rpms/selinux-policy/devel policy-20060411.patch, 1.13, 1.14 selinux-policy.spec, 1.182, 1.183
fedora-cvs-commits at redhat.com
fedora-cvs-commits at redhat.com
Mon May 1 21:24:30 UTC 2006
- Previous message (by thread): rpms/unifdef/devel unifdef.spec,1.1,1.2
- Next message (by thread): rpms/gcc/devel gcc41-pr26943.patch, NONE, 1.1 gcc41-pr27260.patch, NONE, 1.1 gcc41-pr27310.patch, NONE, 1.1 gcc41-pr27325.patch, NONE, 1.1 gcc41-pr27328.patch, NONE, 1.1 gcc41-pr27337.patch, NONE, 1.1 .cvsignore, 1.147, 1.148 gcc41.spec, 1.55, 1.56 sources, 1.149, 1.150 gcc41-fortran-merge-glitch.patch, 1.1, NONE gcc41-pr26865.patch, 1.1, NONE gcc41-pr27218.patch, 1.2, NONE
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
Author: dwalsh
Update of /cvs/dist/rpms/selinux-policy/devel
In directory cvs.devel.redhat.com:/tmp/cvs-serv21962
Modified Files:
policy-20060411.patch selinux-policy.spec
Log Message:
* Mon May 1 2006 Dan Walsh <dwalsh at redhat.com> 2.2.36-2
- Fix libjvm spec
policy-20060411.patch:
config/appconfig-strict-mls/default_type | 1
policy/modules/apps/cdrecord.if | 2
policy/modules/apps/evolution.if | 2
policy/modules/apps/mono.te | 3
policy/modules/apps/mozilla.if | 2
policy/modules/apps/thunderbird.if | 2
policy/modules/kernel/corenetwork.if.in | 75 +++++++++++++++++++++
policy/modules/kernel/corenetwork.te.in | 1
policy/modules/kernel/corenetwork.te.m4 | 6 +
policy/modules/kernel/domain.te | 1
policy/modules/kernel/files.if | 15 ++++
policy/modules/kernel/filesystem.if | 38 +++++++++-
policy/modules/kernel/kernel.te | 1
policy/modules/services/amavis.te | 4 +
policy/modules/services/automount.te | 1
policy/modules/services/cups.te | 1
policy/modules/services/cyrus.if | 22 ++++++
policy/modules/services/postfix.te | 8 ++
policy/modules/services/procmail.te | 6 +
policy/modules/services/pyzor.fc | 6 +
policy/modules/services/pyzor.if | 46 +++++++++++++
policy/modules/services/pyzor.te | 109 +++++++++++++++++++++++++++++++
policy/modules/services/rpc.te | 5 +
policy/modules/services/spamassassin.te | 19 ++---
policy/modules/system/authlogin.te | 2
policy/modules/system/init.te | 1
policy/modules/system/libraries.fc | 7 +
policy/modules/system/lvm.te | 3
policy/modules/system/mount.te | 2
policy/modules/system/selinuxutil.te | 4 +
policy/modules/system/sysnetwork.te | 1
policy/modules/system/unconfined.if | 40 +++++++++++
policy/modules/system/userdomain.te | 23 +++++-
policy/modules/system/xen.fc | 1
policy/modules/system/xen.if | 72 +++++++++++++++++++-
policy/modules/system/xen.te | 52 ++++++++++++++
policy/rolemap | 1
policy/users | 6 -
38 files changed, 558 insertions(+), 33 deletions(-)
Index: policy-20060411.patch
===================================================================
RCS file: /cvs/dist/rpms/selinux-policy/devel/policy-20060411.patch,v
retrieving revision 1.13
retrieving revision 1.14
diff -u -r1.13 -r1.14
--- policy-20060411.patch 29 Apr 2006 04:47:05 -0000 1.13
+++ policy-20060411.patch 1 May 2006 21:24:26 -0000 1.14
@@ -1,6 +1,6 @@
diff --exclude-from=exclude -N -u -r nsaserefpolicy/config/appconfig-strict-mls/default_type serefpolicy-2.2.36/config/appconfig-strict-mls/default_type
--- nsaserefpolicy/config/appconfig-strict-mls/default_type 2006-01-06 17:55:17.000000000 -0500
