commit: a6327618acb0e35b2290809b402afc12685a35ea
Author: Guido Trentalancia <guido <AT> trentalancia <DOT> net>
AuthorDate: Sat May 13 21:15:27 2017 +0000
Commit: Jason Zaman <perfinion <AT> gentoo <DOT> org>
CommitDate: Thu May 25 16:32:29 2017 +0000
URL:
https://gitweb.gentoo.org/proj/hardened-refpolicy.git/commit/?id=a6327618
base: role changes for the new libmtp module
This is the base part of the policy needed to support libmtp (an
Initiator implementation of the Media Transfer Protocol).
Signed-off-by: Guido Trentalancia <guido at trentalancia.net>
policy/modules/roles/staff.te | 4 ++++
policy/modules/roles/sysadm.te | 4 ++++
policy/modules/roles/unprivuser.te | 4 ++++
3 files changed, 12 insertions(+)
diff --git a/policy/modules/roles/staff.te b/policy/modules/roles/staff.te
index 8971a209..4614f3e6 100644
--- a/policy/modules/roles/staff.te
+++ b/policy/modules/roles/staff.te
@@ -125,6 +125,10 @@ ifndef(`distro_redhat',`
')
optional_policy(`
+ libmtp_role(staff_r, staff_t)
+ ')
+
+ optional_policy(`
lockdev_role(staff_r, staff_t)
')
diff --git a/policy/modules/roles/sysadm.te b/policy/modules/roles/sysadm.te
index 13149a4c..bff6e59c 100644
--- a/policy/modules/roles/sysadm.te
+++ b/policy/modules/roles/sysadm.te
@@ -551,6 +551,10 @@ optional_policy(`
')
optional_policy(`
+ libmtp_role(sysadm_r, sysadm_t)
+')
+
+optional_policy(`
libs_run_ldconfig(sysadm_t, sysadm_r)
')
diff --git a/policy/modules/roles/unprivuser.te
b/policy/modules/roles/unprivuser.te
index b040b4ab..f6be7db2 100644
--- a/policy/modules/roles/unprivuser.te
+++ b/policy/modules/roles/unprivuser.te
@@ -98,6 +98,10 @@ ifndef(`distro_redhat',`
')
optional_policy(`
+ libmtp_role(user_r, user_t)
+ ')
+
+ optional_policy(`
lockdev_role(user_r, user_t)
')
