diff options
| author |   Sven Vermeulen <sven.vermeulen@siphos.be> | 2011-04-16 17:00:55 +0200 |
|---|---|---|
| committer | Sven Vermeulen <sven.vermeulen@siphos.be> | 2011-04-16 17:00:55 +0200 |
| commit | 19fdf4b86bad28223065b0a4f6dcf2f1fe0d17a4 (patch) | |
| tree | 8c6ccc91dfe53f7b567acdc96ca3132a94f663a6 | |
| parent | Forgot closing quote (diff) | |
| download | hardened-dev-19fdf4b86bad28223065b0a4f6dcf2f1fe0d17a4.tar.gz hardened-dev-19fdf4b86bad28223065b0a4f6dcf2f1fe0d17a4.tar.bz2 hardened-dev-19fdf4b86bad28223065b0a4f6dcf2f1fe0d17a4.zip | |
Cleanup after migration to tree
34 files changed, 0 insertions, 1939 deletions
diff --git a/sec-policy/selinux-base-policy/ChangeLog b/sec-policy/selinux-base-policy/ChangeLog deleted file mode 100644 index b8ef4629..00000000 --- a/sec-policy/selinux-base-policy/ChangeLog +++ /dev/null @@ -1,479 +0,0 @@ -# ChangeLog for sec-policy/selinux-base-policy -# Copyright 1999-2011 Gentoo Foundation; Distributed under the GPL v2 -# $Header: /var/cvsroot/gentoo-x86/sec-policy/selinux-base-policy/ChangeLog,v 1.71 2011/03/07 02:13:36 blueness Exp $ - -*selinux-base-policy-2.20101213-r12 (13 Apr 2011) - - 13 Apr 2011; <swift@gentoo.org> - +selinux-base-policy-2.20101213-r12.ebuild, - +files/patchbundle-selinux-base-policy-2.20101213-r12.tar.bz2: - Hide cosmetic denials, add support for portage_svnsrc_t domain - -*selinux-base-policy-2.20101213-r11 (14 Mar 2011) - - 14 Mar 2011; <swift@gentoo.org> - +selinux-base-policy-2.20101213-r11.ebuild, - +files/patchbundle-selinux-base-policy-2.20101213-r11.tar.bz2, - +files/selinux-base-policy-20070329.diff, +files/config, - +files/modules.conf.strict.20090730, - +files/modules.conf.targeted.20090730, +metadata.xml: - Fixes for courier, enable ldap administration, enable postfix - administration - -*selinux-base-policy-2.20101213-r10 (07 Mar 2011) -*selinux-base-policy-2.20101213-r9 (07 Mar 2011) - - 07 Mar 2011; Anthony G. Basile <blueness@gentoo.org> - +selinux-base-policy-2.20101213-r9.ebuild, - +selinux-base-policy-2.20101213-r10.ebuild, - +files/patchbundle-selinux-base-policy-2.20101213-r10.tar.bz2, - +files/patchbundle-selinux-base-policy-2.20101213-r9.tar.bz2: - Added new patchbundles for rev bumps to base policy 2.20101213 - - 05 Feb 2011; Anthony G. Basile <blueness@gentoo.org> - +files/patchbundle-selinux-base-policy-2.20101213-r5.tar.bz2, - +files/patchbundle-selinux-base-policy-2.20101213-r6.tar.bz2, - +files/patchbundle-selinux-base-policy-2.20101213-r7.tar.bz2: - Added patchbundle for base policy 2.20101213. - -*selinux-base-policy-2.20101213-r7 (05 Feb 2011) -*selinux-base-policy-2.20101213-r6 (05 Feb 2011) -*selinux-base-policy-2.20101213-r5 (05 Feb 2011) - - 05 Feb 2011; Anthony G. Basile <blueness@gentoo.org> - +selinux-base-policy-2.20101213-r5.ebuild, - +selinux-base-policy-2.20101213-r6.ebuild, - +selinux-base-policy-2.20101213-r7.ebuild: - New upstream policy. - -*selinux-base-policy-2.20091215 (16 Dec 2009) - - 16 Dec 2009; Chris PeBenito <pebenito@gentoo.org> - +selinux-base-policy-2.20091215.ebuild: - New upstream release. - -*selinux-base-policy-20080525-r1 (14 Sep 2009) - - 14 Sep 2009; Chris PeBenito <pebenito@gentoo.org> - +selinux-base-policy-20080525-r1.ebuild: - Update old base policy to support ext4. - - 14 Aug 2009; Chris PeBenito <pebenito@gentoo.org> - -selinux-base-policy-20070329.ebuild, - -selinux-base-policy-20070928.ebuild, selinux-base-policy-20080525.ebuild: - Mark 20080525 stable, clear old ebuilds. - -*selinux-base-policy-2.20090814 (14 Aug 2009) - - 14 Aug 2009; Chris PeBenito <pebenito@gentoo.org> - +selinux-base-policy-2.20090814.ebuild: - Git version of refpolicy for misc fixes including some cron problems. - -*selinux-base-policy-2.20090730 (03 Aug 2009) - - 03 Aug 2009; Chris PeBenito <pebenito@gentoo.org> - +selinux-base-policy-2.20090730.ebuild: - New upstream release. - - 18 Jul 2009; Chris PeBenito <pebenito@gentoo.org> - selinux-base-policy-20070329.ebuild, selinux-base-policy-20070928.ebuild, - selinux-base-policy-20080525.ebuild: - Drop alpha, mips, ppc, sparc selinux support. - -*selinux-base-policy-20080525 (25 May 2008) - - 25 May 2008; Chris PeBenito <pebenito@gentoo.org> - +selinux-base-policy-20080525.ebuild: - New SVN snapshot. - - 16 Mar 2008; Chris PeBenito <pebenito@gentoo.org> - -selinux-base-policy-20051022-r1.ebuild, - -selinux-base-policy-20061114.ebuild: - Remove old ebuilds. - - 03 Feb 2008; Chris PeBenito <pebenito@gentoo.org> - selinux-base-policy-20070928.ebuild: - Mark stable. - -*selinux-base-policy-20070928 (26 Nov 2007) - - 26 Nov 2007; Chris PeBenito <pebenito@gentoo.org> - +selinux-base-policy-20070928.ebuild: - New SVN snapshot. - - 04 Jun 2007; Chris PeBenito <pebenito@gentoo.org> - selinux-base-policy-20070329.ebuild: - Mark stable. - - 30 Mar 2007; Chris PeBenito <pebenito@gentoo.org> - +files/selinux-base-policy-20070329.diff, - selinux-base-policy-20070329.ebuild: - Compile fix. - -*selinux-base-policy-20070329 (29 Mar 2007) - - 29 Mar 2007; Chris PeBenito <pebenito@gentoo.org> - +selinux-base-policy-20070329.ebuild: - New SVN snapshot. - - 22 Feb 2007; Markus Ullmann <jokey@gentoo.org> ChangeLog: - Redigest for Manifest2 - -*selinux-base-policy-20061114 (15 Nov 2006) - - 15 Nov 2006; Chris PeBenito <pebenito@gentoo.org> - +selinux-base-policy-20061114.ebuild: - New SVN snapshot. - - 25 Oct 2006; Chris PeBenito <pebenito@gentoo.org> - selinux-base-policy-20061015.ebuild: - Fix to have default POLICY_TYPES if it is empty. - - 21 Oct 2006; Chris PeBenito <pebenito@gentoo.org> - selinux-base-policy-20061015.ebuild: - Fix xml generation failure to die. - -*selinux-base-policy-20061015 (15 Oct 2006) - - 15 Oct 2006; Chris PeBenito <pebenito@gentoo.org> - -selinux-base-policy-20061008.ebuild, - +selinux-base-policy-20061015.ebuild: - Update for testing fixes. - -*selinux-base-policy-20061008 (08 Oct 2006) - - 08 Oct 2006; Chris PeBenito <pebenito@gentoo.org> -files/semanage.conf, - +selinux-base-policy-20061008.ebuild, - -selinux-base-policy-99999999.ebuild: - First mainstream reference policy testing release. - - 29 Sep 2006; Chris PeBenito <pebenito@gentoo.org> - selinux-base-policy-99999999.ebuild: - Fix for new SVN location. Fixes 147781. - - 22 Feb 2006; Stephen Bennett <spb@gentoo.org> - selinux-base-policy-20051022-r1.ebuild: - Alpha stable - -*selinux-base-policy-99999999 (02 Feb 2006) - - 02 Feb 2006; Chris PeBenito <pebenito@gentoo.org> +files/config, - +files/modules.conf.strict, +files/modules.conf.targeted, - +files/semanage.conf, +selinux-base-policy-99999999.ebuild: - Add experimental policy for testing reference policy. Requires portage fix - from bug #110857. - - 02 Feb 2006; Chris PeBenito <pebenito@gentoo.org> - -selinux-base-policy-20050322.ebuild, - -selinux-base-policy-20050618.ebuild, - -selinux-base-policy-20050821.ebuild, - -selinux-base-policy-20051022.ebuild: - Clean out old ebuilds. - - 14 Jan 2006; Stephen Bennett <spb@gentoo.org> - selinux-base-policy-20051022-r1.ebuild: - Added ~alpha - -*selinux-base-policy-20051022-r1 (08 Dec 2005) - - 08 Dec 2005; Chris PeBenito <pebenito@gentoo.org> - +selinux-base-policy-20051022-r1.ebuild: - Change to use compatability genhomedircon. Newer policycoreutils (1.28) - breaks the backwards compatability this policy uses. - -*selinux-base-policy-20051022 (22 Oct 2005) - - 22 Oct 2005; Chris PeBenito <pebenito@gentoo.org> - +selinux-base-policy-20051022.ebuild: - Very trivial fixes. - - 08 Sep 2005; Chris PeBenito <pebenito@gentoo.org> - selinux-base-policy-20050821.ebuild: - Mark stable. - -*selinux-base-policy-20050821 (21 Aug 2005) - - 21 Aug 2005; Chris PeBenito <pebenito@gentoo.org> - +selinux-base-policy-20050821.ebuild: - Minor updates for 2.6.12. - - 21 Jun 2005; Chris PeBenito <pebenito@gentoo.org> - selinux-base-policy-20050618.ebuild: - Mark stable. - -*selinux-base-policy-20050618 (18 Jun 2005) - - 18 Jun 2005; Chris PeBenito <pebenito@gentoo.org> - -selinux-base-policy-20041123.ebuild, - -selinux-base-policy-20050306.ebuild, - +selinux-base-policy-20050618.ebuild: - New release to support 2.6.12 features. - - 10 May 2005; Stephen Bennett <spb@gentoo.org> - selinux-base-policy-20050322.ebuild: - mips stable - - 01 May 2005; Stephen Bennett <spb@gentoo.org> - selinux-base-policy-20050322.ebuild: - Added ~mips. - -*selinux-base-policy-20050322 (23 Mar 2005) - - 23 Mar 2005; Chris PeBenito <pebenito@gentoo.org> - +selinux-base-policy-20050322.ebuild: - New release. - -*selinux-base-policy-20050306 (06 Mar 2005) - - 06 Mar 2005; Chris PeBenito <pebenito@gentoo.org> - +selinux-base-policy-20050306.ebuild: - Fix bad samba_domain dummy macro. Add policies needed for udev support. - -*selinux-base-policy-20050224 (24 Feb 2005) - - 24 Feb 2005; Chris PeBenito <pebenito@gentoo.org> - +selinux-base-policy-20050224.ebuild: - New release. - - 19 Jan 2005; Chris PeBenito <pebenito@gentoo.org> - selinux-base-policy-20041123.ebuild: - Mark stable. - -*selinux-base-policy-20041123 (23 Nov 2004) - - 23 Nov 2004; Chris PeBenito <pebenito@gentoo.org> - +selinux-base-policy-20041123.ebuild: - New release with 1.18 merge. - -*selinux-base-policy-20041023 (23 Oct 2004) - - 23 Oct 2004; Chris PeBenito <pebenito@gentoo.org> - +selinux-base-policy-20041023.ebuild: - New release with 1.16 merge. Tcpd and inetd have been deprecated since they - are not in the base system anymore, and probably no one uses them anyway. - -*selinux-base-policy-20040906 (06 Sep 2004) - - 06 Sep 2004; Chris PeBenito <pebenito@gentoo.org> - +selinux-base-policy-20040906.ebuild: - New release with 1.14 merge, which has policy 18 (fine-grained netlink) - features. - - 05 Sep 2004; Chris PeBenito <pebenito@gentoo.org> - selinux-base-policy-20040225.ebuild, -selinux-base-policy-20040509.ebuild, - -selinux-base-policy-20040604.ebuild, selinux-base-policy-20040629.ebuild, - selinux-base-policy-20040702.ebuild: - Remove old builds, switch to epause and ebeep in remaining builds. - -*selinux-base-policy-20040702 (02 Jul 2004) - - 02 Jul 2004; Chris PeBenito <pebenito@gentoo.org> - +selinux-base-policy-20040702.ebuild: - Same as 20040629, except with updated flask headers, which will come out in - 2.6.8. - -*selinux-base-policy-20040629 (29 Jun 2004) - - 