-+++ serefpolicy-2.2.36/config/appconfig-strict-mls/default_type 2006-04-28 22:53:54.000000000 -0400
++++ serefpolicy-2.2.36/config/appconfig-strict-mls/default_type 2006-05-01 14:42:32.000000000 -0400
@@ -2,3 +2,4 @@
secadm_r:secadm_t
staff_r:staff_t
@@ -8,7 +8,7 @@
+auditadm_r:auditadm_t
diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/apps/cdrecord.if serefpolicy-2.2.36/policy/modules/apps/cdrecord.if
--- nsaserefpolicy/policy/modules/apps/cdrecord.if 2006-04-18 22:49:59.000000000 -0400
-+++ serefpolicy-2.2.36/policy/modules/apps/cdrecord.if 2006-04-28 22:53:54.000000000 -0400
++++ serefpolicy-2.2.36/policy/modules/apps/cdrecord.if 2006-05-01 14:42:32.000000000 -0400
@@ -152,7 +152,7 @@
files_dontaudit_list_tmp($1_cdrecord_t)
files_dontaudit_list_home($1_cdrecord_t)
@@ -20,7 +20,7 @@
userdom_dontaudit_list_user_home_dirs($1,$1_cdrecord_t)
diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/apps/evolution.if serefpolicy-2.2.36/policy/modules/apps/evolution.if
--- nsaserefpolicy/policy/modules/apps/evolution.if 2006-04-20 08:17:35.000000000 -0400
-+++ serefpolicy-2.2.36/policy/modules/apps/evolution.if 2006-04-28 22:53:54.000000000 -0400
++++ serefpolicy-2.2.36/policy/modules/apps/evolution.if 2006-05-01 14:42:32.000000000 -0400
@@ -303,7 +303,7 @@
files_dontaudit_list_tmp($1_evolution_t)
files_dontaudit_list_home($1_evolution_t)
@@ -32,7 +32,7 @@
userdom_dontaudit_list_user_home_dirs($1,$1_evolution_t)
diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/apps/mono.te serefpolicy-2.2.36/policy/modules/apps/mono.te
--- nsaserefpolicy/policy/modules/apps/mono.te 2006-04-18 22:49:59.000000000 -0400
-+++ serefpolicy-2.2.36/policy/modules/apps/mono.te 2006-04-28 22:53:54.000000000 -0400
++++ serefpolicy-2.2.36/policy/modules/apps/mono.te 2006-05-01 14:42:32.000000000 -0400
@@ -20,8 +20,9 @@
ifdef(`targeted_policy',`
allow mono_t self:process { execheap execmem };
@@ -46,7 +46,7 @@
optional_policy(`
diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/apps/mozilla.if serefpolicy-2.2.36/policy/modules/apps/mozilla.if
--- nsaserefpolicy/policy/modules/apps/mozilla.if 2006-03-24 11:15:44.000000000 -0500
-+++ serefpolicy-2.2.36/policy/modules/apps/mozilla.if 2006-04-28 22:53:54.000000000 -0400
++++ serefpolicy-2.2.36/policy/modules/apps/mozilla.if 2006-05-01 14:42:32.000000000 -0400
@@ -249,7 +249,7 @@
files_dontaudit_list_tmp($1_mozilla_t)
files_dontaudit_list_home($1_mozilla_t)
@@ -58,7 +58,7 @@
userdom_dontaudit_list_user_home_dirs($1,$1_mozilla_t)
diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/apps/thunderbird.if serefpolicy-2.2.36/policy/modules/apps/thunderbird.if
--- nsaserefpolicy/policy/modules/apps/thunderbird.if 2006-03-24 11:15:44.000000000 -0500
-+++ serefpolicy-2.2.36/policy/modules/apps/thunderbird.if 2006-04-28 22:53:54.000000000 -0400
++++ serefpolicy-2.2.36/policy/modules/apps/thunderbird.if 2006-05-01 14:42:32.000000000 -0400
@@ -216,7 +216,7 @@
files_dontaudit_list_home($1_thunderbird_t)
@@ -70,7 +70,7 @@
userdom_dontaudit_read_user_tmp_files($1,$1_thunderbird_t)
diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/kernel/corenetwork.if.in serefpolicy-2.2.36/policy/modules/kernel/corenetwork.if.in
