rpms/selinux-policy/devel policy-20060207.patch, 1.37, 1.38 selinux-policy.spec, 1.138, 1.139
fedora-cvs-commits at redhat.com
fedora-cvs-commits at redhat.com
Mon Mar 6 23:05:40 UTC 2006
Author: dwalsh
Update of /cvs/dist/rpms/selinux-policy/devel
In directory cvs.devel.redhat.com:/tmp/cvs-serv14777
Modified Files:
policy-20060207.patch selinux-policy.spec
Log Message:
* Mon Mar 6 2006 Dan Walsh <dwalsh at redhat.com> 2.2.23-4
- Fixes for cups
- Make cryptosetup work with hal
policy-20060207.patch:
Rules.modular | 2 -
policy/modules/admin/readahead.te | 2 -
policy/modules/admin/su.fc | 1
policy/modules/admin/su.if | 6 ++--
policy/modules/admin/vbetool.te | 5 +++
policy/modules/kernel/corenetwork.te.in | 2 -
policy/modules/kernel/devices.if | 2 -
policy/modules/kernel/files.fc | 2 -
policy/modules/kernel/files.if | 20 ++++++++++++++-
policy/modules/kernel/kernel.if | 4 +--
policy/modules/services/apache.fc | 2 +
policy/modules/services/apache.if | 5 +++
policy/modules/services/bluetooth.te | 11 ++++----
policy/modules/services/cron.te | 3 ++
policy/modules/services/cups.fc | 2 -
policy/modules/services/cups.if | 22 +++++++++++++++++
policy/modules/services/cups.te | 7 +++--
policy/modules/services/cvs.te | 2 -
policy/modules/services/hal.if | 41 ++++++++++++++++++++++++++++++++
policy/modules/services/hal.te | 6 ++++
policy/modules/services/ktalk.fc | 1
policy/modules/services/ktalk.te | 6 ++++
policy/modules/services/nscd.if | 2 -
policy/modules/services/samba.te | 2 -
policy/modules/system/init.te | 5 +++
policy/modules/system/libraries.fc | 2 +
policy/modules/system/locallogin.te | 1
policy/modules/system/lvm.fc | 1
policy/modules/system/selinuxutil.fc | 6 ++--
policy/modules/system/selinuxutil.te | 4 +++
policy/modules/system/udev.te | 2 -
support/Makefile.devel | 5 ---
32 files changed, 153 insertions(+), 31 deletions(-)
Index: policy-20060207.patch
===================================================================
RCS file: /cvs/dist/rpms/selinux-policy/devel/policy-20060207.patch,v
retrieving revision 1.37
retrieving revision 1.38
diff -u -r1.37 -r1.38
--- policy-20060207.patch 6 Mar 2006 21:33:51 -0000 1.37
+++ policy-20060207.patch 6 Mar 2006 23:04:56 -0000 1.38
@@ -37,7 +37,7 @@
kernel_read_kernel_sysctls($1_su_t)
diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/admin/vbetool.te serefpolicy-2.2.23/policy/modules/admin/vbetool.te
--- nsaserefpolicy/policy/modules/admin/vbetool.te 2006-02-01 08:23:27.000000000 -0500
-+++ serefpolicy-2.2.23/policy/modules/admin/vbetool.te 2006-03-04 23:47:48.000000000 -0500
++++ serefpolicy-2.2.23/policy/modules/admin/vbetool.te 2006-03-06 17:41:24.000000000 -0500
@@ -15,6 +15,7 @@
# Local policy
#
@@ -52,7 +52,7 @@
libs_use_shared_libs(vbetool_t)
+
+optional_policy(`hal',`
-+ hal_read_var_run(vbetool_t)
++ hal_rw_var_run(vbetool_t)
+')
diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/kernel/corenetwork.te.in serefpolicy-2.2.23/policy/modules/kernel/corenetwork.te.in
--- nsaserefpolicy/policy/modules/kernel/corenetwork.te.in 2006-02-20 14:07:36.000000000 -0500
@@ -133,7 +133,16 @@
########################################
diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/kernel/kernel.if serefpolicy-2.2.23/policy/modules/kernel/kernel.if
--- nsaserefpolicy/policy/modules/kernel/kernel.if 2006-03-04 00:06:34.000000000 -0500
-+++ serefpolicy-2.2.23/policy/modules/kernel/kernel.if 2006-03-04 23:47:48.000000000 -0500
++++ serefpolicy-2.2.23/policy/modules/kernel/kernel.if 2006-03-06 16:54:38.000000000 -0500
+@@ -1023,7 +1023,7 @@
+ ')
+
+ allow $1 proc_t:dir search;
+- allow $1 sysctl_t:dir r_dir_perms;
++ allow $1 sysctl_t:dir rw_dir_perms;
+ allow $1 sysctl_vm_t:file r_file_perms;
+ ')
+
@@ -1328,7 +1328,7 @@
allow $1 proc_t:dir search;
@@ -325,8 +334,8 @@
type cvs_tmp_t;
diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/hal.if serefpolicy-2.2.23/policy/modules/services/hal.if
--- nsaserefpolicy/policy/modules/services/hal.if 2006-03-04 00:06:36.000000000 -0500
-+++ serefpolicy-2.2.23/policy/modules/services/hal.if 2006-03-04 23:47:48.000000000 -0500
-@@ -100,3 +100,24 @@
++++ serefpolicy-2.2.23/policy/modules/services/hal.if 2006-03-06 17:40:22.000000000 -0500
+@@ -100,3 +100,44 @@
allow $1 hald_t:dbus send_msg;
allow hald_t $1:dbus send_msg;
')
@@ -351,6 +360,26 @@
+ allow $1 hald_var_run_t:file r_file_perms;
+')
+
++
++########################################
++## <summary>
++## Read/Write hald state files.
++## </summary>
++## <param name="domain">
++## <summary>
++## Domain allowed access.
++## </summary>
++## </param>
++#
++interface(`hal_rw_var_run',`
++ gen_require(`
++ type hald_var_run_t;
++ ')
++
++ files_search_pids($1)
++ allow $1 hald_var_run_t:file rw_file_perms;
++')
++
diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/hal.te serefpolicy-2.2.23/policy/modules/services/hal.te
--- nsaserefpolicy/policy/modules/services/hal.te 2006-03-04 00:06:36.000000000 -0500
+++ serefpolicy-2.2.23/policy/modules/services/hal.te 2006-03-06 14:50:05.000000000 -0500
Index: selinux-policy.spec
===================================================================
RCS file: /cvs/dist/rpms/selinux-policy/devel/selinux-policy.spec,v
retrieving revision 1.138
retrieving revision 1.139
diff -u -r1.138 -r1.139
--- selinux-policy.spec 6 Mar 2006 21:33:51 -0000 1.138
+++ selinux-policy.spec 6 Mar 2006 23:05:10 -0000 1.139
@@ -10,7 +10,7 @@
Summary: SELinux policy configuration
Name: selinux-policy
Version: 2.2.23
-Release: 4
+Release: 5
License: GPL
Group: System Environment/Base
Source: serefpolicy-%{version}.tgz
More information about the fedora-cvs-commits
mailing list