29 Jun 2004; Chris PeBenito <pebenito@gentoo.org> - +selinux-base-policy-20040629.ebuild: - Large sysadmfile cleanup: disable admin_separation to give sysadm_r back its - ablility to modify all files. Minor fixes: portage_r works again, syslog-ng - breakage fixed, put back manual PaX policy for pageexec/segmexec. - - 16 Jun 2004; Chris PeBenito <pebenito@gentoo.org> - selinux-base-policy-20040604.ebuild: - Mark stable. - - 10 Jun 2004; Chris PeBenito <pebenito@gentoo.org> - selinux-base-policy-20040225.ebuild, selinux-base-policy-20040509.ebuild, - selinux-base-policy-20040604.ebuild: - Add src_compile() stub - -*selinux-base-policy-20040604 (04 Jun 2004) - - 04 Jun 2004; Chris PeBenito <pebenito@gentoo.org> - +selinux-base-policy-20040604.ebuild: - New release including 1.12 NSA policy, and experimental sesandbox. - - 15 May 2004; Chris PeBenito <pebenito@gentoo.org> - selinux-base-policy-20040509.ebuild: - Mark stable. - -*selinux-base-policy-20040509 (09 May 2004) - - 09 May 2004; Chris PeBenito <pebenito@gentoo.org> - +selinux-base-policy-20040509.ebuild: - A few small cleanups. Make PaX non exec pages macro based on arch. Large - portage update, get rid of portage_exec_fetch_t, portage will setexec. Add - global_ssp tunable. - -*selinux-base-policy-20040418 (18 Apr 2004) - - 18 Apr 2004; Chris PeBenito <pebenito@gentoo.org> - +selinux-base-policy-20040418.ebuild: - New release for checkpolicy 1.10 - -*selinux-base-policy-20040414 (14 Apr 2004) - - 14 Apr 2004; Chris PeBenito <pebenito@gentoo.org> - -selinux-base-policy-20040408.ebuild, +selinux-base-policy-20040414.ebuild: - Minor updates - -*selinux-base-policy-20040408 (08 Apr 2004) - - 08 Apr 2004; Chris PeBenito <pebenito@gentoo.org> - selinux-base-policy-20040408.ebuild: - New update. Users.fc is now deprecated, as the contexts for user directories - is now automatically generated. Portage fetching of distfiles now has a - subdomain, for dropping priviledges. - - 28 Feb 2004; Chris PeBenito <pebenito@gentoo.org> - selinux-base-policy-20040225.ebuild: - Mark stable. - -*selinux-base-policy-20040225 (25 Feb 2004) - - 25 Feb 2004; Chris PeBenito <pebenito@gentoo.org> - selinux-base-policy-20040225.ebuild: - New support for PaX ACL hooks. Addition of tunable.te for configurable policy - options. Rewrite of portage.te. Now auto-transition for sysadm is default, can - reenable portage_r by tunable.te. Makefile update from NSA CVS. - -*selinux-base-policy-20040209 (09 Feb 2004) - - 09 Feb 2004; Chris PeBenito <pebenito@gentoo.org> - selinux-base-policy-20040209.ebuild: - Minor revision to add XFS labeling and policy for integrated - runscript-run_init. - - 07 Feb 2004; Chris PeBenito <pebenito@gentoo.org> - selinux-base-policy-20040202.ebuild: - Mark x86 stable. - -*selinux-base-policy-20040202 (02 Feb 2004) - - 02 Feb 2004; Chris PeBenito <pebenito@gentoo.org> - selinux-base-policy-20040202.ebuild: - A few misc fixes. Allow portage to update bootloader code, such as in lilo or - grub postinst. This requires checkpolicy 1.4-r1. - -*selinux-base-policy-20031225 (25 Dec 2003) - - 25 Dec 2003; Chris PeBenito <pebenito@gentoo.org> - selinux-base-policy-20031225.ebuild: - New release, with merged NSA 1.4 policy. One critical note, this policy - requires pam 0.77. Much work has been done to minimize access to /etc/shadow, - and one requirement is in the patch for pam 0.77. If you do not use this pam - version or newer, you will be unable to authenticate in enforcing. Since - devfs no longer is usable in SELinux, it's policy has been removed. You - should merge the changes, remove the devfsd policy (devfsd.te and devfsd.fc), - load the policy, and relabel. - - 27 Nov 2003; Chris PeBenito <pebenito@gentoo.org> - selinux-base-policy-20031010-r1.ebuild: - Mark stable. Add build USE flag for stage building. - -*selinux-base-policy-20031010-r1 (12 Nov 2003) - - 12 Nov 2003; Chris PeBenito <pebenito@gentoo.org> - selinux-base-policy-20031010-r1.ebuild, - files/selinux-base-policy-20031010-cvs.diff: - Add fixes from policy cvs for compilers, so non x86 and ppc compilers can - work. Also portage update as a side effect of updated setfiles code in - portage, from bug 31748. - - 28 Oct 2003; Chris PeBenito <pebenito@gentoo.org> - selinux-base-policy-20031010.ebuild: - Mark stable - -*selinux-base-policy-20031010 (10 Oct 2003) - - 10 Oct 2003; Chris PeBenito <pebenito@gentoo.org> - selinux-base-policy-20031010.ebuild: - New release for new API. Massive cleanups all over the place. - -*selinux-base-policy-20030817 (17 Aug 2003) - - 17 Aug 2003; Chris PeBenito <pebenito@gentoo.org> - selinux-base-policy-20030817.ebuild: - Initial commit of new API policy - - 10 Aug 2003; Chris PeBenito <pebenito@gentoo.org> - selinux-base-policy-20030729-r1.ebuild: - Mark stable - -*selinux-base-policy-20030729-r1 (31 Jul 2003) - - 31 Jul 2003; Chris PeBenito <pebenito@gentoo.org> - selinux-base-policy-20030729-r1.ebuild: - New rev that handles an empty POLICYDIR sanely. - -*selinux-base-policy-20030729 (29 Jul 2003) - - 29 Jul 2003; Chris PeBenito <pebenito@gentoo.org> - selinux-base-policy-20030729.ebuild: - Make the ebuild use POLICYDIR. Important fix so portage can load policy so - selinux-policy.eclass works. update_modules_t cleanup. Fix for an access when - merging baselayout. - -*selinux-base-policy-20030720 (20 Jul 2003) - - 20 Jul 2003; Chris PeBenito <pebenito@gentoo.org> - selinux-base-policy-20030720.ebuild: - Many fixes, including the syslog fix. File contexts have changed, so a relabel - is needed. You may encounter problems relabeling /usr/portage, as its file - context has changed, as files should not have the same type as a domain. - Relabelling in permissive will fix this, or temporarily give portage_t a - file_type attribute. Tightened the can_exec_any() macro. Moved staff.fc to - users.fc, since all users with SELinux identities should have their home - directories have the correct identity, not the generic identity. - - 06 Jun 2003; Chris PeBenito <pebenito@gentoo.org> - selinux-base-policy-20030604.ebuild: - Mark stable - -*selinux-base-policy-20030604 (04 Jun 2003) - - 04 Jun 2003; Chris PeBenito <pebenito@gentoo.org> - selinux-base-policy-20030604.ebuild: - Fix broken 20030603 - - 04 Jun 2003; Chris PeBenito <pebenito@gentoo.org> - selinux-base-policy-20030603.ebuild: - Pulling 20030603, as there are problems, 20030604 later today - -*selinux-base-policy-20030603 (03 Jun 2003) - - 03 Jun 2003; Chris PeBenito <pebenito@gentoo.org> - selinux-base-policy-20030603.ebuild: - Numerous various fixes. Added staff role. Removed ipsec, gpm and gpg policies - as they are not appropriate for the base policy, and untested. - -*selinux-base-policy-20030522 (22 May 2003) - - 22 May 2003; Chris PeBenito <pebenito@gentoo.org> - selinux-base-policy-20030522.ebuild: - The policy is in pretty good shape now. I've been able to run in enforcing mode - with little problem. I've also been able to successfully merge and unmerge - packages in enforcing mode, with few exceptions (why does mysql need to run ps - during configure?). - -*selinux-base-policy-20030514 (14 May 2003) - - 14 May 2003; Chris PeBenito <pebenito@gentoo.org> - selinux-base-policy-20030514.ebuild: - Many improvements in many areas. Of note, rlogind policies were removed. Klogd - is being merged into syslogd. The portage policy is much more complete, but - still needs work. Its suggested that all changes be merged in, policy - reloaded, then relabel. - -*selinux-base-policy-20030419 (19 Apr 2003) - - 23 Apr 2003; Chris PeBenito <pebenito@gentoo.org> - selinux-base-policy-20030419.ebuild: - Marking stable for selinux-small stable usage - - 19 Apr 2003; Chris PeBenito <pebenito@gentoo.org> Manifest, - selinux-base-policy-20030419.ebuild: - Initial commit. Base policies for SELinux, with Gentoo-specifics - diff --git a/sec-policy/selinux-base-policy/Manifest b/sec-policy/selinux-base-policy/Manifest deleted file mode 100644 index f568df5b..00000000 --- a/sec-policy/selinux-base-policy/Manifest +++ /dev/null @@ -1,11 +0,0 @@ -AUX config 447 RMD160 e7c65cdee66dd93597f6608c48ab672327dfaf99 SHA1 32ec28fff992016971ddec982c203a44275552fc SHA256 8192a534941ef95ca93bfff3a0a078407480e52047048daccb5cb7acac1eaddf -AUX modules.conf.strict.20090730 728 RMD160 20c291e9a1ab63c7ffeda41f1b28a1a3d1058a5b SHA1 79f164d12565c3f9cc633fbbfc3469f1337cabc9 SHA256 7deba8527d6002e25d5b307fa085341473add1bc6489902a920096012ba56456 -AUX modules.conf.targeted.20090730 746 RMD160 51929329cb860f5412ea4fda11e1d4bc8eafadae SHA1 80c8ac75f2102968f22f7469142b820a33a0a2c0 SHA256 435cb66eee3c702bd217a66d138d740ceb7f750380fb4681d6eae4b5acacf2c0 -AUX patchbundle-selinux-base-policy-2.20101213-r11.tar.bz2 12037 RMD160 0c49eddeed9853f667cc40a90b8d6cf776e7f717 SHA1 d72de3ec9fb86a726b65e6bd71aad7c9e67993bf SHA256 443266b9c90cfb4657485d59d1787130ca2df6d5f93595427b8418036578864f -AUX patchbundle-selinux-base-policy-2.20101213-r12.tar.bz2 12665 RMD160 c73daac90cf220278d1111466344b7fad4389a1f SHA1 c1164674566218e6cecfbb5b85ee183a0d1ec8b8 SHA256 dafde17a431e5b93e7ac72e3eafcbe5e8e92e0e6629ceb543afe764abe7cdd4e -AUX selinux-base-policy-20070329.diff 2822 RMD160 164c86d9eb814ada83499f529445d7360b634988 SHA1 22d4240dd4e8d4018e61e2d0d25c810bc0eeaa2b SHA256 6e45238d3baf2771dddb6d0323d3e012c657458d686564577b043199b0336d59 -DIST refpolicy-2.20101213.tar.bz2 559450 RMD160 4858f792f4db5b179de6fb8419a626c29d59bdd3 SHA1 0e881e99b8950a358eadc44633551ca10f12eaee SHA256 b691ee8f6066cc19bb0d4384fe3be277d97d22e9d4ac2db0c252065e8c3535de -EBUILD selinux-base-policy-2.20101213-r11.ebuild 2989 RMD160 205a71c62d5f42d4f750013c5937ac1190640cb7 SHA1 930e047831a455505f657ceb7a884500429ee50f SHA256 3b34d7d623bdcea35d95f295d0bad4542013216931455092b8bf963d02f5d4c5 -EBUILD selinux-base-policy-2.20101213-r12.ebuild 2989 RMD160 205a71c62d5f42d4f750013c5937ac1190640cb7 SHA1 930e047831a455505f657ceb7a884500429ee50f SHA256 3b34d7d623bdcea35d95f295d0bad4542013216931455092b8bf963d02f5d4c5 -MISC ChangeLog 17023 RMD160 9024860a1401342d5a92c3b61760e145cc47f1df SHA1 0871705917bb0c78fe315a71f50516821da81f09 SHA256 ab8a816c11db7c8ed5525c322d836dd07b58461a9a948546885e08a84a5cf96d -MISC metadata.xml 582 RMD160 