--- nsaserefpolicy/policy/modules/kernel/corenetwork.if.in 2006-04-27 10:31:32.000000000 -0400
-+++ serefpolicy-2.2.36/policy/modules/kernel/corenetwork.if.in 2006-04-28 22:53:54.000000000 -0400
++++ serefpolicy-2.2.36/policy/modules/kernel/corenetwork.if.in 2006-05-01 14:42:32.000000000 -0400
@@ -1259,3 +1259,78 @@
typeattribute $1 corenet_unconfined_type;
@@ -152,7 +152,7 @@
+')
diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/kernel/corenetwork.te.in serefpolicy-2.2.36/policy/modules/kernel/corenetwork.te.in
--- nsaserefpolicy/policy/modules/kernel/corenetwork.te.in 2006-04-18 22:49:59.000000000 -0400
-+++ serefpolicy-2.2.36/policy/modules/kernel/corenetwork.te.in 2006-04-28 22:53:54.000000000 -0400
++++ serefpolicy-2.2.36/policy/modules/kernel/corenetwork.te.in 2006-05-01 14:42:32.000000000 -0400
@@ -10,6 +10,7 @@
attribute node_type;
attribute port_type;
@@ -163,7 +163,7 @@
diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/kernel/corenetwork.te.m4 serefpolicy-2.2.36/policy/modules/kernel/corenetwork.te.m4
--- nsaserefpolicy/policy/modules/kernel/corenetwork.te.m4 2006-01-16 13:55:42.000000000 -0500
-+++ serefpolicy-2.2.36/policy/modules/kernel/corenetwork.te.m4 2006-04-28 22:53:54.000000000 -0400
++++ serefpolicy-2.2.36/policy/modules/kernel/corenetwork.te.m4 2006-05-01 14:42:32.000000000 -0400
@@ -46,7 +46,11 @@
') dnl end determine reserved capability depend
@@ -179,7 +179,7 @@
')
diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/kernel/domain.te serefpolicy-2.2.36/policy/modules/kernel/domain.te
--- nsaserefpolicy/policy/modules/kernel/domain.te 2006-04-20 08:17:36.000000000 -0400
-+++ serefpolicy-2.2.36/policy/modules/kernel/domain.te 2006-04-28 22:53:54.000000000 -0400
++++ serefpolicy-2.2.36/policy/modules/kernel/domain.te 2006-05-01 14:42:32.000000000 -0400
@@ -96,6 +96,7 @@
# workaround until role dominance is fixed in
# the module compiler
@@ -190,7 +190,7 @@
role staff_r types domain;
diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/kernel/files.if serefpolicy-2.2.36/policy/modules/kernel/files.if
--- nsaserefpolicy/policy/modules/kernel/files.if 2006-04-28 22:50:56.000000000 -0400
-+++ serefpolicy-2.2.36/policy/modules/kernel/files.if 2006-04-28 22:53:54.000000000 -0400
++++ serefpolicy-2.2.36/policy/modules/kernel/files.if 2006-05-01 14:42:32.000000000 -0400
@@ -1699,6 +1699,21 @@
')
@@ -215,7 +215,7 @@
## created on boot, such as mtab.
diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/kernel/filesystem.if serefpolicy-2.2.36/policy/modules/kernel/filesystem.if
--- nsaserefpolicy/policy/modules/kernel/filesystem.if 2006-04-28 22:50:56.000000000 -0400
-+++ serefpolicy-2.2.36/policy/modules/kernel/filesystem.if 2006-04-28 22:53:54.000000000 -0400
++++ serefpolicy-2.2.36/policy/modules/kernel/filesystem.if 2006-05-01 14:42:32.000000000 -0400
@@ -609,7 +609,7 @@
attribute noxattrfs;
')
@@ -287,8 +287,8 @@
+')
+
diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/kernel/kernel.te serefpolicy-2.2.36/policy/modules/kernel/kernel.te
---- nsaserefpolicy/policy/modules/kernel/kernel.te 2006-04-24 20:14:39.000000000 -0400
-+++ serefpolicy-2.2.36/policy/modules/kernel/kernel.te 2006-04-28 22:53:54.000000000 -0400
+--- nsaserefpolicy/policy/modules/kernel/kernel.te 2006-05-01 14:39:06.000000000 -0400
