← Back to branch summary

~ubuntu-branches/ubuntu/natty/refpolicy-ubuntu/natty

~ubuntu-branches/ubuntu/natty/refpolicy-ubuntu/natty

« back to all changes in this revision

Viewing changes to policy/modules/apps/gitosis.te

Committer: Bazaar Package Importer
Author(s): Kees Cook
Date: 2010-04-22 17:10:43 UTC
mfrom: (1.1.2 upstream)
Revision ID: james.westby@ubuntu.com-20100422171043-khrw2m21gser7icb

Tags: 0.2.20091117-0ubuntu1

https://launchpad.net/bugs/568744

* New upstream release, converted to source format 3.
* Updated Ubuntu-specific patches thanks to Steve Lawrence (LP: #568744).
* Extracted Makefile change to debian/patches/bashisms.patch.

files added:
.pc

.pc/.version

.pc/applied-patches

.pc/apt.patch

.pc/apt.patch/policy

.pc/apt.patch/policy/modules

.pc/apt.patch/policy/modules/admin

.pc/apt.patch/policy/modules/admin/apt.fc

.pc/apt.patch/policy/modules/admin/apt.te

.pc/avahi.patch

.pc/avahi.patch/policy

.pc/avahi.patch/policy/modules

.pc/avahi.patch/policy/modules/services

.pc/avahi.patch/policy/modules/services/avahi.fc

.pc/avahi.patch/policy/modules/services/avahi.te

.pc/bashisms.patch

.pc/bashisms.patch/Makefile

.pc/bluetooth.patch

.pc/bluetooth.patch/policy

.pc/bluetooth.patch/policy/modules

.pc/bluetooth.patch/policy/modules/services

.pc/bluetooth.patch/policy/modules/services/bluetooth.te

.pc/conf.patch

.pc/conf.patch/build.conf

.pc/conf.patch/config

.pc/conf.patch/config/appconfig-mcs

.pc/conf.patch/config/appconfig-mcs/seusers

.pc/conf.patch/policy

.pc/conf.patch/policy/booleans.conf

.pc/consolekit.patch

.pc/consolekit.patch/policy

.pc/consolekit.patch/policy/modules

.pc/consolekit.patch/policy/modules/services

.pc/consolekit.patch/policy/modules/services/consolekit.if

.pc/consolekit.patch/policy/modules/services/consolekit.te

.pc/corecommands.patch

.pc/corecommands.patch/policy

.pc/corecommands.patch/policy/modules

.pc/corecommands.patch/policy/modules/kernel

.pc/corecommands.patch/policy/modules/kernel/corecommands.fc

.pc/cron.patch

.pc/cron.patch/policy

.pc/cron.patch/policy/modules

.pc/cron.patch/policy/modules/services

.pc/cron.patch/policy/modules/services/cron.te

.pc/cups.patch

.pc/cups.patch/policy

.pc/cups.patch/policy/modules

.pc/cups.patch/policy/modules/services

.pc/cups.patch/policy/modules/services/cups.te

.pc/dbus.patch

.pc/dbus.patch/policy

.pc/dbus.patch/policy/modules

.pc/dbus.patch/policy/modules/services

.pc/dbus.patch/policy/modules/services/dbus.fc

.pc/dbus.patch/policy/modules/services/dbus.if

.pc/dbus.patch/policy/modules/services/dbus.te

.pc/devkit.patch

.pc/devkit.patch/policy

.pc/devkit.patch/policy/modules

.pc/devkit.patch/policy/modules/services

.pc/devkit.patch/policy/modules/services/devicekit.fc

.pc/devkit.patch/policy/modules/services/devicekit.if

.pc/devkit.patch/policy/modules/services/devicekit.te

.pc/devtmpfs.patch

.pc/devtmpfs.patch/policy

.pc/devtmpfs.patch/policy/modules

.pc/devtmpfs.patch/policy/modules/kernel

.pc/devtmpfs.patch/policy/modules/kernel/filesystem.te

.pc/fstools.patch

.pc/fstools.patch/policy

.pc/fstools.patch/policy/modules

.pc/fstools.patch/policy/modules/system

.pc/fstools.patch/policy/modules/system/fstools.te

.pc/gnome.patch

.pc/gnome.patch/policy

.pc/gnome.patch/policy/modules

.pc/gnome.patch/policy/modules/services

.pc/gnome.patch/policy/modules/services/gnomeclock.fc

.pc/gnome.patch/policy/modules/services/gnomeclock.te

.pc/hal.patch

.pc/hal.patch/policy

.pc/hal.patch/policy/modules

.pc/hal.patch/policy/modules/services

