packages/selinux-policy
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

!32 add file context for firewalld temporary file

Browse Source 
From: @nettingsisyphus
Reviewed-by: @zhujianwei001
Signed-off-by: @zhujianwei001
This commit is contained in:
openeuler-ci-bot 2020-09-24 14:07:40 +08:00 committed by Gitee
commit db13a397f4
2 changed files with 17 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
add-firewalld-fc.patch Normal file
View File

@ -0,0 +1,12 @@
diff -uprN selinux-policy-9c84d687e0fef5d8e4e25273bd25f58c28a7c67c.orig/policy/modules/contrib/firewalld.fc selinux-policy-9c84d687e0fef5d8e4e25273bd25f58c28a7c67c/policy/modules/contrib/firewalld.fc
--- selinux-policy-9c84d687e0fef5d8e4e25273bd25f58c28a7c67c.orig/policy/modules/contrib/firewalld.fc 2020-09-03 14:43:46.690880806 +0200
+++ selinux-policy-9c84d687e0fef5d8e4e25273bd25f58c28a7c67c/policy/modules/contrib/firewalld.fc 2020-09-10 17:25:25.126199087 +0200
@@ -6,6 +6,8 @@
/usr/sbin/firewalld -- gen_context(system_u:object_r:firewalld_exec_t,s0)
+/usr/share/firewalld/firewalld-tmp-mmap -- gen_context(system_u:object_r:firewalld_tmp_t,s0)
+
/var/log/firewalld.* -- gen_context(system_u:object_r:firewalld_var_log_t,s0)
/var/run/firewalld(/.*)? gen_context(system_u:object_r:firewalld_var_run_t,s0)

6
selinux-policy.spec
View File

@ -12,7 +12,7 @@
Summary: SELinux policy configuration Summary: SELinux policy configuration
Name: selinux-policy Name: selinux-policy
Version: 3.14.2 Version: 3.14.2
Release: 60 Release: 61
License: GPLv2+ License: GPLv2+
URL: https://github.com/fedora-selinux/selinux-policy/ URL: https://github.com/fedora-selinux/selinux-policy/
@ -67,6 +67,7 @@ Patch14: add_userman_access_run_dir.patch
Patch15: allow-systemd-machined-create-userdbd-runtime-sock-file.patch Patch15: allow-systemd-machined-create-userdbd-runtime-sock-file.patch
Patch16: allow-systemd_machined_t-delete-userdbd-runtime-sock.patch Patch16: allow-systemd_machined_t-delete-userdbd-runtime-sock.patch
Patch17: allow-systemd-hostnamed-and-logind-read-policy.patch Patch17: allow-systemd-hostnamed-and-logind-read-policy.patch
Patch18: add-firewalld-fc.patch
BuildArch: noarch BuildArch: noarch
BuildRequires: python3 gawk checkpolicy >= %{CHECKPOLICYVER} m4 policycoreutils-devel >= %{POLICYCOREUTILSVER} bzip2 gcc BuildRequires: python3 gawk checkpolicy >= %{CHECKPOLICYVER} m4 policycoreutils-devel >= %{POLICYCOREUTILSVER} bzip2 gcc
@ -732,6 +733,9 @@ exit 0
%endif %endif
%changelog %changelog
* Thu Sep 24 2020 openEuler Buildteam <buildteam@openeuler.org> - 3.14.2-61
- add add-firewalld-fc.patch
* Thu Sep 22 2020 openEuler Buildteam <buildteam@openeuler.org> - 3.14.2-60 * Thu Sep 22 2020 openEuler Buildteam <buildteam@openeuler.org> - 3.14.2-60
- add allow-systemd-hostnamed-and-logind-read-policy.patch - add allow-systemd-hostnamed-and-logind-read-policy.patch