[gentoo-commits] proj/hardened-refpolicy:master commit in: policy/modules/contrib/

Jason Zaman Sat, 16 Sep 2017 21:22:08 -0700

commit:     cdc58022a0b11cea7084de37e62a17f743b320d3
Author:     Jason Zaman <jason <AT> perfinion <DOT> com>
AuthorDate: Fri Sep 15 07:03:12 2017 +0000
Commit:     Jason Zaman <perfinion <AT> gentoo <DOT> org>
CommitDate: Sun Sep 17 03:25:22 2017 +0000
URL:        
https://gitweb.gentoo.org/proj/hardened-refpolicy.git/commit/?id=cdc58022


gpg: add fcontexts for user runtime sockets

Without this, restorecon relabels them and the agent connection breaks

 policy/modules/contrib/gpg.fc | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/policy/modules/contrib/gpg.fc b/policy/modules/contrib/gpg.fc
index c2c1236d..c9362398 100644
--- a/policy/modules/contrib/gpg.fc
+++ b/policy/modules/contrib/gpg.fc
@@ -12,3 +12,5 @@ HOME_DIR/\.gnupg/S\.scdaemon          -s      
gen_context(system_u:object_r:gpg_agent_tmp_t,s
 /usr/lib/gnupg/gpgkeys.*               --      
gen_context(system_u:object_r:gpg_helper_exec_t,s0)
 
 /run/user/%{USERID}/gnupg(/.*)?                        
gen_context(system_u:object_r:gpg_runtime_t,s0)
+/run/user/%{USERID}/gnupg/S\.gpg-agent.* -s    
gen_context(system_u:object_r:gpg_agent_tmp_t,s0)
+/run/user/%{USERID}/gnupg/S\.scdaemon  -s      
gen_context(system_u:object_r:gpg_agent_tmp_t,s0)

[gentoo-commits] proj/hardened-refpolicy:master commit in: policy/modules/contrib/

Reply via email to