rpms/selinux-policy/devel policy-20070501.patch, 1.9, 1.10 selinux-policy.spec, 1.455, 1.456
Daniel J Walsh (dwalsh)
fedora-extras-commits at redhat.com
Thu May 17 17:17:00 UTC 2007
- Previous message (by thread): rpms/tastymenu/FC-6 tastymenu.spec, NONE, 1.1 .cvsignore, 1.1, 1.2 sources, 1.1, 1.2
- Next message (by thread): rpms/ruby-mysql/EL-4 .cvsignore, 1.3, 1.4 ruby-mysql.spec, 1.5, 1.6 sources, 1.3, 1.4
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
Author: dwalsh
Update of /cvs/extras/rpms/selinux-policy/devel
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv21776
Modified Files:
policy-20070501.patch selinux-policy.spec
Log Message:
* Thu May 17 2007 Dan Walsh <dwalsh at redhat.com> 2.6.4-6
- allow alsactl to read kernel state
policy-20070501.patch:
Index: policy-20070501.patch
===================================================================
RCS file: /cvs/extras/rpms/selinux-policy/devel/policy-20070501.patch,v
retrieving revision 1.9
retrieving revision 1.10
diff -u -r1.9 -r1.10
--- policy-20070501.patch 16 May 2007 22:13:23 -0000 1.9
+++ policy-20070501.patch 17 May 2007 17:16:26 -0000 1.10
@@ -166,7 +166,7 @@
logging_log_file(acct_data_t)
diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/admin/alsa.fc serefpolicy-2.6.4/policy/modules/admin/alsa.fc
--- nsaserefpolicy/policy/modules/admin/alsa.fc 2006-11-16 17:15:26.000000000 -0500
-+++ serefpolicy-2.6.4/policy/modules/admin/alsa.fc 2007-05-16 17:44:09.000000000 -0400
++++ serefpolicy-2.6.4/policy/modules/admin/alsa.fc 2007-05-17 12:16:25.000000000 -0400
@@ -1,4 +1,7 @@
/etc/alsa/pcm(/.*)? gen_context(system_u:object_r:alsa_etc_rw_t,s0)
@@ -177,8 +177,8 @@
+/sbin/alsactl -- gen_context(system_u:object_r:alsa_exec_t,s0)
diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/admin/alsa.te serefpolicy-2.6.4/policy/modules/admin/alsa.te
--- nsaserefpolicy/policy/modules/admin/alsa.te 2007-01-02 12:57:51.000000000 -0500
-+++ serefpolicy-2.6.4/policy/modules/admin/alsa.te 2007-05-16 17:47:00.000000000 -0400
-@@ -20,16 +20,20 @@
++++ serefpolicy-2.6.4/policy/modules/admin/alsa.te 2007-05-17 11:22:07.000000000 -0400
+@@ -20,20 +20,23 @@
# Local policy
#
@@ -199,12 +199,20 @@
+files_search_home(alsa_t)
files_read_etc_files(alsa_t)
- term_use_generic_ptys(alsa_t)
-@@ -44,7 +48,14 @@
+-term_use_generic_ptys(alsa_t)
+-term_dontaudit_use_unallocated_ttys(alsa_t)
++kernel_read_system_state(alsa_t)
+
+ libs_use_ld_so(alsa_t)
+ libs_use_shared_libs(alsa_t)
+@@ -44,7 +47,17 @@
userdom_manage_unpriv_user_semaphores(alsa_t)
userdom_manage_unpriv_user_shared_mem(alsa_t)
+userdom_search_generic_user_home_dirs(alsa_t)
++
++term_use_generic_ptys(alsa_t)
++term_dontaudit_use_unallocated_ttys(alsa_t)
optional_policy(`
nscd_socket_use(alsa_t)
@@ -3371,8 +3379,16 @@
+')
diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/ftp.te serefpolicy-2.6.4/policy/modules/services/ftp.te
--- nsaserefpolicy/policy/modules/services/ftp.te 2007-04-23 09:36:01.000000000 -0400
-+++ serefpolicy-2.6.4/policy/modules/services/ftp.te 2007-05-08 09:59:33.000000000 -0400
-@@ -223,10 +223,15 @@
++++ serefpolicy-2.6.4/policy/modules/services/ftp.te 2007-05-17 13:03:23.000000000 -0400
+@@ -168,6 +168,7 @@
+ libs_use_shared_libs(ftpd_t)
+
+ logging_send_syslog_msg(ftpd_t)
++logging_send_audit_msg(ftpd_t)
+
