Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

files context : few fixes for merged-usr distro_gentoo #823

Open
wants to merge 1 commit into
base: main
Choose a base branch
from
Open

files context : few fixes for merged-usr distro_gentoo #823

wants to merge 1 commit into from

Conversation

PPN-SD
Copy link

@PPN-SD PPN-SD commented Oct 18, 2024

No description provided.

pebenito
pebenito requested changes Oct 19, 2024
View reviewed changes
Copy link
Member

@pebenito pebenito left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@perfinion , @0xC0ncord any other thoughts, in a Gentoo-specific context?

policy/modules/services/apache.fc Outdated Show resolved Hide resolved
policy/modules/services/rpc.fc Outdated Show resolved Hide resolved
@PPN-SD
files context : few fixes for merged-usr distro_gentoo
ac836b0 
Signed-off-by: Nicolas PARLANT <nicolas.parlant@parhuet.fr>
@0xC0ncord
Copy link
Contributor

0xC0ncord commented Oct 21, 2024
edited
Loading

Sorry for the delay.

These changes look good for refpolicy, but I'll have to remember to adjust this for nginx in Gentoo as we are currently shipping a policy for it that is separate from the apache/httpd policy.

PPN-SD added a commit to PPN-SD/hardened-refpolicy that referenced this pull request Oct 21, 2024
@PPN-SD
usrmerge : fix file context for nginx
ebd7070 
See : SELinuxProject/refpolicy#823

Signed-off-by: Nicolas PARLANT <nicolas.parlant@parhuet.fr>
@PPN-SD PPN-SD mentioned this pull request Oct 21, 2024
Open
@PPN-SD
Copy link
Author

PPN-SD commented Oct 21, 2024

Sorry for the delay.

These changes look good for refpolicy, but I'll have to remember to adjust this for nginx in Gentoo as we are currently shipping a policy for it that is separate from the apache/httpd policy.

Done, before the memory goes away :-)
gentoo/hardened-refpolicy#4

@pebenito
Copy link
Member

Sorry for the delay.

These changes look good for refpolicy, but I'll have to remember to adjust this for nginx in Gentoo as we are currently shipping a policy for it that is separate from the apache/httpd policy.

How different is this? Apache is pretty heavyweight, so a more trim policy for nginx might be upstreamable.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@pebenito pebenito pebenito requested changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@PPN-SD @0xC0ncord @pebenito