rpms/selinux-policy/devel policy-20060829.patch,1.22,1.23
fedora-cvs-commits at redhat.com
fedora-cvs-commits at redhat.com
Fri Sep 15 16:12:18 UTC 2006
Author: dwalsh
Update of /cvs/dist/rpms/selinux-policy/devel
In directory cvs.devel.redhat.com:/tmp/cvs-serv25744
Modified Files:
policy-20060829.patch
Log Message:
* Thu Sep 14 2006 Dan Walsh <dwalsh at redhat.com> 2.3.13-6
- Fix ppp connections from network manager
policy-20060829.patch:
Makefile | 23 -
Rules.modular | 10
policy/global_tunables | 9
policy/modules/admin/anaconda.te | 6
policy/modules/admin/bootloader.fc | 5
policy/modules/admin/bootloader.te | 9
policy/modules/admin/consoletype.te | 7
policy/modules/admin/firstboot.te | 1
policy/modules/admin/rpm.fc | 2
policy/modules/apps/java.fc | 2
policy/modules/apps/mono.te | 9
policy/modules/kernel/corecommands.fc | 2
policy/modules/kernel/corenetwork.te.in | 3
policy/modules/kernel/domain.te | 8
policy/modules/kernel/files.fc | 1
policy/modules/kernel/files.if | 46 +++
policy/modules/kernel/filesystem.if | 19 +
policy/modules/kernel/mcs.te | 1
policy/modules/kernel/terminal.if | 2
policy/modules/services/amavis.te | 1
policy/modules/services/apache.fc | 9
policy/modules/services/apache.te | 1
policy/modules/services/automount.te | 1
policy/modules/services/bluetooth.fc | 3
policy/modules/services/bluetooth.te | 11
policy/modules/services/ccs.fc | 8
policy/modules/services/ccs.if | 65 ++++
policy/modules/services/ccs.te | 87 ++++++
policy/modules/services/clamav.te | 1
policy/modules/services/cron.te | 1
policy/modules/services/cups.te | 5
policy/modules/services/dbus.if | 1
policy/modules/services/lpd.fc | 1
policy/modules/services/networkmanager.fc | 1
policy/modules/services/ntp.te | 4
policy/modules/services/oddjob.fc | 8
policy/modules/services/oddjob.if | 76 +++++
policy/modules/services/oddjob.te | 73 +++++
policy/modules/services/oddjob_mkhomedir.fc | 6
policy/modules/services/oddjob_mkhomedir.if | 24 +
policy/modules/services/oddjob_mkhomedir.te | 29 ++
policy/modules/services/pegasus.if | 31 ++
policy/modules/services/pegasus.te | 5
policy/modules/services/postfix.te | 6
policy/modules/services/ppp.fc | 4
policy/modules/services/ppp.te | 10
policy/modules/services/ricci.fc | 20 +
policy/modules/services/ricci.if | 184 +++++++++++++
policy/modules/services/ricci.te | 386 ++++++++++++++++++++++++++++
policy/modules/services/rpc.te | 2
policy/modules/services/setroubleshoot.te | 7
policy/modules/services/xfs.te | 2
policy/modules/services/xserver.if | 24 +
policy/modules/system/hostname.te | 5
policy/modules/system/init.te | 3
policy/modules/system/libraries.fc | 2
policy/modules/system/selinuxutil.te | 3
policy/modules/system/setrans.te | 1
policy/modules/system/userdomain.if | 268 +++++++++++++------
policy/modules/system/userdomain.te | 65 +---
policy/modules/system/xen.fc | 1
policy/modules/system/xen.te | 2
62 files changed, 1459 insertions(+), 153 deletions(-)
Index: policy-20060829.patch
===================================================================
RCS file: /cvs/dist/rpms/selinux-policy/devel/policy-20060829.patch,v
retrieving revision 1.22
retrieving revision 1.23
diff -u -r1.22 -r1.23
--- policy-20060829.patch 15 Sep 2006 16:04:19 -0000 1.22
+++ policy-20060829.patch 15 Sep 2006 16:12:16 -0000 1.23
@@ -61,19 +61,6 @@
+#
+gen_tunable(allow_domains_use_tty,false)
+
-diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/mcs serefpolicy-2.3.13/policy/mcs
---- nsaserefpolicy/policy/mcs 2006-08-02 10:34:09.000000000 -0400
-+++ serefpolicy-2.3.13/policy/mcs 2006-09-13 05:16:44.000000000 -0400
-@@ -139,6 +139,9 @@
- mlsconstrain file { write setattr append unlink link rename ioctl lock execute relabelfrom }
- ( h1 dom h2 );
-
-+mlsconstrain dir { create getattr setattr read write link unlink rename search add_name remove_name reparent rmdir lock ioctl }
-+ ( h1 dom h2 );
-+
- # New filesystem object labels must be dominated by the relabeling subject
- # clearance, also the objects are single-level.
- mlsconstrain file { create relabelto }
diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/admin/anaconda.te serefpolicy-2.3.13/policy/modules/admin/anaconda.te
--- nsaserefpolicy/policy/modules/admin/anaconda.te 2006-09-01 14:10:19.000000000 -0400
+++ serefpolicy-2.3.13/policy/modules/admin/anaconda.te 2006-09-08 12:02:39.000000000 -0400
@@ -349,6 +336,17 @@
+ allow $1 rpc_pipefs_t:fifo_file { read write };
+')
+
+diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/kernel/mcs.te serefpolicy-2.3.13/policy/modules/kernel/mcs.te
+--- nsaserefpolicy/policy/modules/kernel/mcs.te 2006-08-02 10:34:05.000000000 -0400
++++ serefpolicy-2.3.13/policy/modules/kernel/mcs.te 2006-09-15 12:09:44.000000000 -0400
+@@ -43,6 +43,7 @@
+ range_transition initrc_t cupsd_exec_t s0 - s0:c0.c255;
+ range_transition initrc_t sshd_exec_t s0 - s0:c0.c255;
+ range_transition initrc_t udev_exec_t s0 - s0:c0.c255;
++range_transition initrc_t setrans_t s0 - s0:c0.c255;
+ range_transition initrc_t xdm_exec_t s0 - s0:c0.c255;
+ range_transition kernel_t udev_exec_t s0 - s0:c0.c255;
+
diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/kernel/terminal.if serefpolicy-2.3.13/policy/modules/kernel/terminal.if
--- nsaserefpolicy/policy/modules/kernel/terminal.if 2006-09-06 13:04:50.000000000 -0400
+++ serefpolicy-2.3.13/policy/modules/kernel/terminal.if 2006-09-11 10:49:59.000000000 -0400
More information about the fedora-cvs-commits
mailing list