rpms/selinux-policy/devel policy-20051208.patch, 1.32, 1.33 selinux-policy.spec, 1.68, 1.69
fedora-cvs-commits at redhat.com
fedora-cvs-commits at redhat.com
Mon Jan 2 19:38:26 UTC 2006
Author: dwalsh
Update of /cvs/dist/rpms/selinux-policy/devel
In directory cvs.devel.redhat.com:/tmp/cvs-serv6893
Modified Files:
policy-20051208.patch selinux-policy.spec
Log Message:
* Mon Jan 2 2006 Dan Walsh <dwalsh at redhat.com> 2.1.6-21
- Allow restorecon to read unlabeled_t directories in order to fix labeling.
policy-20051208.patch:
Makefile | 2
Rules.modular | 10
config/appconfig-strict-mcs/default_type | 6
config/appconfig-strict-mls/default_type | 7
config/appconfig-strict-mls/initrc_context | 2
config/appconfig-targeted-mcs/default_type | 2
config/appconfig-targeted-mls/default_type | 2
config/appconfig-targeted-mls/initrc_context | 2
man/man8/ftpd_selinux.8 | 56 ++++
man/man8/httpd_selinux.8 | 123 ++++++++
man/man8/kerberos_selinux.8 | 31 ++
man/man8/named_selinux.8 | 29 ++
man/man8/nfs_selinux.8 | 30 ++
man/man8/nis_selinux.8 | 1
man/man8/rsync_selinux.8 | 41 ++
man/man8/samba_selinux.8 | 60 ++++
man/man8/ypbind_selinux.8 | 19 +
policy/global_tunables | 3
policy/mcs | 321 ++++-------------------
policy/mls | 371 +++++----------------------
policy/modules/admin/amanda.te | 4
policy/modules/admin/kudzu.te | 9
policy/modules/admin/logrotate.te | 4
policy/modules/admin/rpm.fc | 1
policy/modules/admin/rpm.te | 19 -
policy/modules/admin/tmpreaper.te | 3
policy/modules/admin/usermanage.te | 15 -
policy/modules/apps/java.fc | 4
policy/modules/apps/java.if | 23 +
policy/modules/apps/java.te | 25 +
policy/modules/apps/webalizer.te | 1
policy/modules/kernel/corecommands.te | 6
policy/modules/kernel/corenetwork.te.in | 12
policy/modules/kernel/devices.fc | 9
policy/modules/kernel/domain.if | 1
policy/modules/kernel/domain.te | 4
policy/modules/kernel/files.fc | 27 +
policy/modules/kernel/files.if | 17 +
policy/modules/kernel/kernel.if | 3
policy/modules/kernel/kernel.te | 30 +-
policy/modules/kernel/mls.te | 9
policy/modules/kernel/selinux.te | 2
policy/modules/kernel/storage.fc | 46 +--
policy/modules/services/apache.te | 9
policy/modules/services/apm.te | 1
policy/modules/services/automount.te | 9
policy/modules/services/bind.if | 19 +
policy/modules/services/bluetooth.te | 1
policy/modules/services/cron.te | 3
policy/modules/services/cups.te | 7
policy/modules/services/cvs.fc | 2
policy/modules/services/cvs.te | 6
policy/modules/services/dbus.te | 1
policy/modules/services/hal.te | 4
policy/modules/services/ldap.te | 4
policy/modules/services/locate.fc | 4
policy/modules/services/locate.if | 1
policy/modules/services/locate.te | 50 +++
policy/modules/services/logwatch.fc | 3
policy/modules/services/logwatch.if | 1
policy/modules/services/logwatch.te | 103 +++++++
policy/modules/services/mta.te | 13
policy/modules/services/ppp.te | 4
policy/modules/services/prelink.fc | 7
policy/modules/services/prelink.if | 39 ++
policy/modules/services/prelink.te | 64 ++++
policy/modules/services/remotelogin.te | 1
policy/modules/services/samba.if | 1
policy/modules/services/sasl.te | 8
policy/modules/services/sendmail.te | 36 --
policy/modules/services/ssh.te | 10
policy/modules/services/xdm.te | 4
policy/modules/system/authlogin.if | 12
policy/modules/system/authlogin.te | 1
policy/modules/system/getty.te | 3
policy/modules/system/hostname.if | 15 +
policy/modules/system/hostname.te | 37 --
policy/modules/system/init.if | 14 +
policy/modules/system/init.te | 22 +
policy/modules/system/iptables.te | 2
