summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorAnthony G. Basile <blueness@gentoo.org>2011-03-07 02:46:52 +0000
committerAnthony G. Basile <blueness@gentoo.org>2011-03-07 02:46:52 +0000
commitde3de92583112020932def04badb7ac225363d87 (patch)
tree8b5887a4821643bc56e0a812ee7b55b762674b99 /sec-policy
parentx86 abi on 64bit host is "lib32" not "lib" (diff)
downloadhistorical-de3de92583112020932def04badb7ac225363d87.tar.gz
historical-de3de92583112020932def04badb7ac225363d87.tar.bz2
historical-de3de92583112020932def04badb7ac225363d87.zip
Allow mutt / gpg interaction
Package-Manager: portage-2.1.9.25/cvs/Linux x86_64
Diffstat (limited to 'sec-policy')
-rw-r--r--sec-policy/selinux-mutt/ChangeLog8
-rw-r--r--sec-policy/selinux-mutt/files/add-apps-mutt-r2.patch87
-rw-r--r--sec-policy/selinux-mutt/selinux-mutt-2.20101213-r2.ebuild15
-rw-r--r--sec-policy/selinux-postfix/Manifest4
4 files changed, 112 insertions, 2 deletions
diff --git a/sec-policy/selinux-mutt/ChangeLog b/sec-policy/selinux-mutt/ChangeLog
index 8331d17dc539..d8cd79f5609b 100644
--- a/sec-policy/selinux-mutt/ChangeLog
+++ b/sec-policy/selinux-mutt/ChangeLog
@@ -1,6 +1,12 @@
# ChangeLog for sec-policy/selinux-mutt
# Copyright 1999-2011 Gentoo Foundation; Distributed under the GPL v2
-# $Header: /var/cvsroot/gentoo-x86/sec-policy/selinux-mutt/ChangeLog,v 1.1 2011/02/05 20:41:03 blueness Exp $
+# $Header: /var/cvsroot/gentoo-x86/sec-policy/selinux-mutt/ChangeLog,v 1.2 2011/03/07 02:46:52 blueness Exp $
+
+*selinux-mutt-2.20101213-r2 (07 Mar 2011)
+
+ 07 Mar 2011; Anthony G. Basile <blueness@gentoo.org>
+ +files/add-apps-mutt-r2.patch, +selinux-mutt-2.20101213-r2.ebuild:
+ Allow mutt / gpg interaction
05 Feb 2011; Anthony G. Basile <blueness@gentoo.org> ChangeLog:
Initial commit to portage.
diff --git a/sec-policy/selinux-mutt/files/add-apps-mutt-r2.patch b/sec-policy/selinux-mutt/files/add-apps-mutt-r2.patch
new file mode 100644
index 000000000000..aa5c2c089fe2
--- /dev/null
+++ b/sec-policy/selinux-mutt/files/add-apps-mutt-r2.patch
@@ -0,0 +1,87 @@
+--- apps/mutt.te 1970-01-01 01:00:00.000000000 +0100
++++ apps/mutt.te 2011-02-10 21:54:34.329999997 +0100
+@@ -0,0 +1,77 @@
++policy_module(mutt, 1.0.0)
++
++############################
++#
++# Declarations
++#
++
++type mutt_t;
++type mutt_exec_t;
++application_domain(mutt_t, mutt_exec_t)
++ubac_constrained(mutt_t)
++
++type mutt_home_t;
++typealias mutt_home_t alias { user_mutt_home_t staff_mutt_home_t sysadm_mutt_home_t };
++userdom_user_home_content(mutt_home_t)
++
++type mutt_conf_t;
++typealias mutt_conf_t alias { user_mutt_conf_t staff_mutt_conf_t sysadm_mutt_conf_t };
++userdom_user_home_content(mutt_conf_t)
++
++type mutt_sys_conf_t;
++files_type(mutt_sys_conf_t)
++
++type mutt_tmp_t;