++++ serefpolicy-2.2.36/policy/modules/kernel/kernel.te 2006-05-01 14:42:32.000000000 -0400
@@ -28,6 +28,7 @@
ifdef(`enable_mls',`
@@ -299,7 +299,7 @@
#
diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/amavis.te serefpolicy-2.2.36/policy/modules/services/amavis.te
--- nsaserefpolicy/policy/modules/services/amavis.te 2006-03-24 11:15:50.000000000 -0500
-+++ serefpolicy-2.2.36/policy/modules/services/amavis.te 2006-04-28 23:21:20.000000000 -0400
++++ serefpolicy-2.2.36/policy/modules/services/amavis.te 2006-05-01 14:42:32.000000000 -0400
@@ -146,3 +146,7 @@
spamassassin_exec(amavis_t)
spamassassin_exec_client(amavis_t)
@@ -310,7 +310,7 @@
+')
diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/automount.te serefpolicy-2.2.36/policy/modules/services/automount.te
--- nsaserefpolicy/policy/modules/services/automount.te 2006-04-12 13:44:36.000000000 -0400
-+++ serefpolicy-2.2.36/policy/modules/services/automount.te 2006-04-28 22:53:54.000000000 -0400
++++ serefpolicy-2.2.36/policy/modules/services/automount.te 2006-05-01 14:42:32.000000000 -0400
@@ -86,6 +86,7 @@
# Automount execs showmount when you browse /net. This is required until
# Someone writes a showmount policy
@@ -321,7 +321,7 @@
# for SSP
diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/cups.te serefpolicy-2.2.36/policy/modules/services/cups.te
--- nsaserefpolicy/policy/modules/services/cups.te 2006-04-12 13:44:36.000000000 -0400
-+++ serefpolicy-2.2.36/policy/modules/services/cups.te 2006-04-28 22:53:54.000000000 -0400
++++ serefpolicy-2.2.36/policy/modules/services/cups.te 2006-05-01 14:42:32.000000000 -0400
@@ -79,6 +79,7 @@
allow cupsd_t self:process { setsched signal_perms };
allow cupsd_t self:fifo_file rw_file_perms;
@@ -332,7 +332,7 @@
allow cupsd_t self:netlink_route_socket { r_netlink_socket_perms };
diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/cyrus.if serefpolicy-2.2.36/policy/modules/services/cyrus.if
--- nsaserefpolicy/policy/modules/services/cyrus.if 2006-02-10 17:05:19.000000000 -0500
-+++ serefpolicy-2.2.36/policy/modules/services/cyrus.if 2006-04-28 22:53:54.000000000 -0400
++++ serefpolicy-2.2.36/policy/modules/services/cyrus.if 2006-05-01 14:42:32.000000000 -0400
@@ -20,3 +20,25 @@
allow $1 cyrus_var_lib_t:dir rw_dir_perms;
allow $1 cyrus_var_lib_t:file manage_file_perms;
@@ -361,7 +361,7 @@
+')
diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/postfix.te serefpolicy-2.2.36/policy/modules/services/postfix.te
--- nsaserefpolicy/policy/modules/services/postfix.te 2006-04-20 08:17:39.000000000 -0400
-+++ serefpolicy-2.2.36/policy/modules/services/postfix.te 2006-04-28 22:53:54.000000000 -0400
++++ serefpolicy-2.2.36/policy/modules/services/postfix.te 2006-05-01 14:42:32.000000000 -0400
@@ -181,6 +181,10 @@
')
@@ -400,7 +400,7 @@
allow postfix_showq_t postfix_spool_maildrop_t:lnk_file { getattr read };
diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/procmail.te serefpolicy-2.2.36/policy/modules/services/procmail.te
--- nsaserefpolicy/policy/modules/services/procmail.te 2006-03-24 11:15:50.000000000 -0500
-+++ serefpolicy-2.2.36/policy/modules/services/procmail.te 2006-04-28 23:05:02.000000000 -0400
++++ serefpolicy-2.2.36/policy/modules/services/procmail.te 2006-05-01 14:42:32.000000000 -0400
