commit: 4563b7dd71222c81a270198e2915712fef53e048 Author: Nicolas Iooss <nicolas.iooss <AT> m4x <DOT> org> AuthorDate: Sat Jul 5 16:35:26 2014 +0000 Commit: Sven Vermeulen <swift <AT> gentoo <DOT> org> CommitDate: Tue Jul 29 14:03:21 2014 +0000 URL: http://git.overlays.gentoo.org/gitweb/?p=proj/hardened-refpolicy.git;a=commit;h=4563b7dd
Label /lib symlink as lib_t for every distro As in Debian, Gentoo and Arch Linux /lib may be a symlink, move its file context definition outside of ifdef blocks. --- policy/modules/system/libraries.fc | 11 ++--------- 1 file changed, 2 insertions(+), 9 deletions(-) diff --git a/policy/modules/system/libraries.fc b/policy/modules/system/libraries.fc index 18398f5..85e918f 100644 --- a/policy/modules/system/libraries.fc +++ b/policy/modules/system/libraries.fc @@ -33,22 +33,15 @@ ifdef(`distro_redhat',` /etc/ppp/plugins/rp-pppoe\.so -- gen_context(system_u:object_r:lib_t,s0) # -# /lib +# /lib(64)? # /lib -d gen_context(system_u:object_r:lib_t,s0) +/lib -l gen_context(system_u:object_r:lib_t,s0) /lib/.* gen_context(system_u:object_r:lib_t,s0) /lib/ld-[^/]*\.so(\.[^/]*)* -- gen_context(system_u:object_r:ld_so_t,s0) /lib/security/pam_poldi\.so -- gen_context(system_u:object_r:textrel_shlib_t,s0) -ifdef(`distro_debian',` -/lib -l gen_context(system_u:object_r:lib_t,s0) -') - -ifdef(`distro_gentoo',` -/lib -l gen_context(system_u:object_r:lib_t,s0) -') - # # /opt #
