nnd/selinux-refpolicy
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
b19be25429
selinux-refpolicy/policy/modules/apps/java.fc
Nicolas Iooss 0db0cd3057
java: remove unnecessary parentheses in pattern 
/usr/lib/jvm/java(.*/)bin(/.*)? uses misleading parentheses around
".*/". In some cases, a pattern with (.*/) is a mispelling to (.*/)?,
but not here (/usr/lib/jvm/javabin/ never exists).

Moreover, using .* here is right, as the pattern matches the content of
subdirectories of /usr/lib/jvm/ which names are prefixed by java. More
precisely, the pattern matches for example:

- programs in /usr/lib/jvm/java-10-openjdk/bin
- programs in /usr/lib/jvm/java-8-openjdk/jre/bin

In the end, the pattern does not have any error, but the parentheses are
misleading. Remove them.

Signed-off-by: Nicolas Iooss <nicolas.iooss@m4x.org>
2019-09-01 16:06:32 +02:00

34 lines
1.9 KiB
Plaintext
Raw Blame History

HOME_DIR/\.java(/.*)? gen_context(system_u:object_r:java_home_t,s0)
/opt/(.*/)?bin/java[^/]* -- gen_context(system_u:object_r:java_exec_t,s0)
/opt/ibm/java.*/(bin|javaws)(/.*)? -- gen_context(system_u:object_r:java_exec_t,s0)
/opt/local/matlab.*/bin.*/MATLAB.* -- gen_context(system_u:object_r:java_exec_t,s0)
/opt/matlab.*/bin.*/MATLAB.* -- gen_context(system_u:object_r:java_exec_t,s0)
/usr/(.*/)?bin/java[^/-]* -- gen_context(system_u:object_r:java_exec_t,s0)
/usr/bin/fastjar -- gen_context(system_u:object_r:java_exec_t,s0)
/usr/bin/frysk -- gen_context(system_u:object_r:java_exec_t,s0)
/usr/bin/gappletviewer -- gen_context(system_u:object_r:java_exec_t,s0)
/usr/bin/gcj-dbtool -- gen_context(system_u:object_r:java_exec_t,s0)
/usr/bin/gij -- gen_context(system_u:object_r:java_exec_t,s0)
/usr/bin/gjarsigner -- gen_context(system_u:object_r:java_exec_t,s0)
/usr/bin/gkeytool -- gen_context(system_u:object_r:java_exec_t,s0)
/usr/bin/grmic -- gen_context(system_u:object_r:java_exec_t,s0)
/usr/bin/grmiregistry -- gen_context(system_u:object_r:java_exec_t,s0)
/usr/bin/jv-convert -- gen_context(system_u:object_r:java_exec_t,s0)
/usr/bin/octave-[^/]* -- gen_context(system_u:object_r:java_exec_t,s0)
/usr/java/eclipse[^/]*/eclipse -- gen_context(system_u:object_r:java_exec_t,s0)
/usr/lib/bin/java[^/]* -- gen_context(system_u:object_r:java_exec_t,s0)
/usr/lib/eclipse/eclipse -- gen_context(system_u:object_r:java_exec_t,s0)
/usr/lib/icedtea[0-9]+/bin/.* -- gen_context(system_u:object_r:java_exec_t,s0)
/usr/lib/icedtea[0-9]+/jre/bin/.* -- gen_context(system_u:object_r:java_exec_t,s0)
/usr/lib/jvm/java.*/bin(/.*)? -- gen_context(system_u:object_r:java_exec_t,s0)
/usr/lib/opera(/.*)?/opera -- gen_context(system_u:object_r:java_exec_t,s0)
/usr/lib/opera(/.*)?/works -- gen_context(system_u:object_r:java_exec_t,s0)
/usr/local/matlab.*/bin.*/MATLAB.* -- gen_context(system_u:object_r:java_exec_t,s0)
/usr/matlab.*/bin.*/MATLAB.* -- gen_context(system_u:object_r:java_exec_t,s0)
Reference in New Issue View Git Blame Copy Permalink