rpms/selinux-policy-strict/devel policy-20050606.patch, 1.2, 1.3 selinux-policy-strict.spec, 1.318, 1.319
fedora-cvs-commits at redhat.com
fedora-cvs-commits at redhat.com
Thu Jun 9 16:04:00 UTC 2005
Author: dwalsh
Update of /cvs/dist/rpms/selinux-policy-strict/devel
In directory cvs.devel.redhat.com:/tmp/cvs-serv6895
Modified Files:
policy-20050606.patch selinux-policy-strict.spec
Log Message:
* Thu Jun 9 2005 Dan Walsh <dwalsh at redhat.com> 1.23.18-3
- Add /etc/profile.d/selinux.sh /etc/profile.d/selinux.csh for strict
- move ice_tmp_t definition for mls
policy-20050606.patch:
attrib.te | 2
domains/misc/kernel.te | 7
domains/program/bonobo.te | 9 +
domains/program/ethereal.te | 48 ++++++
domains/program/fsadm.te | 5
domains/program/gnome_vfs.te | 9 +
domains/program/init.te | 4
domains/program/initrc.te | 2
domains/program/klogd.te | 2
domains/program/login.te | 2
domains/program/modutil.te | 2
domains/program/mount.te | 2
domains/program/restorecon.te | 2
domains/program/ssh.te | 2
domains/program/syslogd.te | 2
domains/program/unused/acct.te | 2
domains/program/unused/alsa.te | 17 ++
domains/program/unused/apache.te | 2
domains/program/unused/bonobo.te | 9 +
domains/program/unused/consoletype.te | 2
domains/program/unused/cups.te | 6
domains/program/unused/ethereal.te | 73 ++++++++++
domains/program/unused/evolution.te | 13 +
domains/program/unused/gconf.te | 12 +
domains/program/unused/gift.te | 4
domains/program/unused/gnome.te | 7
domains/program/unused/i18n_input.te | 1
domains/program/unused/iceauth.te | 12 +
domains/program/unused/orbit.te | 7
domains/program/unused/pamconsole.te | 2
domains/program/unused/ping.te | 2
domains/program/unused/rpcd.te | 3
domains/program/unused/thunderbird.te | 9 +
domains/program/unused/udev.te | 2
domains/program/unused/xdm.te | 5
domains/program/unused/xserver.te | 3
file_contexts/distros.fc | 2
file_contexts/program/alsa.fc | 3
file_contexts/program/apache.fc | 2
file_contexts/program/bonobo.fc | 1
file_contexts/program/ethereal.fc | 3
file_contexts/program/evolution.fc | 8 +
file_contexts/program/fontconfig.fc | 6
file_contexts/program/gconf.fc | 5
file_contexts/program/gnome.fc | 9 +
file_contexts/program/gnome_vfs.fc | 1
file_contexts/program/iceauth.fc | 3
file_contexts/program/mozilla.fc | 3
file_contexts/program/orbit.fc | 3
file_contexts/program/thunderbird.fc | 2
file_contexts/program/xdm.fc | 1
file_contexts/program/xserver.fc | 2
file_contexts/types.fc | 2
macros/admin_macros.te | 5
macros/base_user_macros.te | 29 +++-
macros/global_macros.te | 60 +++++---
macros/program/bonobo_macros.te | 118 ++++++++++++++++
macros/program/ethereal_macros.te | 61 ++++++++
macros/program/evolution_macros.te | 240 ++++++++++++++++++++++++++++++++++
macros/program/fontconfig_macros.te | 36 ++++-
macros/program/games_domain.te | 38 +----
macros/program/gconf_macros.te | 56 +++++++
macros/program/gift_macros.te | 54 +------
macros/program/gnome_macros.te | 113 ++++++++++++++++
macros/program/gnome_vfs_macros.te | 49 ++++++
macros/program/ice_macros.te | 42 +++++
macros/program/iceauth_macros.te | 34 ++++
macros/program/mail_client_macros.te | 60 ++++++++
macros/program/mozilla_macros.te | 63 +++-----
macros/program/orbit_macros.te | 44 ++++++
macros/program/spamassassin_macros.te | 7
macros/program/thunderbird_macros.te | 59 ++++++++
macros/program/x_client_macros.te | 9 -
macros/program/xauth_macros.te | 2
macros/program/xserver_macros.te | 17 +-
mls | 41 ++---
net_contexts | 25 +--
targeted/domains/program/crond.te | 2
targeted/domains/unconfined.te | 3
tunables/distro.tun | 2
tunables/tunable.tun | 4
types/device.te | 7
types/devpts.te | 2
types/file.te | 4
types/network.te | 8 -
types/security.te | 2
86 files changed, 1413 insertions(+), 232 deletions(-)
Index: policy-20050606.patch
===================================================================
RCS file: /cvs/dist/rpms/selinux-policy-strict/devel/policy-20050606.patch,v
retrieving revision 1.2
retrieving revision 1.3
diff -u -r1.2 -r1.3
--- policy-20050606.patch 9 Jun 2005 03:01:37 -0000 1.2
+++ policy-20050606.patch 9 Jun 2005 16:03:57 -0000 1.3
@@ -581,18 +581,17 @@
allow xdm_xserver_t user_home_type:file { getattr read };
diff --exclude-from=exclude -N -u -r nsapolicy/domains/program/unused/xserver.te policy-1.23.18/domains/program/unused/xserver.te
--- nsapolicy/domains/program/unused/xserver.te 2005-05-07 00:41:11.000000000 -0400
-+++ policy-1.23.18/domains/program/unused/xserver.te 2005-06-08 09:04:15.000000000 -0400
-@@ -14,8 +14,8 @@
++++ policy-1.23.18/domains/program/unused/xserver.te 2005-06-08 23:15:10.000000000 -0400
+@@ -14,9 +14,6 @@
type xkb_var_lib_t, file_type, sysadmfile, usercanread;
typealias xkb_var_lib_t alias var_lib_xkb_t;
-# Allow the xserver to check for fonts in ~/.gnome or ~/.kde
-bool allow_xserver_home_fonts false;
-+# type for /tmp/.ICE-unix
-+type ice_tmp_t, file_type, sysadmfile, tmpfile;
