commit: 57264aa48955ae0f3b62257b0bb6bf0fd6a312bb
Author: Jason Zaman <jason <AT> perfinion <DOT> com>
AuthorDate: Mon Mar 23 14:55:32 2015 +0000
Commit: Jason Zaman <perfinion <AT> gentoo <DOT> org>
CommitDate: Sun Mar 29 09:54:10 2015 +0000
URL:
https://gitweb.gentoo.org/proj/hardened-refpolicy.git/commit/?id=57264aa4
alsa: gentoo saves state files in /var/lib/alsa/oss/CardName
alsa_read/write_lib have permission on files, add in permission
for dirs too since gentoo's init script saves things in subdirs
policy/modules/contrib/alsa.if | 10 ++++++++++
1 file changed, 10 insertions(+)
diff --git a/policy/modules/contrib/alsa.if b/policy/modules/contrib/alsa.if
index 8f25112..38bbf80 100644
--- a/policy/modules/contrib/alsa.if
+++ b/policy/modules/contrib/alsa.if
@@ -255,6 +255,11 @@ interface(`alsa_read_lib',`
files_search_var_lib($1)
read_files_pattern($1, alsa_var_lib_t, alsa_var_lib_t)
+
+ ifdef(`distro_gentoo',`
+ # gentoo saves the files in /var/lib/alsa/oss/CardName
+ list_dirs_pattern($1, alsa_var_lib_t, alsa_var_lib_t)
+ ')
')
#########################################
@@ -274,6 +279,11 @@ interface(`alsa_write_lib',`
files_search_var_lib($1)
write_files_pattern($1, alsa_var_lib_t, alsa_var_lib_t)
+
+ ifdef(`distro_gentoo',`
+ # gentoo saves the files in /var/lib/alsa/oss/CardName
+ rw_dirs_pattern($1, alsa_var_lib_t, alsa_var_lib_t)
+ ')
')
# Gentoo specific for now, but cannot use ifdef distro_gentoo in an interface
