diff options
| author |   Anthony G. Basile <blueness@gentoo.org> | 2011-07-10 02:39:01 +0000 |
|---|---|---|
| committer | Anthony G. Basile <blueness@gentoo.org> | 2011-07-10 02:39:01 +0000 |
| commit | 1836ef708ff91b75c91cc228c52121a727d7a109 (patch) | |
| tree | d0f02b5055edbdaf61385651328f1bd1a0ce6f3f /sec-policy | |
| parent | Support proxy plugins and tor (diff) | |
| download | gentoo-2-1836ef708ff91b75c91cc228c52121a727d7a109.tar.gz gentoo-2-1836ef708ff91b75c91cc228c52121a727d7a109.tar.bz2 gentoo-2-1836ef708ff91b75c91cc228c52121a727d7a109.zip | |
Allow rpcd_t to listen on udp_socket, needed for NFSd to work
(Portage version: 2.1.10.3/cvs/Linux x86_64)
Diffstat (limited to 'sec-policy')
| -rw-r--r-- | sec-policy/selinux-rpc/ChangeLog | 8 | ||||
| -rw-r--r-- | sec-policy/selinux-rpc/files/fix-services-rpc-r1.patch | 10 | ||||
| -rw-r--r-- | sec-policy/selinux-rpc/selinux-rpc-2.20101213-r1.ebuild | 14 |
3 files changed, 31 insertions, 1 deletions
diff --git a/sec-policy/selinux-rpc/ChangeLog b/sec-policy/selinux-rpc/ChangeLog index 5fa59d508367..0ba6c17d9ac6 100644 --- a/sec-policy/selinux-rpc/ChangeLog +++ b/sec-policy/selinux-rpc/ChangeLog @@ -1,6 +1,12 @@ # ChangeLog for sec-policy/selinux-rpc # Copyright 1999-2011 Gentoo Foundation; Distributed under the GPL v2 -# $Header: /var/cvsroot/gentoo-x86/sec-policy/selinux-rpc/ChangeLog,v 1.2 2011/06/02 12:52:59 blueness Exp $ +# $Header: /var/cvsroot/gentoo-x86/sec-policy/selinux-rpc/ChangeLog,v 1.3 2011/07/10 02:39:01 blueness Exp $ + +*selinux-rpc-2.20101213-r1 (10 Jul 2011) + + 10 Jul 2011; Anthony G. Basile <blueness@gentoo.org> + +files/fix-services-rpc-r1.patch, +selinux-rpc-2.20101213-r1.ebuild: + Allow rpcd_t to listen on udp_socket, needed for NFSd to work 02 Jun 2011; Anthony G. Basile <blueness@gentoo.org> selinux-rpc-2.20101213.ebuild: diff --git a/sec-policy/selinux-rpc/files/fix-services-rpc-r1.patch b/sec-policy/selinux-rpc/files/fix-services-rpc-r1.patch new file mode 100644 index 000000000000..cad310813da5 --- /dev/null +++ b/sec-policy/selinux-rpc/files/fix-services-rpc-r1.patch @@ -0,0 +1,10 @@ +--- services/rpc.te 2010-09-10 17:05:45.000000000 +0200 ++++ services/rpc.te 2011-07-04 19:06:36.644003547 +0200 +@@ -61,6 +61,7 @@ + allow rpcd_t self:capability { sys_admin chown dac_override setgid setuid }; + allow rpcd_t self:process { getcap setcap }; + allow rpcd_t self:fifo_file rw_fifo_file_perms; ++allow rpcd_t self:udp_socket { listen }; + + allow rpcd_t rpcd_var_run_t:dir setattr; + manage_files_pattern(rpcd_t, rpcd_var_run_t, rpcd_var_run_t) diff --git a/sec-policy/selinux-rpc/selinux-rpc-2.20101213-r1.ebuild b/sec-policy/selinux-rpc/selinux-rpc-2.20101213-r1.ebuild new file mode 100644 index 000000000000..637913326f1e --- /dev/null +++ b/sec-policy/selinux-rpc/selinux-rpc-2.20101213-r1.ebuild @@ -0,0 +1,14 @@ +# Copyright 1999-2011 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Header: /var/cvsroot/gentoo-x86/sec-policy/selinux-rpc/selinux-rpc-2.20101213-r1.ebuild,v 1.1 2011/07/10 02:39:01 blueness Exp $ + +IUSE="" + +MODS="rpc" + +inherit selinux-policy-2 + +DESCRIPTION="SELinux policy for general applications" + +KEYWORDS="~amd64 ~x86" +POLICY_PATCH="${FILESDIR}/fix-services-rpc-r1.patch" |