ca02d1eebc8ac4238e48f0900a773ad592e7a284 SHA1 866304bb54664b45a5defc32dd6a96e9283ddbde SHA256 7dba85fe3652f3bc9aed33885cbebaa3dc12303dfb3dd1b085dde48371602cf0 diff --git a/sec-policy/selinux-base-policy/files/config b/sec-policy/selinux-base-policy/files/config deleted file mode 100644 index 41e69934..00000000 --- a/sec-policy/selinux-base-policy/files/config +++ /dev/null @@ -1,12 +0,0 @@ -# This file controls the state of SELinux on the system on boot. - -# SELINUX can take one of these three values: -# enforcing - SELinux security policy is enforced. -# permissive - SELinux prints warnings instead of enforcing. -# disabled - No SELinux policy is loaded. -SELINUX=permissive - -# SELINUXTYPE can take one of these two values: -# targeted - Only targeted network daemons are protected. -# strict - Full SELinux protection. -SELINUXTYPE=strict diff --git a/sec-policy/selinux-base-policy/files/modules.conf.strict.20090730 b/sec-policy/selinux-base-policy/files/modules.conf.strict.20090730 deleted file mode 100644 index fcb3fd8a..00000000 --- a/sec-policy/selinux-base-policy/files/modules.conf.strict.20090730 +++ /dev/null @@ -1,49 +0,0 @@ -application = base -authlogin = base -bootloader = base -clock = base -consoletype = base -corecommands = base -corenetwork = base -cron = base -devices = base -dmesg = base -domain = base -files = base -filesystem = base -fstools = base -getty = base -hostname = base -hotplug = base -init = base -iptables = base -kernel = base -libraries = base -locallogin = base -logging = base -lvm = base -miscfiles = base -mcs = base -mls = base -modutils = base -mount = base -mta = base -netutils = base -nscd = base -portage = base -raid = base -rsync = base -selinux = base -selinuxutil = base -ssh = base -staff = base -storage = base -su = base -sysadm = base -sysnetwork = base -terminal = base -ubac = base -udev = base -userdomain = base -usermanage = base -unprivuser = base diff --git a/sec-policy/selinux-base-policy/files/modules.conf.targeted.20090730 b/sec-policy/selinux-base-policy/files/modules.conf.targeted.20090730 deleted file mode 100644 index ee8a14c4..00000000 --- a/sec-policy/selinux-base-policy/files/modules.conf.targeted.20090730 +++ /dev/null @@ -1,50 +0,0 @@ -application = base -authlogin = base -bootloader = base -clock = base -consoletype = base -corecommands = base -corenetwork = base -cron = base -devices = base -dmesg = base -domain = base -files = base -filesystem = base -fstools = base -getty = base -hostname = base -hotplug = base -init = base -iptables = base -kernel = base -libraries = base -locallogin = base -logging = base -lvm = base -miscfiles = base -mcs = base -mls = base -modutils = base -mount = base -mta = base -netutils = base -nscd = base -portage = base -raid = base -rsync = base -selinux = base -selinuxutil = base -ssh = base -staff = base -storage = base -su = base -sysadm = base -sysnetwork = base -terminal = base -ubac = base -udev = base -unconfined = base -userdomain = base -usermanage = base -unprivuser = base diff --git a/sec-policy/selinux-base-policy/files/patchbundle-selinux-base-policy-2.20101213-r11.tar.bz2 b/sec-policy/selinux-base-policy/files/patchbundle-selinux-base-policy-2.20101213-r11.tar.bz2 Binary files differdeleted file mode 100644 index 986142dc..00000000 --- a/sec-policy/selinux-base-policy/files/patchbundle-selinux-base-policy-2.20101213-r11.tar.bz2 +++ /dev/null diff --git a/sec-policy/selinux-base-policy/files/patchbundle-selinux-base-policy-2.20101213-r12.tar.bz2 b/sec-policy/selinux-base-policy/files/patchbundle-selinux-base-policy-2.20101213-r12.tar.bz2 Binary files differdeleted file mode 100644 index 81074f5a..00000000 --- a/sec-policy/selinux-base-policy/files/patchbundle-selinux-base-policy-2.20101213-r12.tar.bz2 +++ /dev/null diff --git a/sec-policy/selinux-base-policy/files/selinux-base-policy-20070329.diff b/sec-policy/selinux-base-policy/files/selinux-base-policy-20070329.diff deleted file mode 100644 index 4a6f55cd..00000000 --- a/sec-policy/selinux-base-policy/files/selinux-base-policy-20070329.diff +++ /dev/null @@ -1,96 +0,0 @@ -Index: policy/support/loadable_module.spt -=================================================================== ---- policy/support/loadable_module.spt (revision 2248) -+++ policy/support/loadable_module.spt (revision 2249) -@@ -128,10 +128,10 @@ - # This needs to be reworked so expressions - # with parentheses can work. - --define(`delcare_required_symbols',` -+define(`declare_required_symbols',` - ifelse(regexp($1, `\w'), -1, `', `dnl - bool regexp($1, `\(\w+\)', `\1'); --delcare_required_symbols(regexp($1, `\w+\(.*\)', `\1'))dnl -+declare_required_symbols(regexp($1, `\w+\(.*\)', `\1'))dnl - ') dnl - ') - -@@ -140,16 +140,7 @@ - # Tunable declaration - # - define(`gen_tunable',` -- ifdef(`self_contained_policy',` -- bool $1 dflt_or_overr(`$1'_conf,$2); -- ',` -- # loadable module tunable -- # declaration will go here -- # instead of bool when -- # loadable modules support -- # tunables -- bool $1 dflt_or_overr(`$1'_conf,$2); -- ') -+ bool $1 dflt_or_overr(`$1'_conf,$2); - ') - - ############################## -@@ -157,24 +148,12 @@ - # Tunable policy handling - # - define(`tunable_policy',` -- ifdef(`self_contained_policy',` -- if (`$1') { -- $2 -- ifelse(`$3',`',`',`} else { -- $3 -- ')} -- ',` -- # structure for tunables -- # will go here instead of a -- # conditional when loadable -- # modules support tunables -- gen_require(` -- delcare_required_symbols(`$1') -- ') -- if (`$1') { -- $2 -- ifelse(`$3',`',`',`} else { -- $3 -- ')} -+ gen_require(` -+ declare_required_symbols(`$1') - ') -+ if (`$1') { -+ $2 -+ ifelse(`$3',`',`',`} else { -+ $3 -+ ')} - ') -Index: support/comment_move_decl.sed -=================================================================== ---- support/comment_move_decl.sed (revision 2248) -+++ support/comment_move_decl.sed (revision 2249) -@@ -5,9 +5,10 @@ - /require \{/,/} # end require/b nextline - /optional \{/,/} # end optional/b nextline - --/^[[:blank:]]*(attribute|type(alias)?) / s/^/# this line was moved by the build process: &/ -+/^[[:blank:]]*(attribute|type(alias)?) /s/^/# this line was moved by the build process: &/ - /^[[:blank:]]*(port|node|netif|genfs)con /s/^/# this line was moved by the build process: &/ - /^[[:blank:]]*fs_use_(xattr|task|trans) /s/^/# this line was moved by the build process: &/ - /^[[:blank:]]*sid /s/^/# this line was moved by the build process: &/ -+/^[[:blank:]]*bool /s/^/# this line was moved by the build process: &/ - - :nextline -Index: support/get_type_attr_decl.sed -=================================================================== ---- support/get_type_attr_decl.sed (revision 2248) -+++ support/get_type_attr_decl.sed (revision 2249) -@@ -5,7 +5,7 @@ - /require \{/,/} # end require/b nextline - /optional \{/,/} # end optional/b nextline - --/^[[:blank:]]*(attribute|type(alias)?) /{ -+/^[[:blank:]]*(attribute|type(alias)?|bool) /{ - s/^[[:blank:]]+// - p - } diff --git a/sec-policy/selinux-base-policy/metadata.xml b/sec-policy/selinux-base-policy/metadata.xml deleted file mode 100644 index 4e26a860..00000000 --- a/sec-policy/selinux-base-policy/metadata.xml +++ /dev/null @@ -1,13 +0,0 @@ -<?xml version="1.0" encoding="UTF-8"?> -<!DOCTYPE pkgmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd"> -<pkgmetadata> - <herd>selinux</herd> - <longdescription> - Gentoo SELinux base policy. This contains policy for a system at the end of system installation. - There is no extra policy in this package. - </longdescription> - <use> - <flag name='peer_perms'>Enable the labeled networking peer permissions (SELinux policy capability).</flag> - <flag name='open_perms'>Enable the open permissions for file object classes (SELinux policy capability).</flag> - </use> -</pkgmetadata> diff --git a/sec-policy/selinux-base-policy/selinux-base-policy-2.20101213-r11.ebuild b/sec-policy/selinux-base-policy/selinux-base-policy-2.20101213-r11.ebuild deleted file mode 100644 index 75a35488..00000000 --- a/sec-policy/selinux-base-policy/selinux-base-policy-2.20101213-r11.ebuild +++ /dev/null @@ -1,117 +0,0 @@ -# Copyright 1999-2011 Gentoo Foundation -# Distributed under the terms of the GNU General Public License v2 -# $Header: /var/cvsroot/gentoo-x86/sec-policy/selinux-base-policy/selinux-base-policy-2.20101213-r10.ebuild,v 1.1 2011/03/07 02:13:36 blueness Exp $ - -EAPI="1" -IUSE="+peer_perms open_perms" - -inherit eutils - -PATCHBUNDLE="${FILESDIR}/patchbundle-${PF}.tar.bz2" -DESCRIPTION="Gentoo base policy for SELinux" -HOMEPAGE="http://www.gentoo.org/proj/en/hardened/selinux/" -SRC_URI="http://oss.tresys.com/files/refpolicy/refpolicy-${PV}.tar.bz2" -LICENSE="GPL-2" -SLOT="0" - -KEYWORDS="~amd64 ~x86" - -RDEPEND=">=sys-apps/policycoreutils-1.30.30 - >=sys-fs/udev-151" -DEPEND="${RDEPEND} - sys-devel/m4 - >=sys-apps/checkpolicy-1.30.12" - -S=${WORKDIR}/ - -src_unpack() { - [ -z "${POLICY_TYPES}" ] && local POLICY_TYPES="strict targeted" - MOD_CONF_VER="20090730" - - unpack ${A} - - cd "${S}" - epatch "${PATCHBUNDLE}" - cd "${S}/refpolicy" - # Fix bug 257111 - sed -i -e 's:system_crond_t:system_cronjob_t:g' \ - "${S}/refpolicy/config/appconfig-standard/default_contexts" - - if ! use peer_perms; then - sed -i -e '/network_peer_controls/d' \ - "${S}/refpolicy/policy/policy_capabilities" - fi - - if ! use open_perms; then - sed -i -e '/open_perms/d' \ - "${S}/refpolicy/policy/policy_capabilities" - fi - - for i in ${POLICY_TYPES}; do - cp -a "${S}/refpolicy" "${S}/${i}" - - cd "${S}/${i}"; - make conf || die "${i} reconfiguration failed" - - cp "${FILESDIR}/modules.conf.${i}.