.pc/hal.patch/policy/modules/services/hal.te

.pc/init.patch

.pc/init.patch/policy

.pc/init.patch/policy/modules

.pc/init.patch/policy/modules/system

.pc/init.patch/policy/modules/system/init.fc

.pc/init.patch/policy/modules/system/init.if

.pc/init.patch/policy/modules/system/init.te

.pc/kernel.patch

.pc/kernel.patch/policy

.pc/kernel.patch/policy/modules

.pc/kernel.patch/policy/modules/kernel

.pc/kernel.patch/policy/modules/kernel/kernel.te

.pc/libraries.patch

.pc/libraries.patch/policy

.pc/libraries.patch/policy/modules

.pc/libraries.patch/policy/modules/system

.pc/libraries.patch/policy/modules/system/libraries.fc

.pc/locallogin.patch

.pc/locallogin.patch/policy

.pc/locallogin.patch/policy/modules

.pc/locallogin.patch/policy/modules/system

.pc/locallogin.patch/policy/modules/system/locallogin.te

.pc/modemmanager.patch

.pc/modemmanager.patch/policy

.pc/modemmanager.patch/policy/modules

.pc/modemmanager.patch/policy/modules/services

.pc/modemmanager.patch/policy/modules/services/modemmanager.te

.pc/mount.patch

.pc/mount.patch/policy

.pc/mount.patch/policy/modules

.pc/mount.patch/policy/modules/system

.pc/mount.patch/policy/modules/system/mount.fc

.pc/mount.patch/policy/modules/system/mount.te

.pc/networkmanager.patch

.pc/networkmanager.patch/policy

.pc/networkmanager.patch/policy/modules

.pc/networkmanager.patch/policy/modules/services

.pc/networkmanager.patch/policy/modules/services/networkmanager.fc

.pc/networkmanager.patch/policy/modules/services/networkmanager.te

.pc/policykit.patch

.pc/policykit.patch/policy

.pc/policykit.patch/policy/modules

.pc/policykit.patch/policy/modules/services

.pc/policykit.patch/policy/modules/services/policykit.fc

.pc/policykit.patch/policy/modules/services/policykit.if

.pc/policykit.patch/policy/modules/services/policykit.te

.pc/rtkit.patch

.pc/rtkit.patch/policy

.pc/rtkit.patch/policy/modules

.pc/rtkit.patch/policy/modules/services

.pc/rtkit.patch/policy/modules/services/rtkit.fc

.pc/rtkit.patch/policy/modules/services/rtkit.te

.pc/ssh.patch

.pc/ssh.patch/policy

.pc/ssh.patch/policy/modules

.pc/ssh.patch/policy/modules/services

.pc/ssh.patch/policy/modules/services/ssh.fc

.pc/ssh.patch/policy/modules/services/ssh.te

.pc/sysnetwork.patch

.pc/sysnetwork.patch/policy

.pc/sysnetwork.patch/policy/modules

.pc/sysnetwork.patch/policy/modules/system

.pc/sysnetwork.patch/policy/modules/system/sysnetwork.fc

.pc/sysnetwork.patch/policy/modules/system/sysnetwork.if

.pc/sysnetwork.patch/policy/modules/system/sysnetwork.te

.pc/udev.patch

.pc/udev.patch/policy

.pc/udev.patch/policy/modules

.pc/udev.patch/policy/modules/system

.pc/udev.patch/policy/modules/system/udev.te

.pc/unconfined.patch

.pc/unconfined.patch/policy

.pc/unconfined.patch/policy/modules

.pc/unconfined.patch/policy/modules/system

.pc/unconfined.patch/policy/modules/system/unconfined.te

.pc/userdomain.patch

.pc/userdomain.patch/policy

.pc/userdomain.patch/policy/modules

.pc/userdomain.patch/policy/modules/system

.pc/userdomain.patch/policy/modules/system/userdomain.fc

.pc/userdomain.patch/policy/modules/system/userdomain.if

.pc/usermanage.patch

.pc/usermanage.patch/policy

.pc/usermanage.patch/policy/modules

.pc/usermanage.patch/policy/modules/admin

.pc/usermanage.patch/policy/modules/admin/usermanage.fc

.pc/usermanage.patch/policy/modules/admin/usermanage.te

.pc/users.patch

.pc/users.patch/policy

.pc/users.patch/policy/users

.pc/xserver.patch

.pc/xserver.patch/policy

.pc/xserver.patch/policy/modules

