From b9c457d80a94ee0fdb6c0c9bd98b7d212f6812e1 Mon Sep 17 00:00:00 2001 From: Grzegorz Filo Date: Wed, 3 Apr 2024 13:02:48 +0200 Subject: [PATCH] files context for merged-usr profile on gentoo Signed-off-by: Grzegorz Filo --- policy/modules/admin/netutils.fc | 4 ++++ policy/modules/admin/shutdown.fc | 5 +++++ policy/modules/services/smartmon.fc | 4 ++++ policy/modules/system/authlogin.fc | 3 +++ policy/modules/system/init.fc | 4 ++++ policy/modules/system/lvm.fc | 4 ++++ 6 files changed, 24 insertions(+) diff --git a/policy/modules/admin/netutils.fc b/policy/modules/admin/netutils.fc index 4ef6719d91..1aad20f7c7 100644 --- a/policy/modules/admin/netutils.fc +++ b/policy/modules/admin/netutils.fc @@ -20,3 +20,7 @@ /usr/sbin/send_arp -- gen_context(system_u:object_r:ping_exec_t,s0) /usr/sbin/tcpdump -- gen_context(system_u:object_r:netutils_exec_t,s0) /usr/sbin/traceroute.* -- gen_context(system_u:object_r:traceroute_exec_t,s0) + +ifdef(`distro_gentoo',` +/usr/bin/iftop -- gen_context(system_u:object_r:netutils_exec_t,s0) +') diff --git a/policy/modules/admin/shutdown.fc b/policy/modules/admin/shutdown.fc index 89d682d36e..2e47783c20 100644 --- a/policy/modules/admin/shutdown.fc +++ b/policy/modules/admin/shutdown.fc @@ -9,3 +9,8 @@ /usr/sbin/shutdown -- gen_context(system_u:object_r:shutdown_exec_t,s0) /run/shutdown\.pid -- gen_context(system_u:object_r:shutdown_runtime_t,s0) + +ifdef(`distro_gentoo',` +/usr/bin/halt -- gen_context(system_u:object_r:shutdown_exec_t,s0) +/usr/bin/shutdown -- gen_context(system_u:object_r:shutdown_exec_t,s0) +') diff --git a/policy/modules/services/smartmon.fc b/policy/modules/services/smartmon.fc index 5bc5e49694..b430532bb7 100644 --- a/policy/modules/services/smartmon.fc +++ b/policy/modules/services/smartmon.fc @@ -8,3 +8,7 @@ /run/smartd\.pid -- gen_context(system_u:object_r:fsdaemon_runtime_t,s0) /var/lib/smartmontools(/.*)? gen_context(system_u:object_r:fsdaemon_var_lib_t,s0) + +ifdef(`distro_gentoo',` +/usr/bin/update-smart-drivedb -- gen_context(system_u:object_r:smartmon_update_drivedb_exec_t,s0) +') diff --git a/policy/modules/system/authlogin.fc b/policy/modules/system/authlogin.fc index adb53a05a0..fcdd38d6d8 100644 --- a/policy/modules/system/authlogin.fc +++ b/policy/modules/system/authlogin.fc @@ -40,6 +40,9 @@ ifdef(`distro_redhat', ` ifdef(`distro_suse', ` /usr/sbin/unix2_chkpwd -- gen_context(system_u:object_r:chkpwd_exec_t,s0) ') +ifdef(`distro_gentoo',` +/usr/bin/pwhistory_helper -- gen_context(system_u:object_r:updpwd_exec_t,s0) +') /var/cache/coolkey(/.*)? gen_context(system_u:object_r:auth_cache_t,s0) diff --git a/policy/modules/system/init.fc b/policy/modules/system/init.fc index 07b12de2e9..75c75e7d13 100644 --- a/policy/modules/system/init.fc +++ b/policy/modules/system/init.fc @@ -53,6 +53,10 @@ ifdef(`distro_gentoo',` /usr/sbin/upstart -- gen_context(system_u:object_r:init_exec_t,s0) ifdef(`distro_gentoo', ` +/usr/bin/rc -- gen_context(system_u:object_r:rc_exec_t,s0) +/usr/bin/openrc -- gen_context(system_u:object_r:rc_exec_t,s0) +/usr/bin/openrc-init -- gen_context(system_u:object_r:init_exec_t,s0) +/usr/bin/openrc-shutdown -- gen_context(system_u:object_r:init_exec_t,s0) /usr/lib/rc/cache(/.*)? gen_context(system_u:object_r:initrc_state_t,s0) /usr/lib/rc/console(/.*)? gen_context(system_u:object_r:initrc_state_t,s0) /usr/lib/rc/init\.d(/.*)? gen_context(system_u:object_r:initrc_state_t,s0) diff --git a/policy/modules/system/lvm.fc b/policy/modules/system/lvm.fc index 8c153dc01d..2d5d5f6005 100644 --- a/policy/modules/system/lvm.fc +++ b/policy/modules/system/lvm.fc @@ -74,6 +74,10 @@ /usr/bin/vgsplit -- gen_context(system_u:object_r:lvm_exec_t,s0) /usr/bin/vgwrapper -- gen_context(system_u:object_r:lvm_exec_t,s0) +ifdef(`distro_gentoo',` +/usr/bin/dmeventd -- gen_context(system_u:object_r:lvm_exec_t,s0) +') + /usr/lib/lvm-10/.* -- gen_context(system_u:object_r:lvm_exec_t,s0) /usr/lib/lvm-200/.* -- gen_context(system_u:object_r:lvm_exec_t,s0) /usr/lib/systemd/systemd-cryptsetup -- gen_context(system_u:object_r:lvm_exec_t,s0)