Rearrange lines in portage.te.
This commit is contained in:
Chris PeBenito
parent
ca4d39d31c
commit
ad3ed86a72
|
|
@ -233,12 +233,14 @@ allow portage_fetch_t self:fifo_file rw_fifo_file_perms;
|
|||
allow portage_fetch_t self:tcp_socket create_stream_socket_perms;
|
||||
allow portage_fetch_t self:unix_stream_socket create_socket_perms;
|
||||
|
||||
allow portage_fetch_t portage_tmp_t:dir manage_dir_perms;
|
||||
allow portage_fetch_t portage_tmp_t:file manage_file_perms;
|
||||
allow portage_fetch_t portage_conf_t:dir list_dir_perms;
|
||||
|
||||
allow portage_fetch_t portage_gpg_t:dir rw_dir_perms;
|
||||
allow portage_fetch_t portage_gpg_t:file manage_file_perms;
|
||||
|
||||
allow portage_fetch_t portage_tmp_t:dir manage_dir_perms;
|
||||
allow portage_fetch_t portage_tmp_t:file manage_file_perms;
|
||||
|
||||
read_files_pattern(portage_fetch_t, portage_conf_t, portage_conf_t)
|
||||
|
||||
manage_dirs_pattern(portage_fetch_t, portage_ebuild_t, portage_ebuild_t)
|
||||
|
|
@ -257,20 +259,20 @@ corecmd_exec_shell(portage_fetch_t)
|
|||
|
||||
corenet_all_recvfrom_unlabeled(portage_fetch_t)
|
||||
corenet_all_recvfrom_netlabel(portage_fetch_t)
|
||||
corenet_tcp_sendrecv_generic_if(portage_fetch_t)
|
||||
corenet_tcp_sendrecv_generic_node(portage_fetch_t)
|
||||
corenet_tcp_sendrecv_all_ports(portage_fetch_t)
|
||||
corenet_tcp_connect_http_cache_port(portage_fetch_t)
|
||||
corenet_tcp_connect_git_port(portage_fetch_t)
|
||||
corenet_tcp_connect_rsync_port(portage_fetch_t)
|
||||
corenet_sendrecv_http_client_packets(portage_fetch_t)
|
||||
corenet_sendrecv_http_cache_client_packets(portage_fetch_t)
|
||||
corenet_sendrecv_git_client_packets(portage_fetch_t)
|
||||
corenet_sendrecv_rsync_client_packets(portage_fetch_t)
|
||||
corenet_tcp_sendrecv_generic_if(portage_fetch_t)
|
||||
corenet_tcp_sendrecv_generic_node(portage_fetch_t)
|
||||
corenet_tcp_sendrecv_all_ports(portage_fetch_t)
|
||||
# would rather not connect to unspecified ports, but
|
||||
# it occasionally comes up
|
||||
corenet_tcp_connect_all_reserved_ports(portage_fetch_t)
|
||||
corenet_tcp_connect_generic_port(portage_fetch_t)
|
||||
corenet_tcp_connect_http_cache_port(portage_fetch_t)
|
||||
corenet_tcp_connect_git_port(portage_fetch_t)
|
||||
corenet_tcp_connect_rsync_port(portage_fetch_t)
|
||||
|
||||
dev_dontaudit_read_rand(portage_fetch_t)
|
||||
|
||||
|
|
|
|||
Loading…
Reference in New Issue