From 67f2619f400097ef2565f35deeccffcc91b9c483 Mon Sep 17 00:00:00 2001 From: Alexander Miroshnichenko Date: Wed, 8 May 2019 15:37:57 +0300 Subject: [PATCH] selinux-hostapd: switch to upstream module --- sec-policy/selinux-hostapd/Manifest | 8 +-- sec-policy/selinux-hostapd/files/hostapd.fc | 6 -- sec-policy/selinux-hostapd/files/hostapd.te | 56 ------------------- ...d => selinux-hostapd-2.20190201-r1.ebuild} | 0 4 files changed, 3 insertions(+), 67 deletions(-) delete mode 100644 sec-policy/selinux-hostapd/files/hostapd.fc delete mode 100644 sec-policy/selinux-hostapd/files/hostapd.te rename sec-policy/selinux-hostapd/{selinux-hostapd-2.20180701-r1.ebuild => selinux-hostapd-2.20190201-r1.ebuild} (100%) diff --git a/sec-policy/selinux-hostapd/Manifest b/sec-policy/selinux-hostapd/Manifest index b43dc27..fc51381 100644 --- a/sec-policy/selinux-hostapd/Manifest +++ b/sec-policy/selinux-hostapd/Manifest @@ -1,5 +1,3 @@ -AUX hostapd.fc 299 BLAKE2B 57f03ed6b66766688e01ca1aff1dfa6882d11fc2d2e6160426478be49d5b190a945b1d41f8fc02a075a0ee9ccadcfbc23549635a02448fffb2790467df8514c5 SHA512 c403eceead2eca2cb3f525788374681c9800239f57c2403840813e03df755528ae80457dd0c13db27d31b03da3e972f3a9deac63be50eb0cb7e3597cacfe74dd -AUX hostapd.te 1713 BLAKE2B 69952a4ba1acfd7e9199c60cce4f8a12bc80e8e3e731bca9f0f5aaba04c09fb41a604c20e4dfde223225f949dcb8fbc3466a9b84740bfe1a7eeeba456476f7d7 SHA512 4d6688bb4ee118af5c253a07eda4f3a8e6f56ff37568882599c6bd8060d871ea2228a9318c36c290f941cde4f2059a4f38d6832d2162dce132c6f17820c10e2a -DIST patchbundle-selinux-base-policy-2.20180701-r1.tar.bz2 315378 BLAKE2B eeeb0b04c023c40289b6d964aefd1773d2b5d6912f1dffebf9509e6dcdbb39b17e722ee4483fb2b11193d4b987a85f90c7dc7e61cef3cf982fc2ba368d4900ef SHA512 a8b049120f1c420f9bfb55aba9ed0157ff7896ace402cd1b77b01d1ea52b67e49d915f1c00de83ff4d59b1cf8b8aa1f39b50ba312d842ed4850e75fcc7f5be42 -DIST refpolicy-2.20180701.tar.bz2 753050 BLAKE2B 7069a1b9b9bef25950e62bb50ac09f4a9d5ef6fd0acc667d321da396c3935939348534458df129f7bc81687dca240b4c4fc120d1f46d452665d335c9f023da8c SHA512 9dd5a1e10da5d25fea96cc25efb682f8ac866e835a1d940b161c1ce944cac9a90a5836b03c14311acad6bf9acd9a78003f36e050d35d8edb43606575523857b5 -EBUILD selinux-hostapd-2.20180701-r1.ebuild 381 BLAKE2B e72b73164969be79643d5b584a57d1bc1ab4724f24d9d8e4d5964dd3193b1402277f6662db461f10d8937fdffea9dadb53f86afb855a3226be760a3df72309d3 SHA512 696ea45e4f5fac01fab8c5c44ca03f28746e9b251bc4e81f2c6c4dfb06d95eda475563bba6f6498bc2290a97cf9db7753b39f7c8178c6dad701ad85acda775b9 +DIST patchbundle-selinux-base-policy-2.20190201-r1.tar.bz2 426390 BLAKE2B 33e05e03e1e087f0bf460930f074108af5fa05688f7681ba3545530d21174be7d29e9035a7bc37e9acdbe3468680891f9865ad83188eb0f8fb9b9012252d6a1e SHA512 f2855a340f4ae7ba6c4cf0ec9445de7ca20f9fc0f11783992340ca2f073bbbf2d4999190f46f3910213dd1555e9578b3609284af6a7712b401053216c004ff7e +DIST refpolicy-2.20190201.tar.bz2 552750 BLAKE2B d3cbdf5c5f8480cd36173d8cfbd2f55a6ad4a9f2176883dcc19eece6059114ca8700d07f8bd318d0430da253bb9e4e6a6e03f7a7db8a7964c95b00452aaab040 SHA512 c6568b679ad1a7c5c566b55291e86ce3784ee609c0091e5d465d41055724d950180780c7eedb3413351101b9182db51c7bce1816db1a9a17b3257861363efc6e +EBUILD