commit: ef3895b29d224ba5c64e12242b5fb85fc1e9405d
Author: Luis Ressel <aranea <AT> aixah <DOT> de>
AuthorDate: Thu Oct 15 10:44:41 2015 +0000
Commit: Sven Vermeulen <swift <AT> gentoo <DOT> org>
CommitDate: Sat Oct 17 16:47:50 2015 +0000
URL:
https://gitweb.gentoo.org/proj/hardened-refpolicy.git/commit/?id=ef3895b2
portage: Fix the gen_require of the portage_compile_domain interface
The portage_compile_domain interface used portage_sandbox_t without
requiring it.
policy/modules/contrib/portage.if | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/policy/modules/contrib/portage.if
b/policy/modules/contrib/portage.if
index c98a763..4652319 100644
--- a/policy/modules/contrib/portage.if
+++ b/policy/modules/contrib/portage.if
@@ -68,8 +68,8 @@ interface(`portage_run',`
interface(`portage_compile_domain',`
gen_require(`
class dbus send_msg;
- type portage_devpts_t, portage_log_t, portage_srcrepo_t,
portage_tmp_t;
- type portage_tmpfs_t;
+ type portage_devpts_t, portage_log_t, portage_sandbox_t,
portage_srcrepo_t;
+ type portage_tmp_t, portage_tmpfs_t;
')
allow $1 self:capability { fowner fsetid mknod setgid setuid chown
dac_override net_raw };
