Rearrange lines in portage.te.
This commit is contained in:
parent
ca4d39d31c
commit
ad3ed86a72
|
@ -233,12 +233,14 @@ allow portage_fetch_t self:fifo_file rw_fifo_file_perms;
|
||||||
allow portage_fetch_t self:tcp_socket create_stream_socket_perms;
|
allow portage_fetch_t self:tcp_socket create_stream_socket_perms;
|
||||||
allow portage_fetch_t self:unix_stream_socket create_socket_perms;
|
allow portage_fetch_t self:unix_stream_socket create_socket_perms;
|
||||||
|
|
||||||
allow portage_fetch_t portage_tmp_t:dir manage_dir_perms;
|
|
||||||
allow portage_fetch_t portage_tmp_t:file manage_file_perms;
|
|
||||||
allow portage_fetch_t portage_conf_t:dir list_dir_perms;
|
allow portage_fetch_t portage_conf_t:dir list_dir_perms;
|
||||||
|
|
||||||
allow portage_fetch_t portage_gpg_t:dir rw_dir_perms;
|
allow portage_fetch_t portage_gpg_t:dir rw_dir_perms;
|
||||||
allow portage_fetch_t portage_gpg_t:file manage_file_perms;
|
allow portage_fetch_t portage_gpg_t:file manage_file_perms;
|
||||||
|
|
||||||
|
allow portage_fetch_t portage_tmp_t:dir manage_dir_perms;
|
||||||
|
allow portage_fetch_t portage_tmp_t:file manage_file_perms;
|
||||||
|
|
||||||
read_files_pattern(portage_fetch_t, portage_conf_t, portage_conf_t)
|
read_files_pattern(portage_fetch_t, portage_conf_t, portage_conf_t)
|
||||||
|
|
||||||
manage_dirs_pattern(portage_fetch_t, portage_ebuild_t, portage_ebuild_t)
|
manage_dirs_pattern(portage_fetch_t, portage_ebuild_t, portage_ebuild_t)
|
||||||
|
@ -257,20 +259,20 @@ corecmd_exec_shell(portage_fetch_t)
|
||||||
|
|
||||||
corenet_all_recvfrom_unlabeled(portage_fetch_t)
|
corenet_all_recvfrom_unlabeled(portage_fetch_t)
|
||||||
corenet_all_recvfrom_netlabel(portage_fetch_t)
|
corenet_all_recvfrom_netlabel(portage_fetch_t)
|
||||||
|
corenet_tcp_sendrecv_generic_if(portage_fetch_t)
|
||||||
|
corenet_tcp_sendrecv_generic_node(portage_fetch_t)
|
||||||
|
corenet_tcp_sendrecv_all_ports(portage_fetch_t)
|
||||||
|
corenet_tcp_connect_http_cache_port(portage_fetch_t)
|
||||||
|
corenet_tcp_connect_git_port(portage_fetch_t)
|
||||||
|
corenet_tcp_connect_rsync_port(portage_fetch_t)
|
||||||
corenet_sendrecv_http_client_packets(portage_fetch_t)
|
corenet_sendrecv_http_client_packets(portage_fetch_t)
|
||||||
corenet_sendrecv_http_cache_client_packets(portage_fetch_t)
|
corenet_sendrecv_http_cache_client_packets(portage_fetch_t)
|
||||||
corenet_sendrecv_git_client_packets(portage_fetch_t)
|
corenet_sendrecv_git_client_packets(portage_fetch_t)
|
||||||
corenet_sendrecv_rsync_client_packets(portage_fetch_t)
|
corenet_sendrecv_rsync_client_packets(portage_fetch_t)
|
||||||
corenet_tcp_sendrecv_generic_if(portage_fetch_t)
|
|
||||||
corenet_tcp_sendrecv_generic_node(portage_fetch_t)
|
|
||||||
corenet_tcp_sendrecv_all_ports(portage_fetch_t)
|
|
||||||
# would rather not connect to unspecified ports, but
|
# would rather not connect to unspecified ports, but
|
||||||
# it occasionally comes up
|
# it occasionally comes up
|
||||||
corenet_tcp_connect_all_reserved_ports(portage_fetch_t)
|
corenet_tcp_connect_all_reserved_ports(portage_fetch_t)
|
||||||
corenet_tcp_connect_generic_port(portage_fetch_t)
|
corenet_tcp_connect_generic_port(portage_fetch_t)
|
||||||
corenet_tcp_connect_http_cache_port(portage_fetch_t)
|
|
||||||
corenet_tcp_connect_git_port(portage_fetch_t)
|
|
||||||
corenet_tcp_connect_rsync_port(portage_fetch_t)
|
|
||||||
|
|
||||||
dev_dontaudit_read_rand(portage_fetch_t)
|
dev_dontaudit_read_rand(portage_fetch_t)
|
||||||
|
|
||||||
|
|
Loading…
Reference in New Issue