policy/modules/system/libraries.fc | 8
policy/modules/system/libraries.te | 4
policy/modules/system/locallogin.te | 2
policy/modules/system/logging.fc | 7
policy/modules/system/logging.if | 21 +
policy/modules/system/logging.te | 5
policy/modules/system/lvm.te | 2
policy/modules/system/selinuxutil.fc | 6
policy/modules/system/selinuxutil.te | 10
policy/modules/system/udev.fc | 1
policy/modules/system/udev.te | 4
policy/modules/system/unconfined.fc | 2
policy/modules/system/unconfined.te | 9
policy/modules/system/userdomain.fc | 2
policy/modules/system/userdomain.if | 27 +
policy/modules/system/userdomain.te | 16 +
policy/users | 8
97 files changed, 1325 insertions(+), 722 deletions(-)
Index: policy-20051208.patch
===================================================================
RCS file: /cvs/dist/rpms/selinux-policy/devel/policy-20051208.patch,v
retrieving revision 1.32
retrieving revision 1.33
diff -u -r1.32 -r1.33
--- policy-20051208.patch 2 Jan 2006 13:26:14 -0000 1.32
+++ policy-20051208.patch 2 Jan 2006 19:38:23 -0000 1.33
@@ -1779,7 +1779,7 @@
\ No newline at end of file
diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/kernel/kernel.if serefpolicy-2.1.6/policy/modules/kernel/kernel.if
--- nsaserefpolicy/policy/modules/kernel/kernel.if 2005-12-06 19:49:49.000000000 -0500
-+++ serefpolicy-2.1.6/policy/modules/kernel/kernel.if 2005-12-22 15:17:06.000000000 -0500
++++ serefpolicy-2.1.6/policy/modules/kernel/kernel.if 2006-01-02 12:26:20.000000000 -0500
@@ -436,7 +436,7 @@
type debugfs_t;
')
@@ -1789,6 +1789,14 @@
allow $1 debugfs_t:file r_file_perms;
allow $1 debugfs_t:lnk_file { getattr read };
')
+@@ -1680,6 +1680,7 @@
+ gen_require_set({ getattr relabelfrom },dir_file_class_set)
+ ')
+
++ kernel_list_unlabeled($1)
+ allow $1 unlabeled_t:dir_file_class_set { getattr relabelfrom };
+ ')
+
diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/kernel/kernel.te serefpolicy-2.1.6/policy/modules/kernel/kernel.te
--- nsaserefpolicy/policy/modules/kernel/kernel.te 2005-12-09 23:35:04.000000000 -0500
+++ serefpolicy-2.1.6/policy/modules/kernel/kernel.te 2005-12-22 15:17:06.000000000 -0500
@@ -3171,7 +3179,7 @@
# /root
diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/selinuxutil.te serefpolicy-2.1.6/policy/modules/system/selinuxutil.te
--- nsaserefpolicy/policy/modules/system/selinuxutil.te 2005-12-09 23:35:08.000000000 -0500
-+++ serefpolicy-2.1.6/policy/modules/system/selinuxutil.te 2005-12-22 15:17:06.000000000 -0500
++++ serefpolicy-2.1.6/policy/modules/system/selinuxutil.te 2006-01-02 12:24:12.000000000 -0500
@@ -198,7 +198,6 @@
# cjp: temporary hack to cover
# up stray file descriptors.
Index: selinux-policy.spec
===================================================================
RCS file: /cvs/dist/rpms/selinux-policy/devel/selinux-policy.spec,v
retrieving revision 1.68
retrieving revision 1.69
diff -u -r1.68 -r1.69
--- selinux-policy.spec 2 Jan 2006 13:26:14 -0000 1.68
+++ selinux-policy.spec 2 Jan 2006 19:38:23 -0000 1.69
@@ -7,7 +7,7 @@
Summary: SELinux policy configuration
Name: selinux-policy
Version: 2.1.6
-Release: 20
+Release: 21
License: GPL
Group: System Environment/Base
Source: serefpolicy-%{version}.tgz
@@ -258,6 +258,9 @@
%endif
%changelog
+* Mon Jan 2 2006 Dan Walsh <dwalsh at redhat.com> 2.1.6-21
+- Allow restorecon to read unlabeled_t directories in order to fix labeling.
+
* Fri Dec 30 2005 Dan Walsh <dwalsh at redhat.com> 2.1.6-20
- Add Logwatch policy
More information about the fedora-cvs-commits
mailing list