diff options
| author | Joe MacDonald <joe_macdonald@mentor.com> | 2017-05-04 14:23:12 -0400 |
|---|---|---|
| committer | Joe MacDonald <joe_macdonald@mentor.com> | 2017-05-04 14:23:12 -0400 |
| commit | 449804470ff7ed712c7ab4c6352fca3af0d4e244 (patch) | |
| tree | 1a8b557d6706dfe5aeb116d2b5cb8fc2749032aa /recipes-security/refpolicy/refpolicy-git/poky-fc-fix-real-path_shadow.patch | |
| parent | db1f0fe50d63a2253d602c41d0077e308fc78c51 (diff) | |
| download | meta-selinux-449804470ff7ed712c7ab4c6352fca3af0d4e244.tar.gz | |
refpolicy-git: clean up fallout from stable uprev
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
Diffstat (limited to 'recipes-security/refpolicy/refpolicy-git/poky-fc-fix-real-path_shadow.patch')
| -rw-r--r-- | recipes-security/refpolicy/refpolicy-git/poky-fc-fix-real-path_shadow.patch | 32 |
1 files changed, 24 insertions, 8 deletions
diff --git a/recipes-security/refpolicy/refpolicy-git/poky-fc-fix-real-path_shadow.patch b/recipes-security/refpolicy/refpolicy-git/poky-fc-fix-real-path_shadow.patch index a15a776..b441257 100644 --- a/recipes-security/refpolicy/refpolicy-git/poky-fc-fix-real-path_shadow.patch +++ b/recipes-security/refpolicy/refpolicy-git/poky-fc-fix-real-path_shadow.patch | |||
| @@ -10,7 +10,7 @@ Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com> | |||
| 10 | 10 | ||
| 11 | --- a/policy/modules/admin/usermanage.fc | 11 | --- a/policy/modules/admin/usermanage.fc |
| 12 | +++ b/policy/modules/admin/usermanage.fc | 12 | +++ b/policy/modules/admin/usermanage.fc |
| 13 | @@ -2,15 +2,21 @@ ifdef(`distro_debian',` | 13 | @@ -2,20 +2,24 @@ ifdef(`distro_debian',` |
| 14 | /etc/cron\.daily/cracklib-runtime -- gen_context(system_u:object_r:crack_exec_t,s0) | 14 | /etc/cron\.daily/cracklib-runtime -- gen_context(system_u:object_r:crack_exec_t,s0) |
| 15 | ') | 15 | ') |
| 16 | 16 | ||
| @@ -19,16 +19,32 @@ Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com> | |||
| 19 | +/usr/bin/chfn\.shadow -- gen_context(system_u:object_r:chfn_exec_t,s0) | 19 | +/usr/bin/chfn\.shadow -- gen_context(system_u:object_r:chfn_exec_t,s0) |
| 20 | /usr/bin/chsh -- gen_context(system_u:object_r:chfn_exec_t,s0) | 20 | /usr/bin/chsh -- gen_context(system_u:object_r:chfn_exec_t,s0) |
| 21 | +/usr/bin/chsh\.shadow -- gen_context(system_u:object_r:chfn_exec_t,s0) | 21 | +/usr/bin/chsh\.shadow -- gen_context(system_u:object_r:chfn_exec_t,s0) |
| 22 | /usr/bin/crack_[a-z]* -- gen_context(system_u:object_r:crack_exec_t,s0) | ||
| 23 | /usr/bin/cracklib-[a-z]* -- gen_context(system_u:object_r:crack_exec_t,s0) | ||
| 22 | /usr/bin/gpasswd -- gen_context(system_u:object_r:groupadd_exec_t,s0) | 24 | /usr/bin/gpasswd -- gen_context(system_u:object_r:groupadd_exec_t,s0) |
| 25 | /usr/bin/groupadd -- gen_context(system_u:object_r:groupadd_exec_t,s0) | ||