@@ -95,16 +95,20 @@
optional_policy(`
@@ -425,7 +425,7 @@
+')
diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/pyzor.fc serefpolicy-2.2.36/policy/modules/services/pyzor.fc
--- nsaserefpolicy/policy/modules/services/pyzor.fc 1969-12-31 19:00:00.000000000 -0500
-+++ serefpolicy-2.2.36/policy/modules/services/pyzor.fc 2006-04-28 23:11:40.000000000 -0400
++++ serefpolicy-2.2.36/policy/modules/services/pyzor.fc 2006-05-01 14:42:32.000000000 -0400
@@ -0,0 +1,6 @@
+/etc/pyzor(/.*)? gen_context(system_u:object_r:pyzor_etc_t, s0)
+/usr/bin/pyzor -- gen_context(system_u:object_r:pyzor_exec_t,s0)
@@ -435,7 +435,7 @@
+HOME_DIR/\.pyzor(/.*)? gen_context(system_u:object_r:ROLE_pyzor_home_t,s0)
diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/pyzor.if serefpolicy-2.2.36/policy/modules/services/pyzor.if
--- nsaserefpolicy/policy/modules/services/pyzor.if 1969-12-31 19:00:00.000000000 -0500
-+++ serefpolicy-2.2.36/policy/modules/services/pyzor.if 2006-04-28 22:53:54.000000000 -0400
++++ serefpolicy-2.2.36/policy/modules/services/pyzor.if 2006-05-01 14:42:32.000000000 -0400
@@ -0,0 +1,46 @@
+## <summary>Pyzor mail delivery agent</summary>
+
@@ -485,7 +485,7 @@
+')
diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/pyzor.te serefpolicy-2.2.36/policy/modules/services/pyzor.te
--- nsaserefpolicy/policy/modules/services/pyzor.te 1969-12-31 19:00:00.000000000 -0500
-+++ serefpolicy-2.2.36/policy/modules/services/pyzor.te 2006-04-29 00:44:42.000000000 -0400
++++ serefpolicy-2.2.36/policy/modules/services/pyzor.te 2006-05-01 14:42:32.000000000 -0400
@@ -0,0 +1,109 @@
+policy_module(pyzor,1.1.0)
+
@@ -596,9 +596,31 @@
+optional_policy(`
+ amavis_manage_lib_files(pyzor_t)
+')
+diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/rpc.te serefpolicy-2.2.36/policy/modules/services/rpc.te
+--- nsaserefpolicy/policy/modules/services/rpc.te 2006-04-18 22:50:00.000000000 -0400
++++ serefpolicy-2.2.36/policy/modules/services/rpc.te 2006-05-01 15:22:55.000000000 -0400
+@@ -52,6 +52,9 @@
+ corenet_udp_bind_generic_port(rpcd_t)
+ corenet_udp_bind_reserved_port(rpcd_t)
+
++dev_read_urand(rpcd_t)
++dev_read_rand(rpcd_t)
++
+ fs_list_rpc(rpcd_t)
+ fs_read_rpc_files(rpcd_t)
+ fs_read_rpc_symlinks(rpcd_t)
+@@ -61,6 +64,8 @@
+ # cjp: this should really have its own type
+ files_manage_mounttab(rpcd_t)
+
++miscfiles_read_certs(rpcd_t)
++
+ seutil_dontaudit_search_config(rpcd_t)
+
+ portmap_udp_chat(rpcd_t)
diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/spamassassin.te serefpolicy-2.2.36/policy/modules/services/spamassassin.te
--- nsaserefpolicy/policy/modules/services/spamassassin.te 2006-04-20 08:17:39.000000000 -0400
-+++ serefpolicy-2.2.36/policy/modules/services/spamassassin.te 2006-04-28 22:53:54.000000000 -0400
++++ serefpolicy-2.2.36/policy/modules/services/spamassassin.te 2006-05-01 14:42:32.000000000 -0400
@@ -128,6 +128,7 @@
userdom_manage_generic_user_home_content_files(spamd_t)
userdom_manage_generic_user_home_content_symlinks(spamd_t)
@@ -638,7 +660,7 @@
+
diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/authlogin.te serefpolicy-2.2.36/policy/modules/system/authlogin.te
--- nsaserefpolicy/policy/modules/system/authlogin.te 2006-04-19 12:23:07.000000000 -0400
