[yocto] [meta-selinux][PATCH 1/1] refpolicy: fix real path for su.shadow

wenzong.fan at windriver.com wenzong.fan at windriver.com
Thu Feb 13 00:09:21 PST 2014 

From: Wenzong Fan <wenzong.fan at windriver.com>

Signed-off-by: Wenzong Fan <wenzong.fan at windriver.com>
---
 .../poky-fc-fix-real-path_su.patch                 |   25 ++++++++++++++++++++
 .../refpolicy/refpolicy_2.20130424.inc             |    1 +
 2 files changed, 26 insertions(+)
 create mode 100644 recipes-security/refpolicy/refpolicy-2.20130424/poky-fc-fix-real-path_su.patch

diff --git a/recipes-security/refpolicy/refpolicy-2.20130424/poky-fc-fix-real-path_su.patch b/recipes-security/refpolicy/refpolicy-2.20130424/poky-fc-fix-real-path_su.patch
new file mode 100644
index 0000000..b0392ce
--- /dev/null
+++ b/recipes-security/refpolicy/refpolicy-2.20130424/poky-fc-fix-real-path_su.patch
@@ -0,0 +1,25 @@
+From 4affa5e9797f5d51597c9b8e0f2503883c766699 Mon Sep 17 00:00:00 2001
+From: Wenzong Fan <wenzong.fan at windriver.com>
+Date: Thu, 13 Feb 2014 00:33:07 -0500
+Subject: [PATCH] fix real path for su.shadow command
+
+Upstream-Status: Inappropriate [only for Poky]
+
+Signed-off-by: Wenzong Fan <wenzong.fan at windriver.com>
+---
+ policy/modules/admin/su.fc |    2 ++
+ 1 file changed, 2 insertions(+)
+
+diff --git a/policy/modules/admin/su.fc b/policy/modules/admin/su.fc
+index a563687..0f43827 100644
+--- a/policy/modules/admin/su.fc
++++ b/policy/modules/admin/su.fc
+@@ -4,3 +4,5 @@
+ 
+ /usr/(local/)?bin/ksu	--	gen_context(system_u:object_r:su_exec_t,s0)
+ /usr/bin/kdesu		--	gen_context(system_u:object_r:su_exec_t,s0)
++
++/bin/su.shadow		--	gen_context(system_u:object_r:su_exec_t,s0)
+-- 
+1.7.9.5
+
diff --git a/recipes-security/refpolicy/refpolicy_2.20130424.inc b/recipes-security/refpolicy/refpolicy_2.20130424.inc
index 23339e3..9e5e426 100644
--- a/recipes-security/refpolicy/refpolicy_2.20130424.inc
+++ b/recipes-security/refpolicy/refpolicy_2.20130424.inc
@@ -30,6 +30,7 @@ SRC_URI += "file://poky-fc-subs_dist.patch \
             file://poky-fc-udevd.patch \
             file://poky-fc-rpm.patch \
             file://poky-fc-ftpwho-dir.patch \
+            file://poky-fc-fix-real-path_su.patch \
            "
 
 # Specific policy for Poky
-- 
1.7.9.5

More information about the yocto mailing list