From owner-p4-projects Tue Dec 31 8:48: 2 2002 Delivered-To: p4-projects@freebsd.org Received: by hub.freebsd.org (Postfix, from userid 32767) id 8A29A37B407; Tue, 31 Dec 2002 08:48:00 -0800 (PST) Delivered-To: perforce@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 25CDF37B406 for ; Tue, 31 Dec 2002 08:48:00 -0800 (PST) Received: from repoman.freebsd.org (repoman.freebsd.org [216.136.204.115]) by mx1.FreeBSD.org (Postfix) with ESMTP id B345A43ED4 for ; Tue, 31 Dec 2002 08:47:59 -0800 (PST) (envelope-from green@freebsd.org) Received: from repoman.freebsd.org (localhost [127.0.0.1]) by repoman.freebsd.org (8.12.6/8.12.6) with ESMTP id gBVGlxfh078191 for ; Tue, 31 Dec 2002 08:47:59 -0800 (PST) (envelope-from green@freebsd.org) Received: (from perforce@localhost) by repoman.freebsd.org (8.12.6/8.12.6/Submit) id gBVGlxVi078188 for perforce@freebsd.org; Tue, 31 Dec 2002 08:47:59 -0800 (PST) Date: Tue, 31 Dec 2002 08:47:59 -0800 (PST) Message-Id: <200212311647.gBVGlxVi078188@repoman.freebsd.org> X-Authentication-Warning: repoman.freebsd.org: perforce set sender to green@freebsd.org using -f From: Brian Feldman Subject: PERFORCE change 22981 for review To: Perforce Change Reviews Sender: owner-p4-projects@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG http://perforce.freebsd.org/chv.cgi?CH=22981 Change 22981 by green@green_laptop_2 on 2002/12/31 08:47:36 * consolectl_t should not exist; /dev/consolectl is really just "syscons(4)'s /dev/console" and as such should have the same label. * /dev/ttyv* should have tty_device_t labels, not the same label as /dev/tty has. Affected files ... .. //depot/projects/trustedbsd/mac/contrib/sebsd/policy/domains/program/moused.te#2 edit .. //depot/projects/trustedbsd/mac/contrib/sebsd/policy/genfs_contexts#5 edit Differences ... ==== //depot/projects/trustedbsd/mac/contrib/sebsd/policy/domains/program/moused.te#2 (text+ko) ==== @@ -8,7 +8,7 @@ # # moused_t is the domain of the console mouse server. # moused_exec_t is the type of the console mouse server program. -# consolectl_t is the type of the pseudo-mouse device that the +# sysmouse_device_t is the type of the pseudo-mouse device that the # console mouse server controls. # type moused_t, domain, privlog; @@ -16,13 +16,12 @@ every_domain(moused_t) type moused_exec_t, file_type, sysadmfile, exec_type; domain_auto_trans(initrc_t, moused_exec_t, moused_t) -type consolectl_t, file_type; type moused_var_run_t, file_type, sysadmfile, pidfile; file_type_auto_trans(moused_t, var_run_t, moused_var_run_t) -# Access consolectl and sysmouse. -allow moused_t consolectl_t:chr_file rw_file_perms; +# Access /dev/console{,ctl} and sysmouse. +allow moused_t console_device_t:chr_file rw_file_perms; allow moused_t sysmouse_device_t:chr_file rw_file_perms; # Access the mouse. ==== //depot/projects/trustedbsd/mac/contrib/sebsd/policy/genfs_contexts#5 (text+ko) ==== @@ -44,6 +44,7 @@ genfscon devfs /random system_u:object_r:random_device_t genfscon devfs /urandom system_u:object_r:random_device_t genfscon devfs /tty system_u:object_r:devtty_t +genfscon devfs /ttyv system_u:object_r:tty_device_t genfscon devfs /pty system_u:object_r:devpts_t genfscon devfs /ttyp system_u:object_r:devpts_t genfscon devfs /ttyq system_u:object_r:devpts_t @@ -69,7 +70,6 @@ genfscon devfs /psm system_u:object_r:mouse_device_t genfscon devfs /ums system_u:object_r:mouse_device_t genfscon devfs /sysmouse system_u:object_r:sysmouse_device_t -genfscon devfs /consolectl system_u:object_r:consolectl_t genfscon devfs /gpmctl system_u:object_r:gpmctl_t genfscon devfs /ptmx system_u:object_r:ptmx_t genfscon devfs /acpi system_u:object_r:apm_bios_t To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe p4-projects" in the body of the message