++typealias mutt_tmp_t alias { user_mutt_tmp_t staff_mutt_tmp_t sysadm_mutt_tmp_t };
++files_tmp_file(mutt_tmp_t)
++ubac_constrained(mutt_tmp_t)
++
++############################
++#
++# Local Policy Rules
++#
++
++allow mutt_t self:process signal_perms;
++allow mutt_t self:fifo_file { getattr read write };
++
++
++manage_dirs_pattern(mutt_t, mutt_home_t, mutt_home_t)
++manage_files_pattern(mutt_t, mutt_home_t, mutt_home_t)
++userdom_user_home_dir_filetrans(mutt_t, mutt_home_t, dir)
++
++manage_dirs_pattern(mutt_t, mutt_tmp_t, mutt_tmp_t)
++manage_files_pattern(mutt_t, mutt_tmp_t, mutt_tmp_t)
++manage_fifo_files_pattern(mutt_t, mutt_tmp_t, mutt_tmp_t)
++files_tmp_filetrans(mutt_t, mutt_tmp_t, { file dir })
++files_search_tmp(mutt_t)
++
++read_files_pattern(mutt_t, mutt_sys_conf_t, mutt_sys_conf_t)
++read_files_pattern(mutt_t, mutt_conf_t, mutt_conf_t)
++search_dirs_pattern(mutt_t, mutt_sys_conf_t, mutt_sys_conf_t)
++
++
++corecmd_exec_bin(mutt_t)
++corecmd_exec_shell(mutt_t)
++corenet_tcp_connect_pop_port(mutt_t)
++corenet_tcp_connect_smtp_port(mutt_t)
++dev_read_rand(mutt_t)
++dev_read_urand(mutt_t)
++domain_use_interactive_fds(mutt_t)
++files_read_usr_files(mutt_t)
++
++
++auth_use_nsswitch(mutt_t)
++miscfiles_read_localization(mutt_t)
++userdom_manage_user_home_content_files(mutt_t)
++userdom_manage_user_home_content_dirs(mutt_t)
++userdom_search_user_home_content(mutt_t)
++userdom_use_user_terminals(mutt_t)
++
++
++optional_policy(`
++ gpg_domtrans(mutt_t)
++')
++
++tunable_policy(`gentoo_try_dontaudit',`
++ kernel_dontaudit_search_sysctl(mutt_t)
++')
+--- apps/mutt.fc 1970-01-01 01:00:00.000000000 +0100
++++ apps/mutt.fc 2011-01-16 13:56:03.314000081 +0100
+@@ -0,0 +1,4 @@
++/usr/bin/mutt -- gen_context(system_u:object_r:mutt_exec_t,s0)
++HOME_DIR/\.mutt(/.*)? gen_context(system_u:object_r:mutt_home_t,s0)
++HOME_DIR/\.muttrc -- gen_context(system_u:object_r:mutt_conf_t,s0)
++/etc/mutt(/.*)? gen_context(system_u:object_r:mutt_sys_conf_t,s0)
diff --git a/sec-policy/selinux-mutt/selinux-mutt-2.20101213-r2.ebuild b/sec-policy/selinux-mutt/selinux-mutt-2.20101213-r2.ebuild
new file mode 100644
index 000000000000..90e733239f5f
--- /dev/null
+++ b/sec-policy/selinux-mutt/selinux-mutt-2.20101213-r2.ebuild
@@ -0,0 +1,15 @@
+# Copyright 1999-2011 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Header: /var/cvsroot/gentoo-x86/sec-policy/selinux-mutt/selinux-mutt-2.20101213-r2.ebuild,v 1.1 2011/03/07 02:46:52 blueness Exp $
+
+IUSE=""
+
+MODS="mutt"
+
+inherit selinux-policy-2
+
+DESCRIPTION="SELinux policy for general applications"
+
+KEYWORDS="~amd64 ~x86"
+
+POLICY_PATCH="${FILESDIR}/add-apps-mutt-r2.patch"
diff --git a/sec-policy/selinux-postfix/Manifest b/sec-policy/selinux-postfix/Manifest
index a02d6e3da358..9f547bb718d5 100644
