rpms/selinux-policy/devel policy-20070703.patch, 1.98, 1.99 selinux-policy.spec, 1.548, 1.549

[Daniel J Walsh (dwalsh)]

Author: dwalsh

Update of /cvs/extras/rpms/selinux-policy/devel
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv4572

Modified Files:
	policy-20070703.patch selinux-policy.spec 
Log Message:
* Thu Oct 16 2007 Dan Walsh <dwalsh at redhat.com> 3.0.8-26
- Allow rshd to connect to ports > 1023


policy-20070703.patch:

Index: policy-20070703.patch
===================================================================
RCS file: /cvs/extras/rpms/selinux-policy/devel/policy-20070703.patch,v
retrieving revision 1.98
retrieving revision 1.99
diff -u -r1.98 -r1.99
--- policy-20070703.patch	18 Oct 2007 22:00:35 -0000	1.98
+++ policy-20070703.patch	18 Oct 2007 22:33:41 -0000	1.99
@@ -7559,7 +7559,7 @@
  ########################################
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/ftp.te serefpolicy-3.0.8/policy/modules/services/ftp.te
 --- nsaserefpolicy/policy/modules/services/ftp.te	2007-07-25 10:37:42.000000000 -0400
-+++ serefpolicy-3.0.8/policy/modules/services/ftp.te	2007-10-04 10:58:28.000000000 -0400
++++ serefpolicy-3.0.8/policy/modules/services/ftp.te	2007-10-18 18:32:54.000000000 -0400
 @@ -88,6 +88,7 @@
  allow ftpd_t self:unix_stream_socket create_stream_socket_perms;
  allow ftpd_t self:tcp_socket create_stream_socket_perms;
@@ -9999,7 +9999,7 @@
  	userdom_read_unpriv_users_tmp_files(gssd_t) 
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/rshd.te serefpolicy-3.0.8/policy/modules/services/rshd.te
 --- nsaserefpolicy/policy/modules/services/rshd.te	2007-09-12 10:34:50.000000000 -0400
-+++ serefpolicy-3.0.8/policy/modules/services/rshd.te	2007-10-18 14:07:32.000000000 -0400
++++ serefpolicy-3.0.8/policy/modules/services/rshd.te	2007-10-18 18:33:05.000000000 -0400
 @@ -16,10 +16,11 @@
  #
  # Local policy
@@ -10018,7 +10018,7 @@
  corenet_tcp_bind_all_nodes(rshd_t)
  corenet_tcp_bind_rsh_port(rshd_t)
 +corenet_tcp_bind_all_rpc_ports(rshd_t)
-+corenet_tcp_bind_all_unreserved_ports(rshd_t)
++corenet_tcp_connect_all_ports(rshd_t)
 +corenet_tcp_connect_all_rpc_ports(rshd_t)
  corenet_sendrecv_rsh_server_packets(rshd_t)
  


Index: selinux-policy.spec
===================================================================
RCS file: /cvs/extras/rpms/selinux-policy/devel/selinux-policy.spec,v
retrieving revision 1.548
retrieving revision 1.549
diff -u -r1.548 -r1.549
--- selinux-policy.spec	18 Oct 2007 22:00:35 -0000	1.548
+++ selinux-policy.spec	18 Oct 2007 22:33:41 -0000	1.549
@@ -17,7 +17,7 @@
 Summary: SELinux policy configuration
 Name: selinux-policy
 Version: 3.0.8
-Release: 25%{?dist}
+Release: 26%{?dist}
 License: GPLv2+
 Group: System Environment/Base
 Source: serefpolicy-%{version}.tgz
@@ -373,10 +373,12 @@
 %endif
 
 %changelog
+* Thu Oct 16 2007 Dan Walsh <dwalsh at redhat.com> 3.0.8-26
+- Allow rshd to connect to ports > 1023
+
 * Thu Oct 16 2007 Dan Walsh <dwalsh at redhat.com> 3.0.8-25
 - Fix vpn to bind to port 4500
 - Allow ssh to create shm
-- Allow rshd to bind to ports > 1023
 - Add Kismet policy
 
 * Tue Oct 16 2007 Dan Walsh <dwalsh at redhat.com> 3.0.8-24