rpms/selinux-policy/devel policy-20051208.patch, 1.33, 1.34 selinux-policy.spec, 1.69, 1.70
fedora-cvs-commits at redhat.com
fedora-cvs-commits at redhat.com
Mon Jan 2 19:56:20 UTC 2006
- Previous message (by thread): rpms/selinux-policy/devel policy-20051208.patch, 1.32, 1.33 selinux-policy.spec, 1.68, 1.69
- Next message (by thread): rpms/glibc/devel .cvsignore, 1.127, 1.128 glibc-fedora.patch, 1.118, 1.119 glibc.spec, 1.199, 1.200 sources, 1.149, 1.150 glibc-s390-mangling.patch, 1.3, NONE
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
Author: dwalsh
Update of /cvs/dist/rpms/selinux-policy/devel
In directory cvs.devel.redhat.com:/tmp/cvs-serv26249
Modified Files:
policy-20051208.patch selinux-policy.spec
Log Message:
* Mon Jan 2 2006 Dan Walsh <dwalsh at redhat.com> 2.1.6-22
- Fix dovecot to allow dovecot_auth to look at /tmp
policy-20051208.patch:
Makefile | 2
Rules.modular | 10
config/appconfig-strict-mcs/default_type | 6
config/appconfig-strict-mls/default_type | 7
config/appconfig-strict-mls/initrc_context | 2
config/appconfig-targeted-mcs/default_type | 2
config/appconfig-targeted-mls/default_type | 2
config/appconfig-targeted-mls/initrc_context | 2
man/man8/ftpd_selinux.8 | 56 ++++
man/man8/httpd_selinux.8 | 123 ++++++++
man/man8/kerberos_selinux.8 | 31 ++
man/man8/named_selinux.8 | 29 ++
man/man8/nfs_selinux.8 | 30 ++
man/man8/nis_selinux.8 | 1
man/man8/rsync_selinux.8 | 41 ++
man/man8/samba_selinux.8 | 60 ++++
man/man8/ypbind_selinux.8 | 19 +
policy/global_tunables | 3
policy/mcs | 321 ++++-------------------
policy/mls | 371 +++++----------------------
policy/modules/admin/amanda.te | 4
policy/modules/admin/kudzu.te | 9
policy/modules/admin/logrotate.te | 4
policy/modules/admin/rpm.fc | 1
policy/modules/admin/rpm.te | 19 -
policy/modules/admin/tmpreaper.te | 3
policy/modules/admin/usermanage.te | 15 -
policy/modules/apps/java.fc | 4
policy/modules/apps/java.if | 23 +
policy/modules/apps/java.te | 25 +
policy/modules/apps/webalizer.te | 1
policy/modules/kernel/corecommands.te | 6
policy/modules/kernel/corenetwork.te.in | 12
policy/modules/kernel/devices.fc | 9
policy/modules/kernel/domain.if | 1
policy/modules/kernel/domain.te | 4
policy/modules/kernel/files.fc | 27 +
policy/modules/kernel/files.if | 17 +
policy/modules/kernel/kernel.if | 3
policy/modules/kernel/kernel.te | 30 +-
policy/modules/kernel/mls.te | 9
policy/modules/kernel/selinux.te | 2
policy/modules/kernel/storage.fc | 46 +--
policy/modules/services/apache.te | 9
policy/modules/services/apm.te | 1
policy/modules/services/automount.te | 9
policy/modules/services/bind.if | 19 +
policy/modules/services/bluetooth.te | 1
policy/modules/services/cron.te | 3
policy/modules/services/cups.te | 7
policy/modules/services/cvs.fc | 2
policy/modules/services/cvs.te | 6
policy/modules/services/dbus.te | 1
policy/modules/services/dovecot.te | 2
policy/modules/services/hal.te | 4
policy/modules/services/ldap.te | 4
policy/modules/services/locate.fc | 4
policy/modules/services/locate.if | 1
policy/modules/services/locate.te | 50 +++
policy/modules/services/logwatch.fc | 3
policy/modules/services/logwatch.if | 1
policy/modules/services/logwatch.te | 103 +++++++
policy/modules/services/mta.te | 13
policy/modules/services/ppp.te | 4
policy/modules/services/prelink.fc | 7
policy/modules/services/prelink.if | 39 ++
policy/modules/services/prelink.te | 64 ++++
policy/modules/services/remotelogin.te | 1
policy/modules/services/samba.if | 1
policy/modules/services/sasl.te | 8
policy/modules/services/sendmail.te | 36 --
policy/modules/services/ssh.te | 10
policy/modules/services/xdm.te | 4
policy/modules/system/authlogin.if | 12
policy/modules/system/authlogin.te | 1
policy/modules/system/getty.te | 3
policy/modules/system/hostname.if | 15 +
policy/modules/system/hostname.te | 37 --
policy/modules/system/init.if | 14 +
policy/modules/system/init.te | 22 +
policy/modules/system/iptables.te | 2
policy/modules/system/libraries.fc | 8
policy/modules/system/libraries.te | 4
policy/modules/system/locallogin.te | 2
policy/modules/system/logging.fc | 7
policy/modules/system/logging.if | 21 +