.pc/xserver.patch/policy/modules/services

.pc/xserver.patch/policy/modules/services/xserver.fc

.pc/xserver.patch/policy/modules/services/xserver.te

debian/patches/apt.patch

debian/patches/bashisms.patch

debian/patches/devkit.patch

debian/patches/gnome.patch

debian/patches/modemmanager.patch

debian/patches/old/polkit.patch

debian/patches/old/search_dir_open.patch

debian/patches/policykit.patch

debian/patches/rtkit.patch

debian/source

debian/source/format

policy/modules/admin/shorewall.fc

policy/modules/admin/shorewall.if

policy/modules/admin/shorewall.te

policy/modules/apps/gitosis.fc

policy/modules/apps/gitosis.if

policy/modules/apps/gitosis.te

policy/modules/apps/ptchown.fc

policy/modules/apps/ptchown.if

policy/modules/apps/ptchown.te

policy/modules/apps/seunshare.fc

policy/modules/apps/seunshare.if

policy/modules/apps/seunshare.te

policy/modules/apps/xscreensaver.fc

policy/modules/apps/xscreensaver.if

policy/modules/apps/xscreensaver.te

policy/modules/services/abrt.fc

policy/modules/services/abrt.if

policy/modules/services/abrt.te

policy/modules/services/dkim.fc

policy/modules/services/dkim.if

policy/modules/services/dkim.te

policy/modules/services/gnomeclock.fc

policy/modules/services/gnomeclock.if

policy/modules/services/gnomeclock.te

policy/modules/services/hddtemp.fc

policy/modules/services/hddtemp.if

policy/modules/services/hddtemp.te

policy/modules/services/modemmanager.fc

policy/modules/services/modemmanager.if

policy/modules/services/modemmanager.te

policy/modules/services/nslcd.fc

policy/modules/services/nslcd.if

policy/modules/services/nslcd.te

policy/modules/services/puppet.fc

policy/modules/services/puppet.if

policy/modules/services/puppet.te

policy/modules/services/rtkit.fc

policy/modules/services/rtkit.if

policy/modules/services/rtkit.te

policy/modules/services/tgtd.fc

policy/modules/services/tgtd.if

policy/modules/services/tgtd.te

policy/modules/services/tuned.fc

policy/modules/services/tuned.if

policy/modules/services/tuned.te

policy/modules/system/kdump.fc

policy/modules/system/kdump.if

policy/modules/system/kdump.te

support/divert.m4

support/undivert.m4

files removed:
.bzr-builddeb

.bzr-builddeb/default.conf

debian/patches/polkit.patch

debian/patches/search_dir_open.patch

files modified:
Changelog

Makefile

Rules.monolithic

VERSION

build.conf

config/appconfig-mcs/seusers

debian/changelog

debian/control

debian/patches/avahi.patch

debian/patches/bluetooth.patch

debian/patches/conf.patch

debian/patches/consolekit.patch

debian/patches/corecommands.patch

debian/patches/cron.patch

debian/patches/cups.patch

debian/patches/dbus.patch

debian/patches/devtmpfs.patch

debian/patches/dhcp.patch

debian/patches/fstools.patch

debian/patches/hal.patch

debian/patches/init.patch

debian/patches/kernel.patch

debian/patches/libraries.patch

debian/patches/locallogin.patch

debian/patches/mount.patch

debian/patches/networkmanager.patch

debian/patches/series

debian/patches/ssh.patch

debian/patches/sysnetwork.patch

debian/patches/udev.patch

debian/patches/unconfined.patch

debian/patches/userdomain.patch

debian/patches/usermanage.patch

debian/patches/users.patch

debian/patches/xserver.patch

debian/rules

debian/selinux-policy-ubuntu.postinst

debian/selinux-policy-ubuntu.postrm

doc/policy.xml

man/man8/rsync_selinux.8

man/man8/samba_selinux.8

policy/booleans.conf

policy/constraints

policy/flask/access_vectors

policy/flask/security_classes

policy/mcs

policy/modules.conf

