mirror of
https://github.com/flatcar/scripts.git
synced 2025-10-03 03:21:43 +02:00
sec-policy/selinux-virt: sync with upstream
Signed-off-by: Mathieu Tortuyaux <mathieu@kinvolk.io>
This commit is contained in:
Mathieu Tortuyaux
parent
4d6ff7cfca
commit
e02947a905
@ -1,308 +0,0 @@
|
|||||||
# ChangeLog for sec-policy/selinux-virt
|
|
||||||
# Copyright 1999-2015 Gentoo Foundation; Distributed under the GPL v2
|
|
||||||
# $Header: /var/cvsroot/gentoo-x86/sec-policy/selinux-virt/ChangeLog,v 1.63 2015/06/05 16:10:23 perfinion Exp $
|
|
||||||
|
|
||||||
05 Jun 2015; Jason Zaman <perfinion@gentoo.org>
|
|
||||||
selinux-virt-2.20141203-r5.ebuild:
|
|
||||||
Stabilize policy 2.20141203-r5
|
|
||||||
|
|
||||||
*selinux-virt-2.20141203-r6 (05 Jun 2015)
|
|
||||||
|
|
||||||
05 Jun 2015; Jason Zaman <perfinion@gentoo.org>
|
|
||||||
+selinux-virt-2.20141203-r6.ebuild:
|
|
||||||
Release of 2.20141203-r6
|
|
||||||
|
|
||||||
15 Apr 2015; Jason Zaman <perfinion@gentoo.org>
|
|
||||||
selinux-virt-2.20141203-r4.ebuild:
|
|
||||||
Stabilize policy 2.20141203-r4
|
|
||||||
|
|
||||||
*selinux-virt-2.20141203-r5 (15 Apr 2015)
|
|
||||||
|
|
||||||
15 Apr 2015; Jason Zaman <perfinion@gentoo.org>
|
|
||||||
+selinux-virt-2.20141203-r5.ebuild:
|
|
||||||
Release of 2.20141203-r5
|
|
||||||
|
|
||||||
22 Mar 2015; Sven Vermeulen <swift@gentoo.org>
|
|
||||||
selinux-virt-2.20141203-r3.ebuild:
|
|
||||||
Stabilize 2.20141203-r3 policies
|
|
||||||
|
|
||||||
*selinux-virt-2.20141203-r4 (22 Mar 2015)
|
|
||||||
|
|
||||||
22 Mar 2015; Sven Vermeulen <swift@gentoo.org>
|
|
||||||
+selinux-virt-2.20141203-r4.ebuild, selinux-virt-9999.ebuild:
|
|
||||||
Release of 2.20141203-r4
|
|
||||||
|
|
||||||
*selinux-virt-2.20141203-r3 (29 Jan 2015)
|
|
||||||
|
|
||||||
29 Jan 2015; Jason Zaman <perfinion@gentoo.org>
|
|
||||||
+selinux-virt-2.20141203-r3.ebuild, selinux-virt-2.20141203-r2.ebuild:
|
|
||||||
Release of 2.20141203-r3, stable 2.20141203-r2
|
|
||||||
|
|
||||||
21 Dec 2014; Sven Vermeulen <swift@gentoo.org>
|
|
||||||
-selinux-virt-2.20140311-r1.ebuild, -selinux-virt-2.20140311-r2.ebuild,
|
|
||||||
-selinux-virt-2.20140311-r3.ebuild, -selinux-virt-2.20140311-r4.ebuild:
|
|
||||||
Remove old ebuilds
|
|
||||||
|
|
||||||
21 Dec 2014; Sven Vermeulen <swift@gentoo.org>
|
|
||||||
selinux-virt-2.20141203-r1.ebuild:
|
|
||||||
Stabilize 2.20141203-r1
|
|
||||||
|
|
||||||
*selinux-virt-2.20141203-r2 (21 Dec 2014)
|
|
||||||
|
|
||||||
21 Dec 2014; Sven Vermeulen <swift@gentoo.org>
|
|
||||||
