsh
dwalsh at fedoraproject.org
Thu Oct 7 19:24:20 UTC 2010
commit 16e9b0cb6bdaccb6920ae443d45b0df0890a1b96
Author: Chris PeBenito <cpebenito at tresys.com>
Date: Fri May 27 21:29:54 2005 +0000
rpmbuild_t is not a system domain. also mark it as most likely dead.
refpolicy/policy/modules/admin/rpm.te | 8 +++++++-
1 files changed, 7 insertions(+), 1 deletions(-)
---
diff --git a/refpolicy/policy/modules/admin/rpm.te b/refpolicy/policy/modules/admin/rpm.te
index 988ee39..5684eab 100644
--- a/refpolicy/policy/modules/admin/rpm.te
+++ b/refpolicy/policy/modules/admin/rpm.te
@@ -46,8 +46,10 @@ type rpm_script_tmpfs_t;
files_make_tmpfs_file(rpm_script_tmpfs_t)
type rpmbuild_t;
+domain_make_domain(rpmbuild_t)
+
type rpmbuild_exec_t;
-init_make_system_domain(rpmbuild_t,rpmbuild_exec_t)
+domain_make_entrypoint_file(rpmbuild_t,rpmbuild_exec_t)
########################################
#
@@ -345,6 +347,10 @@ allow sshd_t rpm_script_t:fd use;
# rpm-build Local policy
#
+# cjp: this looks like dead policy. nothing
+# can transition to this domain, nor can it
+# really do anything useful.
+
kernel_get_selinuxfs_mount_point(rpmbuild_t)
kernel_validate_selinux_context(rpmbuild_t)
kernel_compute_selinux_access_vector(rpmbuild_t)
More information about the scm-commits
mailing list