From owner-trustedbsd-cvs@FreeBSD.ORG Mon Jan 22 20:14:34 2007 Return-Path: X-Original-To: trustedbsd-cvs@freebsd.org Delivered-To: trustedbsd-cvs@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id 664CB16A400 for ; Mon, 22 Jan 2007 20:14:34 +0000 (UTC) (envelope-from owner-perforce@freebsd.org) Received: from cyrus.watson.org (cyrus.watson.org [209.31.154.42]) by mx1.freebsd.org (Postfix) with ESMTP id A805C13C47E for ; Mon, 22 Jan 2007 20:14:32 +0000 (UTC) (envelope-from owner-perforce@freebsd.org) Received: from mx2.freebsd.org (mx2.freebsd.org [69.147.83.53]) by cyrus.watson.org (Postfix) with ESMTP id C48BE48931 for ; Mon, 22 Jan 2007 15:14:27 -0500 (EST) Received: from hub.freebsd.org (hub.freebsd.org [69.147.83.54]) by mx2.freebsd.org (Postfix) with ESMTP id 2BA5FD09E1; Mon, 22 Jan 2007 20:04:19 +0000 (GMT) (envelope-from owner-perforce@freebsd.org) Received: by hub.freebsd.org (Postfix, from userid 32767) id 13FA416A4D5; Mon, 22 Jan 2007 20:04:15 +0000 (UTC) X-Original-To: perforce@freebsd.org Delivered-To: perforce@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id DCBE916A412 for ; Mon, 22 Jan 2007 20:04:14 +0000 (UTC) (envelope-from millert@freebsd.org) Received: from repoman.freebsd.org (repoman.freebsd.org [69.147.83.41]) by mx1.freebsd.org (Postfix) with ESMTP id CA75113C45E for ; Mon, 22 Jan 2007 20:04:14 +0000 (UTC) (envelope-from millert@freebsd.org) Received: from repoman.freebsd.org (localhost [127.0.0.1]) by repoman.freebsd.org (8.13.6/8.13.6) with ESMTP id l0MK4EKx089145 for ; Mon, 22 Jan 2007 20:04:14 GMT (envelope-from millert@freebsd.org) Received: (from perforce@localhost) by repoman.freebsd.org (8.13.6/8.13.4/Submit) id l0MK4EcU089141 for perforce@freebsd.org; Mon, 22 Jan 2007 20:04:14 GMT (envelope-from millert@freebsd.org) Date: Mon, 22 Jan 2007 20:04:14 GMT Message-Id: <200701222004.l0MK4EcU089141@repoman.freebsd.org> X-Authentication-Warning: repoman.freebsd.org: perforce set sender to millert@freebsd.org using -f From: Todd Miller To: Perforce Change Reviews Cc: Subject: PERFORCE change 113406 for review X-BeenThere: trustedbsd-cvs@FreeBSD.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: TrustedBSD CVS and Perforce commit message list List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 22 Jan 2007 20:14:34 -0000 http://perforce.freebsd.org/chv.cgi?CH=113406 Change 113406 by millert@millert_macbook on 2007/01/22 20:04:12 Move /System labeling from DirectoryService.fc to darwin.fc. Label /Library Label /.Trashes as tmp_t. Affected files ... .. //depot/projects/trustedbsd/sedarwin8/policies/sedarwin/refpolicy/policy/modules/darwin/DirectoryService.fc#5 edit .. //depot/projects/trustedbsd/sedarwin8/policies/sedarwin/refpolicy/policy/modules/system/darwin.fc#8 edit Differences ... ==== //depot/projects/trustedbsd/sedarwin8/policies/sedarwin/refpolicy/policy/modules/darwin/DirectoryService.fc#5 (text+ko) ==== @@ -12,6 +12,3 @@ /private/var/run/.DSRunningSP1 -- gen_context(system_u:object_r:DirectoryService_var_run_t,s0) - -#/System -/System -d gen_context(system_u:object_r:darwin_system_t,s0) ==== //depot/projects/trustedbsd/sedarwin8/policies/sedarwin/refpolicy/policy/modules/system/darwin.fc#8 (text+ko) ==== @@ -10,10 +10,12 @@ # # /System # +/System.* gen_context(system_u:object_r:darwin_system_t,s0) /System/Library/LoginPlugins.* gen_context(system_u:object_r:darwin_loginplugin_t,s0) /System/Library/Caches.* gen_context(system_u:object_r:darwin_cache_t,s0) /System/Library/Services.* gen_context(system_u:object_r:darwin_services_t,s0) /System/Library/Security.* gen_context(system_u:object_r:darwin_security_t,s0) +/System/Library/StartupItems.* gen_context(system_u:object_r:darwin_startup_t,s0) /System/Library/CoreServices.* gen_context(system_u:object_r:darwin_CoreServices_t,s0) /System/Library/ColorSync.* gen_context(system_u:object_r:darwin_resource_t,s0) @@ -25,6 +27,7 @@ # # /Library # +/Library.* gen_context(system_u:object_r:lib_t,s0) /Library/Caches.* gen_context(system_u:object_r:darwin_cache_t,s0) /Library/ColorSync.* gen_context(system_u:object_r:darwin_resource_t,s0) /Library/Preferences/.GlobalPreferences.plist -- gen_context(system_u:object_r:darwin_global_pref_t,s0) @@ -34,3 +37,6 @@ # Kernel /mach_kernel -- gen_context(system_u:object_r:boot_t,s0) + +# Misc +/.Trashes.* gen_context(system_u:object_r:tmp_t,s0)