+selinux-virt-2.20141203-r2.ebuild:
|
|
||||||
Release of 2.20141203-r2
|
|
||||||
|
|
||||||
07 Dec 2014; Jason Zaman <perfinion@gentoo.org>
|
|
||||||
selinux-virt-2.20140311-r7.ebuild:
|
|
||||||
Stabilize 2.20140311-r7
|
|
||||||
|
|
||||||
*selinux-virt-2.20141203-r1 (07 Dec 2014)
|
|
||||||
|
|
||||||
07 Dec 2014; Jason Zaman <perfinion@gentoo.org>
|
|
||||||
+selinux-virt-2.20141203-r1.ebuild:
|
|
||||||
Release of 2.20141203-r1
|
|
||||||
|
|
||||||
01 Nov 2014; Sven Vermeulen <swift@gentoo.org>
|
|
||||||
selinux-virt-2.20140311-r6.ebuild:
|
|
||||||
Stabilize rev 6
|
|
||||||
|
|
||||||
*selinux-virt-2.20140311-r7 (01 Nov 2014)
|
|
||||||
|
|
||||||
01 Nov 2014; Sven Vermeulen <swift@gentoo.org>
|
|
||||||
+selinux-virt-2.20140311-r7.ebuild:
|
|
||||||
Bump revision r7 of SELinux policies
|
|
||||||
|
|
||||||
01 Nov 2014; Sven Vermeulen <swift@gentoo.org> selinux-virt-9999.ebuild:
|
|
||||||
Add KEYWORDS logic in -9999 ebuilds for ease of copying
|
|
||||||
|
|
||||||
22 Aug 2014; Sven Vermeulen <swift@gentoo.org>
|
|
||||||
selinux-virt-2.20140311-r5.ebuild:
|
|
||||||
Stabilize r5 policies
|
|
||||||
|
|
||||||
*selinux-virt-2.20140311-r6 (21 Aug 2014)
|
|
||||||
|
|
||||||
21 Aug 2014; Sven Vermeulen <swift@gentoo.org>
|
|
||||||
+selinux-virt-2.20140311-r6.ebuild:
|
|
||||||
Release of 2.20140311-r6
|
|
||||||
|
|
||||||
*selinux-virt-2.20140311-r5 (09 Aug 2014)
|
|
||||||
|
|
||||||
09 Aug 2014; Sven Vermeulen <swift@gentoo.org>
|
|
||||||
+selinux-virt-2.20140311-r5.ebuild:
|
|
||||||
Bump towards r5 (fixes duplicate context for hiawatha)
|
|
||||||
|
|
||||||
08 Aug 2014; Sven Vermeulen <swift@gentoo.org> selinux-virt-9999.ebuild:
|
|
||||||
Make 9999 ebuilds EAPI=5 and transform to make master for version bumps
|
|
||||||
|
|
||||||
05 Aug 2014; Sven Vermeulen <swift@gentoo.org>
|
|
||||||
-selinux-virt-2.20130424-r1.ebuild, -selinux-virt-2.20130424-r2.ebuild,
|
|
||||||
-selinux-virt-2.20130424-r3.ebuild, -selinux-virt-2.20130424-r4.ebuild:
|
|
||||||
Remove obsolete ebuilds
|
|
||||||
|
|
||||||
*selinux-virt-2.20140311-r4 (01 Aug 2014)
|
|
||||||
|
|
||||||
01 Aug 2014; Sven Vermeulen <swift@gentoo.org>
|
|
||||||
+selinux-virt-2.20140311-r4.ebuild, selinux-virt-2.20140311-r3.ebuild:
|
|
||||||
Stabilization of r3, and make r4 available for testing
|
|
||||||
|
|
||||||
29 May 2014; Sven Vermeulen <swift@gentoo.org>
|
|
||||||
selinux-virt-2.20140311-r2.ebuild:
|
|
||||||
Stabilize 2.20140311-r2
|
|
||||||
|
|
||||||
*selinux-virt-2.20140311-r3 (29 May 2014)
|
|
||||||
|
|