selinux-hostapd-2.20190201-r1.ebuild 381 BLAKE2B e72b73164969be79643d5b584a57d1bc1ab4724f24d9d8e4d5964dd3193b1402277f6662db461f10d8937fdffea9dadb53f86afb855a3226be760a3df72309d3 SHA512 696ea45e4f5fac01fab8c5c44ca03f28746e9b251bc4e81f2c6c4dfb06d95eda475563bba6f6498bc2290a97cf9db7753b39f7c8178c6dad701ad85acda775b9 diff --git a/sec-policy/selinux-hostapd/files/hostapd.fc b/sec-policy/selinux-hostapd/files/hostapd.fc deleted file mode 100644 index 48d438b..0000000 --- a/sec-policy/selinux-hostapd/files/hostapd.fc +++ /dev/null @@ -1,6 +0,0 @@ -/usr/sbin/hostapd -- gen_context(system_u:object_r:hostapd_exec_t,s0) - -/var/run/hostapd(/.*)? gen_context(system_u:object_r:hostapd_var_run_t,s0) -/etc/hostapd(/.*)? gen_context(system_u:object_r:hostapd_conf_t,s0) - -/run/hostapd.pid -- gen_context(system_u:object_r:hostapd_var_run_t,s0) diff --git a/sec-policy/selinux-hostapd/files/hostapd.te b/sec-policy/selinux-hostapd/files/hostapd.te deleted file mode 100644 index 9531f01..0000000 --- a/sec-policy/selinux-hostapd/files/hostapd.te +++ /dev/null @@ -1,56 +0,0 @@ -policy_module(hostapd, 1.0.0) - -######################################## -# -# Declarations -# - -type hostapd_t; -type hostapd_exec_t; -init_daemon_domain(hostapd_t, hostapd_exec_t) - -type hostapd_var_run_t; -files_pid_file(hostapd_var_run_t) - -type hostapd_conf_t; -files_type(hostapd_conf_t) -######################################## -# -# hostapd local policy -# -allow hostapd_t self:capability { fsetid chown net_admin net_raw dac_read_search dac_override }; -allow hostapd_t self:fifo_file rw_fifo_file_perms; -allow hostapd_t self:unix_stream_socket create_stream_socket_perms; -allow hostapd_t self:netlink_socket create_socket_perms; -allow hostapd_t self:netlink_generic_socket create_socket_perms; -allow hostapd_t self:netlink_route_socket create_netlink_socket_perms; -allow hostapd_t self:packet_socket create_socket_perms; - -manage_dirs_pattern(hostapd_t, hostapd_var_run_t, hostapd_var_run_t) -manage_files_pattern(hostapd_t, hostapd_var_run_t, hostapd_var_run_t) -manage_lnk_files_pattern(hostapd_t, hostapd_var_run_t, hostapd_var_run_t) -manage_sock_files_pattern(hostapd_t, hostapd_var_run_t, hostapd_var_run_t) -files_pid_filetrans(hostapd_t, hostapd_var_run_t, { dir file lnk_file sock_file }) - -read_files_pattern(hostapd_t, hostapd_conf_t, hostapd_conf_t) - -kernel_read_system_state(hostapd_t) -kernel_read_network_state(hostapd_t) -kernel_request_load_module(hostapd_t) -kernel_rw_net_sysctls(hostapd_t) -dev_rw_sysfs(hostapd_t) - -#allow initrc_t hostapd_conf_t:file read; - -dev_read_rand(hostapd_t) -dev_read_urand(hostapd_t) -dev_read_sysfs(hostapd_t) -dev_rw_wireless(hostapd_t) - -domain_use_interactive_fds(hostapd_t) - -auth_use_nsswitch(hostapd_t) - -logging_send_syslog_msg(hostapd_t) - -miscfiles_read_localization(hostapd_t) diff --git a/sec-policy/selinux-hostapd/selinux-hostapd-2.20180701-r1.ebuild b/sec-policy/selinux-hostapd/selinux-hostapd-2.20190201-r1.ebuild similarity index 100% rename from sec-policy/selinux-hostapd/selinux-hostapd-2.20180701-r1.ebuild rename to sec-policy/selinux-hostapd/selinux-hostapd-2.20190201-r1.ebuild