PERFORCE change 113406 for review

Todd Miller millert at FreeBSD.org
Mon Jan 22 20:14:34 UTC 2007


http://perforce.freebsd.org/chv.cgi?CH=113406

Change 113406 by millert at millert_macbook on 2007/01/22 20:04:12

	Move /System labeling from DirectoryService.fc to darwin.fc.
	
	Label /Library
	
	Label /.Trashes as tmp_t.

Affected files ...

.. //depot/projects/trustedbsd/sedarwin8/policies/sedarwin/refpolicy/policy/modules/darwin/DirectoryService.fc#5 edit
.. //depot/projects/trustedbsd/sedarwin8/policies/sedarwin/refpolicy/policy/modules/system/darwin.fc#8 edit

Differences ...

==== //depot/projects/trustedbsd/sedarwin8/policies/sedarwin/refpolicy/policy/modules/darwin/DirectoryService.fc#5 (text+ko) ====

@@ -12,6 +12,3 @@
 
 
 /private/var/run/.DSRunningSP1		--	gen_context(system_u:object_r:DirectoryService_var_run_t,s0)	
-
-#/System
-/System					-d	gen_context(system_u:object_r:darwin_system_t,s0)

==== //depot/projects/trustedbsd/sedarwin8/policies/sedarwin/refpolicy/policy/modules/system/darwin.fc#8 (text+ko) ====

@@ -10,10 +10,12 @@
 #
 # /System
 #
+/System.*					gen_context(system_u:object_r:darwin_system_t,s0)
 /System/Library/LoginPlugins.*			gen_context(system_u:object_r:darwin_loginplugin_t,s0)
 /System/Library/Caches.*			gen_context(system_u:object_r:darwin_cache_t,s0)
 /System/Library/Services.*			gen_context(system_u:object_r:darwin_services_t,s0)
 /System/Library/Security.*			gen_context(system_u:object_r:darwin_security_t,s0)
+/System/Library/StartupItems.*			gen_context(system_u:object_r:darwin_startup_t,s0)
 /System/Library/CoreServices.*			gen_context(system_u:object_r:darwin_CoreServices_t,s0)
 /System/Library/ColorSync.*			gen_context(system_u:object_r:darwin_resource_t,s0)
 
@@ -25,6 +27,7 @@
 #
 # /Library
 #
+/Library.*						gen_context(system_u:object_r:lib_t,s0)
 /Library/Caches.*					gen_context(system_u:object_r:darwin_cache_t,s0)
 /Library/ColorSync.*					gen_context(system_u:object_r:darwin_resource_t,s0)
 /Library/Preferences/.GlobalPreferences.plist	--	gen_context(system_u:object_r:darwin_global_pref_t,s0)
@@ -34,3 +37,6 @@
 
 # Kernel
 /mach_kernel					--	gen_context(system_u:object_r:boot_t,s0)
+
+# Misc
+/.Trashes.*					gen_context(system_u:object_r:tmp_t,s0)


More information about the trustedbsd-cvs mailing list