[gentoo-commits] proj/hardened-refpolicy:master commit in: policy/modules/kernel/

[Sven Vermeulen]

commit:     eda29c4a002eff58dcd3c7466f147920e530bf1b
Author:     Sven Vermeulen <sven.vermeulen <AT> siphos <DOT> be>
AuthorDate: Wed Mar  4 19:33:03 2015 +0000
Commit:     Sven Vermeulen <swift <AT> gentoo <DOT> org>
CommitDate: Wed Mar  4 19:33:03 2015 +0000
URL:        
http://sources.gentoo.org/gitweb/?p=proj/hardened-refpolicy.git;a=commit;h=eda29c4a

Revert change to fix build

Recently I introduced support for kdevtmpfs managing all device nodes
but this triggers an issue. That method requires the storage module to
be in the base, which pulls in an entire set of other issues, or that
the attributes used by the storage module are moved towards the devices
module (or another module inside base) which also has quite some work on
it.

Going to check with other team first.

 policy/modules/kernel/kernel.te | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/policy/modules/kernel/kernel.te b/policy/modules/kernel/kernel.te
index a48cf63..3a045e0 100644
--- a/policy/modules/kernel/kernel.te
+++ b/policy/modules/kernel/kernel.te
@@ -439,5 +439,6 @@ ifdef(`distro_gentoo',`
 
        # To support kdevtmpfs properly (its purpose is to manage the /dev 
tmpfs so grant it these rights)
        # See also bug 535992
-       dev_manage_all_dev_nodes(kernel_t)
+       #dev_manage_all_dev_nodes(kernel_t)
+       dev_setattr_generic_chr_files(kernel_t)
 ')