From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from pigeon.gentoo.org ([208.92.234.80] helo=lists.gentoo.org) by finch.gentoo.org with esmtp (Exim 4.60) (envelope-from ) id 1Qq157-0004I6-Up for garchives@archives.gentoo.org; Sun, 07 Aug 2011 10:59:46 +0000 Received: from pigeon.gentoo.org (localhost [127.0.0.1]) by pigeon.gentoo.org (Postfix) with SMTP id 6431A21C1BD; Sun, 7 Aug 2011 10:59:37 +0000 (UTC) Received: from smtp.gentoo.org (smtp.gentoo.org [140.211.166.183]) by pigeon.gentoo.org (Postfix) with ESMTP id 2491621C1BD for ; Sun, 7 Aug 2011 10:59:37 +0000 (UTC) Received: from pelican.gentoo.org (unknown [66.219.59.40]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by smtp.gentoo.org (Postfix) with ESMTPS id 6D27E1B4044 for ; Sun, 7 Aug 2011 10:59:36 +0000 (UTC) Received: from localhost.localdomain (localhost [127.0.0.1]) by pelican.gentoo.org (Postfix) with ESMTP id C4C6680040 for ; Sun, 7 Aug 2011 10:59:35 +0000 (UTC) From: "Anthony G. Basile" To: gentoo-commits@lists.gentoo.org Content-type: text/plain; charset=UTF-8 Reply-To: gentoo-dev@lists.gentoo.org, "Anthony G. Basile" Message-ID: <678f640dcdbe5af016a40d977d8ae796227c7289.blueness@gentoo> Subject: [gentoo-commits] proj/hardened-dev:master commit in: sec-policy/selinux-mozilla/files/, sec-policy/selinux-mozilla/ X-VCS-Repository: proj/hardened-dev X-VCS-Files: sec-policy/selinux-mozilla/ChangeLog sec-policy/selinux-mozilla/files/fix-apps-mozilla-r4.patch sec-policy/selinux-mozilla/metadata.xml sec-policy/selinux-mozilla/selinux-mozilla-2.20101213-r4.ebuild X-VCS-Directories: sec-policy/selinux-mozilla/files/ sec-policy/selinux-mozilla/ X-VCS-Committer: blueness X-VCS-Committer-Name: Anthony G. Basile X-VCS-Revision: 678f640dcdbe5af016a40d977d8ae796227c7289 Date: Sun, 7 Aug 2011 10:59:35 +0000 (UTC) Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-commits@lists.gentoo.org Content-Transfer-Encoding: quoted-printable X-Archives-Salt: X-Archives-Hash: 54a497bed5455c3ce0c09009d29ad6f9 commit: 678f640dcdbe5af016a40d977d8ae796227c7289 Author: Anthony G. Basile gentoo org> AuthorDate: Sun Aug 7 10:59:28 2011 +0000 Commit: Anthony G. Basile gentoo org> CommitDate: Sun Aug 7 10:59:28 2011 +0000 URL: http://git.overlays.gentoo.org/gitweb/?p=3Dproj/hardened-dev.= git;a=3Dcommit;h=3D678f640d sec-policy/selinux-mozilla: moved to tree --- sec-policy/selinux-mozilla/ChangeLog | 40 ---------- .../files/fix-apps-mozilla-r4.patch | 82 --------------= ------ sec-policy/selinux-mozilla/metadata.xml | 6 -- .../selinux-mozilla-2.20101213-r4.ebuild | 15 ---- 4 files changed, 0 insertions(+), 143 deletions(-) diff --git a/sec-policy/selinux-mozilla/ChangeLog b/sec-policy/selinux-mo= zilla/ChangeLog deleted file mode 100644 index dba730c..0000000 --- a/sec-policy/selinux-mozilla/ChangeLog +++ /dev/null @@ -1,40 +0,0 @@ -# ChangeLog for sec-policy/selinux-mozilla -# Copyright 1999-2011 Gentoo Foundation; Distributed under