rpms/selinux-policy/devel policy-20060104.patch, 1.17, 1.18 sources, 1.29, 1.30
fedora-cvs-commits at redhat.com
fedora-cvs-commits at redhat.com
Thu Jan 19 19:10:51 UTC 2006
- Previous message (by thread): rpms/selinux-policy/devel .cvsignore, 1.26, 1.27 modules-targeted.conf, 1.11, 1.12 policy-20060104.patch, 1.16, 1.17 selinux-policy.spec, 1.87, 1.88 sources, 1.28, 1.29
- Next message (by thread): rpms/firstboot/devel .cvsignore, 1.42, 1.43 firstboot.spec, 1.61, 1.62 sources, 1.58, 1.59
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
Author: dwalsh
Update of /cvs/dist/rpms/selinux-policy/devel
In directory cvs.devel.redhat.com:/tmp/cvs-serv27920
Modified Files:
policy-20060104.patch sources
Log Message:
* Wed Jan 18 2006 Dan Walsh <dwalsh at redhat.com> 2.2.2-1
- Update to upstream
- Turn off execheap execstack for unconfined users
- Add mono/wine policy to allow execheap and execstack for them
- Add execheap for Xdm policy
policy-20060104.patch:
Makefile | 2 +-
policy/global_tunables | 4 ++++
policy/modules/admin/logwatch.te | 7 +++++++
policy/modules/apps/java.te | 1 +
policy/modules/apps/mono.fc | 2 ++
policy/modules/apps/mono.if | 23 +++++++++++++++++++++++
policy/modules/apps/mono.te | 25 +++++++++++++++++++++++++
policy/modules/apps/wine.fc | 2 ++
policy/modules/apps/wine.if | 23 +++++++++++++++++++++++
policy/modules/apps/wine.te | 25 +++++++++++++++++++++++++
policy/modules/kernel/filesystem.if | 16 ++++++++++++++++
policy/modules/services/bind.if | 1 +
policy/modules/services/xdm.te | 2 +-
policy/modules/system/libraries.fc | 2 +-
policy/modules/system/unconfined.if | 6 ++++++
policy/modules/system/unconfined.te | 15 ++++++++-------
policy/users | 8 +++++---
17 files changed, 151 insertions(+), 13 deletions(-)
Index: policy-20060104.patch
===================================================================
RCS file: /cvs/dist/rpms/selinux-policy/devel/policy-20060104.patch,v
retrieving revision 1.17
retrieving revision 1.18
diff -u -r1.17 -r1.18
--- policy-20060104.patch 19 Jan 2006 19:08:32 -0000 1.17
+++ policy-20060104.patch 19 Jan 2006 19:10:47 -0000 1.18
@@ -187,18 +187,6 @@
+ role system_r types wine_t;
+ allow wine_t file_type:file execmod;
+')
-diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/kernel/domain.if serefpolicy-2.2.2/policy/modules/kernel/domain.if
---- nsaserefpolicy/policy/modules/kernel/domain.if 2006-01-19 10:00:40.000000000 -0500
-+++ serefpolicy-2.2.2/policy/modules/kernel/domain.if 2006-01-19 10:42:31.000000000 -0500
-@@ -1122,7 +1122,7 @@
- allow $1 domain:fifo_file rw_file_perms;
-
- # Act upon any other process.
-- allow $1 domain:process ~{ transition dyntransition execmem };
-+ allow $1 domain:process ~{ transition dyntransition execmem execheap execstack };
-
- # Create/access any System V IPC objects.
- allow $1 domain:{ sem msgq shm } *;
diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/kernel/filesystem.if serefpolicy-2.2.2/policy/modules/kernel/filesystem.if
--- nsaserefpolicy/policy/modules/kernel/filesystem.if 2006-01-19 10:00:41.000000000 -0500
+++ serefpolicy-2.2.2/policy/modules/kernel/filesystem.if 2006-01-19 10:42:14.000000000 -0500
Index: sources
===================================================================
RCS file: /cvs/dist/rpms/selinux-policy/devel/sources,v
retrieving revision 1.29
retrieving revision 1.30
diff -u -r1.29 -r1.30
--- sources 19 Jan 2006 19:08:33 -0000 1.29
+++ sources 19 Jan 2006 19:10:47 -0000 1.30
@@ -1 +1 @@
-63242331a275d209ef381bb16b7e3cc0 serefpolicy-2.2.2.tgz
+03fb99f3d053bbf734843c84ba8e3d9b serefpolicy-2.2.2.tgz
- Previous message (by thread): rpms/selinux-policy/devel .cvsignore, 1.26, 1.27 modules-targeted.conf, 1.11, 1.12 policy-20060104.patch, 1.16, 1.17 selinux-policy.spec, 1.87, 1.88 sources, 1.28, 1.29
- Next message (by thread): rpms/firstboot/devel .cvsignore, 1.42, 1.43 firstboot.spec, 1.61, 1.62 sources, 1.58, 1.59
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
More information about the fedora-cvs-commits
mailing list