||||||
29 May 2014; Sven Vermeulen <swift@gentoo.org>
|
|
||||||
+selinux-virt-2.20140311-r3.ebuild:
|
|
||||||
Bump to 2.20140311-r3
|
|
||||||
|
|
||||||
19 Apr 2014; Sven Vermeulen <swift@gentoo.org>
|
|
||||||
selinux-virt-2.20140311-r1.ebuild:
|
|
||||||
Stabilize r1 policies
|
|
||||||
|
|
||||||
*selinux-virt-2.20140311-r2 (19 Apr 2014)
|
|
||||||
|
|
||||||
19 Apr 2014; Sven Vermeulen <swift@gentoo.org>
|
|
||||||
+selinux-virt-2.20140311-r2.ebuild:
|
|
||||||
Release of 2.20140311-r2
|
|
||||||
|
|
||||||
24 Mar 2014; Sven Vermeulen <swift@gentoo.org>
|
|
||||||
-selinux-virt-2.20120725-r11.ebuild, -selinux-virt-2.20120725-r12.ebuild,
|
|
||||||
-selinux-virt-2.20120725-r5.ebuild, -selinux-virt-2.20120725-r7.ebuild,
|
|
||||||
-selinux-virt-2.20120725-r8.ebuild, -selinux-virt-2.20120725-r9.ebuild:
|
|
||||||
Remove older SELinux policy ebuilds
|
|
||||||
|
|
||||||
*selinux-virt-2.20140311-r1 (21 Mar 2014)
|
|
||||||
|
|
||||||
21 Mar 2014; Sven Vermeulen <swift@gentoo.org>
|
|
||||||
+selinux-virt-2.20140311-r1.ebuild:
|
|
||||||
New upstream refpolicy release
|
|
||||||
|
|
||||||
12 Jan 2014; Sven Vermeulen <swift@gentoo.org>
|
|
||||||
selinux-virt-2.20130424-r4.ebuild:
|
|
||||||
Stabilize 2.20130424-r4
|
|
||||||
|
|
||||||
*selinux-virt-2.20130424-r4 (11 Dec 2013)
|
|
||||||
|
|
||||||
11 Dec 2013; Sven Vermeulen <swift@gentoo.org>
|
|
||||||
+selinux-virt-2.20130424-r4.ebuild:
|
|
||||||
Release of 2.20130424-r4
|
|
||||||
|
|
||||||
*selinux-virt-2.20130424-r3 (26 Sep 2013)
|
|
||||||
|
|
||||||
26 Sep 2013; Sven Vermeulen <swift@gentoo.org>
|
|
||||||
+selinux-virt-2.20130424-r3.ebuild:
|
|
||||||
Release 2.20130424-r3, fixing bugs #480628, #482196, #475432, #485304, #480870
|
|
||||||
and #428322
|
|
||||||
|
|
||||||
15 Aug 2013; Sven Vermeulen <swift@gentoo.org>
|
|
||||||
selinux-virt-2.20130424-r2.ebuild:
|
|
||||||
Stabilize r2 of policies
|
|
||||||
|
|
||||||
*selinux-virt-2.20130424-r2 (20 Jul 2013)
|
|
||||||
|
|
||||||
20 Jul 2013; Sven Vermeulen <swift@gentoo.org>
|
|
||||||
+selinux-virt-2.20130424-r2.ebuild:
|
|
||||||
Pushing out rev 2
|
|
||||||
|
|
||||||
16 Jun 2013; Sven Vermeulen <swift@gentoo.org>
|
|
||||||
selinux-virt-2.20130424-r1.ebuild:
|
|
||||||
Stabilize 20130424 policies
|
|
||||||
|
|
||||||
*selinux-virt-2.20130424-r1 (06 May 2013)
|
|
||||||
|
|
||||||
06 May 2013; Sven Vermeulen <swift@gentoo.org>
|
|
||||||
+selinux-virt-2.20130424-r1.ebuild:
|
|
||||||
Adding 20130424 release
|
|
||||||
|
|
||||||
29 Mar 2013; Sven Vermeulen <swift@gentoo.org>