${MOD_CONF_VER}" \ - "${S}/${i}/policy/modules.conf" \ - || die "failed to set up modules.conf" - sed -i -e '/^QUIET/s/n/y/' -e '/^MONOLITHIC/s/y/n/' \ - -e "/^NAME/s/refpolicy/$i/" "${S}/${i}/build.conf" \ - || die "build.conf setup failed." - - echo "DISTRO = gentoo" >> "${S}/${i}/build.conf" - - if [ "${i}" == "targeted" ]; then - sed -i -e '/root/d' -e 's/user_u/unconfined_u/' \ - "${S}/${i}/config/appconfig-standard/seusers" \ - || die "targeted seusers setup failed." - fi - done -} - -src_compile() { - [ -z "${POLICY_TYPES}" ] && local POLICY_TYPES="strict targeted" - - for i in ${POLICY_TYPES}; do - cd "${S}/${i}" - make base || die "${i} compile failed" - done -} - -src_install() { - [ -z "${POLICY_TYPES}" ] && local POLICY_TYPES="strict targeted" - - for i in ${POLICY_TYPES}; do - cd "${S}/${i}" - - make DESTDIR="${D}" install \ - || die "${i} install failed." - - make DESTDIR="${D}" install-headers \ - || die "${i} headers install failed." - - echo "run_init_t" > "${D}/etc/selinux/${i}/contexts/run_init_type" - - echo "textrel_shlib_t" >> "${D}/etc/selinux/${i}/contexts/customizable_types" - - # libsemanage won't make this on its own - keepdir "/etc/selinux/${i}/policy" - done - - dodoc doc/Makefile.example doc/example.{te,fc,if} - - insinto /etc/selinux - doins "${FILESDIR}/config" -} - -pkg_postinst() { - [ -z "${POLICY_TYPES}" ] && local POLICY_TYPES="strict targeted" - - for i in ${POLICY_TYPES}; do - einfo "Inserting base module into ${i} module store." - - cd "/usr/share/selinux/${i}" - semodule -s "${i}" -b base.pp - done -} diff --git a/sec-policy/selinux-base-policy/selinux-base-policy-2.20101213-r12.ebuild b/sec-policy/selinux-base-policy/selinux-base-policy-2.20101213-r12.ebuild deleted file mode 100644 index 75a35488..00000000 --- a/sec-policy/selinux-base-policy/selinux-base-policy-2.20101213-r12.ebuild +++ /dev/null @@ -1,117 +0,0 @@ -# Copyright 1999-2011 Gentoo Foundation -# Distributed under the terms of the GNU General Public License v2 -# $Header: /var/cvsroot/gentoo-x86/sec-policy/selinux-base-policy/selinux-base-policy-2.20101213-r10.ebuild,v 1.1 2011/03/07 02:13:36 blueness Exp $ - -EAPI="1" -IUSE="+peer_perms open_perms" - -inherit eutils - -PATCHBUNDLE="${FILESDIR}/patchbundle-${PF}.tar.bz2" -DESCRIPTION="Gentoo base policy for SELinux" -HOMEPAGE="http://www.gentoo.org/proj/en/hardened/selinux/" -SRC_URI="http://oss.tresys.com/files/refpolicy/refpolicy-${PV}.tar.bz2" -LICENSE="GPL-2" -SLOT="0" - -KEYWORDS="~amd64 ~x86" - -RDEPEND=">=sys-apps/policycoreutils-1.30.30 - >=sys-fs/udev-151" -DEPEND="${RDEPEND} - sys-devel/m4 - >=sys-apps/checkpolicy-1.30.12" - -S=${WORKDIR}/ - -src_unpack() { - [ -z "${POLICY_TYPES}" ] && local POLICY_TYPES="strict targeted" - MOD_CONF_VER="20090730" - - unpack ${A} - - cd "${S}" - epatch "${PATCHBUNDLE}" - cd "${S}/refpolicy" - # Fix bug 257111 - sed -i -e 's:system_crond_t:system_cronjob_t:g' \ - "${S}/refpolicy/config/appconfig-standard/default_contexts" - - if ! use peer_perms; then - sed -i -e '/network_peer_controls/d' \ - "${S}/refpolicy/policy/policy_capabilities" - fi - - if ! use open_perms; then - sed -i -e '/open_perms/d' \ - "${S}/refpolicy/policy/policy_capabilities" - fi - - for i in ${POLICY_TYPES}; do - cp -a "${S}/refpolicy" "${S}/${i}" - - cd "${S}/${i}"; - make conf || die "${i} reconfiguration failed" - - cp "${FILESDIR}/modules.conf.${i}.${MOD_CONF_VER}" \ - "${S}/${i}/policy/modules.conf" \ - || die "failed to set up modules.conf" - sed -i -e '/^QUIET/s/n/y/' -e '/^MONOLITHIC/s/y/n/' \ - -e "/^NAME/s/refpolicy/$i/" "${S}/${i}/build.conf" \ - || die "build.conf setup failed." - - echo "DISTRO = gentoo" >> "${S}/${i}/build.conf" - - if [ "${i}" == "targeted" ]; then - sed -i -e '/root/d' -e 's/user_u/unconfined_u/' \ - "${S}/${i}/config/appconfig-standard/seusers" \ - || die "targeted seusers setup failed." - fi - done -} - -src_compile() { - [ -z "${POLICY_TYPES}" ] && local POLICY_TYPES="strict targeted" - - for i in ${POLICY_TYPES}; do - cd "${S}/${i}" - make base || die "${i} compile failed" - done -} - -src_install() { - [ -z "${POLICY_TYPES}" ] && local POLICY_TYPES="strict targeted" - - for i in ${POLICY_TYPES}; do - cd "${S}/${i}" - - make DESTDIR="${D}" install \ - || die "${i} install failed." - - make DESTDIR="${D}" install-headers \ - || die "${i} headers install failed." - - echo "run_init_t" > "${D}/etc/selinux/${i}/contexts/run_init_type" - - echo "textrel_shlib_t" >> "${D}/etc/selinux/${i}/contexts/customizable_types" - - # libsemanage won't make this on its own - keepdir "/etc/selinux/${i}/policy" - done - - dodoc doc/Makefile.example doc/example.{te,fc,if} - - insinto /etc/selinux - doins "${FILESDIR}/config" -} - -pkg_postinst() { - [ -z "${POLICY_TYPES}" ] && local POLICY_TYPES="strict targeted" - - for i in ${POLICY_TYPES}; do - einfo "Inserting base module into ${i} module store." - - cd "/usr/share/selinux/${i}" - semodule -s "${i}" -b base.pp - done -} diff --git a/sec-policy/selinux-courier/files/fix-services-courier-r2.patch b/sec-policy/selinux-courier/files/fix-services-courier-r2.patch deleted file mode 100644 index b43e90b0..00000000 --- a/sec-policy/selinux-courier/files/fix-services-courier-r2.patch +++ /dev/null @@ -1,84 +0,0 @@ ---- services/courier.te 2010-12-13 15:11:02.000000000 +0100 -+++ services/courier.te 2011-03-13 15:02:29.525999999 +0100 -@@ -37,7 +37,7 @@ - # - - allow courier_authdaemon_t self:capability { setuid setgid sys_tty_config }; --allow courier_authdaemon_t self:unix_stream_socket connectto; -+allow courier_authdaemon_t self:unix_stream_socket { create_stream_socket_perms connectto }; - - can_exec(courier_authdaemon_t, courier_exec_t) - -@@ -52,7 +52,11 @@ - allow courier_authdaemon_t courier_tcpd_t:tcp_socket rw_stream_socket_perms; - allow courier_authdaemon_t courier_tcpd_t:fifo_file rw_file_perms; - -+read_lnk_files_pattern(courier_authdaemon_t, courier_var_lib_t, courier_var_lib_t) -+ -+manage_dirs_pattern(courier_authdaemon_t, courier_var_run_t, courier_var_run_t) - manage_sock_files_pattern(courier_authdaemon_t, courier_spool_t, courier_spool_t) -+manage_sock_files_pattern(courier_authdaemon_t, courier_var_run_t, courier_var_run_t) - files_search_spool(courier_authdaemon_t) - - corecmd_search_bin(courier_authdaemon_t) -@@ -95,8 +99,12 @@ - # inherits file handle - should it? - allow courier_pop_t courier_var_lib_t:file { read write }; - -+search_dirs_pattern(courier_pop_t, var_lib_t, courier_var_lib_t) -+read_lnk_files_pattern(courier_pop_t, var_lib_t, courier_var_lib_t) -+ - miscfiles_read_localization(courier_pop_t) - -+courier_authdaemon_rw_inherited_stream_sockets(courier_pop_t) - courier_domtrans_authdaemon(courier_pop_t) - - # do the actual work (read the Maildir) -@@ -133,6 +141,8 @@ - miscfiles_read_localization(courier_tcpd_t) - - courier_domtrans_pop(courier_tcpd_t) -+courier_authdaemon_stream_connect(courier_tcpd_t) -+courier_domtrans_authdaemon(courier_tcpd_t) - - ######################################## - # -@@ -144,3 +154,7 @@ - optional_policy(` - cron_system_entry(courier_sqwebmail_t, courier_sqwebmail_exec_t) - ') -+ -+optional_policy(` -+ mysql_stream_connect(courier_authdaemon_t) -+') ---- services/courier.fc 2010-08-03 15:11:05.000000000 +0200 -+++ services/courier.fc 2011-03-13 14:55:55.737999999 +0100 -@@ -5,20 +5,24 @@ - /usr/sbin/courierlogger -- gen_context(system_u:object_r:courier_exec_t,s0) - /usr/sbin/courierldapaliasd -- gen_context(system_u:object_r:courier_exec_t,s0) - /usr/sbin/couriertcpd -- gen_context(system_u:object_r:courier_tcpd_exec_t,s0) -- --/usr/lib(64)?/courier/authlib/.* -- gen_context(system_u:object_r:courier_authdaemon_exec_t,s0) -+ifdef(`distro_gentoo',` -+/usr/lib(64)?/courier-imap/couriertcpd -- gen_context(system_u:object_r:courier_tcpd_exec_t,s0) -+') -+/usr/lib(64)?/courier/(courier-)?authlib/.* -- gen_context(system_u:object_r:courier_authdaemon_exec_t,s0) - /usr/lib(64)?/courier/courier/.* -- gen_context(system_u:object_r:courier_exec_t,s0) - /usr/lib(64)?/courier/courier/courierpop.* -- gen_context(system_u:object_r:courier_pop_exec_t,s0) - /usr/lib(64)?/courier/courier/imaplogin -- gen_context(system_u:object_r:courier_pop_exec_t,s0) -+/usr/sbin/imaplogin -- gen_context(system_u:object_r:courier_authdaemon_exec_t,s0) - /usr/lib(64)?/courier/courier/pcpd -- gen_context(system_u:object_r:courier_pcp_exec_t,s0) - /usr/lib(64)?/courier/imapd -- gen_context(system_u:object_r:courier_pop_exec_t,s0) -+/usr/sbin/courier-imapd -- gen_context(system_u:object_r:courier_pop_exec_t,s0) - /usr/lib(64)?/courier/pop3d -- gen_context(system_u:object_r:courier_pop_exec_t,s0) - /usr/lib(64)?/courier/rootcerts(/.*)? gen_context(system_u:object_r:courier_etc_t,s0) - /usr/lib(64)?/courier/sqwebmail/cleancache\.pl -- gen_context(system_u:object_r:sqwebmail_cron_exec_t,s0) - --/var/lib/courier(/.*)? -- gen_context(system_u:object_r:courier_var_lib_t,s0) -+/var/lib/courier(/.*)? gen_context(system_u:object_r:courier_var_lib_t,s0) - --/var/run/courier(/.*)? -- gen_context(system_u:object_r:courier_var_run_t,s0) -+/var/run/courier(/.*)? gen_context(system_u:object_r:courier_var_run_t,s0) - - /var/spool/authdaemon(/.*)? gen_context(system_u:object_r:courier_spool_t,s0) - /var/spool/courier(/.*)? gen_context(system_u:object_r:courier_spool_t,s0) diff --git a/sec-policy/selinux-courier/selinux-courier-2.20101213-r2.ebuild b/sec-policy/selinux-courier/selinux-courier-2.20101213-r2.ebuild deleted file mode 100644 index 6e050fd5..00000000 --- a/sec-policy/selinux-courier/selinux-courier-2.20101213-r2.ebuild +++ /dev/null @@ -1,17 +0,0 @@ -# Copyright 1999-2011 Gentoo Foundation -# Distributed under the terms of the GNU General Public License v2 -# $Header: /var/cvsroot/gentoo-x86/sec-policy/selinux-courier/selinux-courier-2.20101213-r1.ebuild,v 1.1 2011/03/07 02:32:30 blueness Exp $ - -MODS="courier" -IUSE="" - -inherit selinux-policy-2 - -DESCRIPTION="SELinux policy for courier-imap" - -KEYWORDS="~amd64 ~x86" -RDEPEND="!