the GPL v2 -# $Header: /var/cvsroot/gentoo-x86/sec-policy/selinux-mozilla/ChangeLog,= v 1.5 2011/07/10 02:34:32 blueness Exp $ - -*selinux-mozilla-2.20101213-r4 (02 Aug 2011) - - 02 Aug 2011; +files/fix-apps-mozilla-r4.patch, - +selinux-mozilla-2.20101213-r4.ebuild, +metadata.xml: - Allow mozilla to read ~/.local - -*selinux-mozilla-2.20101213-r3 (10 Jul 2011) - - 10 Jul 2011; Anthony G. Basile - +files/fix-apps-mozilla-r3.patch, +selinux-mozilla-2.20101213-r3.ebuil= d: - Support proxy plugins and tor - - 04 Jun 2011; Anthony G. Basile - -selinux-mozilla-2.20101213.ebuild, -selinux-mozilla-2.20101213-r1.ebu= ild: - Removed deprecated policies - - 02 Jun 2011; Anthony G. Basile - selinux-mozilla-2.20101213-r2.ebuild: - Stable amd64 x86 - -*selinux-mozilla-2.20101213-r2 (20 May 2011) - - 20 May 2011; Anthony G. Basile - +files/fix-apps-mozilla-r2.patch, +selinux-mozilla-2.20101213-r2.ebuil= d: - Remove obsolete privileges - - 05 Feb 2011; Anthony G. Basile ChangeLog: - Initial commit to portage. - -*selinux-mozilla-2.20101213-r1 (22 Jan 2011) - - 22 Jan 2011; +selinux-mozilla-2.20101213-r1.ebuild, - files/fix-mozilla.patch: - Support binary firefox, add call to alsa interface and support tmp typ= e - for mozilla - diff --git a/sec-policy/selinux-mozilla/files/fix-apps-mozilla-r4.patch b= /sec-policy/selinux-mozilla/files/fix-apps-mozilla-r4.patch deleted file mode 100644 index beef75d..0000000 --- a/sec-policy/selinux-mozilla/files/fix-apps-mozilla-r4.patch +++ /dev/null @@ -1,82 +0,0 @@ ---- apps/mozilla.te 2010-12-13 15:11:01.000000000 +0100 -+++ apps/mozilla.te 2011-07-24 16:48:16.221000672 +0200 -@@ -33,6 +33,10 @@ - files_tmpfs_file(mozilla_tmpfs_t) - ubac_constrained(mozilla_tmpfs_t) -=20 -+type mozilla_tmp_t; -+files_tmp_file(mozilla_tmp_t) -+ubac_constrained(mozilla_tmp_t) -+ - ######################################## - # - # Local policy -@@ -68,6 +72,10 @@ - manage_sock_files_pattern(mozilla_t, mozilla_tmpfs_t, mozilla_tmpfs_t) - fs_tmpfs_filetrans(mozilla_t, mozilla_tmpfs_t, { file lnk_file sock_fil= e fifo_file }) -=20 -+manage_files_pattern(mozilla_t, mozilla_tmp_t, mozilla_tmp_t) -+manage_dirs_pattern(mozilla_t, mozilla_tmp_t, mozilla_tmp_t) -+files_tmp_filetrans(mozilla_t, mozilla_tmp_t, { file dir } ) -+ - kernel_read_kernel_sysctls(mozilla_t) - kernel_read_network_state(mozilla_t) - # Access /proc, sysctl -@@ -89,15 +97,18 @@ - corenet_raw_sendrecv_generic_node(mozilla_t) - corenet_tcp_sendrecv_http_port(mozilla_t) - corenet_tcp_sendrecv_http_cache_port(mozilla_t) -+corenet_tcp_sendrecv_tor_port(mozilla_t) - corenet_tcp_sendrecv_ftp_port(mozilla_t) - corenet_tcp_sendrecv_ipp_port(mozilla_t) - corenet_tcp_connect_http_port(mozilla_t) - corenet_tcp_connect_http_cache_port(mozilla_t) -+corenet_tcp_connect_tor_port(mozilla_t) - corenet_tcp_connect_ftp_port(mozilla_t) - corenet_tcp_connect_ipp_port(mozilla_t) - corenet_tcp_connect_generic_port(mozilla_t) - corenet_tcp_connect_soundd_port(mozilla_t) - corenet_sendrecv_http_client_packets(mozilla_t) -+corenet_sendrecv_tor_client_packets(mozilla_t) - corenet_sendrecv_http_cache_client_packets(mozilla_t) - corenet_sendrecv_ftp_client_packets(mozilla_t) - corenet_sendrecv_ipp_client_packets(mozilla_t) -@@ -143,6 +154,7 @@ -=20 - userdom_use_user_ptys(mozilla_t) -=20 -+ - xserver_user_x_domain_template(mozilla, mozilla_t, mozilla_tmpfs_t) - xserver_dontaudit_read_xdm_tmp_files(mozilla_t) - xserver_dontaudit_getattr_xdm_tmp_sockets(mozilla_t) -@@ -193,6 +205,7 @@ - userdom_list_user_tmp(mozilla_t) - userdom_read_user_tmp_files(mozilla_t) - userdom_read_user_tmp_symlinks(mozilla_t) -+ userdom_list_user_home_content(mozilla_t) - userdom_read_user_home_content_files(mozilla_t) - userdom_read_user_home_content_symlinks(mozilla_t) -=20 -@@ -266,3 +279,7 @@ - optional_policy(` - thunderbird_domtrans(mozilla_t) - ') -+ -+optional_policy(` -+ alsa_read_rw_config(mozilla_t) -+') ---- apps/mozilla.fc 2010-08-03 15:11:03.000000000 +0200 -+++ apps/mozilla.fc 2011-07-21 10:08:43.909000256 +0200 -@@ -27,3 +27,12 @@ - /usr/lib(64)?/[^/]*firefox[^/]*/firefox-bin -- gen_context(system_u:obj= ect_r:mozilla_exec_t,s0) - /usr/lib/[^/]*firefox[^/]*/firefox -- gen_context(system_u:object_r:moz= illa_exec_t,s0) - /usr/lib64/[^/]*firefox[^/]*/firefox -- gen_context(system_u:object_r:m= ozilla_exec_t,s0) -+ -+ifdef(`distro_gentoo',` -+/usr/bin/firefox-bin -- gen_context(system_u:object_r:mozilla_exec_t,s0= ) -+/opt/firefox/libxul\.so -- gen_context(system_u:object_r:textrel_shlib_= t,s0) -+/opt/firefox/firefox -- gen_context(system_u:object_r:mozilla_exec_t,s0= ) -+/opt/firefox/run-mozilla.sh -- gen_context(system_u:object_r:mozilla_ex= ec_t,s0) -+/opt/firefox/firefox-bin -- gen_context(system_u:object_r:mozilla_exec_= t,s0) -+/opt/firefox/plugin-container -- gen_context(system_u:object_r:mozilla_= exec_t,s0) -+') diff --git a/sec-policy/selinux-mozilla/metadata.xml b/sec-policy/selinux= -mozilla/metadata.xml deleted file mode 100644 index d718f1b..0000000 --- a/sec-policy/selinux-mozilla/metadata.xml +++ /dev/null @@ -1,6 +0,0 @@ - - - - selinux - Gentoo SELinux policy for mozilla - diff --git a/sec-policy/selinux-mozilla/selinux-mozilla-2.20101213-r4.ebu= ild b/sec-policy/selinux-mozilla/selinux-mozilla-2.20101213-r4.ebuild deleted file mode 100644 index 1a87091..0000000 --- a/sec-policy/selinux-mozilla/selinux-mozilla-2.20101213-r4.ebuild +++ /dev/null @@ -1,15 +0,0 @@ -# Copyright 1999-2011 Gentoo Foundation -# Distributed under the terms of the GNU General Public License v2 -# $Header: /var/cvsroot/gentoo-x86/sec-policy/selinux-mozilla/selinux-mo= zilla-2.20101213-r3.ebuild,v 1.1 2011/07/10 02:34:32 blueness Exp $ - -IUSE=3D"" - -MODS=3D"mozilla" - -inherit selinux-policy-2 - -DESCRIPTION=3D"SELinux policy for general applications" - -KEYWORDS=3D"~amd64 ~x86" - -POLICY_PATCH=3D"${FILESDIR}/fix-apps-mozilla-r4.patch"