|
|
||||||
selinux-virt-2.20120725-r12.ebuild:
|
|
||||||
Stabilize r12, fixes 455080, 453724, 461880, 453722, 452166, 458876, 457618,
|
|
||||||
456910, 456194, 453990 and 460152
|
|
||||||
|
|
||||||
*selinux-virt-2.20120725-r12 (09 Mar 2013)
|
|
||||||
|
|
||||||
09 Mar 2013; Sven Vermeulen <swift@gentoo.org>
|
|
||||||
+selinux-virt-2.20120725-r12.ebuild:
|
|
||||||
Pushing out rev 12
|
|
||||||
|
|
||||||
23 Feb 2013; Sven Vermeulen <swift@gentoo.org>
|
|
||||||
selinux-virt-2.20120725-r11.ebuild:
|
|
||||||
Stabilization
|
|
||||||
|
|
||||||
*selinux-virt-2.20120725-r11 (26 Jan 2013)
|
|
||||||
|
|
||||||
26 Jan 2013; Sven Vermeulen <swift@gentoo.org>
|
|
||||||
+selinux-virt-2.20120725-r11.ebuild:
|
|
||||||
Bumping selinux-virt to revision 11
|
|
||||||
|
|
||||||
13 Jan 2013; Sven Vermeulen <swift@gentoo.org>
|
|
||||||
selinux-virt-2.20120725-r9.ebuild:
|
|
||||||
Stabilizing r9
|
|
||||||
|
|
||||||
*selinux-virt-2.20120725-r9 (21 Dec 2012)
|
|
||||||
|
|
||||||
21 Dec 2012; Sven Vermeulen <swift@gentoo.org> +selinux-virt-2.20120725-r9.ebuild:
|
|
||||||
Bumping to revision 9
|
|
||||||
|
|
||||||
17 Dec 2012; Sven Vermeulen <swift@gentoo.org> -selinux-virt-2.20120215-r1.ebuild,
|
|
||||||
-selinux-virt-2.20120215-r14.ebuild, -selinux-virt-2.20120215-r15.ebuild,
|
|
||||||
-selinux-virt-2.20120215.ebuild:
|
|
||||||
Removing older ebuilds
|
|
||||||
|
|
||||||
13 Dec 2012; Sven Vermeulen <swift@gentoo.org> selinux-virt-2.20120725-r8.ebuild:
|
|
||||||
Stabilization
|
|
||||||
|
|
||||||
*selinux-virt-2.20120725-r8 (03 Dec 2012)
|
|
||||||
|
|
||||||
03 Dec 2012; Sven Vermeulen +files/fix-qemu-is-optional-r8.patch,
|
|
||||||
+selinux-virt-2.20120725-r8.ebuild:
|
|
||||||
Bumping to revision 8
|
|
||||||
|
|
||||||
*selinux-virt-2.20120725-r7 (18 Nov 2012)
|
|
||||||
|
|
||||||
18 Nov 2012; Sven Vermeulen <swift@gentoo.org> +selinux-virt-2.20120725-r7.ebuild:
|
|
||||||
Pushing out rev 7
|
|
||||||
|
|
||||||
*selinux-virt-9999 (13 Oct 2012)
|
|
||||||
|
|
||||||
13 Oct 2012; Sven Vermeulen <swift@gentoo.org> +selinux-virt-9999.ebuild:
|
|
||||||
Adding live ebuild
|
|
||||||
|
|
||||||
04 Oct 2012; Sven Vermeulen <swift@gentoo.org> selinux-virt-2.20120725-r5.ebuild:
|
|
||||||
Stabilization
|
|
||||||
|
|
||||||
*selinux-virt-2.20120725-r5 (21 Sep 2012)
|
|
||||||
|
|
||||||
21 Sep 2012; Sven Vermeulen <swift@gentoo.org> +selinux-virt-2.20120725-r5.ebuild:
|
|
||||||
Introducing policy for 2.20120725, rev5
|
|
||||||
|
|
||||||