policy/modules/admin/acct.te

policy/modules/admin/alsa.te

policy/modules/admin/amanda.te

policy/modules/admin/apt.fc

policy/modules/admin/apt.te

policy/modules/admin/backup.te

policy/modules/admin/bootloader.te

policy/modules/admin/brctl.te

policy/modules/admin/certwatch.te

policy/modules/admin/consoletype.te

policy/modules/admin/dpkg.te

policy/modules/admin/firstboot.te

policy/modules/admin/kismet.if

policy/modules/admin/kismet.te

policy/modules/admin/logrotate.te

policy/modules/admin/logwatch.te

policy/modules/admin/mrtg.te

policy/modules/admin/netutils.te

policy/modules/admin/portage.te

policy/modules/admin/prelink.if

policy/modules/admin/prelink.te

policy/modules/admin/readahead.te

policy/modules/admin/rpm.te

policy/modules/admin/su.te

policy/modules/admin/sudo.if

policy/modules/admin/sudo.te

policy/modules/admin/sxid.te

policy/modules/admin/tmpreaper.te

policy/modules/admin/usermanage.fc

policy/modules/admin/usermanage.te

policy/modules/admin/vbetool.te

policy/modules/admin/vpn.te

policy/modules/apps/ada.te

policy/modules/apps/awstats.te

policy/modules/apps/calamaris.te

policy/modules/apps/cdrecord.te

policy/modules/apps/cpufreqselector.te

policy/modules/apps/evolution.te

policy/modules/apps/games.te

policy/modules/apps/gift.te

policy/modules/apps/gpg.if

policy/modules/apps/gpg.te

policy/modules/apps/irc.te

policy/modules/apps/java.if

policy/modules/apps/java.te

policy/modules/apps/loadkeys.te

policy/modules/apps/mozilla.te

policy/modules/apps/mplayer.te

policy/modules/apps/podsleuth.te

policy/modules/apps/pulseaudio.if

policy/modules/apps/pulseaudio.te

policy/modules/apps/qemu.if

policy/modules/apps/qemu.te

policy/modules/apps/screen.if

policy/modules/apps/screen.te

policy/modules/apps/slocate.te

policy/modules/apps/thunderbird.te

policy/modules/apps/uml.te

policy/modules/apps/vmware.fc

policy/modules/apps/vmware.te

policy/modules/apps/webalizer.te

policy/modules/apps/wireshark.te

policy/modules/apps/yam.te

policy/modules/kernel/corecommands.fc

policy/modules/kernel/corecommands.te

policy/modules/kernel/corenetwork.if

policy/modules/kernel/corenetwork.te

policy/modules/kernel/corenetwork.te.in

policy/modules/kernel/devices.if

policy/modules/kernel/devices.te

policy/modules/kernel/domain.te

policy/modules/kernel/files.if

policy/modules/kernel/files.te

policy/modules/kernel/filesystem.te

policy/modules/kernel/kernel.te

policy/modules/kernel/mcs.if

policy/modules/kernel/mcs.te

policy/modules/kernel/mls.te

policy/modules/kernel/selinux.te

policy/modules/kernel/terminal.if

policy/modules/roles/auditadm.te

policy/modules/roles/secadm.te

policy/modules/roles/sysadm.te

policy/modules/roles/webadm.te

policy/modules/services/afs.te

policy/modules/services/amavis.te

policy/modules/services/apache.te

policy/modules/services/apcupsd.te

policy/modules/services/apm.te

policy/modules/services/arpwatch.te

policy/modules/services/asterisk.te

policy/modules/services/audioentropy.te

policy/modules/services/automount.te

policy/modules/services/avahi.fc

policy/modules/services/avahi.te

policy/modules/services/bind.te

policy/modules/services/bitlbee.te

policy/modules/services/bluetooth.te

policy/modules/services/canna.te

policy/modules/services/ccs.te

policy/modules/services/cipe.te

policy/modules/services/clamav.te

policy/modules/services/clockspeed.te

policy/modules/services/comsat.te

policy/modules/services/consolekit.if

policy/modules/services/consolekit.te

