Fix URL, update refpolicy patches and dependencies

* audit_2.7.6.bb : fix error [gzip: stdin: not in gzip format] and checksum * refpolicy-minimum_git.bb : fix [Failed to resolve typeattributeset statement], dependency for "fsadm" in init.pp * refpolicy-targeted_2.20170204.bb : added version dependent patches * patches : separate patches for release 2.20170204 version and 2.20170805+git version Signed-off-by: Sajjad Ahmed <sajjad_ahmed@mentor.com> Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
author: Sajjad Ahmed <sajjad_ahmed@mentor.com> 2018-01-09 16:10:12 +0500
committer: Joe MacDonald <joe_macdonald@mentor.com> 2018-01-19 13:06:46 -0500
commit: e8d39ffb15b4d78f8b95711bbb509f9afbd46c05 (patch)
tree: a8b1a70441cbf3da129c83cf68eb298726f4155c /recipes-security/refpolicy/refpolicy-git/poky-policy-add-rules-for-var-log-symlink-apache.patch
parent: d855c624f32c5e599bf27e06cb8f5b25b3aae12d (diff)
download: meta-selinux-e8d39ffb15b4d78f8b95711bbb509f9afbd46c05.tar.gz
1 files changed, 5 insertions, 24 deletions
diff --git a/recipes-security/refpolicy/refpolicy-git/poky-policy-add-rules-for-var-log-symlink-apache.patch b/recipes-security/refpolicy/refpolicy-git/poky-policy-add-rules-for-var-log-symlink-apache.patch
index fb912b5..5bd5b2e 100644
--- a/recipes-security/refpolicy/refpolicy-git/poky-policy-add-rules-for-var-log-symlink-apache.patch
+++ b/recipes-security/refpolicy/refpolicy-git/poky-policy-add-rules-for-var-log-symlink-apache.patch
@@ -1,31 +1,12 @@
-From ed2b0a00e2fb78056041b03c7e198e8f5adaf939 Mon Sep 17 00:00:00 2001
+diff --git a/policy/modules/contrib/apache.te b/policy/modules/contrib/apache.te
-From: Xin Ouyang <Xin.Ouyang@windriver.com>
+index fcf795f..529057c 100644
-Date: Thu, 22 Aug 2013 19:36:44 +0800
-Subject: [PATCH 3/6] add rules for the symlink of /var/log - apache2
-We have added rules for the symlink of /var/log in logging.if,
-while apache.te uses /var/log but does not use the interfaces in
-logging.if. So still need add a individual rule for apache.te.
-Upstream-Status: Inappropriate [only for Poky]
-Signed-off-by: Xin Ouyang <Xin.Ouyang@windriver.com>
-Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
---
- policy/modules/contrib/apache.te |    1 +
- 1 file changed, 1 insertion(+)
 --- a/policy/modules/contrib/apache.te
 +++ b/policy/modules/contrib/apache.te
-@@ -407,10 +407,11 @@ allow httpd_t httpd_lock_t:file manage_f
+@@ -412,6 +412,7 @@ create_files_pattern(httpd_t, httpd_log_t, httpd_log_t)
- files_lock_filetrans(httpd_t, httpd_lock_t, { file dir })
+ read_files_pattern(httpd_t, httpd_log_t, httpd_log_t)
- 
+ setattr_files_pattern(httpd_t, httpd_log_t, httpd_log_t)
- manage_dirs_pattern(httpd_t, httpd_log_t, httpd_log_t)
- manage_files_pattern(httpd_t, httpd_log_t, httpd_log_t)
 read_lnk_files_pattern(httpd_t, httpd_log_t, httpd_log_t)
 +read_lnk_files_pattern(httpd_t, var_log_t, var_log_t)
 logging_log_filetrans(httpd_t, httpd_log_t, file)
 