30 Jul 2012; Sven Vermeulen <swift@gentoo.org> selinux-virt-2.20120215-r14.ebuild:
|
|
||||||
Stabilization of revision 14 of the SELinux policy modules
|
|
||||||
|
|
||||||
*selinux-virt-2.20120215-r15 (26 Jul 2012)
|
|
||||||
|
|
||||||
26 Jul 2012; Sven Vermeulen <swift@gentoo.org> +selinux-virt-2.20120215-r15.ebuild:
|
|
||||||
Bump to rev15
|
|
||||||
|
|
||||||
*selinux-virt-2.20120215-r14 (16 Jul 2012)
|
|
||||||
|
|
||||||
16 Jul 2012; Sven Vermeulen <swift@gentoo.org> +selinux-virt-2.20120215-r14.ebuild:
|
|
||||||
Bumping to rev14
|
|
||||||
|
|
||||||
*selinux-virt-2.20120215-r1 (27 Jun 2012)
|
|
||||||
|
|
||||||
27 Jun 2012; Sven Vermeulen <swift@gentoo.org> +selinux-virt-2.20120215-r1.ebuild:
|
|
||||||
Bump to revision 13
|
|
||||||
|
|
||||||
13 May 2012; Sven Vermeulen <swift@gentoo.org> -selinux-virt-2.20110726.ebuild,
|
|
||||||
-selinux-virt-2.20110726-r1.ebuild:
|
|
||||||
Removing deprecated ebuilds (cleanup)
|
|
||||||
|
|
||||||
29 Apr 2012; Sven Vermeulen <swift@gentoo.org> selinux-virt-2.20120215.ebuild:
|
|
||||||
Stabilizing revision 7
|
|
||||||
|
|
||||||
*selinux-virt-2.20120215 (31 Mar 2012)
|
|
||||||
|
|
||||||
31 Mar 2012; Sven Vermeulen <swift@gentoo.org> +selinux-virt-2.20120215.ebuild:
|
|
||||||
Bumping to 2.20120215 policies
|
|
||||||
|
|
||||||
23 Feb 2012; Sven Vermeulen <swift@gentoo.org> selinux-virt-2.20110726-r1.ebuild:
|
|
||||||
Stabilizing
|
|
||||||
|
|
||||||
*selinux-virt-2.20110726-r1 (14 Jan 2012)
|
|
||||||
|
|
||||||
14 Jan 2012; Sven Vermeulen <swift@gentoo.org> +selinux-virt-2.20110726-r1.ebuild:
|
|
||||||
Fix bug #330767 to support libvirt better in gentoo
|
|
||||||
|
|
||||||
12 Nov 2011; Sven Vermeulen <swift@gentoo.org> -selinux-virt-2.20101213.ebuild:
|
|
||||||
Removing old policies
|
|
||||||
|
|
||||||
23 Oct 2011; Sven Vermeulen <swift@gentoo.org> selinux-virt-2.20110726.ebuild:
|
|
||||||
Stabilization (tracker #384231)
|
|
||||||
|
|
||||||
*selinux-virt-2.20110726 (28 Aug 2011)
|
|
||||||
|
|
||||||
28 Aug 2011; Sven Vermeulen <swift@gentoo.org> +selinux-virt-2.20110726.ebuild:
|
|
||||||
Updating policy builds to refpolicy 20110726
|
|
||||||
|
|
||||||
02 Jun 2011; Anthony G. Basile <blueness@gentoo.org>
|
|
||||||
selinux-virt-2.20101213.ebuild:
|
|
||||||
Stable amd64 x86
|
|
||||||
|
|
||||||
06 Feb 2011; Anthony G. Basile <blueness@gentoo.org>
|
|
||||||
selinux-virt-2.20101213.ebuild:
|
|
||||||
Fixed unquoted variable.
|
|
||||||
|
|
||||||
05 Feb 2011; Anthony G. Basile <blueness@gentoo.org> ChangeLog:
|
|
||||||
Initial commit to portage.
