From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from lists.gentoo.org (pigeon.gentoo.org [208.92.234.80]) by finch.gentoo.org (Postfix) with ESMTP id F36E91381F3 for ; Fri, 16 Aug 2013 14:00:25 +0000 (UTC) Received: from pigeon.gentoo.org (localhost [127.0.0.1]) by pigeon.gentoo.org (Postfix) with SMTP id AA0F6E0EC7; Fri, 16 Aug 2013 13:59:49 +0000 (UTC) Received: from smtp.gentoo.org (smtp.gentoo.org [140.211.166.183]) (using TLSv1 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by pigeon.gentoo.org (Postfix) with ESMTPS id 3C89AE0EC5 for ; Fri, 16 Aug 2013 13:59:44 +0000 (UTC) Received: from hornbill.gentoo.org (hornbill.gentoo.org [94.100.119.163]) (using TLSv1 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by smtp.gentoo.org (Postfix) with ESMTPS id 3F8D133E953 for ; Fri, 16 Aug 2013 13:59:43 +0000 (UTC) Received: from localhost.localdomain (localhost [127.0.0.1]) by hornbill.gentoo.org (Postfix) with ESMTP id C1D2AE468F for ; Fri, 16 Aug 2013 13:59:41 +0000 (UTC) From: "Sven Vermeulen" To: gentoo-commits@lists.gentoo.org Content-Transfer-Encoding: 8bit Content-type: text/plain; charset=UTF-8 Reply-To: gentoo-dev@lists.gentoo.org, "Sven Vermeulen" Message-ID: <1376661218.29b02737ce4b41ef9cdd6e144eb9b57c3dc6d4df.SwifT@gentoo> Subject: [gentoo-commits] proj/hardened-refpolicy:master commit in: policy/modules/contrib/ X-VCS-Repository: proj/hardened-refpolicy X-VCS-Files: policy/modules/contrib/aide.fc X-VCS-Directories: policy/modules/contrib/ X-VCS-Committer: SwifT X-VCS-Committer-Name: Sven Vermeulen X-VCS-Revision: 29b02737ce4b41ef9cdd6e144eb9b57c3dc6d4df X-VCS-Branch: master Date: Fri, 16 Aug 2013 13:59:41 +0000 (UTC) Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-commits@lists.gentoo.org X-Archives-Salt: 65b45742-0696-4cdd-9f02-03a70c634fde X-Archives-Hash: 00d82bfaceabf9079b341ce484762999 commit: 29b02737ce4b41ef9cdd6e144eb9b57c3dc6d4df Author: Sven Vermeulen siphos be> AuthorDate: Thu Aug 15 18:15:09 2013 +0000 Commit: Sven Vermeulen siphos be> CommitDate: Fri Aug 16 13:53:38 2013 +0000 URL: http://git.overlays.gentoo.org/gitweb/?p=proj/hardened-refpolicy.git;a=commit;h=29b02737 Add aide bin /usr/bin and mark /var/lib/aide In Gentoo, the aide binary is at /usr/bin/aide. Also, the /var/lib/aide directory itself is best labeled as aide_db_t as well to allow aide to handle its contents. Signed-off-by: Sven Vermeulen siphos.be> --- policy/modules/contrib/aide.fc | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/policy/modules/contrib/aide.fc b/policy/modules/contrib/aide.fc index d16a605..4dbd2b7 100644 --- a/policy/modules/contrib/aide.fc +++ b/policy/modules/contrib/aide.fc @@ -1,6 +1,7 @@ +/usr/bin/aide -- gen_context(system_u:object_r:aide_exec_t,mls_systemhigh) /usr/sbin/aide -- gen_context(system_u:object_r:aide_exec_t,mls_systemhigh) -/var/lib/aide(/.*) gen_context(system_u:object_r:aide_db_t,mls_systemhigh) +/var/lib/aide(/.*)? gen_context(system_u:object_r:aide_db_t,mls_systemhigh) /var/log/aide(/.*)? gen_context(system_u:object_r:aide_log_t,mls_systemhigh) /var/log/aide\.log -- gen_context(system_u:object_r:aide_log_t,mls_systemhigh)