policy/modules/services/courier.te

policy/modules/services/cron.fc

policy/modules/services/cron.if

policy/modules/services/cron.te

policy/modules/services/cups.te

policy/modules/services/cvs.te

policy/modules/services/cyphesis.te

policy/modules/services/cyrus.te

policy/modules/services/dante.te

policy/modules/services/dbskk.te

policy/modules/services/dbus.fc

policy/modules/services/dbus.if

policy/modules/services/dbus.te

policy/modules/services/dcc.te

policy/modules/services/ddclient.te

policy/modules/services/devicekit.fc

policy/modules/services/devicekit.if

policy/modules/services/devicekit.te

policy/modules/services/dhcp.te

policy/modules/services/dictd.te

policy/modules/services/distcc.te

policy/modules/services/djbdns.te

policy/modules/services/dnsmasq.te

policy/modules/services/dovecot.te

policy/modules/services/exim.te

policy/modules/services/fail2ban.te

policy/modules/services/fetchmail.te

policy/modules/services/finger.te

policy/modules/services/ftp.te

policy/modules/services/gatekeeper.te

policy/modules/services/gpm.te

policy/modules/services/hal.te

policy/modules/services/howl.te

policy/modules/services/i18n_input.te

policy/modules/services/imaze.te

policy/modules/services/inetd.te

policy/modules/services/inn.te

policy/modules/services/ircd.te

policy/modules/services/jabber.te

policy/modules/services/kerberos.te

policy/modules/services/kerneloops.te

policy/modules/services/ktalk.te

policy/modules/services/ldap.te

policy/modules/services/lpd.te

policy/modules/services/mailman.te

policy/modules/services/memcached.te

policy/modules/services/milter.te

policy/modules/services/monop.te

policy/modules/services/mta.te

policy/modules/services/munin.te

policy/modules/services/mysql.te

policy/modules/services/nagios.te

policy/modules/services/nessus.te

policy/modules/services/networkmanager.fc

policy/modules/services/networkmanager.te

policy/modules/services/nis.te

policy/modules/services/nscd.fc

policy/modules/services/nscd.if

policy/modules/services/nscd.te

policy/modules/services/nsd.te

policy/modules/services/ntop.te

policy/modules/services/ntp.te

policy/modules/services/nx.te

policy/modules/services/oav.te

policy/modules/services/oddjob.te

policy/modules/services/oident.te

policy/modules/services/openvpn.te

policy/modules/services/pcscd.te

policy/modules/services/pegasus.te

policy/modules/services/perdition.te

policy/modules/services/policykit.fc

policy/modules/services/policykit.if

policy/modules/services/policykit.te

policy/modules/services/portmap.te

policy/modules/services/portreserve.te

policy/modules/services/portslave.te

policy/modules/services/postfix.te

policy/modules/services/postfixpolicyd.te

policy/modules/services/postgresql.te

policy/modules/services/postgrey.te

policy/modules/services/ppp.te

policy/modules/services/prelude.te

policy/modules/services/privoxy.te

policy/modules/services/procmail.te

policy/modules/services/pyzor.te

policy/modules/services/radius.te

policy/modules/services/radvd.te

policy/modules/services/razor.te

policy/modules/services/rdisc.te

policy/modules/services/remotelogin.te

policy/modules/services/rhgb.te

policy/modules/services/ricci.te

policy/modules/services/rlogin.te

policy/modules/services/roundup.te

policy/modules/services/rpc.te

policy/modules/services/rpcbind.te

policy/modules/services/rshd.te

policy/modules/services/rsync.te

policy/modules/services/rwho.te

policy/modules/services/samba.te

policy/modules/services/sasl.te

policy/modules/services/sendmail.te