|
|
||||||
|
|
||||||
01 Jan 2011; Chris Richards <gizmo@www.giz-works.com>
|
|
||||||
+selinux-virt-2.20101213.ebuild, +metadata.xml:
|
|
||||||
New upstream release
|
|
||||||
|
|
||||||
*selinux-virt-2.20101213 (01 Jan 2011)
|
|
||||||
|
|
||||||
01 Jan 2011; Chris Richards <gizmo@www.giz-works.com>
|
|
||||||
+selinux-virt-2.20101213.ebuild, +metadata.xml:
|
|
||||||
Initial commit
|
|
||||||
@ -1,2 +1,4 @@
|
|||||||
DIST patchbundle-selinux-base-policy-2.20141203-r9.tar.bz2 299602 SHA256 e8518004942a6c57170a609683e22b1410c93a2a195829c41dc8fbc703d941b5 SHA512 ce6484fbca1d2d074e50d1a3953392bd3ce0a4617df98fbac37747b469b4f160a9331586dfe1c3ddccb1ccbee24876a2f05ab49e37c8492a48baf83c2d01d140 WHIRLPOOL 1fd7b956e98e95a64c3a713a944d4531259bd156a7feabf6a89c4b5f33ac846377730eede97889e85183be086f282ebd18e860214f6ca3f01b40f2323470ee04
|
DIST patchbundle-selinux-base-policy-2.20200818-r2.tar.bz2 433623 BLAKE2B f0655c45c50347faf1217e5861298dce822e4b726c0b4489d4c70c4815842f7c17ac1b0a302ae5482a3ad25d1d5b6c4c3b6395194e79005f31560d103ad0fce6 SHA512 9fd22683ecd602a429b2d489f7b8c2936409fa060046255b72a4b95c9fdefa2455ba7655945278dc972c22f3ade6617898ed169e22001aaaaded4b47ca51b0c3
|
||||||
DIST refpolicy-2.20141203.tar.bz2 680243 SHA256 f438209c430d8a2d4ddcbe4bdd3edb46f6af7dc4913637af0b73c635e40c1522 SHA512 682e4280c5799e4c12ec7594afc1389f67be35055748d2e0dbdc3419159a16c96d4946ca6178daee8370515951f8653b2e452efe8c962b8d7f9bc192f0b15a0c WHIRLPOOL 74bca232534e7af9051bb1ab9f77c1ff6c425781cf4561f781d6e9a40cc5ca0d9add540249ea5493e8782a9372aea296ead6c165c6c440ae1509eb319d151ee5
|
DIST patchbundle-selinux-base-policy-2.20210203-r1.tar.bz2 298116 BLAKE2B 50c5523a8b758652af6aa59d548e9499b899898b58f52f74f1667a0c552f2b2d0ed5a44352e59245c7f0ebd199e2391400168d6ab27b4160d726fccded0c56f2 SHA512 ddb877ec3e2883f57e54e7380dd449d4d89a0769a1fb87141786e5de741ac21b2ead60362fd17c25888eb1334c68f71da561f4f29f406f0d4b5d13d378f6baff
|
||||||
|
DIST refpolicy-2.20200818.tar.bz2 570896 BLAKE2B 502c00fec39e1b81e42de3f7f942623f8b3fbdeac19f9f01126722a368b7d4f70427d6e4a574754c4f2fa551e4bc75c912dbc515c004f0dcd5eb28ab416498f6 SHA512 e4b527bb7a87b9359fc42eb111d5008103f57c37128998ea0e21ec7b0b8607ffe3f67697450e4c51a0db172ece69083335b279bacef4b1bd0b7748b58caa99a7
|
||||||
|
DIST refpolicy-2.20210203.tar.bz2 564099 BLAKE2B a94a11ebb78890ba2c98714be2fe9054fdb8ccaf5154f47b881a9575a4a6865e8df475805550d7bba8039b4230c6a0c9f5c6130bf8c35a26bc7c473d550fb40d SHA512 a6ffe718626dd6121023b4cbc424c933d44ca8b662bd708baad307cf6284be0d80fef40cdc8b37f6f17ecb3636fd8d6c1d5d4072c17d835b7f500e17a3acd9fc
|
||||||
|
|||||||
@ -1,15 +0,0 @@
|
|||||||
--- contrib/virt.te 2012-11-25 21:35:09.181247450 +0100
|
|
||||||