<=sec-policy/selinux-courier-imap-2.20101213 - >=sys-apps/policycoreutils-1.30.30 - >=sec-policy/selinux-base-policy-${PV}" - -POLICY_PATCH="${FILESDIR}/fix-services-courier-r2.patch" diff --git a/sec-policy/selinux-ldap/ChangeLog b/sec-policy/selinux-ldap/ChangeLog deleted file mode 100644 index d49ab696..00000000 --- a/sec-policy/selinux-ldap/ChangeLog +++ /dev/null @@ -1,104 +0,0 @@ -# ChangeLog for sec-policy/selinux-ldap -# Copyright 1999-2011 Gentoo Foundation; Distributed under the GPL v2 -# $Header: /var/cvsroot/gentoo-x86/sec-policy/selinux-openldap/ChangeLog,v 1.18 2011/02/05 12:07:07 blueness Exp $ - -*selinux-ldap-2.20101213-r1 (14 Mar 2011) - - 14 Mar 2011; <swift@gentoo.org> +files/fix-services-ldap-r1.patch, - +selinux-ldap-2.20101213-r1.ebuild, +metadata.xml: - Fix file contexts, enable ldap administration - -*selinux-openldap-2.20101213 (05 Feb 2011) - - 05 Feb 2011; Anthony G. Basile <blueness@gentoo.org> - +selinux-openldap-2.20101213.ebuild: - New upstream policy. - -*selinux-openldap-2.20091215 (16 Dec 2009) - - 16 Dec 2009; Chris PeBenito <pebenito@gentoo.org> - +selinux-openldap-2.20091215.ebuild: - New upstream release. - - 14 Aug 2009; Chris PeBenito <pebenito@gentoo.org> - -selinux-openldap-20070329.ebuild, -selinux-openldap-20070928.ebuild, - selinux-openldap-20080525.ebuild: - Mark 20080525 stable, clear old ebuilds. - -*selinux-openldap-2.20090730 (03 Aug 2009) - - 03 Aug 2009; Chris PeBenito <pebenito@gentoo.org> - +selinux-openldap-2.20090730.ebuild: - New upstream release. - - 18 Jul 2009; Chris PeBenito <pebenito@gentoo.org> - selinux-openldap-20070329.ebuild, selinux-openldap-20070928.ebuild, - selinux-openldap-20080525.ebuild: - Drop alpha, mips, ppc, sparc selinux support. - -*selinux-openldap-20080525 (25 May 2008) - - 25 May 2008; Chris PeBenito <pebenito@gentoo.org> - +selinux-openldap-20080525.ebuild: - New SVN snapshot. - - 16 Mar 2008; Chris PeBenito <pebenito@gentoo.org> - -selinux-openldap-20050626.ebuild, -selinux-openldap-20051122.ebuild, - -selinux-openldap-20061114.ebuild: - Remove old ebuilds. - - 03 Feb 2008; Chris PeBenito <pebenito@gentoo.org> - selinux-openldap-20070928.ebuild: - Mark stable. - -*selinux-openldap-20070928 (26 Nov 2007) - - 26 Nov 2007; Chris PeBenito <pebenito@gentoo.org> - +selinux-openldap-20070928.ebuild: - New SVN snapshot. - - 29 Aug 2007; Christian Heim <phreak@gentoo.org> metadata.xml: - Removing kaiowas from metadata due to his retirement (see #61930 for - reference). - - 04 Jun 2007; Chris PeBenito <pebenito@gentoo.org> - selinux-openldap-20070329.ebuild: - Mark stable. - -*selinux-openldap-20070329 (29 Mar 2007) - - 29 Mar 2007; Chris PeBenito <pebenito@gentoo.org> - +selinux-openldap-20070329.ebuild: - New SVN snapshot. - - 22 Feb 2007; Markus Ullmann <jokey@gentoo.org> ChangeLog: - Redigest for Manifest2 - -*selinux-openldap-20061114 (15 Nov 2006) - - 15 Nov 2006; Chris PeBenito <pebenito@gentoo.org> - +selinux-openldap-20061114.ebuild: - New SVN snapshot. - -*selinux-openldap-20061008 (10 Oct 2006) - - 10 Oct 2006; Chris PeBenito <pebenito@gentoo.org> - +selinux-openldap-20061008.ebuild: - First mainstream reference policy testing release. - - 02 Dec 2005; petre rodan <kaiowas@gentoo.org> - selinux-openldap-20051122.ebuild: - mark stable on amd64 mips ppc sparc x86 - -*selinux-openldap-20051122 (28 Nov 2005) - - 28 Nov 2005; petre rodan <kaiowas@gentoo.org> - selinux-openldap-20050626.ebuild, +selinux-openldap-20051122.ebuild: - marked stable on amd64 mips ppc sparc x86, merge with upstream - -*selinux-openldap-20050626 (26 Jun 2005) - - 26 Jun 2005; petre rodan <kaiowas@gentoo.org> +metadata.xml, - +selinux-openldap-20050626.ebuild: - initial commit - diff --git a/sec-policy/selinux-ldap/Manifest b/sec-policy/selinux-ldap/Manifest deleted file mode 100644 index 4395efea..00000000 --- a/sec-policy/selinux-ldap/Manifest +++ /dev/null @@ -1,5 +0,0 @@ -AUX fix-services-ldap-r1.patch 1803 RMD160 30deef4c8ab5e97aac158380ac94b28377fc7c59 SHA1 c4d2ae9db59eebfecbe9a5147a57ce944f2dfca4 SHA256 fefd3ab124605048f7042ea95cea3a4f768802373b608d38a519e471fd694537 -DIST refpolicy-2.20101213.tar.bz2 559450 RMD160 4858f792f4db5b179de6fb8419a626c29d59bdd3 SHA1 0e881e99b8950a358eadc44633551ca10f12eaee SHA256 b691ee8f6066cc19bb0d4384fe3be277d97d22e9d4ac2db0c252065e8c3535de -EBUILD selinux-ldap-2.20101213-r1.ebuild 558 RMD160 fb8363be44f6e327e27805338d88e7730ca4b1ac SHA1 c1b6ccb1e3c06911b5202f88e0f2d3fd140fb398 SHA256 e20a5e67f9d17c16e39026189fa527917e633ed4b6187d5b9c48f869e9074231 -MISC ChangeLog 3268 RMD160 699305c452a5da0d7ec561501049b7ce42bb36df SHA1 0c6db19c2472201fe850e0b5f5f767307d8e2dd7 SHA256 1734860fe450d2d7bcaa0756f8a2cd4033d868f6280e3e6a458c426b8ebcf662 -MISC metadata.xml 232 RMD160 5a9be5ffb3c01c66354753839a89fe28933de08e SHA1 88d37d757de1f862ae0deff460cca2bdcca42748 SHA256 52b9b6e6d6f33940bd146eba8e36de809589263d70d3ca58d67cd025ab4a5872 diff --git a/sec-policy/selinux-ldap/files/fix-services-ldap-r1.patch b/sec-policy/selinux-ldap/files/fix-services-ldap-r1.patch deleted file mode 100644 index f459b061..00000000 --- a/sec-policy/selinux-ldap/files/fix-services-ldap-r1.patch +++ /dev/null @@ -1,43 +0,0 @@ ---- services/ldap.te 2010-09-10 17:05:45.000000000 +0200 -+++ services/ldap.te 2011-03-12 22:10:48.814999997 +0100 -@@ -42,11 +42,12 @@ - # cjp: why net_raw? - allow slapd_t self:capability { kill setgid setuid net_raw dac_override dac_read_search }; - dontaudit slapd_t self:capability sys_tty_config; --allow slapd_t self:process setsched; -+allow slapd_t self:process { setsched signal }; - allow slapd_t self:fifo_file rw_fifo_file_perms; - allow slapd_t self:udp_socket create_socket_perms; - #slapd needs to listen and accept needed by ldapsearch (slapd needs to accept from ldapseach) - allow slapd_t self:tcp_socket create_stream_socket_perms; -+allow slapd_t self:unix_stream_socket listen; - - allow slapd_t slapd_cert_t:dir list_dir_perms; - read_files_pattern(slapd_t, slapd_cert_t, slapd_cert_t) -@@ -114,6 +115,7 @@ - - userdom_dontaudit_use_unpriv_user_fds(slapd_t) - userdom_dontaudit_search_user_home_dirs(slapd_t) -+userdom_use_user_terminals(slapd_t) - - optional_policy(` - kerberos_keytab_template(slapd, slapd_t) ---- services/ldap.fc 2010-08-03 15:11:06.000000000 +0200 -+++ services/ldap.fc 2011-03-12 18:57:10.880999997 +0100 -@@ -8,7 +8,16 @@ - /usr/lib/slapd -- gen_context(system_u:object_r:slapd_exec_t,s0) - ') - -+ifdef(`distro_gentoo',` -+/usr/lib(64)?/openldap/slapd -- gen_context(system_u:object_r:slapd_exec_t,s0) -+') -+ - /var/lib/ldap(/.*)? gen_context(system_u:object_r:slapd_db_t,s0) -+ifdef(`distro_gentoo',` -+/var/lib/openldap-data(/.*)? gen_context(system_u:object_r:slapd_db_t,s0) -+/var/lib/openldap-ldbm(/.*)? gen_context(system_u:object_r:slapd_db_t,s0) -+/var/lib/openldap-slurpd(/.*)? gen_context(system_u:object_r:slapd_db_t,s0) -+') - /var/lib/ldap/replog(/.*)? gen_context(system_u:object_r:slapd_replog_t,s0) - - /var/run/ldapi -s gen_context(system_u:object_r:slapd_var_run_t,s0) diff --git a/sec-policy/selinux-ldap/metadata.xml b/sec-policy/selinux-ldap/metadata.xml deleted file mode 100644 index d873bf1f..00000000 --- a/sec-policy/selinux-ldap/metadata.xml +++ /dev/null @@ -1,6 +0,0 @@ -<?xml version="1.0" encoding="UTF-8"?> -<!DOCTYPE pkgmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd"> -<pkgmetadata> - <herd>selinux</herd> - <longdescription>Gentoo SELinux policy for openldap</longdescription> -</pkgmetadata> diff --git a/sec-policy/selinux-ldap/selinux-ldap-2.20101213-r1.ebuild b/sec-policy/selinux-ldap/selinux-ldap-2.20101213-r1.ebuild deleted file mode 100644 index 344be614..00000000 --- a/sec-policy/selinux-ldap/selinux-ldap-2.20101213-r1.ebuild +++ /dev/null @@ -1,17 +0,0 @@ -# Copyright 1999-2011 Gentoo Foundation -# Distributed under the terms of the GNU General Public License v2 -# $Header: /var/cvsroot/gentoo-x86/sec-policy/selinux-openldap/selinux-openldap-2.20101213.ebuild,v 1.1 2011/02/05 12:07:07 blueness Exp $ - -MODS="ldap" -IUSE="" - -inherit selinux-policy-2 - -DESCRIPTION="SELinux policy for OpenLDAP server" -RDEPEND="!<=sec-policy/selinux-openldap-2.20101213 - >=sys-apps/policycoreutils-1.30.30 - >=sec-policy/selinux-base-policy-${PV}" - -KEYWORDS="~amd64 ~x86" - -POLICY_PATCH="${FILESDIR}/fix-services-ldap-r1.patch" diff --git a/sec-policy/selinux-mysql/ChangeLog b/sec-policy/selinux-mysql/ChangeLog deleted file mode 100644 index 25bd9f93..00000000 --- a/sec-policy/selinux-mysql/ChangeLog +++ /dev/null @@ -1,172 +0,0 @@ -# ChangeLog for sec-policy/selinux-mysql -# Copyright 1999-2011 Gentoo Foundation; Distributed under the GPL v2 -# $Header: /var/cvsroot/gentoo-x86/sec-policy/selinux-mysql/ChangeLog,v 1.32 2011/02/05 12:07:11 blueness Exp $ - -*selinux-mysql-2.20101213-r1 (13 Apr 2011) - - 13 Apr 2011; <swift@gentoo.org> +files/fix-services-mysql-r1.patch, - +selinux-mysql-2.20101213-r1.ebuild, +metadata.xml: - Hide cosmetic denials - -*selinux-mysql-2.20101213 (05 Feb 2011) - - 05 Feb 2011; Anthony G. Basile <blueness@gentoo.org> - +selinux-mysql-2.20101213.ebuild: - New upstream policy. - -*selinux-mysql-2.20091215 (16 Dec 2009) - - 16 Dec 2009; Chris PeBenito <pebenito@gentoo.org> - +selinux-mysql-2.20091215.ebuild: - New upstream release. - - 14 Aug 2009; Chris PeBenito <pebenito@gentoo.org> - -selinux-mysql-20070329.ebuild, -selinux-mysql-20070928.ebuild, - selinux-mysql-20080525.ebuild: - Mark 20080525 stable, clear old ebuilds. - -*selinux-mysql-2.20090730 (03 Aug 2009) - - 03 Aug 2009; Chris PeBenito <pebenito@gentoo.org> - +selinux-mysql-2.20090730.ebuild: - New upstream release. - - 18 Jul 2009; Chris PeBenito <pebenito@gentoo.org> - selinux-mysql-20070329.ebuild, selinux-mysql-20070928.ebuild, - selinux-mysql-20080525.ebuild: - Drop alpha, mips, ppc, sparc selinux support. - -*selinux-mysql-20080525 (25 May 2008) - - 25 May 2008; Chris PeBenito <pebenito@gentoo.org> - +selinux-mysql-20080525.ebuild: - New SVN snapshot. - - 16 Mar 2008; Chris PeBenito <pebenito@gentoo.org> - -selinux-mysql-20051023.ebuild, -selinux-mysql-20051122.ebuild, - -selinux-mysql-20061114.ebuild: - Remove old ebuilds. - - 03 Feb 2008; Chris PeBenito <pebenito@gentoo.org> - selinux-mysql-20070928.ebuild: - Mark stable. - -*selinux-mysql-20070928 (26 Nov 2007) - - 26 Nov 2007; Chris PeBenito <pebenito@gentoo.org> - +selinux-mysql-20070928.ebuild: - New SVN snapshot. - - 29 Aug 2007; Christian Heim <phreak@gentoo.org> metadata.xml: - Removing kaiowas from metadata due to his retirement (see #61930 for - reference). - - 04 Jun 2007; Chris PeBenito <pebenito@gentoo.org> - selinux-mysql-20070329.ebuild: - Mark stable. - -*selinux-mysql-20070329 (29 Mar 2007) - - 29 Mar 2007; Chris PeBenito <pebenito@gentoo.org> - +selinux-mysql-20070329.ebuild: - New SVN snapshot. - - 22 Feb 2007; Markus Ullmann <jokey@gentoo.org> ChangeLog: - Redigest for Manifest2 - -*selinux-mysql-20061114 (15 Nov 2006) - - 15 Nov 2006; Chris PeBenito <pebenito@gentoo.org> - +selinux-mysql-20061114.ebuild: - New SVN snapshot. - -*selinux-mysql-20061008 (10 Oct 2006) - - 10 Oct 