From f2e2f09d56b044b87141eaefa8b571e6c814b3bf Mon Sep 17 00:00:00 2001
From: Kevin Mihelich <kevin@archlinuxarm.org>
Date: Mon, 18 Aug 2014 12:21:47 +0000
Subject: [PATCH] community/gradm to 3.0.201407222118-2

---
 community/gradm/PKGBUILD |  4 ++--
 community/gradm/policy   | 17 ++++++++---------
 2 files changed, 10 insertions(+), 11 deletions(-)

diff --git a/community/gradm/PKGBUILD b/community/gradm/PKGBUILD
index 8acf00088..caa7e0d91 100644
--- a/community/gradm/PKGBUILD
+++ b/community/gradm/PKGBUILD
@@ -12,7 +12,7 @@ pkgname=gradm
 _version=3.0
 _timestamp=201407222118
 pkgver=3.0.$_timestamp
-pkgrel=1
+pkgrel=2
 pkgdesc="Administration utility for grsecurity's Role Based Access Control (RBAC)"
 arch=(i686 x86_64)
 url=https://grsecurity.net/
@@ -25,7 +25,7 @@ source=(https://grsecurity.net/stable/$pkgname-$_version-$_timestamp.tar.gz
 sha256sums=('6c29274d63293540646be8c8c2c131654ec307b17674c25085b352305562e7e8'
             'SKIP'
             '704ea6ba7f748761735cbe1cf52ef04f53eab1a1e9ea1bdcb6abaaf4a641e44d'
-            '0d069e28845f789d0e9da82fc6dffa368ab71b2ca4ab37e0d3e3c6951e82d98a')
+            '1ddc7eede746da2ac321a2a46facefbe98992123d950b1c1240aa4d360cbc7c4')
 
 prepare() {
   cd $pkgname
diff --git a/community/gradm/policy b/community/gradm/policy
index 9d97a2a99..30a353ca5 100644
--- a/community/gradm/policy
+++ b/community/gradm/policy
@@ -370,7 +370,6 @@ subject /usr/bin/sshd dpo
 	/*		h
 	/usr/bin/bash	x
 	/dev		h
-	/dev/log	rw
 	/dev/random	r
 	/dev/urandom	r
 	/dev/null	rw
@@ -400,6 +399,7 @@ subject /usr/bin/sshd dpo
 	/var/log/wtmp		w
 	/var/run
 	/run
+	/run/systemd/journal/dev-log	rw
 	/var/run/sshd
 	/var/run/utmp		rw
 	/var/run/utmpx		rw
@@ -413,7 +413,6 @@ subject /usr/bin/sshd dpo
 	+CAP_SYS_RESOURCE
 	+CAP_SYS_TTY_CONFIG
 	+CAP_AUDIT_WRITE
-	+CAP_KILL
 	# to access user keys
 	+CAP_DAC_OVERRIDE
 
@@ -428,10 +427,10 @@ subject /usr/bin/ssh
 	/etc/ssh/ssh_config r
 
 subject /usr/bin/postgres
-	/dev/log rw
+	/run/systemd/journal/dev-log	rw
 
 subject /usr/bin/exim
-	/dev/log rw
+	/run/systemd/journal/dev-log	rw
 
 subject /usr/bin/syslog-ng
 	+CAP_SYS_ADMIN
@@ -440,21 +439,21 @@ subject /usr/bin/rsyslogd
 	+CAP_SYS_ADMIN
 
 subject /usr/bin/cron
-	/dev/log rw
+	/run/systemd/journal/dev-log	rw
 
 subject /usr/bin/crond
-	/dev/log rw
+	/run/systemd/journal/dev-log	rw
 
 subject /usr/bin/login
-	/dev/log rw
+	/run/systemd/journal/dev-log	rw
 	/var/log/wtmp w
 	/var/log/faillog rwcd
 
 subject /usr/bin/su
-	/dev/log rw
+	/run/systemd/journal/dev-log	rw
 
 subject /usr/bin/sudo
-	/dev/log rw
+	/run/systemd/journal/dev-log	rw
 
 subject /usr/bin/agetty
 	/var/log/wtmp w