| 26 | /usr/bin/groupdel -- gen_context(system_u:object_r:groupadd_exec_t,s0) | ||
| 27 | /usr/bin/groupmod -- gen_context(system_u:object_r:groupadd_exec_t,s0) | ||
| 28 | /usr/bin/grpconv -- gen_context(system_u:object_r:admin_passwd_exec_t,s0) | ||
| 29 | /usr/bin/grpunconv -- gen_context(system_u:object_r:admin_passwd_exec_t,s0) | ||
| 23 | /usr/bin/passwd -- gen_context(system_u:object_r:passwd_exec_t,s0) | 30 | /usr/bin/passwd -- gen_context(system_u:object_r:passwd_exec_t,s0) |
| 24 | +/usr/bin/passwd\.shadow -- gen_context(system_u:object_r:passwd_exec_t,s0) | 31 | +/usr/bin/passwd\.shadow -- gen_context(system_u:object_r:passwd_exec_t,s0) |
| 25 | +/usr/bin/passwd\.tinylogin -- gen_context(system_u:object_r:passwd_exec_t,s0) | 32 | +/usr/bin/passwd\.tinylogin -- gen_context(system_u:object_r:passwd_exec_t,s0) |
| 26 | /usr/bin/vigr -- gen_context(system_u:object_r:admin_passwd_exec_t,s0) | 33 | /usr/bin/pwconv -- gen_context(system_u:object_r:admin_passwd_exec_t,s0) |
| 27 | +/sbin/vigr\.shadow -- gen_context(system_u:object_r:admin_passwd_exec_t,s0) | 34 | /usr/bin/pwunconv -- gen_context(system_u:object_r:admin_passwd_exec_t,s0) |
| 28 | /usr/bin/vipw -- gen_context(system_u:object_r:admin_passwd_exec_t,s0) | 35 | /usr/bin/useradd -- gen_context(system_u:object_r:useradd_exec_t,s0) |
| 29 | +/sbin/vipw\.shadow -- gen_context(system_u:object_r:admin_passwd_exec_t,s0) | 36 | /usr/bin/userdel -- gen_context(system_u:object_r:useradd_exec_t,s0) |
| 37 | /usr/bin/usermod -- gen_context(system_u:object_r:useradd_exec_t,s0) | ||
| 38 | @@ -36,10 +40,12 @@ ifdef(`distro_debian',` | ||
| 39 | /usr/sbin/pwunconv -- gen_context(system_u:object_r:admin_passwd_exec_t,s0) | ||
| 40 | /usr/sbin/useradd -- gen_context(system_u:object_r:useradd_exec_t,s0) | ||
| 41 | /usr/sbin/userdel -- gen_context(system_u:object_r:useradd_exec_t,s0) | ||
| 42 | /usr/sbin/usermod -- gen_context(system_u:object_r:useradd_exec_t,s0) | ||
| 43 | /usr/sbin/vigr -- gen_context(system_u:object_r:admin_passwd_exec_t,s0) | ||
| 44 | +/usr/sbin/vigr\.shadow -- gen_context(system_u:object_r:admin_passwd_exec_t,s0) | ||
| 45 | /usr/sbin/vipw -- gen_context(system_u:object_r:admin_passwd_exec_t,s0) | ||
| 46 | +/usr/sbin/vipw\.shadow -- gen_context(system_u:object_r:admin_passwd_exec_t,s0) | ||
| 30 | 47 | ||
| 31 | /usr/lib/cracklib_dict.* -- gen_context(system_u:object_r:crack_db_t,s0) | 48 | /usr/share/cracklib(/.*)? gen_context(system_u:object_r:crack_db_t,s0) |
| 32 | 49 | ||
| 33 | /usr/sbin/crack_[a-z]* -- gen_context(system_u:object_r:crack_exec_t,s0) | 50 | /var/cache/cracklib(/.*)? gen_context(system_u:object_r:crack_db_t,s0) |
| 34 | /usr/sbin/cracklib-[a-z]* -- gen_context(system_u:object_r:crack_exec_t,s0) | ||