From b6d90ce040b05f88781cd6cbb32775aa71603730 Mon Sep 17 00:00:00 2001 From: "Anthony G. Basile" Date: Mon, 25 Jul 2011 22:58:54 +0000 Subject: Initial commit to tree (Portage version: 2.1.10.3/cvs/Linux x86_64) --- sec-policy/selinux-haveged/ChangeLog | 21 +++++++++++ .../files/fix-services-haveged-r1.patch | 42 ++++++++++++++++++++++ sec-policy/selinux-haveged/metadata.xml | 6 ++++ .../selinux-haveged-2.20101213-r1.ebuild | 18 ++++++++++ .../selinux-haveged-2.20101213-r2.ebuild | 16 +++++++++ 5 files changed, 103 insertions(+) create mode 100644 sec-policy/selinux-haveged/ChangeLog create mode 100644 sec-policy/selinux-haveged/files/fix-services-haveged-r1.patch create mode 100644 sec-policy/selinux-haveged/metadata.xml create mode 100644 sec-policy/selinux-haveged/selinux-haveged-2.20101213-r1.ebuild create mode 100644 sec-policy/selinux-haveged/selinux-haveged-2.20101213-r2.ebuild (limited to 'sec-policy') diff --git a/sec-policy/selinux-haveged/ChangeLog b/sec-policy/selinux-haveged/ChangeLog new file mode 100644 index 000000000000..b2fa4128299a --- /dev/null +++ b/sec-policy/selinux-haveged/ChangeLog @@ -0,0 +1,21 @@ +# ChangeLog for sec-policy/selinux-haveged +# Copyright 1999-2011 Gentoo Foundation; Distributed under the GPL v2 +# $Header: /var/cvsroot/gentoo-x86/sec-policy/selinux-haveged/ChangeLog,v 1.1 2011/07/25 22:58:54 blueness Exp $ + +*selinux-haveged-2.20101213-r1 (25 Jul 2011) + + 25 Jul 2011; Anthony G. Basile + +files/fix-services-haveged-r1.patch, +selinux-haveged-2.20101213-r1.ebuild, + +selinux-haveged-2.20101213-r2.ebuild, +metadata.xml: + Initial commit to tree + +*selinux-haveged-2.20101213-r2 (21 Jul 2011) + + 21 Jul 2011; +selinux-haveged-2.20101213-r2.ebuild: + Do not use a haveged domain, but refer to audio-entropyd + + 17 Jul 2011; +files/fix-services-haveged-r1.patch, + +selinux-haveged-2.20101213-r1.ebuild, +metadata.xml: + Initial support for haveged + + diff --git a/sec-policy/selinux-haveged/files/fix-services-haveged-r1.patch b/sec-policy/selinux-haveged/files/fix-services-haveged-r1.patch new file mode 100644 index 000000000000..e67434ca735c --- /dev/null +++ b/sec-policy/selinux-haveged/files/fix-services-haveged-r1.patch @@ -0,0 +1,42 @@ +--- services/haveged.te 1970-01-01 01:00:00.000000000 +0100 ++++ services/haveged.te 2011-07-17 19:54:35.947000888 +0200 +@@ -0,0 +1,35 @@ ++policy_module(haveged, 1.0.0) ++ ++######################################## ++# ++# Declarations ++# ++ ++type haveged_t; ++type haveged_exec_t; ++init_daemon_domain(haveged_t, haveged_exec_t) ++ ++type haveged_var_run_t; ++files_pid_file(haveged_var_run_t) ++ ++######################################## ++# ++# haveged local policy ++# ++allow haveged_t self:capability sys_admin; ++allow haveged_t self:unix_dgram_socket create_socket_perms; ++allow haveged_t haveged_var_run_t:file manage_file_perms; ++ ++# pid file ++files_pid_filetrans(haveged_t, haveged_var_run_t, file) ++ ++## Kernel stuff ++kernel_rw_kernel_sysctl(haveged_t) ++dev_read_rand(haveged_t) ++dev_write_rand(haveged_t) ++ ++## System stuff ++miscfiles_read_localization(haveged_t) ++ ++## Other stuff ++logging_send_syslog_msg(haveged_t) +--- services/haveged.fc 1970-01-01 01:00:00.000000000 +0100 ++++ services/haveged.fc 2011-07-17 17:55:56.431000683 +0200 +@@ -0,0 +1 @@ ++/usr/sbin/haveged -- gen_context(system_u:object_r:haveged_exec_t,s0) diff --git a/sec-policy/selinux-haveged/metadata.xml b/sec-policy/selinux-haveged/metadata.xml new file mode 100644 index 000000000000..8334c93a0947 --- /dev/null +++ b/sec-policy/selinux-haveged/metadata.xml @@ -0,0 +1,6 @@ + + + + selinux + Gentoo SELinux policy for haveged + diff --git a/sec-policy/selinux-haveged/selinux-haveged-2.20101213-r1.ebuild b/sec-policy/selinux-haveged/selinux-haveged-2.20101213-r1.ebuild new file mode 100644 index 000000000000..01b7fdc2c32d --- /dev/null +++ b/sec-policy/selinux-haveged/selinux-haveged-2.20101213-r1.ebuild @@ -0,0 +1,18 @@ +# Copyright 1999-2011 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Header: /var/cvsroot/gentoo-x86/sec-policy/selinux-haveged/selinux-haveged-2.20101213-r1.ebuild,v 1.1 2011/07/25 22:58:54 blueness Exp $ + +IUSE="" + +MODS="haveged" + +inherit selinux-policy-2 + +DESCRIPTION="SELinux policy for general applications" + +DEPEND=">=sec-policy/selinux-base-policy-2.20101213-r19" +RDEPEND="${DEPEND}" + +KEYWORDS="~amd64 ~x86" + +POLICY_PATCH="${FILESDIR}/fix-services-haveged-r1.patch" diff --git a/sec-policy/selinux-haveged/selinux-haveged-2.20101213-r2.ebuild b/sec-policy/selinux-haveged/selinux-haveged-2.20101213-r2.ebuild new file mode 100644 index 000000000000..c55feefb5598 --- /dev/null +++ b/sec-policy/selinux-haveged/selinux-haveged-2.20101213-r2.ebuild @@ -0,0 +1,16 @@ +# Copyright 1999-2011 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Header: /var/cvsroot/gentoo-x86/sec-policy/selinux-haveged/selinux-haveged-2.20101213-r2.ebuild,v 1.1 2011/07/25 22:58:54 blueness Exp $ + +EAPI=3 + +DESCRIPTION="SELinux policy for haveged (meta-package for selinux-audio-entropyd)" +HOMEPAGE="http://hardened.gentoo.org/selinux" +SRC_URI="" + +LICENSE="as-is" +SLOT="0" +KEYWORDS="~amd64 ~x86" +IUSE="" + +RDEPEND=">=sec-policy/selinux-audio-entropyd-2.20101213-r1" -- cgit v1.2.3-65-gdbad