rpms/selinux-policy/devel policy-20070703.patch, 1.98, 1.99 selinux-policy.spec, 1.548, 1.549
Daniel J Walsh (dwalsh)
fedora-extras-commits at redhat.com
Thu Oct 18 22:33:44 UTC 2007
Author: dwalsh
Update of /cvs/extras/rpms/selinux-policy/devel
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv4572
Modified Files:
policy-20070703.patch selinux-policy.spec
Log Message:
* Thu Oct 16 2007 Dan Walsh <dwalsh at redhat.com> 3.0.8-26
- Allow rshd to connect to ports > 1023
policy-20070703.patch:
Index: policy-20070703.patch
===================================================================
RCS file: /cvs/extras/rpms/selinux-policy/devel/policy-20070703.patch,v
retrieving revision 1.98
retrieving revision 1.99
diff -u -r1.98 -r1.99
--- policy-20070703.patch 18 Oct 2007 22:00:35 -0000 1.98
+++ policy-20070703.patch 18 Oct 2007 22:33:41 -0000 1.99
@@ -7559,7 +7559,7 @@
########################################
diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/ftp.te serefpolicy-3.0.8/policy/modules/services/ftp.te
--- nsaserefpolicy/policy/modules/services/ftp.te 2007-07-25 10:37:42.000000000 -0400
-+++ serefpolicy-3.0.8/policy/modules/services/ftp.te 2007-10-04 10:58:28.000000000 -0400
++++ serefpolicy-3.0.8/policy/modules/services/ftp.te 2007-10-18 18:32:54.000000000 -0400
@@ -88,6 +88,7 @@
allow ftpd_t self:unix_stream_socket create_stream_socket_perms;
allow ftpd_t self:tcp_socket create_stream_socket_perms;
@@ -9999,7 +9999,7 @@
userdom_read_unpriv_users_tmp_files(gssd_t)
diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/rshd.te serefpolicy-3.0.8/policy/modules/services/rshd.te
--- nsaserefpolicy/policy/modules/services/rshd.te 2007-09-12 10:34:50.000000000 -0400
-+++ serefpolicy-3.0.8/policy/modules/services/rshd.te 2007-10-18 14:07:32.000000000 -0400
++++ serefpolicy-3.0.8/policy/modules/services/rshd.te 2007-10-18 18:33:05.000000000 -0400
@@ -16,10 +16,11 @@
#
# Local policy
@@ -10018,7 +10018,7 @@
corenet_tcp_bind_all_nodes(rshd_t)
corenet_tcp_bind_rsh_port(rshd_t)
+corenet_tcp_bind_all_rpc_ports(rshd_t)
-+corenet_tcp_bind_all_unreserved_ports(rshd_t)
++corenet_tcp_connect_all_ports(rshd_t)
+corenet_tcp_connect_all_rpc_ports(rshd_t)
corenet_sendrecv_rsh_server_packets(rshd_t)
Index: selinux-policy.spec
===================================================================
RCS file: /cvs/extras/rpms/selinux-policy/devel/selinux-policy.spec,v
retrieving revision 1.548
retrieving revision 1.549
diff -u -r1.548 -r1.549
--- selinux-policy.spec 18 Oct 2007 22:00:35 -0000 1.548
+++ selinux-policy.spec 18 Oct 2007 22:33:41 -0000 1.549
@@ -17,7 +17,7 @@
Summary: SELinux policy configuration
Name: selinux-policy
Version: 3.0.8
-Release: 25%{?dist}
+Release: 26%{?dist}
License: GPLv2+
Group: System Environment/Base
Source: serefpolicy-%{version}.tgz
@@ -373,10 +373,12 @@
%endif
%changelog
+* Thu Oct 16 2007 Dan Walsh <dwalsh at redhat.com> 3.0.8-26
+- Allow rshd to connect to ports > 1023
+
* Thu Oct 16 2007 Dan Walsh <dwalsh at redhat.com> 3.0.8-25
- Fix vpn to bind to port 4500
- Allow ssh to create shm
-- Allow rshd to bind to ports > 1023
- Add Kismet policy
* Tue Oct 16 2007 Dan Walsh <dwalsh at redhat.com> 3.0.8-24
More information about the fedora-extras-commits
mailing list