2006; Chris PeBenito <pebenito@gentoo.org> - +selinux-mysql-20061008.ebuild: - First mainstream reference policy testing release. - - 02 Dec 2005; petre rodan <kaiowas@gentoo.org> - selinux-mysql-20051122.ebuild: - mark stable on amd64 mips ppc sparc x86 - -*selinux-mysql-20051122 (28 Nov 2005) - - 28 Nov 2005; petre rodan <kaiowas@gentoo.org> - -selinux-mysql-20050605.ebuild, +selinux-mysql-20051122.ebuild: - merge with upstream - - 27 Oct 2005; petre rodan <kaiowas@gentoo.org> - selinux-mysql-20051023.ebuild: - mark stable on amd64 mips ppc sparc x86 - -*selinux-mysql-20051023 (24 Oct 2005) - - 24 Oct 2005; petre rodan <kaiowas@gentoo.org> - -selinux-mysql-20050408.ebuild, -selinux-mysql-20050813.ebuild, - +selinux-mysql-20051023.ebuild: - added support for replication - fix from upstream - - 27 Jun 2005; petre rodan <kaiowas@gentoo.org> - -selinux-mysql-20050219.ebuild, selinux-mysql-20050605.ebuild: - mark stable - -*selinux-mysql-20050605 (26 Jun 2005) - - 26 Jun 2005; petre rodan <kaiowas@gentoo.org> - +selinux-mysql-20050605.ebuild: - merge with upstream - - 07 May 2005; petre rodan <kaiowas@gentoo.org> - selinux-mysql-20050408.ebuild: - mark stable - -*selinux-mysql-20050408 (23 Apr 2005) - - 23 Apr 2005; petre rodan <kaiowas@gentoo.org> - -selinux-mysql-20041119.ebuild, +selinux-mysql-20050408.ebuild: - merge with upstream, no semantic diff - - 23 Mar 2005; petre rodan <kaiowas@gentoo.org> - selinux-mysql-20050219.ebuild: - mark stable - -*selinux-mysql-20050219 (25 Feb 2005) - - 25 Feb 2005; petre rodan <kaiowas@gentoo.org> - +selinux-mysql-20050219.ebuild: - merge with upstream policy - - 12 Dec 2004; petre rodan <kaiowas@gentoo.org> - -selinux-mysql-20040514.ebuild, -selinux-mysql-20041006.ebuild, - -selinux-mysql-20041109.ebuild: - removed old builds - - 23 Nov 2004; petre rodan <kaiowas@gentoo.org> - selinux-mysql-20041119.ebuild: - mark stable - -*selinux-mysql-20041119 (22 Nov 2004) - - 22 Nov 2004; petre rodan <kaiowas@gentoo.org> - +selinux-mysql-20041119.ebuild: - merge with nsa policy - -*selinux-mysql-20041109 (13 Nov 2004) - - 13 Nov 2004; petre rodan <kaiowas@gentoo.org> - +selinux-mysql-20041109.ebuild: - merge with nsa policy - -*selinux-mysql-20041006 (23 Oct 2004) - - 23 Oct 2004; petre rodan <kaiowas@gentoo.org> metadata.xml, - +selinux-mysql-20041006.ebuild: - merge with nsa policy. updated primary maintainer - -*selinux-mysql-20040514 (14 May 2004) - - 14 May 2004; Chris PeBenito <pebenito@gentoo.org> +metadata.xml, - +selinux-mysql-20040514.ebuild: - Initial commit. Additional fixes from Petre Rodan. - diff --git a/sec-policy/selinux-mysql/Manifest b/sec-policy/selinux-mysql/Manifest deleted file mode 100644 index d55d58b0..00000000 --- a/sec-policy/selinux-mysql/Manifest +++ /dev/null @@ -1,5 +0,0 @@ -AUX fix-services-mysql-r1.patch 369 RMD160 c58f12abfce3fcab4df20db65bd2f019975acd3e SHA1 797745c23948a0ba800d9b351a0357f463460671 SHA256 30d984d5f6e5f37ca7803efdcf0f3f5dca701d2597c681899ba9de4db3a10c31 -DIST refpolicy-2.20101213.tar.bz2 559450 RMD160 4858f792f4db5b179de6fb8419a626c29d59bdd3 SHA1 0e881e99b8950a358eadc44633551ca10f12eaee SHA256 b691ee8f6066cc19bb0d4384fe3be277d97d22e9d4ac2db0c252065e8c3535de -EBUILD selinux-mysql-2.20101213-r1.ebuild 407 RMD160 898662ccc5f3ad88f48501993780e5da8bdc13e5 SHA1 1ad8fd7b1203b41b377ba760bab3cf20bda84bbf SHA256 f86375c23b95d73ad95f8f00235888e8c5ff748522e906552c7c660104e6a7ab -MISC ChangeLog 5064 RMD160 5b8ef71cf177d0bb7c3f7a781b65885855e35d49 SHA1 6305aaf1e45730742131f42cb8bdbcabc8601681 SHA256 eb70d9b6a4316d46ee9102a7ba468812384b779d6460388156112596038976ad -MISC metadata.xml 229 RMD160 ad4c2e469ac849e049e02bd54c75aad499571eed SHA1 e04718705db3fba22dd6f5aa2b98549c475470e9 SHA256 63c90fb389e4e69c858a4b4a30c8246e571e01e5cd05faa6609e494035abc653 diff --git a/sec-policy/selinux-mysql/files/fix-services-mysql-r1.patch b/sec-policy/selinux-mysql/files/fix-services-mysql-r1.patch deleted file mode 100644 index 05e6e7f5..00000000 --- a/sec-policy/selinux-mysql/files/fix-services-mysql-r1.patch +++ /dev/null @@ -1,13 +0,0 @@ ---- services/mysql.te 2010-08-03 15:11:06.000000000 +0200 -+++ services/mysql.te 2011-04-13 17:57:57.369000043 +0200 -@@ -136,6 +136,10 @@ - corenet_sendrecv_all_client_packets(mysqld_t) - ') - -+tunable_policy(`gentoo_try_dontaudit',` -+ dontaudit mysqld_t self:capability dac_read_search; -+') -+ - optional_policy(` - daemontools_service_domain(mysqld_t, mysqld_exec_t) - ') diff --git a/sec-policy/selinux-mysql/metadata.xml b/sec-policy/selinux-mysql/metadata.xml deleted file mode 100644 index 343564db..00000000 --- a/sec-policy/selinux-mysql/metadata.xml +++ /dev/null @@ -1,6 +0,0 @@ -<?xml version="1.0" encoding="UTF-8"?> -<!DOCTYPE pkgmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd"> -<pkgmetadata> - <herd>selinux</herd> - <longdescription>Gentoo SELinux policy for mysql</longdescription> -</pkgmetadata> diff --git a/sec-policy/selinux-mysql/selinux-mysql-2.20101213-r1.ebuild b/sec-policy/selinux-mysql/selinux-mysql-2.20101213-r1.ebuild deleted file mode 100644 index 94a6ce6e..00000000 --- a/sec-policy/selinux-mysql/selinux-mysql-2.20101213-r1.ebuild +++ /dev/null @@ -1,13 +0,0 @@ -# Copyright 1999-2011 Gentoo Foundation -# Distributed under the terms of the GNU General Public License v2 -# $Header: /var/cvsroot/gentoo-x86/sec-policy/selinux-mysql/selinux-mysql-2.20101213.ebuild,v 1.1 2011/02/05 12:07:11 blueness Exp $ - -MODS="mysql" -IUSE="" - -inherit selinux-policy-2 - -DESCRIPTION="SELinux policy for mysql" - -KEYWORDS="~amd64 ~x86" -POLICY_PATCH="${FILESDIR}/fix-services-mysql-r1.patch" diff --git a/sec-policy/selinux-openldap/ChangeLog b/sec-policy/selinux-openldap/ChangeLog deleted file mode 100644 index 409c0996..00000000 --- a/sec-policy/selinux-openldap/ChangeLog +++ /dev/null @@ -1,104 +0,0 @@ -# ChangeLog for sec-policy/selinux-openldap -# Copyright 1999-2011 Gentoo Foundation; Distributed under the GPL v2 -# $Header: /var/cvsroot/gentoo-x86/sec-policy/selinux-openldap/ChangeLog,v 1.18 2011/02/05 12:07:07 blueness Exp $ - -*selinux-openldap-2.20101213-r1 (14 Mar 2011) - - 14 Mar 2011; <swift@gentoo.org> +selinux-openldap-2.20101213-r1.ebuild, - +metadata.xml: - Phase-out of openldap (use selinux-ldap) - -*selinux-openldap-2.20101213 (05 Feb 2011) - - 05 Feb 2011; Anthony G. Basile <blueness@gentoo.org> - +selinux-openldap-2.20101213.ebuild: - New upstream policy. - -*selinux-openldap-2.20091215 (16 Dec 2009) - - 16 Dec 2009; Chris PeBenito <pebenito@gentoo.org> - +selinux-openldap-2.20091215.ebuild: - New upstream release. - - 14 Aug 2009; Chris PeBenito <pebenito@gentoo.org> - -selinux-openldap-20070329.ebuild, -selinux-openldap-20070928.ebuild, - selinux-openldap-20080525.ebuild: - Mark 20080525 stable, clear old ebuilds. - -*selinux-openldap-2.20090730 (03 Aug 2009) - - 03 Aug 2009; Chris PeBenito <pebenito@gentoo.org> - +selinux-openldap-2.20090730.ebuild: - New upstream release. - - 18 Jul 2009; Chris PeBenito <pebenito@gentoo.org> - selinux-openldap-20070329.ebuild, selinux-openldap-20070928.ebuild, - selinux-openldap-20080525.ebuild: - Drop alpha, mips, ppc, sparc selinux support. - -*selinux-openldap-20080525 (25 May 2008) - - 25 May 2008; Chris PeBenito <pebenito@gentoo.org> - +selinux-openldap-20080525.ebuild: - New SVN snapshot. - - 16 Mar 2008; Chris PeBenito <pebenito@gentoo.org> - -selinux-openldap-20050626.ebuild, -selinux-openldap-20051122.ebuild, - -selinux-openldap-20061114.ebuild: - Remove old ebuilds. - - 03 Feb 2008; Chris PeBenito <pebenito@gentoo.org> - selinux-openldap-20070928.ebuild: - Mark stable. - -*selinux-openldap-20070928 (26 Nov 2007) - - 26 Nov 2007; Chris PeBenito <pebenito@gentoo.org> - +selinux-openldap-20070928.ebuild: - New SVN snapshot. - - 29 Aug 2007; Christian Heim <phreak@gentoo.org> metadata.xml: - Removing kaiowas from metadata due to his retirement (see #61930 for - reference). - - 04 Jun 2007; Chris PeBenito <pebenito@gentoo.org> - selinux-openldap-20070329.ebuild: - Mark stable. - -*selinux-openldap-20070329 (29 Mar 2007) - - 29 Mar 2007; Chris PeBenito <pebenito@gentoo.org> - +selinux-openldap-20070329.ebuild: - New SVN snapshot. - - 22 Feb 2007; Markus Ullmann <jokey@gentoo.org> ChangeLog: - Redigest for Manifest2 - -*selinux-openldap-20061114 (15 Nov 2006) - - 15 Nov 2006; Chris PeBenito <pebenito@gentoo.org> - +selinux-openldap-20061114.ebuild: - New SVN snapshot. - -*selinux-openldap-20061008 (10 Oct 2006) - - 10 Oct 2006; Chris PeBenito <pebenito@gentoo.org> - +selinux-openldap-20061008.ebuild: - First mainstream reference policy testing release. - - 02 Dec 2005; petre rodan <kaiowas@gentoo.org> - selinux-openldap-20051122.ebuild: - mark stable on amd64 mips ppc sparc x86 - -*selinux-openldap-20051122 (28 Nov 2005) - - 28 Nov 2005; petre rodan <kaiowas@gentoo.org> - selinux-openldap-20050626.ebuild, +selinux-openldap-20051122.ebuild: - marked stable on amd64 mips ppc sparc x86, merge with upstream - -*selinux-openldap-20050626 (26 Jun 2005) - - 26 Jun 2005; petre rodan <kaiowas@gentoo.org> +metadata.xml, - +selinux-openldap-20050626.ebuild: - initial commit - diff --git a/sec-policy/selinux-openldap/Manifest b/sec-policy/selinux-openldap/Manifest deleted file mode 100644 index 6331acd0..00000000 --- a/sec-policy/selinux-openldap/Manifest +++ /dev/null @@ -1,3 +0,0 @@ -EBUILD selinux-openldap-2.20101213-r1.ebuild 487 RMD160 d3d2676f2b97ae898a8ce7f4aab4058a6c049d37 SHA1 d5c4e4166bb725aa331f1c00267bdb11a203f166 SHA256 910855ddb05c4f342d2f79577175cf023d1b5e573fefdb62cf08b7559e4cebef -MISC ChangeLog 3240 RMD160 0e99dced6e321178148ee3b1358895a9bd66e7d7 SHA1 af548bdbd11cdbb7d42737c13bcf84285734e455 SHA256 2fc9990ffe61b4b87a53645f9a5e7bd05a0a66e0e318764ebe7817b866af0e81 -MISC metadata.xml 232 RMD160 5a9be5ffb3c01c66354753839a89fe28933de08e SHA1 88d37d757de1f862ae0deff460cca2bdcca42748 SHA256 52b9b6e6d6f33940bd146eba8e36de809589263d70d3ca58d67cd025ab4a5872 diff --git a/sec-policy/selinux-openldap/metadata.xml b/sec-policy/selinux-openldap/metadata.xml deleted file mode 100644 index d873bf1f..00000000 --- a/sec-policy/selinux-openldap/metadata.xml +++ /dev/null @@ -1,6 +0,0 @@ -<?xml version="1.0" encoding="UTF-8"?