Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
View | Details | Raw Unified | Return to bug 528516 | Differences between
and this patch

Collapse All | Expand All

(-)a/policy/modules/contrib/bitcoin.fc (-2 / +8 lines)
Lines 1-4 Link Here
1 
/usr/bin/bitcoind					gen_context(system_u:object_r:bitcoin_exec_t,s0)
 1 
/usr/bin/bitcoind					gen_context(system_u:object_r:bitcoin_exec_t,s0)
2 
/etc/init.d/bitcoind					gen_context(system_u:object_r:bitcoin_initrc_exec_t,s0)
 2 
/etc/rc\.d/init\.d/bitcoind				gen_context(system_u:object_r:bitcoin_initrc_exec_t,s0)
3 
/var/lib/bitcoin(/.*)?					gen_context(system_u:object_r:bitcoin_var_lib_t,s0)
 3 

            

            

              
              

              4
              
# not labeling /var/lib/bitcoin itself is a conceit to allow mounting

            

            


              5
              
# of that directory to have bitcoin located elsewhere, without having

            

            


              6
              
# to give bitcoin types mount privileges.

            

            


              7
              

            

            


              8
              
/var/lib/bitcoin/.*					gen_context(system_u:object_r:bitcoin_var_lib_t,s0)

            

        

          4
          
/etc/bitcoin(/.*)?					gen_context(system_u:object_r:bitcoin_etc_t,s0)

          9
          
/etc/bitcoin(/.*)?					gen_context(system_u:object_r:bitcoin_etc_t,s0)

        

            

              
              
              10
              
/var/lib/bitcoin/\.bitcoin/bitcoin\.conf		gen_context(system_u:object_r:bitcoin_etc_t,s0)

            



(-)a/policy/modules/contrib/bitcoin.if
      (-2 / +23 lines)




  

    
      
            Lines 1-8
          
      
      
        Link Here
      
    
  

        

          1
          
## <summary>bitcoin</summary>

          1
          
## <summary>bitcoin</summary>

        

        

          2
          

          2
          

        

            

              
              
              3
              
#######################################

            

            

              4
              
## <summary>

            

            

              5
              
##      bitcoin administrative interface

            

            

              6
              
## </summary>

            

            

              7
              
## <param name="domain">

            

            

              8
              
##      <summary>

            

            

              9
              
##      Domain allowed to transition.

            

            

              10
              
##      </summary>

            

            

              11
              
## </param>

            

            

              12
              
#

            

            

              13
              

            

            

              14
              

            

        

          3
          
interface(`bitcoin_admin',`

          15
          
interface(`bitcoin_admin',`

        

        

          4
          
	gen_require(`

          16
          
	gen_require(`

        

          
            

              5
              
		type bitcoin_t, bitcoin_initrc_exec_t, bitcoin_var_run_t;


              17
              
		type bitcoin_t, bitcoin_initrc_exec_t, 

            

            

              
              

              18
              
		bitcoin_var_run_t, bitcoin_etc_t,

            

            


              19
              
		bitcoin_var_lib_t;

            

        

          6
          
	')

          20
          
	')

        

        

          7
          

          21
          

        

        

          8
          
	init_labeled_script_domtrans($1, bitcoin_initrc_exec_t)

          22
          
	init_labeled_script_domtrans($1, bitcoin_initrc_exec_t)

        

  

    
      
            Lines 10-15
          interface(`bitcoin_admin',`
      
      
        Link Here
      
    
  

        

          10
          
	domain_system_change_exemption($1)

          24
          
	domain_system_change_exemption($1)

        

        

          11
          
	allow $2 system_r;

          25
          
	allow $2 system_r;

        

        

          12
          

          26
          

        

            

              
              
              27
              
	rw_dirs_pattern($1, bitcoin_etc_t, bitcoin_etc_t);

            

            

              28
              
	rw_dirs_pattern($1, bitcoin_var_lib_t, bitcoin_var_lib_t);

            

            

              29
              

            

            

              30
              
	write_files_pattern($1, bitcoin_etc_t, bitcoin_etc_t);

            

            

              31
              
	write_files_pattern($1, bitcoin_var_lib_t, bitcoin_var_lib_t);	

            

            

              32
              

            

            

              33
              
	# bitcoin.conf is a symlink

            

            

              34
              
	write_lnk_files_pattern($1, bitcoin_etc_t, bitcoin_etc_t);

