rpms/selinux-policy/F-7 policy-20070501.patch,1.55,1.56
Daniel J Walsh (dwalsh)
fedora-extras-commits at redhat.com
Tue Sep 11 18:41:47 UTC 2007
- Previous message (by thread): rpms/gperiodic/devel gtk.patch,NONE,1.1 gperiodic.spec,1.8,1.9
- Next message (by thread): rpms/mach/F-7 .cvsignore, 1.5, 1.6 mach.spec, 1.12, 1.13 sources, 1.6, 1.7
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
Author: dwalsh
Update of /cvs/extras/rpms/selinux-policy/F-7
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv13944
Modified Files:
policy-20070501.patch
Log Message:
* Mon Sep 10 2007 Dan Walsh <dwalsh at redhat.com> 2.6.4-42
- Allow modprobe to setsched on kernel
policy-20070501.patch:
Index: policy-20070501.patch
===================================================================
RCS file: /cvs/extras/rpms/selinux-policy/F-7/policy-20070501.patch,v
retrieving revision 1.55
retrieving revision 1.56
diff -u -r1.55 -r1.56
--- policy-20070501.patch 11 Sep 2007 15:56:03 -0000 1.55
+++ policy-20070501.patch 11 Sep 2007 18:41:14 -0000 1.56
@@ -2198,7 +2198,7 @@
/usr/src/kernels/.+/lib(/.*)? gen_context(system_u:object_r:usr_t,s0)
diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/kernel/files.if serefpolicy-2.6.4/policy/modules/kernel/files.if
--- nsaserefpolicy/policy/modules/kernel/files.if 2007-05-07 14:51:02.000000000 -0400
-+++ serefpolicy-2.6.4/policy/modules/kernel/files.if 2007-08-27 09:57:21.000000000 -0400
++++ serefpolicy-2.6.4/policy/modules/kernel/files.if 2007-09-11 14:40:52.000000000 -0400
@@ -343,8 +343,7 @@
########################################
@@ -2301,7 +2301,32 @@
')
########################################
-@@ -3310,6 +3346,43 @@
+@@ -3112,6 +3148,24 @@
+
+ ########################################
+ ## <summary>
++## Manage temporary directories in /tmp.
++## </summary>
++## <param name="domain">
++## <summary>
++## The type of the process performing this action.
++## </summary>
++## </param>
++#
++interface(`files_manage_generic_tmp_dirs',`
++ gen_require(`
++ type tmp_t;
++ ')
++
++ manage_dirs_pattern($1,tmp_t,tmp_t)
++')
++
++########################################
++## <summary>
+ ## Manage temporary files and directories in /tmp.
+ ## </summary>
+ ## <param name="domain">
+@@ -3310,6 +3364,43 @@
########################################
## <summary>
@@ -2345,7 +2370,7 @@
## Get the attributes of files in /usr.
## </summary>
## <param name="domain">
-@@ -3386,6 +3459,24 @@
+@@ -3386,6 +3477,24 @@
########################################
## <summary>
@@ -2370,7 +2395,7 @@
## Read symbolic links in /usr.
## </summary>
## <param name="domain">
-@@ -3432,6 +3523,24 @@
+@@ -3432,6 +3541,24 @@
########################################
## <summary>
@@ -2395,7 +2420,7 @@
## Do not audit attempts to search /usr/src.
## </summary>
## <param name="domain">
-@@ -3637,7 +3746,7 @@
+@@ -3637,7 +3764,7 @@
type var_t;
')
@@ -2404,7 +2429,7 @@
')
########################################
-@@ -3993,7 +4102,7 @@
+@@ -3993,7 +4120,7 @@
type var_lock_t;
')
@@ -2413,7 +2438,7 @@
')
########################################
-@@ -4012,7 +4121,7 @@
+@@ -4012,7 +4139,7 @@
type var_t, var_lock_t;
')
@@ -2422,7 +2447,7 @@
')
########################################
-@@ -4181,7 +4290,7 @@
+@@ -4181,7 +4308,7 @@
type var_run_t;
')
@@ -2431,7 +2456,7 @@
')
########################################
-@@ -4529,6 +4638,8 @@
+@@ -4529,6 +4656,8 @@
# Need to give access to /selinux/member
selinux_compute_member($1)
@@ -2440,7 +2465,7 @@
# Need sys_admin capability for mounting
allow $1 self:capability { chown fsetid sys_admin };
-@@ -4551,6 +4662,8 @@
+@@ -4551,6 +4680,8 @@
# Default type for mountpoints
allow $1 poly_t:dir { create mounton };
fs_unmount_xattr_fs($1)
@@ -2449,7 +2474,7 @@
')
########################################
-@@ -4588,3 +4701,28 @@
+@@ -4588,3 +4719,28 @@
allow $1 { file_type -security_file_type }:dir manage_dir_perms;
')
- Previous message (by thread): rpms/gperiodic/devel gtk.patch,NONE,1.1 gperiodic.spec,1.8,1.9
- Next message (by thread): rpms/mach/F-7 .cvsignore, 1.5, 1.6 mach.spec, 1.12, 1.13 sources, 1.6, 1.7
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
More information about the fedora-extras-commits
mailing list