[selinux-policy: 1116/3172] really fix the build problems
Daniel J Walsh
dwalsh at fedoraproject.org
Thu Oct 7 20:41:30 UTC 2010
commit 6d14093b26ca82c0b8fe0248af958e4065a69a91
Author: Chris PeBenito <cpebenito at tresys.com>
Date: Wed Jan 18 16:06:17 2006 +0000
really fix the build problems
refpolicy/policy/modules/admin/portage.if | 2 +-
refpolicy/policy/modules/admin/portage.te | 4 +++-
2 files changed, 4 insertions(+), 2 deletions(-)
---
diff --git a/refpolicy/policy/modules/admin/portage.if b/refpolicy/policy/modules/admin/portage.if
index cdeea5e..d5adc90 100644
--- a/refpolicy/policy/modules/admin/portage.if
+++ b/refpolicy/policy/modules/admin/portage.if
@@ -109,7 +109,7 @@ template(`portage_compile_domain_template',`
allow $1_t self:rawip_socket { create ioctl };
allow $1_t self:udp_socket recvfrom;
# needed for merging dbus:
- allow $1_sandbox_t self:netlink_selinux_socket { bind create read };
+ allow $1_t self:netlink_selinux_socket { bind create read };
allow $1_t $1_devpts_t:chr_file { rw_file_perms setattr };
term_create_pty($1_t,$1_devpts_t)
diff --git a/refpolicy/policy/modules/admin/portage.te b/refpolicy/policy/modules/admin/portage.te
index e8125c3..a73ab9e 100644
--- a/refpolicy/policy/modules/admin/portage.te
+++ b/refpolicy/policy/modules/admin/portage.te
@@ -77,6 +77,8 @@ files_manage_all_files(portage_t)
selinux_get_fs_mount(portage_t)
+auth_manage_shadow(portage_t)
+
# merging baselayout will need this:
init_exec(portage_t)
@@ -184,7 +186,7 @@ dontaudit portage_sandbox_t portage_cache_t:dir { setattr };
dontaudit portage_sandbox_t portage_cache_t:file { setattr write };
allow portage_sandbox_t portage_tmp_t:dir manage_dir_perms;
-allow portage_sandbox_t portage_tmp_t:file manage_dir_perms;
+allow portage_sandbox_t portage_tmp_t:file manage_file_perms;
allow portage_sandbox_t portage_tmp_t:lnk_file create_lnk_perms;
# run scripts out of the build directory
can_exec(portage_sandbox_t,portage_tmp_t)
More information about the scm-commits
mailing list