[refpolicy] [PATCH 6/6] Further enhance portage git support

Sven Vermeulen sven.vermeulen at siphos.be
Tue Jul 3 14:18:59 CDT 2012


The git sources for ebuilds that use the git-2 eclass are stored in egit-src.

In this patch, we also allow connections towards git services.

Signed-off-by: Sven Vermeulen <sven.vermeulen at siphos.be>
---
 portage.fc |    1 +
 portage.if |    1 +
 2 files changed, 2 insertions(+), 0 deletions(-)

diff --git a/portage.fc b/portage.fc
index 2f6b86b..d9b2a90 100644
--- a/portage.fc
+++ b/portage.fc
@@ -18,6 +18,7 @@
 
 /usr/portage(/.*)?			gen_context(system_u:object_r:portage_ebuild_t,s0)
 /usr/portage/distfiles/cvs-src(/.*)?	gen_context(system_u:object_r:portage_srcrepo_t,s0)
+/usr/portage/distfiles/egit-src(/.*)?	gen_context(system_u:object_r:portage_srcrepo_t,s0)
 /usr/portage/distfiles/git-src(/.*)?	gen_context(system_u:object_r:portage_srcrepo_t,s0)
 /usr/portage/distfiles/svn-src(/.*)?	gen_context(system_u:object_r:portage_srcrepo_t,s0)
 
diff --git a/portage.if b/portage.if
index b4bb48a..08ac5af 100644
--- a/portage.if
+++ b/portage.if
@@ -151,6 +151,7 @@ interface(`portage_compile_domain',`
 	corenet_udp_sendrecv_all_ports($1)
 	corenet_tcp_connect_all_reserved_ports($1)
 	corenet_tcp_connect_distccd_port($1)
+	corenet_tcp_connect_git_port($1)
 
 	dev_read_sysfs($1)
 	dev_read_rand($1)
-- 
1.7.8.6



More information about the refpolicy mailing list