--- a/sec-policy/selinux-postfix/Manifest
+++ b/sec-policy/selinux-postfix/Manifest
@@ -1,10 +1,12 @@
+AUX fix-services-postfix-r1.patch 4146 RMD160 84d2f75dd8bae5ece03a29c90b8f3e12e6741b41 SHA1 76583050136ef3ffa70219a425c1d23fae527448 SHA256 2deac08168286051c3faedc801388e8de87ff5241b76294ea10a520209ff747d
DIST refpolicy-2.20090730.tar.bz2 489840 RMD160 d1d157a5ad243edd5d216504ed697f128420e8c1 SHA1 af479258b4e78b8bd7aa2a23dead49f4d61a552f SHA256 745077f6db86646458fe65df82eaa6ffc8491752e511d2a7397f4b46bd478f03
DIST refpolicy-2.20091215.tar.bz2 502893 RMD160 d4951a3d2025630734c4664dca0cc8297a354275 SHA1 3a64189cda00475d60b70ed0876b3e297ad463c6 SHA256 8c264680d130e7d0e0a49ee80d54a3fbdf083bc341c7f7516b5edef34e222ca5
DIST refpolicy-2.20101213.tar.bz2 559450 RMD160 4858f792f4db5b179de6fb8419a626c29d59bdd3 SHA1 0e881e99b8950a358eadc44633551ca10f12eaee SHA256 b691ee8f6066cc19bb0d4384fe3be277d97d22e9d4ac2db0c252065e8c3535de
DIST refpolicy-20080525.tar.bz2 336603 RMD160 c4e846a5506164f8c89994df4bbd05b396f60639 SHA1 7764f2f6c60a530abb461256335b70a288bb65f9 SHA256 122a12924ef7b1348d676214590a0ed92960fbde053ea5a666e5179e0fd66ab2
EBUILD selinux-postfix-2.20090730.ebuild 360 RMD160 f5c64dc404c84fdab8686c3eba0fda12ab8ff5b1 SHA1 35659a9619160e3ac5cf98e863d8ec269811faa3 SHA256 e5df37aec971499ecd38bff25c97d516b6f044b63784836857def19e245e6e90
EBUILD selinux-postfix-2.20091215.ebuild 360 RMD160 c7bc9aefea1e99dc152be0d11499328e5593349f SHA1 4c31b4192b486ec634ad41fd55e81453d9271702 SHA256 cb4fd40e948be42ed132ba0e0810a153e0a6c587dbb7f82ab3521a6e42fd544c
+EBUILD selinux-postfix-2.20101213-r1.ebuild 421 RMD160 a57c67182e195869f1d42104729e51ae7bace168 SHA1 b286dfe78f43abf4ea9ce6f39a95bc4770a8a76f SHA256 690320c2d2ef1052d29b1f94e376975d4087ba1c141a569ade47278d2c781f8d
EBUILD selinux-postfix-2.20101213.ebuild 360 RMD160 2447e4b784a33d27f7709abcf6ca9c6d7841da14 SHA1 3e2ec5ead94147e7d19e3ecfe1ae968c6bf4c784 SHA256 12032945a7fcb02e8ef7941cdef7f0badd8bfd18727d2adee01427e68f76fb43
EBUILD selinux-postfix-20080525.ebuild 356 RMD160 6f8631c30c1f9521d06bd60f48a6569a990adebf SHA1 1b5bb4f3e700beb99c5e6088008d636c4d061fac SHA256 c119bd8004bc8487e992014ef266a0de4eeb9bb1cca394cadf39b3913b043cfe
-MISC ChangeLog 4953 RMD160 657ad399c81803fabdab8a8704f8f9c74facd0f6 SHA1 bd9e06e364507243b73cd87e89f3500124014b73 SHA256 c442a5d6e5e3574eaa8bafc75c5cd799e3709218927f14ea488e0ace2ea13f7c
+MISC ChangeLog 5155 RMD160 304e98ba1778c85acbfe8afd1284f084d871d9fb SHA1 0d0ac55755c6fda5f0b074c05488ca1f32e26df3 SHA256 6e150489a5dd8d26066d3893d0b70d5da2bbaceadc0c16ca67dc721b5f1c8f97
MISC metadata.xml 231 RMD160 a74f4d0ea728b9b1293a4245404ac2f86343cde4 SHA1 e442d59cd349944548484d3274d6c0e00086056f SHA256 459b7eb495b910e93d0bc072cc141a3aed301b3142940b6371d4473254257475