> -<!DOCTYPE pkgmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd"> -<pkgmetadata> - <herd>selinux</herd> - <longdescription>Gentoo SELinux policy for openldap</longdescription> -</pkgmetadata> diff --git a/sec-policy/selinux-openldap/selinux-openldap-2.20101213-r1.ebuild b/sec-policy/selinux-openldap/selinux-openldap-2.20101213-r1.ebuild deleted file mode 100644 index 844e6df2..00000000 --- a/sec-policy/selinux-openldap/selinux-openldap-2.20101213-r1.ebuild +++ /dev/null @@ -1,17 +0,0 @@ -# Copyright 1999-2011 Gentoo Foundation -# Distributed under the terms of the GNU General Public License v2 -# $Header: /var/cvsroot/gentoo-x86/sec-policy/selinux-openldap/selinux-openldap-2.20101213.ebuild,v 1.1 2011/02/05 12:07:07 blueness Exp $ - -EAPI=3 - -DESCRIPTION="SELinux policy for openldap (meta package for selinux-ldap)" -HOMEPAGE="http://hardened.gentoo.org" -SRC_URI="" - -LICENSE="as-is" -SLOT="0" -KEYWORDS="~amd64 ~x86" -IUSE="" - -RDEPEND=">=sec-policy/selinux-ldap-2.20101213-r1" - diff --git a/sec-policy/selinux-postfix/ChangeLog b/sec-policy/selinux-postfix/ChangeLog deleted file mode 100644 index 80659ace..00000000 --- a/sec-policy/selinux-postfix/ChangeLog +++ /dev/null @@ -1,186 +0,0 @@ -# ChangeLog for sec-policy/selinux-postfix -# Copyright 1999-2011 Gentoo Foundation; Distributed under the GPL v2 -# $Header: /var/cvsroot/gentoo-x86/sec-policy/selinux-postfix/ChangeLog,v 1.32 2011/03/07 02:50:05 blueness Exp $ - -*selinux-postfix-2.20101213-r3 (19 Mar 2011) - - 19 Mar 2011; <swift@gentoo.org> +files/fix-services-postfix-r3.patch, - +selinux-postfix-2.20101213-r3.ebuild: - Allow postfix_smtpd_t to access mysql (virtual mailhosting) - -*selinux-postfix-2.20101213-r2 (14 Mar 2011) - - 14 Mar 2011; <swift@gentoo.org> +files/fix-services-postfix-r2.patch, - +selinux-postfix-2.20101213-r2.ebuild, +metadata.xml: - Allow postfix administration through sysadm - -*selinux-postfix-2.20101213-r1 (07 Mar 2011) - - 07 Mar 2011; Anthony G. Basile <blueness@gentoo.org> - +files/fix-services-postfix-r1.patch, - +selinux-postfix-2.20101213-r1.ebuild: - Fix filecontexts - -*selinux-postfix-2.20101213 (05 Feb 2011) - - 05 Feb 2011; Anthony G. Basile <blueness@gentoo.org> - +selinux-postfix-2.20101213.ebuild: - New upstream policy. - -*selinux-postfix-2.20091215 (16 Dec 2009) - - 16 Dec 2009; Chris PeBenito <pebenito@gentoo.org> - +selinux-postfix-2.20091215.ebuild: - New upstream release. - - 14 Aug 2009; Chris PeBenito <pebenito@gentoo.org> - -selinux-postfix-20070329.ebuild, -selinux-postfix-20070928.ebuild, - selinux-postfix-20080525.ebuild: - Mark 20080525 stable, clear old ebuilds. - -*selinux-postfix-2.20090730 (03 Aug 2009) - - 03 Aug 2009; Chris PeBenito <pebenito@gentoo.org> - +selinux-postfix-2.20090730.ebuild: - New upstream release. - - 18 Jul 2009; Chris PeBenito <pebenito@gentoo.org> - selinux-postfix-20070329.ebuild, selinux-postfix-20070928.ebuild, - selinux-postfix-20080525.ebuild: - Drop alpha, mips, ppc, sparc selinux support. - -*selinux-postfix-20080525 (25 May 2008) - - 25 May 2008; Chris PeBenito <pebenito@gentoo.org> - +selinux-postfix-20080525.ebuild: - New SVN snapshot. - - 16 Mar 2008; Chris PeBenito <pebenito@gentoo.org> - -selinux-postfix-20050626.ebuild, -selinux-postfix-20050918.ebuild, - -selinux-postfix-20051023.ebuild, -selinux-postfix-20051122.ebuild, - -selinux-postfix-20061114.ebuild: - Remove old ebuilds. - - 03 Feb 2008; Chris PeBenito <pebenito@gentoo.org> - selinux-postfix-20070928.ebuild: - Mark stable. - -*selinux-postfix-20070928 (26 Nov 2007) - - 26 Nov 2007; Chris PeBenito <pebenito@gentoo.org> - +selinux-postfix-20070928.ebuild: - New SVN snapshot. - - 04 Jun 2007; Chris PeBenito <pebenito@gentoo.org> - selinux-postfix-20070329.ebuild: - Mark stable. - -*selinux-postfix-20070329 (29 Mar 2007) - - 29 Mar 2007; Chris PeBenito <pebenito@gentoo.org> - +selinux-postfix-20070329.ebuild: - New SVN snapshot. - - 22 Feb 2007; Markus Ullmann <jokey@gentoo.org> ChangeLog: - Redigest for Manifest2 - -*selinux-postfix-20061114 (15 Nov 2006) - - 15 Nov 2006; Chris PeBenito <pebenito@gentoo.org> - +selinux-postfix-20061114.ebuild: - New SVN snapshot. - -*selinux-postfix-20061008 (10 Oct 2006) - - 10 Oct 2006; Chris PeBenito <pebenito@gentoo.org> - +selinux-postfix-20061008.ebuild: - First mainstream reference policy testing release. - -*selinux-postfix-20051122 (28 Nov 2005) - - 28 Nov 2005; petre rodan <kaiowas@gentoo.org> - selinux-postfix-20051023.ebuild, +selinux-postfix-20051122.ebuild: - marked stable on amd64 mips ppc sparc x86, merge with upstream - -*selinux-postfix-20051023 (24 Oct 2005) - - 24 Oct 2005; petre rodan <kaiowas@gentoo.org> - +selinux-postfix-20051023.ebuild: - merge with upstream - - 18 Oct 2005; petre rodan <kaiowas@gentoo.org> - selinux-postfix-20050918.ebuild: - mark stable - -*selinux-postfix-20050918 (18 Sep 2005) - - 18 Sep 2005; petre rodan <kaiowas@gentoo.org> - -selinux-postfix-20050417.ebuild, +selinux-postfix-20050918.ebuild: - merge with upstream, added mips arch - - 26 Jun 2005; petre rodan <kaiowas@gentoo.org> - selinux-postfix-20050626.ebuild: - mark stable - -*selinux-postfix-20050626 (26 Jun 2005) - - 26 Jun 2005; petre rodan <kaiowas@gentoo.org> - -selinux-postfix-20050219.ebuild, +selinux-postfix-20050626.ebuild: - added name_connect rules - - 23 Apr 2005; petre rodan <kaiowas@gentoo.org> - -selinux-postfix-20041211.ebuild, selinux-postfix-20050417.ebuild: - mark stable - -*selinux-postfix-20050417 (16 Apr 2005) - - 16 Apr 2005; petre rodan <kaiowas@gentoo.org> - +selinux-postfix-20050417.ebuild: - fix for bug #89321 - - 23 Mar 2005; petre rodan <kaiowas@gentoo.org> - selinux-postfix-20050219.ebuild: - mark stable - -*selinux-postfix-20050219 (25 Feb 2005) - - 25 Feb 2005; petre rodan <kaiowas@gentoo.org> - +selinux-postfix-20050219.ebuild: - merge with upstream policy - -*selinux-postfix-20041211 (12 Dec 2004) - - 12 Dec 2004; petre rodan <kaiowas@gentoo.org> - -selinux-postfix-20040427.ebuild, -selinux-postfix-20041021.ebuild, - -selinux-postfix-20041109.ebuild, -selinux-postfix-20041120.ebuild, - +selinux-postfix-20041211.ebuild: - removed old builds, small merge with upstream policy - - 23 Nov 2004; petre rodan <kaiowas@gentoo.org> - selinux-postfix-20041120.ebuild: - mark stable - -*selinux-postfix-20041120 (22 Nov 2004) - - 22 Nov 2004; petre rodan <kaiowas@gentoo.org> - +selinux-postfix-20041120.ebuild: - merge with nsa policy - -*selinux-postfix-20041109 (13 Nov 2004) - - 13 Nov 2004; petre rodan <kaiowas@gentoo.org> - +selinux-postfix-20041109.ebuild: - merge with nsa policy - -*selinux-postfix-20041021 (27 Oct 2004) - - 27 Oct 2004; petre rodan <kaiowas@gentoo.org> - +selinux-postfix-20041021.ebuild: - merge with nsa policy - -*selinux-postfix-20040427 (27 Apr 2004) - - 27 Apr 2004; Chris PeBenito <pebenito@gentoo.org> +metadata.xml, - +selinux-postfix-20040427.ebuild: - Initial commit. - diff --git a/sec-policy/selinux-postfix/Manifest b/sec-policy/selinux-postfix/Manifest deleted file mode 100644 index 29395f78..00000000 --- a/sec-policy/selinux-postfix/Manifest +++ /dev/null @@ -1,7 +0,0 @@ -AUX fix-services-postfix-r2.patch 4642 RMD160 bb091ab247388cdc9c6d4b9eb7cbfb96fbcf3341 SHA1 3f974d4d8cd33fc139047aa2b9a6acf52359b652 SHA256 686bb4c980e0a24a7b5d86815e1bcb3cbf35f522a83e7acee3fad82e2cbfe073 -AUX fix-services-postfix-r3.patch 4683 RMD160 157237a835eb49cbf15036d58e931581eade399d SHA1 8d8e91a43d47a1e7103626829ce4ba9bfd70b333 SHA256 9dde1c068ca098fdbd9c8592b6a2675ce1a432139c6965fc9f0d46ee45797bed -DIST refpolicy-2.20101213.tar.bz2 559450 RMD160 4858f792f4db5b179de6fb8419a626c29d59bdd3 SHA1 0e881e99b8950a358eadc44633551ca10f12eaee SHA256 b691ee8f6066cc19bb0d4384fe3be277d97d22e9d4ac2db0c252065e8c3535de -EBUILD selinux-postfix-2.20101213-r2.ebuild 421 RMD160 c59bb089e647a0c5561ef4156222de36abc1c11f SHA1 f96b365570a78efdfdaa9257739a5674bf52b607 SHA256 7b3ae9e3ab505b5998ea3dbdf9b00060ed5b0fe04f1f226367e63269f6f5ba59 -EBUILD selinux-postfix-2.20101213-r3.ebuild 421 RMD160 24148b5ebf3ec42251d41af4053e341cd2cb4cfc SHA1 51ff9173da33c923ac6f418a69c61c967ef05663 SHA256 1c3aae0fe644d393111cff67cad672db22758c1aa1057f9dc2c0726963bd9a01 -MISC ChangeLog 5598 RMD160 50f81dd38503876617a0add16fc91a70b9704297 SHA1 d26d53ff6ff0886fc7b92e09db87692b16bbc0ca SHA256 756d6cebb73122d52f17dd5b48f3627e7b28fbdd571fa72ee48902dc8ffce56c -MISC metadata.xml 231 RMD160 a74f4d0ea728b9b1293a4245404ac2f86343cde4 SHA1 e442d59cd349944548484d3274d6c0e00086056f SHA256 459b7eb495b910e93d0bc072cc141a3aed301b3142940b6371d4473254257475 diff --git a/sec-policy/selinux-postfix/files/fix-services-postfix-r2.patch b/sec-policy/selinux-postfix/files/fix-services-postfix-r2.patch deleted file mode 100644 index df3af685..00000000 --- a/sec-policy/selinux-postfix/files/fix-services-postfix-r2.patch +++ /dev/null @@ -1,76 +0,0 @@ ---- services/postfix.te 2010-08-03 15:11:07.000000000 +0200 -+++ services/postfix.te 2011-03-13 16:04:36.436999999 +0100 -@@ -93,7 +93,7 @@ - # - - # chown is to set the correct ownership of queue dirs --allow postfix_master_t self:capability { chown dac_override kill setgid setuid net_bind_service sys_tty_config }; -+allow postfix_master_t self:capability { chown dac_override kill setgid setuid net_bind_service sys_tty_config dac_read_search }; - allow postfix_master_t self:fifo_file rw_fifo_file_perms; - allow postfix_master_t self:tcp_socket create_stream_socket_perms; - allow postfix_master_t self:udp_socket create_socket_perms; -@@ -201,6 +201,9 @@ - - optional_policy(` - mysql_stream_connect(postfix_master_t) -+ mysql_stream_connect(postfix_cleanup_t) -+ mysql_stream_connect(postfix_local_t) -+ mysql_stream_connect(postfix_virtual_t) - ') - - optional_policy(` -@@ -589,6 +592,7 @@ - # for OpenSSL certificates - files_read_usr_files(postfix_smtpd_t) - mta_read_aliases(postfix_smtpd_t) -+mta_read_config(postfix_smtpd_t) - - optional_policy(` - dovecot_stream_connect_auth(postfix_smtpd_t) ---- services/postfix.fc 2010-08-03 15:11:07.000000000 +0200 -+++ services/postfix.fc 2011-03-13 15:54:11.765000000 +0100 -@@ -16,20 +16,21 @@ - /usr/libexec/postfix/pipe -- gen_context(system_u:object_r:postfix_pipe_exec_t,s0) - /usr/libexec/postfix/virtual -- gen_context(system_u:object_r:postfix_virtual_exec_t,s0) - ', ` --/usr/lib/postfix/.