commit: 985561a4219ed9456940e47d0cd9af1bb3d5c0df
Author: Chris PeBenito <chpebeni <AT> linux <DOT> microsoft <DOT> com>
AuthorDate: Fri Oct 25 19:45:31 2019 +0000
Commit: Jason Zaman <perfinion <AT> gentoo <DOT> org>
CommitDate: Mon Dec 16 13:13:11 2019 +0000
URL:
https://gitweb.gentoo.org/proj/hardened-refpolicy.git/commit/?id=985561a4
Move open, audit_access, and execmod to file common.
Signed-off-by: Chris PeBenito <chpebeni <AT> linux.microsoft.com>
Signed-off-by: Jason Zaman <perfinion <AT> gentoo.org>
INSTALL | 3 +++
policy/flask/access_vectors | 32 +++-----------------------------
2 files changed, 6 insertions(+), 29 deletions(-)
diff --git a/INSTALL b/INSTALL
index f6baf840..0ec4e423 100644
--- a/INSTALL
+++ b/INSTALL
@@ -1,3 +1,6 @@
+Reference Policy has the following runtime requirements:
+ * Linux kernel >= 2.6.34
+
Reference Policy has the following build requirements:
* SELinux userspace 2.8
* Python >= 3.4
diff --git a/policy/flask/access_vectors b/policy/flask/access_vectors
index 40d1c24d..30d3958d 100644
--- a/policy/flask/access_vectors
+++ b/policy/flask/access_vectors
@@ -28,6 +28,9 @@ common file
swapon
quotaon
mounton
+ open
+ audit_access
+ execmod
}
@@ -208,9 +211,6 @@ inherits file
reparent
search
rmdir
- open
- audit_access
- execmod
}
class file
@@ -218,52 +218,26 @@ inherits file
{
execute_no_trans
entrypoint
- execmod
- open
- audit_access
}
class lnk_file
inherits file
-{
- open
- audit_access
- execmod
-}
class chr_file
inherits file
{
execute_no_trans
entrypoint
- execmod
- open
- audit_access
}
class blk_file
inherits file
-{
- open
- audit_access
- execmod
-}
class sock_file
inherits file
-{
- open
- audit_access
- execmod
-}
class fifo_file
inherits file
-{
- open
- audit_access
- execmod
-}
class fd
{
