rpms/selinux-policy/F-8 policy-20070703.patch,1.129,1.130
Daniel J Walsh (dwalsh)
fedora-extras-commits at redhat.com
Sat Nov 10 14:14:24 UTC 2007
- Previous message (by thread): rpms/selinux-policy/devel booleans-targeted.conf, 1.34, 1.35 modules-targeted.conf, 1.70, 1.71 policy-20071023.patch, 1.5, 1.6 selinux-policy.spec, 1.554, 1.555
- Next message (by thread): rpms/selinux-policy/devel .cvsignore, 1.125, 1.126 sources, 1.136, 1.137
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
Author: dwalsh
Update of /cvs/extras/rpms/selinux-policy/F-8
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv17906
Modified Files:
policy-20070703.patch
Log Message:
* Sat Nov 10 2007 Dan Walsh <dwalsh at redhat.com> 3.0.8-51
- Allow login programs to run mount
- Dontaudit writes to user_home_t for semanage
- Allow sendmail to write to cyrus_stream
- Define /dev/dmmidi1 as a sound_device_t
- Allow saslauthd to use nis_authentication
policy-20070703.patch:
Index: policy-20070703.patch
===================================================================
RCS file: /cvs/extras/rpms/selinux-policy/F-8/policy-20070703.patch,v
retrieving revision 1.129
retrieving revision 1.130
diff -u -r1.129 -r1.130
--- policy-20070703.patch 10 Nov 2007 13:18:35 -0000 1.129
+++ policy-20070703.patch 10 Nov 2007 14:14:21 -0000 1.130
@@ -13806,7 +13806,7 @@
+/var/cache/coolkey(/.*)? gen_context(system_u:object_r:auth_cache_t,s0)
diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/authlogin.if serefpolicy-3.0.8/policy/modules/system/authlogin.if
--- nsaserefpolicy/policy/modules/system/authlogin.if 2007-10-22 13:21:39.000000000 -0400
-+++ serefpolicy-3.0.8/policy/modules/system/authlogin.if 2007-11-10 07:11:24.000000000 -0500
++++ serefpolicy-3.0.8/policy/modules/system/authlogin.if 2007-11-10 09:11:11.000000000 -0500
@@ -26,7 +26,8 @@
type $1_chkpwd_t, can_read_shadow_passwords;
application_domain($1_chkpwd_t,chkpwd_exec_t)
@@ -13870,7 +13870,7 @@
selinux_get_fs_mount($1)
selinux_validate_context($1)
selinux_compute_access_vector($1)
-@@ -196,20 +218,41 @@
+@@ -196,20 +218,42 @@
mls_fd_share_all_levels($1)
auth_domtrans_chk_passwd($1)
@@ -13905,6 +13905,7 @@
+
+ optional_policy(`
+ nis_authenticate($1)
++ ')
+
+ optional_policy(`
+ unconfined_set_rlimitnh($1)
@@ -13913,7 +13914,7 @@
tunable_policy(`allow_polyinstantiation',`
files_polyinstantiate_all($1)
')
-@@ -309,9 +352,6 @@
+@@ -309,9 +353,6 @@
type system_chkpwd_t, chkpwd_exec_t, shadow_t;
')
@@ -13923,7 +13924,7 @@
corecmd_search_bin($1)
domtrans_pattern($1,chkpwd_exec_t,system_chkpwd_t)
-@@ -329,6 +369,8 @@
+@@ -329,6 +370,8 @@
optional_policy(`
kerberos_use($1)
@@ -13932,7 +13933,7 @@
')
optional_policy(`
-@@ -347,6 +389,37 @@
+@@ -347,6 +390,37 @@
########################################
## <summary>
@@ -13970,7 +13971,7 @@
## Get the attributes of the shadow passwords file.
## </summary>
## <param name="domain">
-@@ -695,6 +768,24 @@
+@@ -695,6 +769,24 @@
########################################
## <summary>
@@ -13995,7 +13996,7 @@
## Execute pam programs in the PAM domain.
## </summary>
## <param name="domain">
-@@ -1318,16 +1409,14 @@
+@@ -1318,16 +1410,14 @@
## </param>
#
interface(`auth_use_nsswitch',`
@@ -14015,7 +14016,7 @@
miscfiles_read_certs($1)
sysnet_dns_name_resolve($1)
-@@ -1347,6 +1436,8 @@
+@@ -1347,6 +1437,8 @@
optional_policy(`
samba_stream_connect_winbind($1)
@@ -14024,7 +14025,7 @@
')
')
-@@ -1381,3 +1472,181 @@
+@@ -1381,3 +1473,181 @@
typeattribute $1 can_write_shadow_passwords;
typeattribute $1 can_relabelto_shadow_passwords;
')
- Previous message (by thread): rpms/selinux-policy/devel booleans-targeted.conf, 1.34, 1.35 modules-targeted.conf, 1.70, 1.71 policy-20071023.patch, 1.5, 1.6 selinux-policy.spec, 1.554, 1.555
- Next message (by thread): rpms/selinux-policy/devel .cvsignore, 1.125, 1.126 sources, 1.136, 1.137
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
More information about the fedora-extras-commits
mailing list