millerson.name/gentoo-overlay
1
0
Fork 0
Code Issues Pull Requests Releases Activity

update selinux-server-custom; add selinux-desktop-custom

Browse Source
This commit is contained in:
Alexander Miroshnichenko
2020-01-06 11:00:13 +03:00
parent 702954333d
commit 2709fc60bb
6 changed files with 47 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
sec-policy/selinux-desktop-custom/files/desktop-custom.fc Normal file
View File

@@ -0,0 +1,4 @@
# Portage related
/usr/bin/eix -- gen_context(system_u:object_r:portage_exec_t)
/usr/bin/eix-sync -- gen_context(system_u:object_r:portage_exec_t)
/usr/lib/python-exec/python[0-9]\.[0-9]*/ebuild -- gen_context(system_u:object_r:portage_exec_t)

14
sec-policy/selinux-desktop-custom/files/desktop-custom.te Normal file
View File

@@ -0,0 +1,14 @@
policy_module(desktop-custom, 1.0.1)
gen_require(`
type portage_t, portage_ebuild_t, cert_t;
')
####### Policy
#============= portage_t ==============
corenet_udp_bind_generic_node(portage_t)
kernel_mounton_proc(portage_t)
kernel_mount_proc(portage_t)
allow portage_t portage_ebuild_t:file map;
allow portage_t cert_t:file map;