commit: d0399fa91589bd6e57fba82b297e959e3f28f0c4 Author: Laurent Bigonville <bigon <AT> bigon <DOT> be> AuthorDate: Wed Jun 20 09:38:12 2018 +0000 Commit: Jason Zaman <perfinion <AT> gentoo <DOT> org> CommitDate: Sun Jun 24 08:35:17 2018 +0000 URL: https://gitweb.gentoo.org/proj/hardened-refpolicy.git/commit/?id=d0399fa9
Label /etc/hosts.allow as net_conf_t /etc/hosts.deny is labeled as net_conf_t so it makes sense to label hosts.allow the same way Signed-off-by: Laurent Bigonville <bigon <AT> bigon.be> policy/modules/system/sysnetwork.fc | 1 + 1 file changed, 1 insertion(+) diff --git a/policy/modules/system/sysnetwork.fc b/policy/modules/system/sysnetwork.fc index 3b532567..430eb93d 100644 --- a/policy/modules/system/sysnetwork.fc +++ b/policy/modules/system/sysnetwork.fc @@ -16,6 +16,7 @@ ifdef(`distro_debian',` /etc/dhcp/dhcpd\.conf -- gen_context(system_u:object_r:dhcp_etc_t,s0) /etc/ethers -- gen_context(system_u:object_r:net_conf_t,s0) /etc/hosts -- gen_context(system_u:object_r:net_conf_t,s0) +/etc/hosts\.allow.* -- gen_context(system_u:object_r:net_conf_t,s0) /etc/hosts\.deny.* -- gen_context(system_u:object_r:net_conf_t,s0) /etc/denyhosts.* -- gen_context(system_u:object_r:net_conf_t,s0) /etc/resolv\.conf.* -- gen_context(system_u:object_r:net_conf_t,s0)
