Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

files context : few fixes for merged-usr distro_gentoo #823

Merged
merged 1 commit into from
Oct 24, 2024
Merged

files context : few fixes for merged-usr distro_gentoo #823

merged 1 commit into from
Oct 24, 2024

Conversation

PPN-SD
Copy link
Contributor

@PPN-SD PPN-SD commented Oct 18, 2024

No description provided.

pebenito
pebenito requested changes Oct 19, 2024
View reviewed changes
Copy link
Member

@pebenito pebenito left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@perfinion , @0xC0ncord any other thoughts, in a Gentoo-specific context?

policy/modules/services/apache.fc Outdated Show resolved Hide resolved
policy/modules/services/rpc.fc Outdated Show resolved Hide resolved
@PPN-SD PPN-SD force-pushed the upd-usrmerge-gentoo branch from 8885ca6 to ac836b0 Compare October 21, 2024 14:03
@0xC0ncord
Copy link
Contributor

0xC0ncord commented Oct 21, 2024
edited
Loading

Sorry for the delay.

These changes look good for refpolicy, but I'll have to remember to adjust this for nginx in Gentoo as we are currently shipping a policy for it that is separate from the apache/httpd policy.

PPN-SD added a commit to PPN-SD/hardened-refpolicy that referenced this pull request Oct 21, 2024
@PPN-SD
usrmerge : fix file context for nginx
ebd7070 
See : SELinuxProject/refpolicy#823

Signed-off-by: Nicolas PARLANT <[email protected]>
@PPN-SD PPN-SD mentioned this pull request Oct 21, 2024
Closed
@PPN-SD
Copy link
Contributor Author

PPN-SD commented Oct 21, 2024

Sorry for the delay.

These changes look good for refpolicy, but I'll have to remember to adjust this for nginx in Gentoo as we are currently shipping a policy for it that is separate from the apache/httpd policy.

Done, before the memory goes away :-)
gentoo/hardened-refpolicy#4

@pebenito
Copy link
Member

Sorry for the delay.

These changes look good for refpolicy, but I'll have to remember to adjust this for nginx in Gentoo as we are currently shipping a policy for it that is separate from the apache/httpd policy.

How different is this? Apache is pretty heavyweight, so a more trim policy for nginx might be upstreamable.

@0xC0ncord
Copy link
Contributor

How different is this? Apache is pretty heavyweight, so a more trim policy for nginx might be upstreamable.

It's pretty much just a slimmer httpd policy. I'm hoping to start upstreaming it and other Gentoo policies soon. :)

@pebenito pebenito merged commit 7d464eb into SELinuxProject:main Oct 24, 2024
117 checks passed
@PPN-SD PPN-SD deleted the upd-usrmerge-gentoo branch October 24, 2024 14:50
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@pebenito pebenito pebenito approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@PPN-SD @0xC0ncord @pebenito