+++ contrib/virt.te 2012-11-25 21:34:09.223216815 +0100
|
|
||||||
@@ -281,7 +281,11 @@
|
|
||||||
userdom_search_user_home_dirs(virt_domain)
|
|
||||||
userdom_read_all_users_state(virt_domain)
|
|
||||||
|
|
||||||
-qemu_exec(virt_domain)
|
|
||||||
+ifdef(`distro_gentoo',`
|
|
||||||
+ optional_policy(`
|
|
||||||
+ qemu_exec(virt_domain)
|
|
||||||
+ ')
|
|
||||||
+')
|
|
||||||
|
|
||||||
tunable_policy(`virt_use_execmem',`
|
|
||||||
allow virt_domain self:process { execmem execstack };
|
|
||||||
@ -1,36 +0,0 @@
|
|||||||
diff -u contrib.orig/virt.te contrib/virt.te
|
|
||||||
--- modules/contrib.orig/virt.te 2016-02-20 13:18:44.670955920 -0800
|
|
||||||
+++ modules/contrib/virt.te 2016-02-20 13:22:24.186318856 -0800
|
|
||||||
@@ -1299,3 +1299,32 @@
|
|
||||||
|
|
||||||
virt_append_log(virtlockd_t)
|
|
||||||
virt_read_config(virtlockd_t)
|
|
||||||
+
|
|
||||||
+require {
|
|
||||||
+ type kernel_t;
|
|
||||||
+ type tmpfs_t;
|
|
||||||
+ type var_lib_t;
|
|
||||||
+}
|
|
||||||
+allow kernel_t svirt_lxc_net_t:process transition;
|
|
||||||
+fs_manage_tmpfs_chr_files(svirt_lxc_net_t)
|
|
||||||
+fs_manage_tmpfs_dirs(svirt_lxc_net_t)
|
|
||||||
+fs_manage_tmpfs_files(svirt_lxc_net_t)
|
|
||||||
+fs_manage_tmpfs_sockets(svirt_lxc_net_t)
|
|
||||||
+fs_manage_tmpfs_symlinks(svirt_lxc_net_t)
|
|
||||||
+fs_remount_tmpfs(svirt_lxc_net_t)
|
|
||||||
+kernel_read_messages(svirt_lxc_net_t)
|
|
||||||
+kernel_sigchld(svirt_lxc_net_t)
|
|
||||||
+kernel_use_fds(svirt_lxc_net_t)
|
|
||||||
+allow svirt_lxc_net_t self:process getcap;
|
|
||||||
+files_read_var_lib_files(svirt_lxc_net_t)
|
|
||||||
+files_read_var_lib_symlinks(svirt_lxc_net_t)
|
|
||||||
+term_use_generic_ptys(svirt_lxc_net_t)
|
|
||||||
+term_setattr_generic_ptys(svirt_lxc_net_t)
|
|
||||||
+allow svirt_lxc_net_t tmpfs_t:chr_file { read write open };
|
|
||||||
+allow svirt_lxc_net_t svirt_lxc_file_t:chr_file { manage_file_perms };
|
|
||||||
+allow svirt_lxc_net_t self:capability sys_chroot;
|
|
||||||
+allow svirt_lxc_net_t self:process getpgid;
|
|
||||||
+allow svirt_lxc_net_t svirt_lxc_file_t:file { entrypoint mounton };
|
|
||||||
+allow svirt_lxc_net_t var_lib_t:file { entrypoint execute execute_no_trans };
|
|
||||||
+allow svirt_lxc_net_t kernel_t:fifo_file { getattr ioctl read write open append };
|
|
||||||
+
|
|
||||||
@ -1,6 +1,8 @@
|
|||||||
<?xml version="1.0" encoding="UTF-8"?>
|
<?xml version="1.0" encoding="UTF-8"?>
|
||||||
<!DOCTYPE pkgmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd">
|
<!DOCTYPE pkgmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd">
|
||||||
<pkgmetadata>
|
<pkgmetadata>
|
||||||
<herd>selinux</herd>
|
<maintainer type="project">
|
||||||
