commit: 19e44f812e0bd3bca6ffdcded4d7e96d41a4e614 Author: bauen1 <j2468h <AT> gmail <DOT> com> AuthorDate: Sat Jan 25 13:19:00 2020 +0000 Commit: Jason Zaman <perfinion <AT> gentoo <DOT> org> CommitDate: Sat Feb 15 07:30:57 2020 +0000 URL: https://gitweb.gentoo.org/proj/hardened-refpolicy.git/commit/?id=19e44f81
kernel/corecommands: fix the label of xfce4 helpers (on debian) Signed-off-by: Jason Zaman <perfinion <AT> gentoo.org> policy/modules/kernel/corecommands.fc | 19 +++++++++++++++++++ 1 file changed, 19 insertions(+) diff --git a/policy/modules/kernel/corecommands.fc b/policy/modules/kernel/corecommands.fc index 75667c04..0be85be3 100644 --- a/policy/modules/kernel/corecommands.fc +++ b/policy/modules/kernel/corecommands.fc @@ -244,15 +244,34 @@ ifdef(`distro_gentoo',` /usr/lib/vte/gnome-pty-helper -- gen_context(system_u:object_r:bin_t,s0) /usr/lib/xfce4/exo-1/exo-compose-mail-1 -- gen_context(system_u:object_r:bin_t,s0) /usr/lib/xfce4/exo-1/exo-helper-1 -- gen_context(system_u:object_r:bin_t,s0) +/usr/lib/xfce4/exo-2/exo-helper-2 -- gen_context(system_u:object_r:bin_t,s0) /usr/lib/xfce4/notifyd/xfce4-notifyd -- gen_context(system_u:object_r:bin_t,s0) /usr/lib/xfce4/panel/migrate -- gen_context(system_u:object_r:bin_t,s0) /usr/lib/xfce4/panel/wrapper -- gen_context(system_u:object_r:bin_t,s0) +/usr/lib/xfce4/panel/wrapper-1\.0 -- gen_context(system_u:object_r:bin_t,s0) +/usr/lib/xfce4/panel/wrapper-2\.0 -- gen_context(system_u:object_r:bin_t,s0) /usr/lib/xfce4/session/balou-export-theme -- gen_context(system_u:object_r:bin_t,s0) /usr/lib/xfce4/session/balou-install-theme -- gen_context(system_u:object_r:bin_t,s0) /usr/lib/xfce4/session/xfsm-shutdown-helper -- gen_context(system_u:object_r:bin_t,s0) /usr/lib/xfce4/xfconf/xfconfd -- gen_context(system_u:object_r:bin_t,s0) /usr/lib/xfce4/xfwm4/helper-dialog -- gen_context(system_u:object_r:bin_t,s0) +ifdef(`distro_debian',` +/usr/lib/[^/]+/tumbler-1/tumblerd -- gen_context(system_u:object_r:bin_t,s0) +/usr/lib/[^/]+/xfce4/exo-1/exo-helper-1 -- gen_context(system_u:object_r:bin_t,s0) +/usr/lib/[^/]+/xfce4/exo-2/exo-helper-2 -- gen_context(system_u:object_r:bin_t,s0) +/usr/lib/[^/]+/xfce4/notifyd/xfce4-notifyd -- gen_context(system_u:object_r:bin_t,s0) +/usr/lib/[^/]+/xfce4/panel/migrate -- gen_context(system_u:object_r:bin_t,s0) +/usr/lib/[^/]+/xfce4/panel/wrapper -- gen_context(system_u:object_r:bin_t,s0) +/usr/lib/[^/]+/xfce4/panel/wrapper-1\.0 -- gen_context(system_u:object_r:bin_t,s0) +/usr/lib/[^/]+/xfce4/panel/wrapper-2\.0 -- gen_context(system_u:object_r:bin_t,s0) +/usr/lib/[^/]+/xfce4/session/balou-export-theme -- gen_context(system_u:object_r:bin_t,s0) +/usr/lib/[^/]+/xfce4/session/balou-install-theme -- gen_context(system_u:object_r:bin_t,s0) +/usr/lib/[^/]+/xfce4/session/xfsm-shutdown-helper -- gen_context(system_u:object_r:bin_t,s0) +/usr/lib/[^/]+/xfce4/xfconf/xfconfd -- gen_context(system_u:object_r:bin_t,s0) +/usr/lib/[^/]+/xfce4/xfwm4/helper-dialog -- gen_context(system_u:object_r:bin_t,s0) +') + /usr/lib/couchdb/erlang/lib/couch-[0-9.]+/priv/couchspawnkillable -- gen_context(system_u:object_r:bin_t,s0) /usr/lib/debug/bin(/.*)? -- gen_context(system_u:object_r:bin_t,s0)