+ miscfiles_read_localization(ftpd_t)
+ miscfiles_read_public_files(ftpd_t)
+@@ -223,10 +224,15 @@
userdom_manage_all_users_home_content_dirs(ftpd_t)
userdom_manage_all_users_home_content_files(ftpd_t)
userdom_manage_all_users_home_content_symlinks(ftpd_t)
@@ -4406,7 +4422,7 @@
# for scripts
diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/procmail.te serefpolicy-2.6.4/policy/modules/services/procmail.te
--- nsaserefpolicy/policy/modules/services/procmail.te 2007-04-23 09:36:01.000000000 -0400
-+++ serefpolicy-2.6.4/policy/modules/services/procmail.te 2007-05-08 09:59:33.000000000 -0400
++++ serefpolicy-2.6.4/policy/modules/services/procmail.te 2007-05-17 12:20:51.000000000 -0400
@@ -10,6 +10,7 @@
type procmail_exec_t;
domain_type(procmail_t)
@@ -4426,7 +4442,13 @@
# for a bug in the postfix local program
postfix_dontaudit_rw_local_tcp_sockets(procmail_t)
postfix_dontaudit_use_fds(procmail_t)
-@@ -124,3 +129,5 @@
+@@ -119,8 +124,11 @@
+
+ optional_policy(`
+ corenet_udp_bind_generic_port(procmail_t)
++ corenet_dontaudit_udp_bind_all_ports(procmail_t)
+
+ spamassassin_exec(procmail_t)
spamassassin_exec_client(procmail_t)
spamassassin_read_lib_files(procmail_t)
')
@@ -4848,7 +4870,7 @@
diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/samba.if serefpolicy-2.6.4/policy/modules/services/samba.if
--- nsaserefpolicy/policy/modules/services/samba.if 2007-01-02 12:57:43.000000000 -0500
-+++ serefpolicy-2.6.4/policy/modules/services/samba.if 2007-05-08 10:02:45.000000000 -0400
++++ serefpolicy-2.6.4/policy/modules/services/samba.if 2007-05-17 13:05:00.000000000 -0400
@@ -177,6 +177,27 @@
########################################
@@ -4996,7 +5018,7 @@
+')
diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/samba.te serefpolicy-2.6.4/policy/modules/services/samba.te
--- nsaserefpolicy/policy/modules/services/samba.te 2007-04-23 09:36:01.000000000 -0400
-+++ serefpolicy-2.6.4/policy/modules/services/samba.te 2007-05-08 10:04:12.000000000 -0400
++++ serefpolicy-2.6.4/policy/modules/services/samba.te 2007-05-17 13:03:49.000000000 -0400
@@ -28,6 +28,35 @@
## </desc>
gen_tunable(samba_share_nfs,false)
Index: selinux-policy.spec
===================================================================
RCS file: /cvs/extras/rpms/selinux-policy/devel/selinux-policy.spec,v
retrieving revision 1.455
retrieving revision 1.456
diff -u -r1.455 -r1.456
--- selinux-policy.spec 16 May 2007 22:13:23 -0000 1.455
+++ selinux-policy.spec 17 May 2007 17:16:26 -0000 1.456
@@ -17,7 +17,7 @@
Summary: SELinux policy configuration
Name: selinux-policy
Version: 2.6.4
-Release: 5%{?dist}
+Release: 6%{?dist}
License: GPL
Group: System Environment/Base
Source: serefpolicy-%{version}.tgz
@@ -359,6 +359,9 @@
%endif
%changelog
+* Thu May 17 2007 Dan Walsh <dwalsh at redhat.com> 2.6.4-6
+- allow alsactl to read kernel state
+
* Wed May 16 2007 Dan Walsh <dwalsh at redhat.com> 2.6.4-5
- More fixes for alsactl
- Transition from hal and modutils
- Previous message (by thread): rpms/tastymenu/FC-6 tastymenu.spec, NONE, 1.1 .cvsignore, 1.1, 1.2 sources, 1.1, 1.2
- Next message (by thread): rpms/ruby-mysql/EL-4 .cvsignore, 1.3, 1.4 ruby-mysql.spec, 1.5, 1.6 sources, 1.3, 1.4
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
More information about the fedora-extras-commits
mailing list