rpms/selinux-policy/devel policy-20070501.patch, 1.7, 1.8 selinux-policy.spec, 1.453, 1.454

Daniel J Walsh (dwalsh) fedora-extras-commits at redhat.com
Wed May 16 21:49:27 UTC 2007 

Author: dwalsh

Update of /cvs/extras/rpms/selinux-policy/devel
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv25072

Modified Files:
	policy-20070501.patch selinux-policy.spec 
Log Message:
* Wed May 16 2007 Dan Walsh <dwalsh at redhat.com> 2.6.4-4
- More fixes for alsactl


policy-20070501.patch:

Index: policy-20070501.patch
===================================================================
RCS file: /cvs/extras/rpms/selinux-policy/devel/policy-20070501.patch,v
retrieving revision 1.7
retrieving revision 1.8
diff -u -r1.7 -r1.8
--- policy-20070501.patch	16 May 2007 21:09:41 -0000	1.7
+++ policy-20070501.patch	16 May 2007 21:48:52 -0000	1.8
@@ -166,22 +166,52 @@
  logging_log_file(acct_data_t)
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/admin/alsa.fc serefpolicy-2.6.4/policy/modules/admin/alsa.fc
 --- nsaserefpolicy/policy/modules/admin/alsa.fc	2006-11-16 17:15:26.000000000 -0500
-+++ serefpolicy-2.6.4/policy/modules/admin/alsa.fc	2007-05-08 09:59:33.000000000 -0400
-@@ -1,4 +1,5 @@
++++ serefpolicy-2.6.4/policy/modules/admin/alsa.fc	2007-05-16 17:44:09.000000000 -0400
+@@ -1,4 +1,7 @@
  
  /etc/alsa/pcm(/.*)?		gen_context(system_u:object_r:alsa_etc_rw_t,s0)
 +/etc/asound(/.*)?		gen_context(system_u:object_r:alsa_etc_rw_t,s0)
++/etc/asound\.state		gen_context(system_u:object_r:alsa_etc_rw_t,s0)
  
  /usr/bin/ainit 		--	gen_context(system_u:object_r:alsa_exec_t,s0)
++/sbin/alsactl 		--	gen_context(system_u:object_r:alsa_exec_t,s0)
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/admin/alsa.te serefpolicy-2.6.4/policy/modules/admin/alsa.te
 --- nsaserefpolicy/policy/modules/admin/alsa.te	2007-01-02 12:57:51.000000000 -0500
-+++ serefpolicy-2.6.4/policy/modules/admin/alsa.te	2007-05-16 17:09:24.000000000 -0400
-@@ -48,3 +48,8 @@
++++ serefpolicy-2.6.4/policy/modules/admin/alsa.te	2007-05-16 17:47:00.000000000 -0400
+@@ -20,16 +20,20 @@
+ # Local policy
+ #
+ 
+-allow alsa_t self:capability { setgid setuid ipc_owner };
++allow alsa_t self:capability { dac_read_search dac_override setgid setuid ipc_owner };
+ dontaudit alsa_t self:capability sys_admin;
+ allow alsa_t self:sem create_sem_perms;
+ allow alsa_t self:shm create_shm_perms;
+ allow alsa_t self:unix_stream_socket create_stream_socket_perms;
+ allow alsa_t self:unix_dgram_socket create_socket_perms;
+ 
++dev_read_sound(alsa_t)
++dev_write_sound(alsa_t)
++
+ manage_files_pattern(alsa_t,alsa_etc_rw_t,alsa_etc_rw_t)
+ manage_lnk_files_pattern(alsa_t,alsa_etc_rw_t,alsa_etc_rw_t)
+ 
++files_search_home(alsa_t)
+ files_read_etc_files(alsa_t)
+ 
+ term_use_generic_ptys(alsa_t)
+@@ -44,7 +48,14 @@
+ 
+ userdom_manage_unpriv_user_semaphores(alsa_t)
+ userdom_manage_unpriv_user_shared_mem(alsa_t)
++userdom_search_generic_user_home_dirs(alsa_t)
+ 
  optional_policy(`
  	nscd_socket_use(alsa_t)
  ')
 +
 +optional_policy(`
++	hal_use_fds(alsa_t)
 +	hal_write_log(alsa_t)
 +')
 +
@@ -1402,8 +1432,16 @@
 +')
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/kernel/files.fc serefpolicy-2.6.4/policy/modules/kernel/files.fc
 --- nsaserefpolicy/policy/modules/kernel/files.fc	2006-11-16 17:15:04.000000000 -0500
-+++ serefpolicy-2.6.4/policy/modules/kernel/files.fc	2007-05-08 09:59:33.000000000 -0400
-@@ -54,6 +54,7 @@
++++ serefpolicy-2.6.4/policy/modules/kernel/files.fc	2007-05-16 17:44:33.000000000 -0400
+@@ -45,7 +45,6 @@
+ /etc			-d	gen_context(system_u:object_r:etc_t,s0)
+ /etc/.*				gen_context(system_u:object_r:etc_t,s0)
+ /etc/\.fstab\.hal\..+	--	gen_context(system_u:object_r:etc_runtime_t,s0)
+-/etc/asound\.state	--	gen_context(system_u:object_r:etc_runtime_t,s0)
+ /etc/blkid(/.*)?		gen_context(system_u:object_r:etc_runtime_t,s0)
+ /etc/fstab\.REVOKE	--	gen_context(system_u:object_r:etc_runtime_t,s0)
+ /etc/HOSTNAME		--	gen_context(system_u:object_r:etc_runtime_t,s0)
+@@ -54,6 +53,7 @@
  /etc/issue\.net		--	gen_context(system_u:object_r:etc_runtime_t,s0)
  /etc/localtime		-l	gen_context(system_u:object_r:etc_t,s0)
  /etc/mtab		--	gen_context(system_u:object_r:etc_runtime_t,s0)
@@ -3381,7 +3419,7 @@
 +
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/hal.if serefpolicy-2.6.4/policy/modules/services/hal.if
 --- nsaserefpolicy/policy/modules/services/hal.if	2007-02-19 11:32:53.000000000 -0500
-+++ serefpolicy-2.6.4/policy/modules/services/hal.if	2007-05-14 15:45:53.000000000 -0400
++++ serefpolicy-2.6.4/policy/modules/services/hal.if	2007-05-16 17:46:44.000000000 -0400
 @@ -208,3 +208,98 @@
  	files_search_pids($1)
  	allow $1 hald_var_run_t:file rw_file_perms;


Index: selinux-policy.spec
===================================================================
RCS file: /cvs/extras/rpms/selinux-policy/devel/selinux-policy.spec,v
retrieving revision 1.453
retrieving revision 1.454
diff -u -r1.453 -r1.454
--- selinux-policy.spec	16 May 2007 21:09:41 -0000	1.453
+++ selinux-policy.spec	16 May 2007 21:48:52 -0000	1.454
@@ -17,7 +17,7 @@
 Summary: SELinux policy configuration
 Name: selinux-policy
 Version: 2.6.4
-Release: 3%{?dist}
+Release: 4%{?dist}
 License: GPL
 Group: System Environment/Base
 Source: serefpolicy-%{version}.tgz
@@ -359,6 +359,9 @@
 %endif
 
 %changelog
+* Wed May 16 2007 Dan Walsh <dwalsh at redhat.com> 2.6.4-4
+- More fixes for alsactl
+
 * Wed May 16 2007 Dan Walsh <dwalsh at redhat.com> 2.6.4-3
 - Fixes for suspend resume.  
 	- insmod domtrans to alsactl

More information about the fedora-extras-commits mailing list