rpms/selinux-policy/F-7 policy-20070501.patch,1.71,1.72

Daniel J Walsh (dwalsh) fedora-extras-commits at redhat.com
Wed Oct 31 00:03:48 UTC 2007 

Author: dwalsh

Update of /cvs/extras/rpms/selinux-policy/F-7
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv6624

Modified Files:
	policy-20070501.patch 
Log Message:
* Tue Oct 30 2007 Dan Walsh <dwalsh at redhat.com> 2.6.4-51
- Allow fd passing
- dontaudit rpm_rw_pipes
- Allow mount to start rpc_mountd


policy-20070501.patch:

Index: policy-20070501.patch
===================================================================
RCS file: /cvs/extras/rpms/selinux-policy/F-7/policy-20070501.patch,v
retrieving revision 1.71
retrieving revision 1.72
diff -u -r1.71 -r1.72
--- policy-20070501.patch	30 Oct 2007 21:02:59 -0000	1.71
+++ policy-20070501.patch	31 Oct 2007 00:03:45 -0000	1.72
@@ -8793,7 +8793,7 @@
 +
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/rpc.if serefpolicy-2.6.4/policy/modules/services/rpc.if
 --- nsaserefpolicy/policy/modules/services/rpc.if	2007-05-07 14:51:01.000000000 -0400
-+++ serefpolicy-2.6.4/policy/modules/services/rpc.if	2007-08-07 09:42:35.000000000 -0400
++++ serefpolicy-2.6.4/policy/modules/services/rpc.if	2007-10-30 19:57:49.000000000 -0400
 @@ -89,8 +89,11 @@
  	# bind to arbitary unused ports
  	corenet_tcp_bind_generic_port($1_t)
@@ -8807,6 +8807,31 @@
  
  	fs_rw_rpc_named_pipes($1_t) 
  	fs_search_auto_mountpoints($1_t)
+@@ -220,6 +223,24 @@
+ 
+ ########################################
+ ## <summary>
++##      Execute domain in nfsd domain.
++## </summary>
++## <param name="domain">
++##	<summary>
++##      The type of the process performing this action.
++##	</summary>
++## </param>
++#
++interface(`rpc_domtrans_rpcd',`
++	gen_require(`
++		type rpcd_t, rpcd_exec_t;
++	')
++
++	domtrans_pattern($1,rpcd_exec_t,rpcd_t)
++')
++
++########################################
++## <summary>
+ ##      Read NFS exported content.
+ ## </summary>
+ ## <param name="domain">
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/rpc.te serefpolicy-2.6.4/policy/modules/services/rpc.te
 --- nsaserefpolicy/policy/modules/services/rpc.te	2007-05-07 14:51:01.000000000 -0400
 +++ serefpolicy-2.6.4/policy/modules/services/rpc.te	2007-08-20 14:56:56.000000000 -0400

More information about the fedora-extras-commits mailing list