 allow httpd_t httpd_modules_t:dir list_dir_perms;
- mmap_files_pattern(httpd_t, httpd_modules_t, httpd_modules_t)
- read_files_pattern(httpd_t, httpd_modules_t, httpd_modules_t)
author	Sajjad Ahmed <sajjad_ahmed@mentor.com>	2018-01-09 16:10:12 +0500
committer	Joe MacDonald <joe_macdonald@mentor.com>	2018-01-19 13:06:46 -0500
commit	e8d39ffb15b4d78f8b95711bbb509f9afbd46c05 (patch)
tree	a8b1a70441cbf3da129c83cf68eb298726f4155c /recipes-security/refpolicy/refpolicy-git/poky-policy-add-rules-for-var-log-symlink-apache.patch
parent	d855c624f32c5e599bf27e06cb8f5b25b3aae12d (diff)
download	meta-selinux-e8d39ffb15b4d78f8b95711bbb509f9afbd46c05.tar.gz

diff --git a/recipes-security/refpolicy/refpolicy-git/poky-policy-add-rules-for-var-log-symlink-apache.patch b/recipes-security/refpolicy/refpolicy-git/poky-policy-add-rules-for-var-log-symlink-apache.patch index fb912b5..5bd5b2e 100644 --- a/recipes-security/refpolicy/refpolicy-git/poky-policy-add-rules-for-var-log-symlink-apache.patch +++ b/recipes-security/refpolicy/refpolicy-git/poky-policy-add-rules-for-var-log-symlink-apache.patch
@@ -1,31 +1,12 @@
1	From ed2b0a00e2fb78056041b03c7e198e8f5adaf939 Mon Sep 17 00:00:00 2001	1	diff --git a/policy/modules/contrib/apache.te b/policy/modules/contrib/apache.te
2	From: Xin Ouyang <Xin.Ouyang@windriver.com>	2	index fcf795f..529057c 100644
3	Date: Thu, 22 Aug 2013 19:36:44 +0800
4	Subject: [PATCH 3/6] add rules for the symlink of /var/log - apache2
5
6	We have added rules for the symlink of /var/log in logging.if,
7	while apache.te uses /var/log but does not use the interfaces in
8	logging.if. So still need add a individual rule for apache.te.
9
10	Upstream-Status: Inappropriate [only for Poky]
11
12	Signed-off-by: Xin Ouyang <Xin.Ouyang@windriver.com>
13	Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
14	---
15	policy/modules/contrib/apache.te \| 1 +
16	1 file changed, 1 insertion(+)
17
18	--- a/policy/modules/contrib/apache.te	3	--- a/policy/modules/contrib/apache.te
19	+++ b/policy/modules/contrib/apache.te	4	+++ b/policy/modules/contrib/apache.te
20	@@ -407,10 +407,11 @@ allow httpd_t httpd_lock_t:file manage_f	5	@@ -412,6 +412,7 @@ create_files_pattern(httpd_t, httpd_log_t, httpd_log_t)
21	files_lock_filetrans(httpd_t, httpd_lock_t, { file dir })	6	read_files_pattern(httpd_t, httpd_log_t, httpd_log_t)
22		7	setattr_files_pattern(httpd_t, httpd_log_t, httpd_log_t)
23	manage_dirs_pattern(httpd_t, httpd_log_t, httpd_log_t)
24	manage_files_pattern(httpd_t, httpd_log_t, httpd_log_t)
25	read_lnk_files_pattern(httpd_t, httpd_log_t, httpd_log_t)	8	read_lnk_files_pattern(httpd_t, httpd_log_t, httpd_log_t)
26	+read_lnk_files_pattern(httpd_t, var_log_t, var_log_t)	9	+read_lnk_files_pattern(httpd_t, var_log_t, var_log_t)
27	logging_log_filetrans(httpd_t, httpd_log_t, file)	10	logging_log_filetrans(httpd_t, httpd_log_t, file)
28		11
29	allow httpd_t httpd_modules_t:dir list_dir_perms;	12	allow httpd_t httpd_modules_t:dir list_dir_perms;
30	mmap_files_pattern(httpd_t, httpd_modules_t, httpd_modules_t)
31	read_files_pattern(httpd_t, httpd_modules_t, httpd_modules_t)