diff options
Diffstat (limited to 'recipes-security/refpolicy/refpolicy-git/0022-policy-module-terminals-add-rules-for-bsdpty_device_.patch')
-rw-r--r-- | recipes-security/refpolicy/refpolicy-git/0022-policy-module-terminals-add-rules-for-bsdpty_device_.patch | 123 |
1 files changed, 0 insertions, 123 deletions
diff --git a/recipes-security/refpolicy/refpolicy-git/0022-policy-module-terminals-add-rules-for-bsdpty_device_.patch b/recipes-security/refpolicy/refpolicy-git/0022-policy-module-terminals-add-rules-for-bsdpty_device_.patch deleted file mode 100644 index 68235b1..0000000 --- a/recipes-security/refpolicy/refpolicy-git/0022-policy-module-terminals-add-rules-for-bsdpty_device_.patch +++ /dev/null @@ -1,123 +0,0 @@ -From 938ae00d2358d6ebad8173fce274ebb70d95cf72 Mon Sep 17 00:00:00 2001 -From: Xin Ouyang <Xin.Ouyang@windriver.com> -Date: Thu, 22 Aug 2013 13:37:23 +0800 -Subject: [PATCH 22/34] policy/module/terminals: add rules for bsdpty_device_t - to complete pty devices. - -Upstream-Status: Pending - -Signed-off-by: Xin Ouyang <Xin.Ouyang@windriver.com> -Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com> ---- - policy/modules/kernel/terminal.if | 16 ++++++++++++++++ - 1 file changed, 16 insertions(+) - -diff --git a/policy/modules/kernel/terminal.if b/policy/modules/kernel/terminal.if -index 61308843..a84787e6 100644 ---- a/policy/modules/kernel/terminal.if -+++ b/policy/modules/kernel/terminal.if -@@ -623,9 +623,11 @@ interface(`term_getattr_generic_ptys',` - interface(`term_dontaudit_getattr_generic_ptys',` - gen_require(` - type devpts_t; -+ type bsdpty_device_t; - ') - - dontaudit $1 devpts_t:chr_file getattr; -+ dontaudit $1 bsdpty_device_t:chr_file getattr; - ') - ######################################## - ## <summary> -@@ -641,11 +643,13 @@ interface(`term_dontaudit_getattr_generic_ptys',` - interface(`term_ioctl_generic_ptys',` - gen_require(` - type devpts_t; -+ type bsdpty_device_t; - ') - - dev_list_all_dev_nodes($1) - allow $1 devpts_t:dir search; - allow $1 devpts_t:chr_file ioctl; -+ allow $1 bsdpty_device_t:chr_file ioctl; - ') - - ######################################## -@@ -663,9 +667,11 @@ interface(`term_ioctl_generic_ptys',` - interface(`term_setattr_generic_ptys',` - gen_require(` - type devpts_t; -+ type bsdpty_device_t; - ') - - allow $1 devpts_t:chr_file setattr; -+ allow $1 bsdpty_device_t:chr_file setattr; - ') - - ######################################## -@@ -683,9 +689,11 @@ interface(`term_setattr_generic_ptys',` - interface(`term_dontaudit_setattr_generic_ptys',` - gen_require(` - type devpts_t; -+ type bsdpty_device_t; - ') - - dontaudit $1 devpts_t:chr_file setattr; -+ dontaudit $1 bsdpty_device_t:chr_file setattr; - ') - - ######################################## -@@ -703,11 +711,13 @@ interface(`term_dontaudit_setattr_generic_ptys',` - interface(`term_use_generic_ptys',` - gen_require(` - type devpts_t; -+ type bsdpty_device_t; - ') - - dev_list_all_dev_nodes($1) - allow $1 devpts_t:dir list_dir_perms; - allow $1 devpts_t:chr_file { rw_term_perms lock append }; -+ allow $1 bsdpty_device_t:chr_file { rw_term_perms lock append }; - ') - - ######################################## -@@ -725,9 +735,11 @@ interface(`term_use_generic_ptys',` - interface(`term_dontaudit_use_generic_ptys',` - gen_require(` - type devpts_t; -+ type bsdpty_device_t; - ') - - dontaudit $1 devpts_t:chr_file { getattr read write ioctl }; -+ dontaudit $1 bsdpty_device_t:chr_file { getattr read write ioctl }; - ') - - ####################################### -@@ -743,10 +755,12 @@ interface(`term_dontaudit_use_generic_ptys',` - interface(`term_setattr_controlling_term',` - gen_require(` - type devtty_t; -+ type bsdpty_device_t; - ') - - dev_list_all_dev_nodes($1) - allow $1 devtty_t:chr_file setattr; -+ allow $1 bsdpty_device_t:chr_file setattr; - ') - - ######################################## -@@ -763,10 +777,12 @@ interface(`term_setattr_controlling_term',` - interface(`term_use_controlling_term',` - gen_require(` - type devtty_t; -+ type bsdpty_device_t; - ') - - dev_list_all_dev_nodes($1) - allow $1 devtty_t:chr_file { rw_term_perms lock append }; -+ allow $1 bsdpty_device_t:chr_file { rw_term_perms lock append }; - ') - - ####################################### --- -2.19.1 - |