-+++ serefpolicy-2.2.36/policy/modules/system/authlogin.te 2006-04-28 22:53:54.000000000 -0400
++++ serefpolicy-2.2.36/policy/modules/system/authlogin.te 2006-05-01 14:42:32.000000000 -0400
@@ -188,6 +188,8 @@
storage_setattr_scsi_generic_dev(pam_console_t)
@@ -650,7 +672,7 @@
term_setattr_unallocated_ttys(pam_console_t)
diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/init.te serefpolicy-2.2.36/policy/modules/system/init.te
--- nsaserefpolicy/policy/modules/system/init.te 2006-04-27 10:31:33.000000000 -0400
-+++ serefpolicy-2.2.36/policy/modules/system/init.te 2006-04-28 22:53:54.000000000 -0400
++++ serefpolicy-2.2.36/policy/modules/system/init.te 2006-05-01 14:42:32.000000000 -0400
@@ -348,6 +348,7 @@
files_mounton_isid_type_dirs(initrc_t)
files_list_default(initrc_t)
@@ -659,9 +681,45 @@
libs_rw_ld_so_cache(initrc_t)
libs_use_ld_so(initrc_t)
+diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/libraries.fc serefpolicy-2.2.36/policy/modules/system/libraries.fc
+--- nsaserefpolicy/policy/modules/system/libraries.fc 2006-04-27 10:31:33.000000000 -0400
++++ serefpolicy-2.2.36/policy/modules/system/libraries.fc 2006-05-01 17:18:37.000000000 -0400
+@@ -75,6 +75,7 @@
+
+ /usr/(.*/)?lib(64)?(/.*)?/nvidia/.*\.so(\..*)? -- gen_context(system_u:object_r:textrel_shlib_t,s0)
+ /usr/lib(64)?/libsipphoneapi\.so.* -- gen_context(system_u:object_r:textrel_shlib_t,s0)
++/usr/lib(64)?/ati-fglrx/.*\.so(\..*)? -- gen_context(system_u:object_r:textrel_shlib_t,s0)
+ /usr/lib(64)?/(nvidia/)?libGL(core)?\.so(\.[^/]*)* -- gen_context(system_u:object_r:textrel_shlib_t,s0)
+ /usr/lib(64)?/libGLU\.so(\.[^/]*)* -- gen_context(system_u:object_r:textrel_shlib_t,s0)
+ /usr/lib(64)?/libjs\.so.* -- gen_context(system_u:object_r:textrel_shlib_t,s0)
+@@ -84,9 +85,9 @@
+ /usr/lib(64)?/nvidia-graphics(-[^/]*/)?libnvidia.*\.so(\.[^/]*)* -- gen_context(system_u:object_r:textrel_shlib_t,s0)
+ /usr/lib(64)?/nvidia-graphics(-[^/]*/)?libXvMCNVIDIA\.so.* -- gen_context(system_u:object_r:textrel_shlib_t,s0)
+
++/usr/(local/)?.*\.so(\.[^/]*)* -- gen_context(system_u:object_r:shlib_t,s0)
+ /usr/(local/)?lib(64)?/wine/.*\.so -- gen_context(system_u:object_r:textrel_shlib_t,s0)
+ /usr/(local/)?lib/libfame-.*\.so.* -- gen_context(system_u:object_r:textrel_shlib_t,s0)
+-/usr/local/.*\.so(\.[^/]*)* -- gen_context(system_u:object_r:shlib_t,s0)
+
+ /usr/NX/lib/libXcomp.so.* -- gen_context(system_u:object_r:textrel_shlib_t,s0)
+ /usr/NX/lib/libjpeg.so.* -- gen_context(system_u:object_r:textrel_shlib_t,s0)
+@@ -195,10 +196,12 @@
+
+ # Java, Sun Microsystems (JPackage SRPM)
+ /usr/(.*/)?jre.*/libdeploy.so(\.[^/]*)* -- gen_context(system_u:object_r:textrel_shlib_t,s0)
+-/usr/(.*/)?jre.*/libjvm.so(\.[^/]*)* -- gen_context(system_u:object_r:textrel_shlib_t,s0)
++/usr/(local/)?(.*/)?jre.*/libjvm.so(\.[^/]*)* -- gen_context(system_u:object_r:textrel_shlib_t,s0)
+
+ /usr/(local/)?Adobe/(.*/)?intellinux/nppdf\.so -- gen_context(system_u:object_r:textrel_shlib_t,s0)
++/usr/(local/)?acroread/(.*/)?intellinux/nppdf\.so -- gen_context(system_u:object_r:textrel_shlib_t,s0)
+ /usr/(local/)?Adobe/(.*/)?lib/[^/]*\.so(\.[^/]*)* -- gen_context(system_u:object_r:textrel_shlib_t,s0)
