rpms/selinux-policy/F-7 policy-20070501.patch,1.56,1.57
Daniel J Walsh (dwalsh)
fedora-extras-commits at redhat.com
Tue Sep 11 19:14:49 UTC 2007
Author: dwalsh
Update of /cvs/extras/rpms/selinux-policy/F-7
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv21668
Modified Files:
policy-20070501.patch
Log Message:
* Mon Sep 10 2007 Dan Walsh <dwalsh at redhat.com> 2.6.4-42
- Allow modprobe to setsched on kernel
policy-20070501.patch:
Index: policy-20070501.patch
===================================================================
RCS file: /cvs/extras/rpms/selinux-policy/F-7/policy-20070501.patch,v
retrieving revision 1.56
retrieving revision 1.57
diff -u -r1.56 -r1.57
--- policy-20070501.patch 11 Sep 2007 18:41:14 -0000 1.56
+++ policy-20070501.patch 11 Sep 2007 19:14:45 -0000 1.57
@@ -281,7 +281,7 @@
+
diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/admin/amanda.te serefpolicy-2.6.4/policy/modules/admin/amanda.te
--- nsaserefpolicy/policy/modules/admin/amanda.te 2007-05-07 14:51:05.000000000 -0400
-+++ serefpolicy-2.6.4/policy/modules/admin/amanda.te 2007-09-11 09:15:03.000000000 -0400
++++ serefpolicy-2.6.4/policy/modules/admin/amanda.te 2007-09-11 15:13:25.000000000 -0400
@@ -1,5 +1,5 @@
-policy_module(amanda,1.5.0)
@@ -346,17 +346,16 @@
kernel_read_system_state(amanda_t)
kernel_read_kernel_sysctls(amanda_t)
kernel_dontaudit_getattr_unlabeled_files(amanda_t)
-@@ -113,7 +117,8 @@
+@@ -113,7 +117,7 @@
# Added for targeted policy
term_use_unallocated_ttys(amanda_t)
-corenet_non_ipsec_sendrecv(amanda_t)
+corenet_all_recvfrom_unlabeled(amanda_t)
-+corenet_all_recvfrom_netlabel(amanda_t)
corenet_tcp_sendrecv_all_if(amanda_t)
corenet_udp_sendrecv_all_if(amanda_t)
corenet_raw_sendrecv_all_if(amanda_t)
-@@ -150,8 +155,6 @@
+@@ -150,8 +154,6 @@
libs_use_ld_so(amanda_t)
libs_use_shared_libs(amanda_t)
@@ -365,7 +364,7 @@
optional_policy(`
auth_read_shadow(amanda_t)
')
-@@ -160,14 +163,6 @@
+@@ -160,14 +162,6 @@
logging_send_syslog_msg(amanda_t)
')
@@ -380,7 +379,7 @@
########################################
#
# Amanda recover local policy
-@@ -197,10 +192,13 @@
+@@ -197,10 +191,12 @@
manage_sock_files_pattern(amanda_recover_t,amanda_tmp_t,amanda_tmp_t)
files_tmp_filetrans(amanda_recover_t,amanda_tmp_t,{ dir file lnk_file sock_file fifo_file })
@@ -391,11 +390,10 @@
-corenet_non_ipsec_sendrecv(amanda_recover_t)
+corenet_all_recvfrom_unlabeled(amanda_recover_t)
-+corenet_all_recvfrom_netlabel(amanda_recover_t)
corenet_tcp_sendrecv_all_if(amanda_recover_t)
corenet_udp_sendrecv_all_if(amanda_recover_t)
corenet_tcp_sendrecv_all_nodes(amanda_recover_t)
-@@ -232,14 +230,4 @@
+@@ -232,14 +228,4 @@
miscfiles_read_localization(amanda_recover_t)
@@ -5256,8 +5254,8 @@
tunable_policy(`ftp_home_dir && use_nfs_home_dirs',`
diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/hal.fc serefpolicy-2.6.4/policy/modules/services/hal.fc
--- nsaserefpolicy/policy/modules/services/hal.fc 2007-05-07 14:51:01.000000000 -0400
-+++ serefpolicy-2.6.4/policy/modules/services/hal.fc 2007-08-07 09:42:35.000000000 -0400
-@@ -2,15 +2,20 @@
++++ serefpolicy-2.6.4/policy/modules/services/hal.fc 2007-09-11 15:14:23.000000000 -0400
+@@ -2,15 +2,22 @@
/etc/hal/device\.d/printer_remove\.hal -- gen_context(system_u:object_r:hald_exec_t,s0)
/etc/hal/capability\.d/printer_update\.hal -- gen_context(system_u:object_r:hald_exec_t,s0)
@@ -5283,6 +5281,8 @@
+
+/var/log/pm-suspend.log gen_context(system_u:object_r:hald_log_t,s0)
+
++/var/run/pm(/.*)? gen_context(system_u:object_r:hald_var_run_t,s0)
++/var/log/pm(/.*)? gen_context(system_u:object_r:hald_log_t,s0)
diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/hal.if serefpolicy-2.6.4/policy/modules/services/hal.if
--- nsaserefpolicy/policy/modules/services/hal.if 2007-05-07 14:51:01.000000000 -0400
+++ serefpolicy-2.6.4/policy/modules/services/hal.if 2007-08-07 09:42:35.000000000 -0400
More information about the fedora-extras-commits
mailing list