p4-projects@freebsd.org
[Top] [All Lists]

PERFORCE change 71744 for review

Subject: PERFORCE change 71744 for review
From: Andrew Reisse
Date: Thu, 24 Feb 2005 17:57:57 GMT
http://perforce.freebsd.org/chv.cgi?CH=71744

Change 71744 by areisse@areisse_tislabs on 2005/02/24 17:56:59

        Start of a policy for building ports. A separate copy of make is
        labelled with portmake_exec_t, so that a special domain can be 
        entered from sysadm_t.  Installation from this domain is not
        yet supported.

Affected files ...

.. 
//depot/projects/trustedbsd/sebsd/contrib/sebsd/policy/domains/program/portmake.te#1
 add
.. 
//depot/projects/trustedbsd/sebsd/contrib/sebsd/policy/file_contexts/types.fc#6 
edit

Differences ...

==== 
//depot/projects/trustedbsd/sebsd/contrib/sebsd/policy/file_contexts/types.fc#6 
(text+ko) ====

@@ -146,6 +146,7 @@
 /etc/passwd\.lock      --      system_u:object_r:shadow_t
 /etc/group\.lock       --      system_u:object_r:shadow_t
 /etc/shadow.*          --      system_u:object_r:shadow_t
+#/etc/spwd.db          --      system_u:object_r:shadow_t
 /etc/gshadow.*         --      system_u:object_r:shadow_t
 /etc/blkid\.tab                --      system_u:object_r:etc_runtime_t
 /etc/fstab\.REVOKE     --      system_u:object_r:etc_runtime_t
@@ -296,6 +297,11 @@
 /usr/kerberos/lib(64)?/lib[^/]*\.so(\.[^/]*)* -- system_u:object_r:shlib_t
 
 #
+# /usr/ports
+#
+/usr/ports/distfiles(/.*)?     system_u:object_t:port_work_t
+
+#
 # Fonts dir
 #
 /usr/X11R6/lib/X11/fonts(/.*)?         system_u:object_r:fonts_t
_______________________________________________
p4-projects@xxxxxxxxxxx mailing list
http://lists.freebsd.org/mailman/listinfo/p4-projects
To unsubscribe, send any mail to "p4-projects-unsubscribe@xxxxxxxxxxx"

<Prev in Thread] Current Thread [Next in Thread>
  • PERFORCE change 71744 for review, Andrew Reisse <=