policy/modules/system/logging.te | 5
policy/modules/system/lvm.te | 2
policy/modules/system/mount.te | 2
policy/modules/system/selinuxutil.fc | 6
policy/modules/system/selinuxutil.te | 10
policy/modules/system/udev.fc | 1
policy/modules/system/udev.te | 4
policy/modules/system/unconfined.fc | 2
policy/modules/system/unconfined.te | 9
policy/modules/system/userdomain.fc | 2
policy/modules/system/userdomain.if | 27 +
policy/modules/system/userdomain.te | 16 +
policy/users | 8
99 files changed, 1328 insertions(+), 723 deletions(-)
Index: policy-20051208.patch
===================================================================
RCS file: /cvs/dist/rpms/selinux-policy/devel/policy-20051208.patch,v
retrieving revision 1.33
retrieving revision 1.34
diff -u -r1.33 -r1.34
--- policy-20051208.patch 2 Jan 2006 19:38:23 -0000 1.33
+++ policy-20051208.patch 2 Jan 2006 19:56:17 -0000 1.34
@@ -2205,6 +2205,18 @@
allow system_dbusd_t system_dbusd_tmp_t:dir create_dir_perms;
allow system_dbusd_t system_dbusd_tmp_t:file create_file_perms;
+diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/dovecot.te serefpolicy-2.1.6/policy/modules/services/dovecot.te
+--- nsaserefpolicy/policy/modules/services/dovecot.te 2005-12-13 15:51:50.000000000 -0500
++++ serefpolicy-2.1.6/policy/modules/services/dovecot.te 2006-01-02 14:49:03.000000000 -0500
+@@ -95,6 +95,8 @@
+ files_read_etc_files(dovecot_t)
+ files_search_spool(dovecot_t)
+ files_search_tmp(dovecot_t)
++files_search_tmp(dovecot_auth_t)
++files_dontaudit_list_default(dovecot_t)
+
+ init_use_fd(dovecot_t)
+ init_use_script_pty(dovecot_t)
diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/hal.te serefpolicy-2.1.6/policy/modules/services/hal.te
--- nsaserefpolicy/policy/modules/services/hal.te 2005-12-14 10:38:50.000000000 -0500
+++ serefpolicy-2.1.6/policy/modules/services/hal.te 2005-12-22 15:17:06.000000000 -0500
@@ -3161,6 +3173,18 @@
# Write to /etc/lvm, /etc/lvmtab, /etc/lvmtab.d
allow lvm_t lvm_etc_t:dir rw_dir_perms;
allow lvm_t lvm_metadata_t:file create_file_perms;
+diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/mount.te serefpolicy-2.1.6/policy/modules/system/mount.te
+--- nsaserefpolicy/policy/modules/system/mount.te 2005-12-12 23:05:35.000000000 -0500
++++ serefpolicy-2.1.6/policy/modules/system/mount.te 2006-01-02 13:37:19.000000000 -0500
+@@ -46,7 +46,7 @@
+ fs_search_auto_mountpoints(mount_t)
+ fs_use_tmpfs_chr_dev(mount_t)
+
+-term_use_console(mount_t)
++term_use_all_terms(mount_t)
+
+ # required for mount.smbfs
+ corecmd_exec_sbin(mount_t)
diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/selinuxutil.fc serefpolicy-2.1.6/policy/modules/system/selinuxutil.fc
--- nsaserefpolicy/policy/modules/system/selinuxutil.fc 2005-11-14 18:24:05.000000000 -0500
+++ serefpolicy-2.1.6/policy/modules/system/selinuxutil.fc 2005-12-22 15:17:06.000000000 -0500
Index: selinux-policy.spec
===================================================================
RCS file: /cvs/dist/rpms/selinux-policy/devel/selinux-policy.spec,v
retrieving revision 1.69
retrieving revision 1.70
diff -u -r1.69 -r1.70
--- selinux-policy.spec 2 Jan 2006 19:38:23 -0000 1.69
+++ selinux-policy.spec 2 Jan 2006 19:56:17 -0000 1.70
@@ -7,7 +7,7 @@
Summary: SELinux policy configuration
Name: selinux-policy
Version: 2.1.6
-Release: 21
+Release: 22
License: GPL
Group: System Environment/Base
Source: serefpolicy-%{version}.tgz
@@ -258,6 +258,9 @@
%endif
%changelog
+* Mon Jan 2 2006 Dan Walsh <dwalsh at redhat.com> 2.1.6-22
+- Fix dovecot to allow dovecot_auth to look at /tmp
+
* Mon Jan 2 2006 Dan Walsh <dwalsh at redhat.com> 2.1.6-21
- Allow restorecon to read unlabeled_t directories in order to fix labeling.
- Previous message (by thread): rpms/selinux-policy/devel policy-20051208.patch, 1.32, 1.33 selinux-policy.spec, 1.68, 1.69
- Next message (by thread): rpms/glibc/devel .cvsignore, 1.127, 1.128 glibc-fedora.patch, 1.118, 1.119 glibc.spec, 1.199, 1.200 sources, 1.149, 1.150 glibc-s390-mangling.patch, 1.3, NONE
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
More information about the fedora-cvs-commits
mailing list