policy/modules/services/setroubleshoot.te

policy/modules/services/smartmon.te

policy/modules/services/snmp.te

policy/modules/services/snort.te

policy/modules/services/soundserver.te

policy/modules/services/spamassassin.te

policy/modules/services/squid.te

policy/modules/services/ssh.fc

policy/modules/services/ssh.te

policy/modules/services/stunnel.te

policy/modules/services/sysstat.te

policy/modules/services/tcpd.te

policy/modules/services/telnet.te

policy/modules/services/tftp.te

policy/modules/services/timidity.te

policy/modules/services/tor.te

policy/modules/services/transproxy.te

policy/modules/services/ucspitcp.te

policy/modules/services/ulogd.te

policy/modules/services/uucp.te

policy/modules/services/uwimap.te

policy/modules/services/varnishd.te

policy/modules/services/virt.if

policy/modules/services/virt.te

policy/modules/services/watchdog.te

policy/modules/services/xfs.te

policy/modules/services/xprint.te

policy/modules/services/xserver.fc

policy/modules/services/xserver.if

policy/modules/services/xserver.te

policy/modules/services/zebra.te

policy/modules/services/zosremote.te

policy/modules/system/authlogin.te

policy/modules/system/clock.te

policy/modules/system/fstools.te

policy/modules/system/getty.te

policy/modules/system/hostname.te

policy/modules/system/hotplug.te

policy/modules/system/init.fc

policy/modules/system/init.if

policy/modules/system/init.te

policy/modules/system/ipsec.te

policy/modules/system/iptables.fc

policy/modules/system/iptables.te

policy/modules/system/iscsi.te

policy/modules/system/libraries.fc

policy/modules/system/libraries.te

policy/modules/system/locallogin.te

policy/modules/system/logging.if

policy/modules/system/logging.te

policy/modules/system/lvm.te

policy/modules/system/miscfiles.te

policy/modules/system/modutils.te

policy/modules/system/mount.fc

policy/modules/system/mount.te

policy/modules/system/pcmcia.te

policy/modules/system/raid.te

policy/modules/system/selinuxutil.te

policy/modules/system/setrans.te

policy/modules/system/sysnetwork.fc

policy/modules/system/sysnetwork.if

policy/modules/system/sysnetwork.te

policy/modules/system/udev.te

policy/modules/system/unconfined.te

policy/modules/system/userdomain.fc

policy/modules/system/userdomain.if

policy/modules/system/userdomain.te

policy/modules/system/xen.te

policy/support/obj_perm_sets.spt

policy/users

Show diffs side-by-side

added added

removed removed

policy/modules/apps/gitosis.te

1

2

policy_module(gitosis, 1.0.0)

3

4

########################################

5

#

6

# Declarations

7

#

8

9

type gitosis_t;

10

type gitosis_exec_t;

11

application_domain(gitosis_t, gitosis_exec_t)

12

role system_r types gitosis_t;

13

14

type gitosis_var_lib_t;

15

files_type(gitosis_var_lib_t)

16

17

########################################

18

#

19

# gitosis local policy

20

#

21

22

allow gitosis_t self:fifo_file rw_fifo_file_perms;

23

24

exec_files_pattern(gitosis_t, gitosis_var_lib_t, gitosis_var_lib_t)

25

manage_files_pattern(gitosis_t, gitosis_var_lib_t, gitosis_var_lib_t)

26

manage_lnk_files_pattern(gitosis_t, gitosis_var_lib_t, gitosis_var_lib_t)

27

manage_dirs_pattern(gitosis_t, gitosis_var_lib_t, gitosis_var_lib_t)

28

29

corecmd_exec_bin(gitosis_t)

30

corecmd_exec_shell(gitosis_t)

31

32

kernel_read_system_state(gitosis_t)

33

34

files_read_usr_files(gitosis_t)

35

files_search_var_lib(gitosis_t)

36

37

miscfiles_read_localization(gitosis_t)

Older »