diff options
| author |   Anthony G. Basile <blueness@gentoo.org> | 2011-02-05 20:41:06 +0000 |
|---|---|---|
| committer | Anthony G. Basile <blueness@gentoo.org> | 2011-02-05 20:41:06 +0000 |
| commit | 7297073f9ae00bd1ff8f3261597591a9d73c2788 (patch) | |
| tree | cc6bda71ac9301019ec59688a631926ecf3f3512 /sec-policy/selinux-links | |
| parent | Add ~amd64-linux/~x86-linux, use ED instead of D in a couple places (diff) | |
| download | gentoo-2-7297073f9ae00bd1ff8f3261597591a9d73c2788.tar.gz gentoo-2-7297073f9ae00bd1ff8f3261597591a9d73c2788.tar.bz2 gentoo-2-7297073f9ae00bd1ff8f3261597591a9d73c2788.zip | |
Bulk addition of new selinux policies.
(Portage version: 2.1.9.25/cvs/Linux x86_64)
Diffstat (limited to 'sec-policy/selinux-links')
| -rw-r--r-- | sec-policy/selinux-links/ChangeLog | 13 | ||||
| -rw-r--r-- | sec-policy/selinux-links/files/add-apps-links.patch | 66 | ||||
| -rw-r--r-- | sec-policy/selinux-links/metadata.xml | 6 | ||||
| -rw-r--r-- | sec-policy/selinux-links/selinux-links-2.20101213.ebuild | 14 |
4 files changed, 99 insertions, 0 deletions
diff --git a/sec-policy/selinux-links/ChangeLog b/sec-policy/selinux-links/ChangeLog new file mode 100644 index 000000000000..3fabe772f474 --- /dev/null +++ b/sec-policy/selinux-links/ChangeLog @@ -0,0 +1,13 @@ +# ChangeLog for sec-policy/selinux-links +# Copyright 1999-2011 Gentoo Foundation; Distributed under the GPL v2 +# $Header: /var/cvsroot/gentoo-x86/sec-policy/selinux-links/ChangeLog,v 1.1 2011/02/05 20:41:04 blueness Exp $ + + 05 Feb 2011; Anthony G. Basile <blueness@gentoo.org> ChangeLog: + Initial commit to portage. + +*selinux-links-2.20101213 (22 Jan 2011) + + 22 Jan 2011; <swift@gentoo.org> +selinux-links-2.20101213.ebuild, + +files/add-apps-links.patch, +metadata.xml: + Adding SELinux policy for links webbrowser + diff --git a/sec-policy/selinux-links/files/add-apps-links.patch b/sec-policy/selinux-links/files/add-apps-links.patch new file mode 100644 index 000000000000..938ab975b74b --- /dev/null +++ b/sec-policy/selinux-links/files/add-apps-links.patch @@ -0,0 +1,66 @@ +--- apps/links.te 1970-01-01 01:00:00.000000000 +0100 ++++ apps/links.te 2011-01-22 15:01:55.272000135 +0100 +@@ -0,0 +1,58 @@ ++policy_module(links, 1.0.0) ++ ++############################ ++# ++# Declarations ++# ++ ++type links_t; ++type links_exec_t; ++application_domain(links_t, links_exec_t) ++ ++type links_home_t; ++typealias links_home_t alias { user_links_home_t staff_links_home_t sysadm_links_home_t }; ++userdom_user_home_content(links_home_t) ++ ++type links_tmpfs_t; ++typealias links_tmpfs_t alias { user_links_tmpfs_t staff_links_tmpfs_t sysadm_links_tmpfs_t }; ++files_tmpfs_file(links_tmpfs_t) ++ubac_constrained(links_tmpfs_t) ++ ++############################ ++# ++# Policy ++# ++ ++allow links_t self:process signal_perms; ++allow links_t self:unix_stream_socket create_stream_socket_perms; ++ ++manage_dirs_pattern(links_t, links_home_t, links_home_t) ++manage_files_pattern(links_t, links_home_t, links_home_t) ++manage_lnk_files_pattern(links_t, links_home_t, links_home_t) ++manage_sock_files_pattern(links_t, links_home_t, links_home_t) ++manage_fifo_files_pattern(links_t, links_home_t, links_home_t) ++userdom_user_home_dir_filetrans(links_t, links_home_t, dir) ++ ++manage_fifo_files_pattern(links_t, links_t, links_t) ++ ++manage_files_pattern(links_t, links_tmpfs_t, links_tmpfs_t) ++manage_lnk_files_pattern(links_t, links_tmpfs_t, links_tmpfs_t) ++manage_fifo_files_pattern(links_t, links_tmpfs_t, links_tmpfs_t) ++manage_sock_files_pattern(links_t, links_tmpfs_t, links_tmpfs_t) ++fs_tmpfs_filetrans(links_t, links_tmpfs_t, { file lnk_file sock_file fifo_file }) ++ ++xserver_user_x_domain_template(links, links_t, links_tmpfs_t) ++ ++domain_use_interactive_fds(links_t) ++ ++userdom_manage_user_home_content_dirs(links_t) ++userdom_manage_user_home_content_files(links_t) ++ ++auth_use_nsswitch(links_t) ++ ++userdom_use_user_terminals(links_t) ++ ++corenet_tcp_connect_http_port(links_t) ++ ++miscfiles_read_localization(links_t) ++ +--- apps/links.fc 1970-01-01 01:00:00.000000000 +0100 ++++ apps/links.fc 2011-01-16 10:50:48.058999501 +0100 +@@ -0,0 +1,2 @@ ++/usr/bin/links -- gen_context(system_u:object_r:links_exec_t,s0) ++HOME_DIR/\.links(/.*)? gen_context(system_u:object_r:links_home_t,s0) diff --git a/sec-policy/selinux-links/metadata.xml b/sec-policy/selinux-links/metadata.xml new file mode 100644 index 000000000000..5cbd4e92a68d --- /dev/null +++ b/sec-policy/selinux-links/metadata.xml @@ -0,0 +1,6 @@ +<?xml version="1.0" encoding="UTF-8"?> +<!DOCTYPE pkgmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd"> +<pkgmetadata> +<herd>hardened</herd> +<longdescription>Gentoo SELinux policy for the links web browser</longdescription> +</pkgmetadata> diff --git a/sec-policy/selinux-links/selinux-links-2.20101213.ebuild b/sec-policy/selinux-links/selinux-links-2.20101213.ebuild new file mode 100644 index 000000000000..61eb85459d6c --- /dev/null +++ b/sec-policy/selinux-links/selinux-links-2.20101213.ebuild @@ -0,0 +1,14 @@ +# Copyright 1999-2011 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Header: /var/cvsroot/gentoo-x86/sec-policy/selinux-links/selinux-links-2.20101213.ebuild,v 1.1 2011/02/05 20:41:04 blueness Exp $ + +IUSE="" + +MODS="links" + +inherit selinux-policy-2 + +DESCRIPTION="SELinux policy for general applications" + +KEYWORDS="~amd64 ~x86" +POLICY_PATCH="${FILESDIR}/add-apps-links.patch" |