<longdescription>Gentoo SELinux policy for virt</longdescription>
|
<email>selinux@gentoo.org</email>
|
||||||
|
<name>SELinux Team</name>
|
||||||
|
</maintainer>
|
||||||
</pkgmetadata>
|
</pkgmetadata>
|
||||||
|
|||||||
@ -1,19 +0,0 @@
|
|||||||
# Copyright 1999-2015 Gentoo Foundation
|
|
||||||
# Distributed under the terms of the GNU General Public License v2
|
|
||||||
# $Header: /var/cvsroot/gentoo-x86/sec-policy/selinux-virt/selinux-virt-2.20141203-r5.ebuild,v 1.2 2015/06/05 16:10:23 perfinion Exp $
|
|
||||||
EAPI="5"
|
|
||||||
|
|
||||||
IUSE=""
|
|
||||||
MODS="virt"
|
|
||||||
|
|
||||||
inherit selinux-policy-2
|
|
||||||
|
|
||||||
DESCRIPTION="SELinux policy for virt"
|
|
||||||
|
|
||||||
POLICY_PATCH="${FILESDIR}/virt.diff"
|
|
||||||
|
|
||||||
if [[ $PV == 9999* ]] ; then
|
|
||||||
KEYWORDS=""
|
|
||||||
else
|
|
||||||
KEYWORDS="amd64 x86"
|
|
||||||
fi
|
|
||||||
@ -0,0 +1,15 @@
|
|||||||
|
# Copyright 1999-2020 Gentoo Authors
|
||||||
|
# Distributed under the terms of the GNU General Public License v2
|
||||||
|
|
||||||
|
EAPI="7"
|
||||||
|
|
||||||
|
IUSE=""
|
||||||
|
MODS="virt"
|
||||||
|
|
||||||
|
inherit selinux-policy-2
|
||||||
|
|
||||||
|
DESCRIPTION="SELinux policy for virt"
|
||||||
|
|
||||||
|
if [[ ${PV} != 9999* ]] ; then
|
||||||
|
KEYWORDS="amd64 -arm ~arm64 ~mips x86"
|
||||||
|
fi
|
||||||
@ -0,0 +1,15 @@
|
|||||||
|
# Copyright 1999-2021 Gentoo Authors
|
||||||
|
# Distributed under the terms of the GNU General Public License v2
|
||||||
|
|
||||||
|
EAPI="7"
|
||||||
|
|
||||||
|
IUSE=""
|
||||||
|
MODS="virt"
|
||||||
|
|
||||||
|
inherit selinux-policy-2
|
||||||
|
|
||||||
|
DESCRIPTION="SELinux policy for virt"
|
||||||
|
|
||||||
|
if [[ ${PV} != 9999* ]] ; then
|
||||||
|
KEYWORDS="~amd64 -arm ~arm64 ~mips ~x86"
|
||||||
|
fi
|
||||||
@ -1,7 +1,7 @@
|
|||||||
# Copyright 1999-2015 Gentoo Foundation
|
# Copyright 1999-2020 Gentoo Authors
|
||||||
# Distributed under the terms of the GNU General Public License v2
|
# Distributed under the terms of the GNU General Public License v2
|
||||||
# $Header: /var/cvsroot/gentoo-x86/sec-policy/selinux-virt/selinux-virt-9999.ebuild,v 1.4 2015/03/22 13:47:21 swift Exp $
|
|
||||||
EAPI="5"
|
EAPI="7"
|
||||||
|
|
||||||
IUSE=""
|
IUSE=""
|
||||||
MODS="virt"
|
MODS="virt"
|
||||||
@ -10,8 +10,6 @@ inherit selinux-policy-2
|
|||||||
|
|
||||||
DESCRIPTION="SELinux policy for virt"
|
DESCRIPTION="SELinux policy for virt"
|
||||||
|
|
||||||
if [[ $PV == 9999* ]] ; then
|
if [[ ${PV} != 9999* ]] ; then
|
||||||
KEYWORDS=""
|
KEYWORDS="~amd64 -arm ~arm64 ~mips ~x86"
|
||||||
else
|
|
||||||
KEYWORDS="~amd64 ~x86"
|
|
||||||
fi
|
fi
|
||||||
|
|||||||
Loading…
x
Reference in New Issue
Block a user