[gentoo-commits] proj/hardened-refpolicy:master commit in: policy/modules/contrib/

Jason Zaman Fri, 08 Sep 2017 19:44:13 -0700

commit:     0743b2a440f9fc6b9c2156489941dbff78b4dc5a
Author:     David Sugar <dsugar <AT> tresys <DOT> com>
AuthorDate: Wed Aug 30 16:12:55 2017 +0000
Commit:     Jason Zaman <perfinion <AT> gentoo <DOT> org>
CommitDate: Fri Sep  8 22:48:51 2017 +0000
URL:        
https://gitweb.gentoo.org/proj/hardened-refpolicy.git/commit/?id=0743b2a4


mon: move rpc_* into optional

Move use of rpc_* interface into optional block so rpc module can be turned off.

 policy/modules/contrib/mon.te | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/policy/modules/contrib/mon.te b/policy/modules/contrib/mon.te
index f69cad31..5e93c7c9 100644
--- a/policy/modules/contrib/mon.te
+++ b/policy/modules/contrib/mon.te
@@ -207,8 +207,6 @@ logging_send_syslog_msg(mon_local_test_t)
 
 miscfiles_read_localization(mon_local_test_t)
 
-rpc_read_nfs_content(mon_local_test_t)
-
 sysnet_read_config(mon_local_test_t)
 
 optional_policy(`
@@ -220,5 +218,9 @@ optional_policy(`
 ')
 
 optional_policy(`
+       rpc_read_nfs_content(mon_local_test_t)
+')
+
+optional_policy(`
        xserver_rw_console(mon_local_test_t)
 ')

[gentoo-commits] proj/hardened-refpolicy:master commit in: policy/modules/contrib/

Reply via email to