++/usr/(local/)?acroread/(.*/)?lib/[^/]*\.so(\.[^/]*)* -- gen_context(system_u:object_r:textrel_shlib_t,s0)
+ /usr/(local/)?Adobe/.*\.api -- gen_context(system_u:object_r:textrel_shlib_t,s0)
+ /usr/(.*/)?intellinux/SPPlugins/ADMPlugin\.apl -- gen_context(system_u:object_r:textrel_shlib_t,s0)
+ ') dnl end distro_redhat
diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/lvm.te serefpolicy-2.2.36/policy/modules/system/lvm.te
--- nsaserefpolicy/policy/modules/system/lvm.te 2006-03-24 11:15:53.000000000 -0500
-+++ serefpolicy-2.2.36/policy/modules/system/lvm.te 2006-04-28 22:53:54.000000000 -0400
++++ serefpolicy-2.2.36/policy/modules/system/lvm.te 2006-05-01 14:42:32.000000000 -0400
@@ -205,9 +205,10 @@
fs_getattr_xattr_fs(lvm_t)
fs_search_auto_mountpoints(lvm_t)
@@ -676,7 +734,7 @@
# LVM(2) needs to create directores (/dev/mapper, /dev/<vg>)
diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/mount.te serefpolicy-2.2.36/policy/modules/system/mount.te
--- nsaserefpolicy/policy/modules/system/mount.te 2006-04-19 12:23:07.000000000 -0400
-+++ serefpolicy-2.2.36/policy/modules/system/mount.te 2006-04-28 22:53:54.000000000 -0400
++++ serefpolicy-2.2.36/policy/modules/system/mount.te 2006-05-01 14:42:32.000000000 -0400
@@ -126,6 +126,8 @@
corenet_udp_bind_generic_port(mount_t)
corenet_tcp_bind_reserved_port(mount_t)
@@ -688,7 +746,7 @@
fs_search_rpc(mount_t)
diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/selinuxutil.te serefpolicy-2.2.36/policy/modules/system/selinuxutil.te
--- nsaserefpolicy/policy/modules/system/selinuxutil.te 2006-04-04 18:06:38.000000000 -0400
-+++ serefpolicy-2.2.36/policy/modules/system/selinuxutil.te 2006-04-28 22:53:54.000000000 -0400
++++ serefpolicy-2.2.36/policy/modules/system/selinuxutil.te 2006-05-01 14:42:32.000000000 -0400
@@ -393,6 +393,8 @@
userdom_use_all_users_fds(restorecon_t)
@@ -716,7 +774,7 @@
diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/sysnetwork.te serefpolicy-2.2.36/policy/modules/system/sysnetwork.te
--- nsaserefpolicy/policy/modules/system/sysnetwork.te 2006-04-27 10:31:34.000000000 -0400
-+++ serefpolicy-2.2.36/policy/modules/system/sysnetwork.te 2006-04-28 22:53:54.000000000 -0400
++++ serefpolicy-2.2.36/policy/modules/system/sysnetwork.te 2006-05-01 14:42:32.000000000 -0400
@@ -286,6 +286,7 @@
kernel_read_system_state(ifconfig_t)
kernel_read_network_state(ifconfig_t)
@@ -727,7 +785,7 @@
diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/unconfined.if serefpolicy-2.2.36/policy/modules/system/unconfined.if
--- nsaserefpolicy/policy/modules/system/unconfined.if 2006-04-27 10:31:34.000000000 -0400
-+++ serefpolicy-2.2.36/policy/modules/system/unconfined.if 2006-04-28 22:53:54.000000000 -0400
++++ serefpolicy-2.2.36/policy/modules/system/unconfined.if 2006-05-01 14:42:32.000000000 -0400
@@ -381,6 +381,27 @@
########################################
@@ -781,7 +839,7 @@
+
diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/userdomain.te serefpolicy-2.2.36/policy/modules/system/userdomain.te
--- nsaserefpolicy/policy/modules/system/userdomain.te 2006-04-28 22:50:57.000000000 -0400
-+++ serefpolicy-2.2.36/policy/modules/system/userdomain.te 2006-04-28 22:53:54.000000000 -0400
++++ serefpolicy-2.2.36/policy/modules/system/userdomain.te 2006-05-01 14:42:32.000000000 -0400
