[gentoo-commits] proj/hardened-refpolicy:master commit in: policy/modules/kernel/, config/

Sat, 30 Jan 2016 09:21:56 -0800 

commit:     15298d9e66de9ec727e875e73e2d1560920b2e24
Author:     Laurent Bigonville <bigon <AT> bigon <DOT> be>
AuthorDate: Sun Nov  9 09:36:56 2014 +0000
Commit:     Jason Zaman <perfinion <AT> gentoo <DOT> org>
CommitDate: Sat Jan 30 17:02:52 2016 +0000
URL:        
https://gitweb.gentoo.org/proj/hardened-refpolicy.git/commit/?id=15298d9e

On Debian, systemd binaries are installed in / not /usr

On Debian, systemd binaries are installed in / not /usr, add an
equivalence for this.

 config/file_contexts.subs_dist        | 1 +
 policy/modules/kernel/corecommands.fc | 2 +-
 2 files changed, 2 insertions(+), 1 deletion(-)

diff --git a/config/file_contexts.subs_dist b/config/file_contexts.subs_dist
index 7047ce7..84d8ada 100644
--- a/config/file_contexts.subs_dist
+++ b/config/file_contexts.subs_dist
@@ -1,4 +1,5 @@
 /etc/init.d /etc/rc.d/init.d
+/lib/systemd /usr/lib/systemd
 /lib32 /lib
 /lib64 /lib
 /run /var/run

diff --git a/policy/modules/kernel/corecommands.fc 
b/policy/modules/kernel/corecommands.fc
index b4e192a..8f12446 100644
--- a/policy/modules/kernel/corecommands.fc
+++ b/policy/modules/kernel/corecommands.fc
@@ -137,7 +137,6 @@ ifdef(`distro_debian',`
 /lib/nut/.*                    --      gen_context(system_u:object_r:bin_t,s0)
 /lib/readahead(/.*)?                   gen_context(system_u:object_r:bin_t,s0)
 /lib/security/pam_krb5/pam_krb5_storetmp -- 
gen_context(system_u:object_r:bin_t,s0)
-/lib/systemd/systemd.*         --      gen_context(system_u:object_r:bin_t,s0)
 /lib/udev/[^/]*                        --      
gen_context(system_u:object_r:bin_t,s0)
 /lib/udev/scsi_id              --      gen_context(system_u:object_r:bin_t,s0)
 /lib/upstart(/.*)?                     gen_context(system_u:object_r:bin_t,s0)
@@ -242,6 +241,7 @@ ifdef(`distro_gentoo',`
 /usr/lib/rpm/rpmv              --      gen_context(system_u:object_r:bin_t,s0)
 /usr/lib/sftp-server           --      gen_context(system_u:object_r:bin_t,s0)
 /usr/lib/sudo/sesh             --      
gen_context(system_u:object_r:shell_exec_t,s0)
+/usr/lib/systemd/systemd.*     --      gen_context(system_u:object_r:bin_t,s0)
 /usr/lib/systemd/system-generators(/.*)? 
gen_context(system_u:object_r:bin_t,s0)
 /usr/lib/systemd/user-generators(/.*)? gen_context(system_u:object_r:bin_t,s0)
 /usr/lib/tumbler-1/tumblerd    --      gen_context(system_u:object_r:bin_t,s0)

Reply via email to