            

        

          13
          

          35
          

        

            

              14
              
	

              
              
            

        

          15
          
')

          36
          
')

        



(-)a/policy/modules/contrib/bitcoin.te
      (-3 / +13 lines)




  

    
      
            Lines 11-16
          type bitcoin_var_run_t;
      
      
        Link Here
      
    
  

        

          11
          
type bitcoin_log_t;

          11
          
type bitcoin_log_t;

        

        

          12
          
type bitcoin_tmp_t;

          12
          
type bitcoin_tmp_t;

        

        

          13
          

          13
          

        

            

              
              
              14
              
files_type(bitcoin_var_lib_t)

            

            

              15
              
files_type(bitcoin_var_run_t)

            

            

              16
              
files_type(bitcoin_log_t)

            

            

              17
              
files_type(bitcoin_tmp_t)

            

            

              18
              
files_type(bitcoin_etc_t)

            

            

              19
              

            

        

          14
          
domain_type(bitcoin_t)

          20
          
domain_type(bitcoin_t)

        

        

          15
          
init_daemon_domain(bitcoin_t, bitcoin_exec_t)

          21
          
init_daemon_domain(bitcoin_t, bitcoin_exec_t)

        

        

          16
          
init_script_file(bitcoin_initrc_exec_t)

          22
          
init_script_file(bitcoin_initrc_exec_t)

        

  

    
      
            Lines 26-37
          allow bitcoin_t bitcoin_tmp_t:file { create_file_perms write_file_perms };
      
      
        Link Here
      
    
  

        

          26
          
files_tmp_filetrans(bitcoin_t, bitcoin_tmp_t, file)

          32
          
files_tmp_filetrans(bitcoin_t, bitcoin_tmp_t, file)

        

        

          27
          

          33
          

        

        

          28
          

          34
          

        

            

              
              
              35
              
allow bitcoin_t self:process signal_perms;

            

        

          29
          
allow bitcoin_t bitcoin_var_lib_t:file { read write append create getattr open unlink rename lock };

          36
          
allow bitcoin_t bitcoin_var_lib_t:file { read write append create getattr open unlink rename lock };

        

        

          30
          
allow bitcoin_t bitcoin_var_lib_t:dir { create write rmdir read open add_name remove_name search getattr };

          37
          
allow bitcoin_t bitcoin_var_lib_t:dir { create write rmdir read open add_name remove_name search getattr };

        

          
            

              31
              
allow bitcoin_t bitcoin_var_lib_t:lnk_file read;


              38
              
allow bitcoin_t bitcoin_etc_t:file read_file_perms;

            

            

              32
              
allow bitcoin_t bitcoin_etc_t:dir { getattr search open };


              39
              

            

            

              33
              
allow bitcoin_t bitcoin_etc_t:file { read getattr open };


              40
              
read_lnk_files_pattern(bitcoin_t, bitcoin_etc_t, bitcoin_etc_t);

            

            

              
              

              41
              
read_files_pattern(bitcoin_t, bitcoin_etc_t, bitcoin_etc_t);

            

            


              42
              
list_dirs_pattern(bitcoin_t, bitcoin_etc_t, bitcoin_etc_t);

            

        

          34
          

          43
          

        

            

              
              
              44
              
kernel_read_system_state(bitcoin_t)

            

        

          35
          
kernel_read_vm_sysctls(bitcoin_t)

          45
          
kernel_read_vm_sysctls(bitcoin_t)

        

        

          36
          

          46
          

        

        

          37
          
dev_read_sysfs(bitcoin_t)

          47
          
dev_read_sysfs(bitcoin_t)

        



(-)a/policy/modules/roles/sysadm.te
      (+4 lines)




  

    
      
            Lines 112-117
          optional_policy(`
      
      
        Link Here
      
    
  

        

          112
          
')

          112
          
')

        

        

          113
          

          113
          

        

        

          114
          
optional_policy(`

          114
          
optional_policy(`

        

            

              
              
              115
              
	bitcoin_admin(sysadm_t, sysadm_r)

            

            

              116
              
')

            

            

              117
              

            

            

              118
              
optional_policy(`

            

        

          115
          
	bootloader_run(sysadm_t, sysadm_r)

          119
          
	bootloader_run(sysadm_t, sysadm_r)

        

        

          116
          
')

          120
          
')

        

        

          117
          

          121
          

        






  

  Return to bug 528516