@@ -67,6 +67,7 @@
# Define some type aliases to help with compatibility with
# macros and domains from the "strict" policy.
@@ -863,7 +921,7 @@
diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/xen.fc serefpolicy-2.2.36/policy/modules/system/xen.fc
--- nsaserefpolicy/policy/modules/system/xen.fc 2006-03-23 16:08:51.000000000 -0500
-+++ serefpolicy-2.2.36/policy/modules/system/xen.fc 2006-04-28 22:53:54.000000000 -0400
++++ serefpolicy-2.2.36/policy/modules/system/xen.fc 2006-05-01 14:42:32.000000000 -0400
@@ -14,3 +14,4 @@
/var/run/xend\.pid -- gen_context(system_u:object_r:xend_var_run_t,s0)
/var/run/xenstore\.pid -- gen_context(system_u:object_r:xenstored_var_run_t,s0)
@@ -871,7 +929,7 @@
+/usr/sbin/xm -- gen_context(system_u:object_r:xm_exec_t,s0)
diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/xen.if serefpolicy-2.2.36/policy/modules/system/xen.if
--- nsaserefpolicy/policy/modules/system/xen.if 2006-04-27 10:31:34.000000000 -0400
-+++ serefpolicy-2.2.36/policy/modules/system/xen.if 2006-04-28 22:53:54.000000000 -0400
++++ serefpolicy-2.2.36/policy/modules/system/xen.if 2006-05-01 14:42:32.000000000 -0400
@@ -47,13 +47,12 @@
########################################
@@ -959,7 +1017,7 @@
+')
diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/xen.te serefpolicy-2.2.36/policy/modules/system/xen.te
--- nsaserefpolicy/policy/modules/system/xen.te 2006-04-27 10:31:34.000000000 -0400
-+++ serefpolicy-2.2.36/policy/modules/system/xen.te 2006-04-28 22:53:54.000000000 -0400
++++ serefpolicy-2.2.36/policy/modules/system/xen.te 2006-05-01 14:42:32.000000000 -0400
@@ -224,3 +224,55 @@
miscfiles_read_localization(xenstored_t)
@@ -1018,7 +1076,7 @@
+
diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/rolemap serefpolicy-2.2.36/policy/rolemap
--- nsaserefpolicy/policy/rolemap 2006-01-26 15:38:41.000000000 -0500
-+++ serefpolicy-2.2.36/policy/rolemap 2006-04-28 22:53:54.000000000 -0400
++++ serefpolicy-2.2.36/policy/rolemap 2006-05-01 14:42:32.000000000 -0400
@@ -15,5 +15,6 @@
ifdef(`enable_mls',`
@@ -1028,7 +1086,7 @@
')
diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/users serefpolicy-2.2.36/policy/users
--- nsaserefpolicy/policy/users 2006-02-15 17:02:30.000000000 -0500
-+++ serefpolicy-2.2.36/policy/users 2006-04-28 22:53:54.000000000 -0400
++++ serefpolicy-2.2.36/policy/users 2006-05-01 14:42:32.000000000 -0400
@@ -29,7 +29,7 @@
gen_user(user_u, user, user_r sysadm_r system_r, s0, s0 - s15:c0.c255, c0.c255)
',`
Index: selinux-policy.spec
===================================================================
RCS file: /cvs/dist/rpms/selinux-policy/devel/selinux-policy.spec,v
retrieving revision 1.182
retrieving revision 1.183
diff -u -r1.182 -r1.183
--- selinux-policy.spec 29 Apr 2006 04:47:05 -0000 1.182
+++ selinux-policy.spec 1 May 2006 21:24:26 -0000 1.183
@@ -16,7 +16,7 @@
Summary: SELinux policy configuration
Name: selinux-policy
Version: 2.2.36
-Release: 1
+Release: 2
License: GPL
Group: System Environment/Base
Source: serefpolicy-%{version}.tgz
@@ -337,6 +337,9 @@
%endif
%changelog
+* Mon May 1 2006 Dan Walsh <dwalsh at redhat.com> 2.2.36-2
+- Fix libjvm spec
+
* Tue Apr 25 2006 Dan Walsh <dwalsh at redhat.com> 2.2.36-1
- Update to upstream
- Previous message (by thread): rpms/unifdef/devel unifdef.spec,1.1,1.2
- Next message (by thread): rpms/gcc/devel gcc41-pr26943.patch, NONE, 1.1 gcc41-pr27260.patch, NONE, 1.1 gcc41-pr27310.patch, NONE, 1.1 gcc41-pr27325.patch, NONE, 1.1 gcc41-pr27328.patch, NONE, 1.1 gcc41-pr27337.patch, NONE, 1.1 .cvsignore, 1.147, 1.148 gcc41.spec, 1.55, 1.56 sources, 1.149, 1.150 gcc41-fortran-merge-glitch.patch, 1.1, NONE gcc41-pr26865.patch, 1.1, NONE gcc41-pr27218.patch, 1.2, NONE
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
More information about the fedora-cvs-commits
mailing list