-
+-
# Everything else is in the xserver_domain macro in
# macros/program/xserver_macros.te.
+
diff --exclude-from=exclude -N -u -r nsapolicy/file_contexts/distros.fc policy-1.23.18/file_contexts/distros.fc
--- nsapolicy/file_contexts/distros.fc 2005-05-25 11:28:10.000000000 -0400
+++ policy-1.23.18/file_contexts/distros.fc 2005-06-08 09:04:15.000000000 -0400
@@ -2647,13 +2646,16 @@
# devpts_t is the type of the devpts file system and
diff --exclude-from=exclude -N -u -r nsapolicy/types/file.te policy-1.23.18/types/file.te
--- nsapolicy/types/file.te 2005-05-25 11:28:11.000000000 -0400
-+++ policy-1.23.18/types/file.te 2005-06-08 22:49:18.000000000 -0400
-@@ -325,4 +325,4 @@
++++ policy-1.23.18/types/file.te 2005-06-08 23:14:54.000000000 -0400
+@@ -325,4 +325,8 @@
# Type for anonymous FTP data, used by ftp and rsync
type ftpd_anon_t, file_type, sysadmfile, customizable;
--
+allow customizable self:filesystem associate;
++
++# type for /tmp/.ICE-unix
++type ice_tmp_t, file_type, sysadmfile, tmpfile;
+
diff --exclude-from=exclude -N -u -r nsapolicy/types/network.te policy-1.23.18/types/network.te
--- nsapolicy/types/network.te 2005-05-25 11:28:11.000000000 -0400
+++ policy-1.23.18/types/network.te 2005-06-08 09:04:15.000000000 -0400
Index: selinux-policy-strict.spec
===================================================================
RCS file: /cvs/dist/rpms/selinux-policy-strict/devel/selinux-policy-strict.spec,v
retrieving revision 1.318
retrieving revision 1.319
diff -u -r1.318 -r1.319
--- selinux-policy-strict.spec 9 Jun 2005 03:01:38 -0000 1.318
+++ selinux-policy-strict.spec 9 Jun 2005 16:03:57 -0000 1.319
@@ -11,11 +11,13 @@
Summary: SELinux %{type} policy configuration
Name: selinux-policy-%{type}
Version: 1.23.18
-Release: 2
+Release: 3
License: GPL
Group: System Environment/Base
Source: http://www.nsa.gov/selinux/archives/policy-%{version}.tgz
Source1: booleans
+Source2: selinux.sh
+Source3: selinux.csh
Prefix: %{_prefix}
BuildRoot: %{_tmppath}/%{name}-buildroot
Patch: policy-20050606.patch
@@ -71,6 +73,8 @@
touch ${RPM_BUILD_ROOT}%{_sysconfdir}/selinux/%{type}/src/policy/policy.conf
touch ${RPM_BUILD_ROOT}%{_sysconfdir}/selinux/config
touch ${RPM_BUILD_ROOT}%{_sysconfdir}/selinux/%{type}/booleans.local
+install -m0755 %{SOURCE2} ${_sysconfdir}/profile.d/
+install -m0755 %{SOURCE3} ${_sysconfdir}/profile.d/
%clean
rm -rf ${RPM_BUILD_ROOT}
@@ -104,6 +108,8 @@
%config(noreplace) %{_sysconfdir}/selinux/%{type}/users/local.users
%{_sysconfdir}/selinux/%{type}/contexts/customizable_types
%{_mandir}/man8/*
+%{_sysconfdir}/profile.d/selinux.sh
+%{_sysconfdir}/profile.d/selinux.csh
%pre
if [ -f %{FILE_CONTEXT} ]; then
@@ -220,6 +226,10 @@
exit 0
%changelog
+* Thu Jun 9 2005 Dan Walsh <dwalsh at redhat.com> 1.23.18-3
+- Add /etc/profile.d/selinux.sh /etc/profile.d/selinux.csh for strict
+- move ice_tmp_t definition for mls
+
* Wed Jun 8 2005 Dan Walsh <dwalsh at redhat.com> 1.23.18-2
- Add alsa policy
- Policy cleanup from Ivan
More information about the fedora-cvs-commits
mailing list