commit: 0bb6636315aeb689646c5362ab11ae4101d1c30a Author: cgzones <cgzones <AT> googlemail <DOT> com> AuthorDate: Thu Jan 5 11:47:58 2017 +0000 Commit: Sven Vermeulen <swift <AT> gentoo <DOT> org> CommitDate: Fri Jan 13 18:39:03 2017 +0000 URL: https://gitweb.gentoo.org/proj/hardened-refpolicy.git/commit/?id=0bb66363
add files_search_src() required by loadkeys policy/modules/kernel/files.if | 18 ++++++++++++++++++ 1 file changed, 18 insertions(+) diff --git a/policy/modules/kernel/files.if b/policy/modules/kernel/files.if index b5eeaf8..f82c792 100644 --- a/policy/modules/kernel/files.if +++ b/policy/modules/kernel/files.if @@ -5216,6 +5216,24 @@ interface(`files_usr_filetrans',` ######################################## ## <summary> +## Search directories in /usr/src. +## </summary> +## <param name="domain"> +## <summary> +## Domain allowed access. +## </summary> +## </param> +# +interface(`files_search_src',` + gen_require(` + type src_t; + ') + + allow $1 src_t:dir search_dir_perms; +') + +######################################## +## <summary> ## Do not audit attempts to search /usr/src. ## </summary> ## <param name="domain">
