rpms/selinux-policy/devel policy-20060104.patch, 1.17, 1.18 sources, 1.29, 1.30

fedora-cvs-commits at redhat.com fedora-cvs-commits at redhat.com
Thu Jan 19 19:10:51 UTC 2006 

Author: dwalsh

Update of /cvs/dist/rpms/selinux-policy/devel
In directory cvs.devel.redhat.com:/tmp/cvs-serv27920

Modified Files:
	policy-20060104.patch sources 
Log Message:
* Wed Jan 18 2006 Dan Walsh <dwalsh at redhat.com> 2.2.2-1
- Update to upstream
- Turn off execheap execstack for unconfined users
- Add mono/wine policy to allow execheap and execstack for them
- Add execheap for Xdm policy


policy-20060104.patch:
 Makefile                            |    2 +-
 policy/global_tunables              |    4 ++++
 policy/modules/admin/logwatch.te    |    7 +++++++
 policy/modules/apps/java.te         |    1 +
 policy/modules/apps/mono.fc         |    2 ++
 policy/modules/apps/mono.if         |   23 +++++++++++++++++++++++
 policy/modules/apps/mono.te         |   25 +++++++++++++++++++++++++
 policy/modules/apps/wine.fc         |    2 ++
 policy/modules/apps/wine.if         |   23 +++++++++++++++++++++++
 policy/modules/apps/wine.te         |   25 +++++++++++++++++++++++++
 policy/modules/kernel/filesystem.if |   16 ++++++++++++++++
 policy/modules/services/bind.if     |    1 +
 policy/modules/services/xdm.te      |    2 +-
 policy/modules/system/libraries.fc  |    2 +-
 policy/modules/system/unconfined.if |    6 ++++++
 policy/modules/system/unconfined.te |   15 ++++++++-------
 policy/users                        |    8 +++++---
 17 files changed, 151 insertions(+), 13 deletions(-)

Index: policy-20060104.patch
===================================================================
RCS file: /cvs/dist/rpms/selinux-policy/devel/policy-20060104.patch,v
retrieving revision 1.17
retrieving revision 1.18
diff -u -r1.17 -r1.18
--- policy-20060104.patch	19 Jan 2006 19:08:32 -0000	1.17
+++ policy-20060104.patch	19 Jan 2006 19:10:47 -0000	1.18
@@ -187,18 +187,6 @@
 +	role system_r types wine_t;
 +	allow wine_t file_type:file execmod;
 +')
-diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/kernel/domain.if serefpolicy-2.2.2/policy/modules/kernel/domain.if
---- nsaserefpolicy/policy/modules/kernel/domain.if	2006-01-19 10:00:40.000000000 -0500
-+++ serefpolicy-2.2.2/policy/modules/kernel/domain.if	2006-01-19 10:42:31.000000000 -0500
-@@ -1122,7 +1122,7 @@
- 	allow $1 domain:fifo_file rw_file_perms;
- 
- 	# Act upon any other process.
--	allow $1 domain:process ~{ transition dyntransition execmem };
-+	allow $1 domain:process ~{ transition dyntransition execmem execheap execstack };
- 
- 	# Create/access any System V IPC objects.
- 	allow $1 domain:{ sem msgq shm } *;
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/kernel/filesystem.if serefpolicy-2.2.2/policy/modules/kernel/filesystem.if
 --- nsaserefpolicy/policy/modules/kernel/filesystem.if	2006-01-19 10:00:41.000000000 -0500
 +++ serefpolicy-2.2.2/policy/modules/kernel/filesystem.if	2006-01-19 10:42:14.000000000 -0500


Index: sources
===================================================================
RCS file: /cvs/dist/rpms/selinux-policy/devel/sources,v
retrieving revision 1.29
retrieving revision 1.30
diff -u -r1.29 -r1.30
--- sources	19 Jan 2006 19:08:33 -0000	1.29
+++ sources	19 Jan 2006 19:10:47 -0000	1.30
@@ -1 +1 @@
-63242331a275d209ef381bb16b7e3cc0  serefpolicy-2.2.2.tgz
+03fb99f3d053bbf734843c84ba8e3d9b  serefpolicy-2.2.2.tgz

More information about the fedora-cvs-commits mailing list