From 6d14093b26ca82c0b8fe0248af958e4065a69a91 Mon Sep 17 00:00:00 2001 From: Chris PeBenito Date: Wed, 18 Jan 2006 16:06:17 +0000 Subject: [PATCH] really fix the build problems --- refpolicy/policy/modules/admin/portage.if | 2 +- refpolicy/policy/modules/admin/portage.te | 4 +++- 2 files changed, 4 insertions(+), 2 deletions(-) diff --git a/refpolicy/policy/modules/admin/portage.if b/refpolicy/policy/modules/admin/portage.if index cdeea5eac..d5adc90f1 100644 --- a/refpolicy/policy/modules/admin/portage.if +++ b/refpolicy/policy/modules/admin/portage.if @@ -109,7 +109,7 @@ template(`portage_compile_domain_template',` allow $1_t self:rawip_socket { create ioctl }; allow $1_t self:udp_socket recvfrom; # needed for merging dbus: - allow $1_sandbox_t self:netlink_selinux_socket { bind create read }; + allow $1_t self:netlink_selinux_socket { bind create read }; allow $1_t $1_devpts_t:chr_file { rw_file_perms setattr }; term_create_pty($1_t,$1_devpts_t) diff --git a/refpolicy/policy/modules/admin/portage.te b/refpolicy/policy/modules/admin/portage.te index e8125c3ba..a73ab9e39 100644 --- a/refpolicy/policy/modules/admin/portage.te +++ b/refpolicy/policy/modules/admin/portage.te @@ -77,6 +77,8 @@ files_manage_all_files(portage_t) selinux_get_fs_mount(portage_t) +auth_manage_shadow(portage_t) + # merging baselayout will need this: init_exec(portage_t) @@ -184,7 +186,7 @@ dontaudit portage_sandbox_t portage_cache_t:dir { setattr }; dontaudit portage_sandbox_t portage_cache_t:file { setattr write }; allow portage_sandbox_t portage_tmp_t:dir manage_dir_perms; -allow portage_sandbox_t portage_tmp_t:file manage_dir_perms; +allow portage_sandbox_t portage_tmp_t:file manage_file_perms; allow portage_sandbox_t portage_tmp_t:lnk_file create_lnk_perms; # run scripts out of the build directory can_exec(portage_sandbox_t,portage_tmp_t)