* -- gen_context(system_u:object_r:postfix_exec_t,s0) --/usr/lib/postfix/cleanup -- gen_context(system_u:object_r:postfix_cleanup_exec_t,s0) --/usr/lib/postfix/local -- gen_context(system_u:object_r:postfix_local_exec_t,s0) --/usr/lib/postfix/master -- gen_context(system_u:object_r:postfix_master_exec_t,s0) --/usr/lib/postfix/pickup -- gen_context(system_u:object_r:postfix_pickup_exec_t,s0) --/usr/lib/postfix/(n)?qmgr -- gen_context(system_u:object_r:postfix_qmgr_exec_t,s0) --/usr/lib/postfix/showq -- gen_context(system_u:object_r:postfix_showq_exec_t,s0) --/usr/lib/postfix/smtp -- gen_context(system_u:object_r:postfix_smtp_exec_t,s0) --/usr/lib/postfix/lmtp -- gen_context(system_u:object_r:postfix_smtp_exec_t,s0) --/usr/lib/postfix/scache -- gen_context(system_u:object_r:postfix_smtp_exec_t,s0) --/usr/lib/postfix/smtpd -- gen_context(system_u:object_r:postfix_smtpd_exec_t,s0) --/usr/lib/postfix/bounce -- gen_context(system_u:object_r:postfix_bounce_exec_t,s0) --/usr/lib/postfix/pipe -- gen_context(system_u:object_r:postfix_pipe_exec_t,s0) --/usr/lib/postfix/virtual -- gen_context(system_u:object_r:postfix_virtual_exec_t,s0) -+/usr/lib(64)?/postfix/.* -- gen_context(system_u:object_r:postfix_exec_t,s0) -+/usr/lib(64)?/postfix/cleanup -- gen_context(system_u:object_r:postfix_cleanup_exec_t,s0) -+/usr/lib(64)?/postfix/local -- gen_context(system_u:object_r:postfix_local_exec_t,s0) -+/usr/lib(64)?/postfix/master -- gen_context(system_u:object_r:postfix_master_exec_t,s0) -+/usr/lib(64)?/postfix/pickup -- gen_context(system_u:object_r:postfix_pickup_exec_t,s0) -+/usr/lib(64)?/postfix/(n)?qmgr -- gen_context(system_u:object_r:postfix_qmgr_exec_t,s0) -+/usr/lib(64)?/postfix/showq -- gen_context(system_u:object_r:postfix_showq_exec_t,s0) -+/usr/lib(64)?/postfix/smtp -- gen_context(system_u:object_r:postfix_smtp_exec_t,s0) -+/usr/lib(64)?/postfix/lmtp -- gen_context(system_u:object_r:postfix_smtp_exec_t,s0) -+/usr/lib(64)?/postfix/scache -- gen_context(system_u:object_r:postfix_smtp_exec_t,s0) -+/usr/lib(64)?/postfix/smtpd -- gen_context(system_u:object_r:postfix_smtpd_exec_t,s0) -+/usr/lib(64)?/postfix/bounce -- gen_context(system_u:object_r:postfix_bounce_exec_t,s0) -+/usr/lib(64)?/postfix/pipe -- gen_context(system_u:object_r:postfix_pipe_exec_t,s0) -+/usr/lib(64)?/postfix/virtual -- gen_context(system_u:object_r:postfix_virtual_exec_t,s0) -+/usr/lib(64)?/postfix/postfix-script.* -- gen_context(system_u:object_r:postfix_exec_t,s0) - ') - /etc/postfix/postfix-script.* -- gen_context(system_u:object_r:postfix_exec_t,s0) - /etc/postfix/prng_exch -- gen_context(system_u:object_r:postfix_prng_t,s0) -@@ -48,7 +49,7 @@ - - /var/spool/postfix(/.*)? gen_context(system_u:object_r:postfix_spool_t,s0) - /var/spool/postfix/maildrop(/.*)? gen_context(system_u:object_r:postfix_spool_maildrop_t,s0) --/var/spool/postfix/pid/.* gen_context(system_u:object_r:postfix_var_run_t,s0) -+/var/spool/postfix/pid(/.*)? gen_context(system_u:object_r:postfix_var_run_t,s0) - /var/spool/postfix/private(/.*)? gen_context(system_u:object_r:postfix_private_t,s0) - /var/spool/postfix/public(/.*)? gen_context(system_u:object_r:postfix_public_t,s0) - /var/spool/postfix/bounce(/.*)? gen_context(system_u:object_r:postfix_spool_bounce_t,s0) diff --git a/sec-policy/selinux-postfix/files/fix-services-postfix-r3.patch b/sec-policy/selinux-postfix/files/fix-services-postfix-r3.patch deleted file mode 100644 index f748e9ad..00000000 --- a/sec-policy/selinux-postfix/files/fix-services-postfix-r3.patch +++ /dev/null @@ -1,77 +0,0 @@ ---- services/postfix.te 2010-08-03 15:11:07.000000000 +0200 -+++ services/postfix.te 2011-03-19 18:19:42.287000040 +0100 -@@ -93,7 +93,7 @@ - # - - # chown is to set the correct ownership of queue dirs --allow postfix_master_t self:capability { chown dac_override kill setgid setuid net_bind_service sys_tty_config }; -+allow postfix_master_t self:capability { chown dac_override kill setgid setuid net_bind_service sys_tty_config dac_read_search }; - allow postfix_master_t self:fifo_file rw_fifo_file_perms; - allow postfix_master_t self:tcp_socket create_stream_socket_perms; - allow postfix_master_t self:udp_socket create_socket_perms; -@@ -201,6 +201,10 @@ - - optional_policy(` - mysql_stream_connect(postfix_master_t) -+ mysql_stream_connect(postfix_cleanup_t) -+ mysql_stream_connect(postfix_local_t) -+ mysql_stream_connect(postfix_virtual_t) -+ mysql_stream_connect(postfix_smtpd_t) - ') - - optional_policy(` -@@ -589,6 +593,7 @@ - # for OpenSSL certificates - files_read_usr_files(postfix_smtpd_t) - mta_read_aliases(postfix_smtpd_t) -+mta_read_config(postfix_smtpd_t) - - optional_policy(` - dovecot_stream_connect_auth(postfix_smtpd_t) ---- services/postfix.fc 2010-08-03 15:11:07.000000000 +0200 -+++ services/postfix.fc 2011-03-13 15:54:11.765000000 +0100 -@@ -16,20 +16,21 @@ - /usr/libexec/postfix/pipe -- gen_context(system_u:object_r:postfix_pipe_exec_t,s0) - /usr/libexec/postfix/virtual -- gen_context(system_u:object_r:postfix_virtual_exec_t,s0) - ', ` --/usr/lib/postfix/.* -- gen_context(system_u:object_r:postfix_exec_t,s0) --/usr/lib/postfix/cleanup -- gen_context(system_u:object_r:postfix_cleanup_exec_t,s0) --/usr/lib/postfix/local -- gen_context(system_u:object_r:postfix_local_exec_t,s0) --/usr/lib/postfix/master -- gen_context(system_u:object_r:postfix_master_exec_t,s0) --/usr/lib/postfix/pickup -- gen_context(system_u:object_r:postfix_pickup_exec_t,s0) --/usr/lib/postfix/(n)?qmgr -- gen_context(system_u:object_r:postfix_qmgr_exec_t,s0) --/usr/lib/postfix/showq -- gen_context(system_u:object_r:postfix_showq_exec_t,s0) --/usr/lib/postfix/smtp -- gen_context(system_u:object_r:postfix_smtp_exec_t,s0) --/usr/lib/postfix/lmtp -- gen_context(system_u:object_r:postfix_smtp_exec_t,s0) --/usr/lib/postfix/scache -- gen_context(system_u:object_r:postfix_smtp_exec_t,s0) --/usr/lib/postfix/smtpd -- gen_context(system_u:object_r:postfix_smtpd_exec_t,s0) --/usr/lib/postfix/bounce -- gen_context(system_u:object_r:postfix_bounce_exec_t,s0) --/usr/lib/postfix/pipe -- gen_context(system_u:object_r:postfix_pipe_exec_t,s0) --/usr/lib/postfix/virtual -- gen_context(system_u:object_r:postfix_virtual_exec_t,s0) -+/usr/lib(64)?/postfix/.* -- gen_context(system_u:object_r:postfix_exec_t,s0) -+/usr/lib(64)?/postfix/cleanup -- gen_context(system_u:object_r:postfix_cleanup_exec_t,s0) -+/usr/lib(64)?/postfix/local -- gen_context(system_u:object_r:postfix_local_exec_t,s0) -+/usr/lib(64)?/postfix/master -- gen_context(system_u:object_r:postfix_master_exec_t,s0) -+/usr/lib(64)?/postfix/pickup -- gen_context(system_u:object_r:postfix_pickup_exec_t,s0) -+/usr/lib(64)?/postfix/(n)?qmgr -- gen_context(system_u:object_r:postfix_qmgr_exec_t,s0) -+/usr/lib(64)?/postfix/showq -- gen_context(system_u:object_r:postfix_showq_exec_t,s0) -+/usr/lib(64)?/postfix/smtp -- gen_context(system_u:object_r:postfix_smtp_exec_t,s0) -+/usr/lib(64)?/postfix/lmtp -- gen_context(system_u:object_r:postfix_smtp_exec_t,s0) -+/usr/lib(64)?/postfix/scache -- gen_context(system_u:object_r:postfix_smtp_exec_t,s0) -+/usr/lib(64)?/postfix/smtpd -- gen_context(system_u:object_r:postfix_smtpd_exec_t,s0) -+/usr/lib(64)?/postfix/bounce -- gen_context(system_u:object_r:postfix_bounce_exec_t,s0) -+/usr/lib(64)?/postfix/pipe -- gen_context(system_u:object_r:postfix_pipe_exec_t,s0) -+/usr/lib(64)?/postfix/virtual -- gen_context(system_u:object_r:postfix_virtual_exec_t,s0) -+/usr/lib(64)?/postfix/postfix-script.* -- gen_context(system_u:object_r:postfix_exec_t,s0) - ') - /etc/postfix/postfix-script.* -- gen_context(system_u:object_r:postfix_exec_t,s0) - /etc/postfix/prng_exch -- gen_context(system_u:object_r:postfix_prng_t,s0) -@@ -48,7 +49,7 @@ - - /var/spool/postfix(/.*)? gen_context(system_u:object_r:postfix_spool_t,s0) - /var/spool/postfix/maildrop(/.*)? gen_context(system_u:object_r:postfix_spool_maildrop_t,s0) --/var/spool/postfix/pid/.* gen_context(system_u:object_r:postfix_var_run_t,s0) -+/var/spool/postfix/pid(/.*)? gen_context(system_u:object_r:postfix_var_run_t,s0) - /var/spool/postfix/private(/.*)? gen_context(system_u:object_r:postfix_private_t,s0) - /var/spool/postfix/public(/.*)? gen_context(system_u:object_r:postfix_public_t,s0) - /var/spool/postfix/bounce(/.*)? gen_context(system_u:object_r:postfix_spool_bounce_t,s0) diff --git a/sec-policy/selinux-postfix/metadata.xml b/sec-policy/selinux-postfix/metadata.xml deleted file mode 100644 index 6cad3d52..00000000 --- a/sec-policy/selinux-postfix/metadata.xml +++ /dev/null @@ -1,6 +0,0 @@ -<?xml version="1.0" encoding="UTF-8"?> -<!DOCTYPE pkgmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd"> -<pkgmetadata> - <herd>selinux</herd> - <longdescription>Gentoo SELinux policy for postfix</longdescription> -</pkgmetadata> diff --git a/sec-policy/selinux-postfix/selinux-postfix-2.20101213-r2.ebuild b/sec-policy/selinux-postfix/selinux-postfix-2.20101213-r2.ebuild deleted file mode 100644 index e93eab84..00000000 --- a/sec-policy/selinux-postfix/selinux-postfix-2.20101213-r2.ebuild +++ /dev/null @@ -1,14 +0,0 @@ -# Copyright 1999-2011 Gentoo Foundation -# Distributed under the terms of the GNU General Public License v2 -# $Header: /var/cvsroot/gentoo-x86/sec-policy/selinux-postfix/selinux-postfix-2.20101213-r1.ebuild,v 1.1 2011/03/07 02:50:05 blueness Exp $ - -MODS="postfix" -IUSE="" - -inherit selinux-policy-2 - -DESCRIPTION="SELinux policy for postfix" - -KEYWORDS="~amd64 ~x86" - -POLICY_PATCH="${FILESDIR}/fix-services-postfix-r2.patch" diff --git a/sec-policy/selinux-postfix/selinux-postfix-2.20101213-r3.ebuild b/sec-policy/selinux-postfix/selinux-postfix-2.20101213-r3.ebuild deleted file mode 100644 index 04c476f7..00000000 --- a/sec-policy/selinux-postfix/selinux-postfix-2.20101213-r3.ebuild +++ /dev/null @@ -1,14 +0,0 @@ -# Copyright 1999-2011 Gentoo Foundation -# Distributed under the terms of the GNU General Public License v2 -# $Header: /var/cvsroot/gentoo-x86/sec-policy/selinux-postfix/selinux-postfix-2.20101213-r1.ebuild,v 1.1 2011/03/07 02:50:05 blueness Exp $ - -MODS="postfix" -IUSE="" - -inherit selinux-policy-2 - -DESCRIPTION="SELinux policy for postfix" - -KEYWORDS="~amd64 ~x86" - -POLICY_PATCH="${FILESDIR}/fix-services-postfix-r3.patch" |