rpms/selinux-policy/F-7 policy-20070501.patch,1.56,1.57

[Daniel J Walsh (dwalsh)]

Author: dwalsh

Update of /cvs/extras/rpms/selinux-policy/F-7
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv21668

Modified Files:
	policy-20070501.patch 
Log Message:
* Mon Sep 10 2007 Dan Walsh <dwalsh at redhat.com> 2.6.4-42
- Allow modprobe to setsched on kernel


policy-20070501.patch:

Index: policy-20070501.patch
===================================================================
RCS file: /cvs/extras/rpms/selinux-policy/F-7/policy-20070501.patch,v
retrieving revision 1.56
retrieving revision 1.57
diff -u -r1.56 -r1.57
--- policy-20070501.patch	11 Sep 2007 18:41:14 -0000	1.56
+++ policy-20070501.patch	11 Sep 2007 19:14:45 -0000	1.57
@@ -281,7 +281,7 @@
 +
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/admin/amanda.te serefpolicy-2.6.4/policy/modules/admin/amanda.te
 --- nsaserefpolicy/policy/modules/admin/amanda.te	2007-05-07 14:51:05.000000000 -0400
-+++ serefpolicy-2.6.4/policy/modules/admin/amanda.te	2007-09-11 09:15:03.000000000 -0400
++++ serefpolicy-2.6.4/policy/modules/admin/amanda.te	2007-09-11 15:13:25.000000000 -0400
 @@ -1,5 +1,5 @@
  
 -policy_module(amanda,1.5.0)
@@ -346,17 +346,16 @@
  kernel_read_system_state(amanda_t)
  kernel_read_kernel_sysctls(amanda_t)
  kernel_dontaudit_getattr_unlabeled_files(amanda_t)
-@@ -113,7 +117,8 @@
+@@ -113,7 +117,7 @@
  # Added for targeted policy
  term_use_unallocated_ttys(amanda_t)
  
 -corenet_non_ipsec_sendrecv(amanda_t)
 +corenet_all_recvfrom_unlabeled(amanda_t)
-+corenet_all_recvfrom_netlabel(amanda_t)
  corenet_tcp_sendrecv_all_if(amanda_t)
  corenet_udp_sendrecv_all_if(amanda_t)
  corenet_raw_sendrecv_all_if(amanda_t)
-@@ -150,8 +155,6 @@
+@@ -150,8 +154,6 @@
  libs_use_ld_so(amanda_t)
  libs_use_shared_libs(amanda_t)
  
@@ -365,7 +364,7 @@
  optional_policy(`
  	auth_read_shadow(amanda_t)
  ')
-@@ -160,14 +163,6 @@
+@@ -160,14 +162,6 @@
  	logging_send_syslog_msg(amanda_t)
  ')
  
@@ -380,7 +379,7 @@
  ########################################
  #
  # Amanda recover local policy
-@@ -197,10 +192,13 @@
+@@ -197,10 +191,12 @@
  manage_sock_files_pattern(amanda_recover_t,amanda_tmp_t,amanda_tmp_t)
  files_tmp_filetrans(amanda_recover_t,amanda_tmp_t,{ dir file lnk_file sock_file fifo_file })
  
@@ -391,11 +390,10 @@
  
 -corenet_non_ipsec_sendrecv(amanda_recover_t)
 +corenet_all_recvfrom_unlabeled(amanda_recover_t)
-+corenet_all_recvfrom_netlabel(amanda_recover_t)
  corenet_tcp_sendrecv_all_if(amanda_recover_t)
  corenet_udp_sendrecv_all_if(amanda_recover_t)
  corenet_tcp_sendrecv_all_nodes(amanda_recover_t)
-@@ -232,14 +230,4 @@
+@@ -232,14 +228,4 @@
  
  miscfiles_read_localization(amanda_recover_t)
  
@@ -5256,8 +5254,8 @@
  tunable_policy(`ftp_home_dir && use_nfs_home_dirs',`
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/hal.fc serefpolicy-2.6.4/policy/modules/services/hal.fc
 --- nsaserefpolicy/policy/modules/services/hal.fc	2007-05-07 14:51:01.000000000 -0400
-+++ serefpolicy-2.6.4/policy/modules/services/hal.fc	2007-08-07 09:42:35.000000000 -0400
-@@ -2,15 +2,20 @@
++++ serefpolicy-2.6.4/policy/modules/services/hal.fc	2007-09-11 15:14:23.000000000 -0400
+@@ -2,15 +2,22 @@
  /etc/hal/device\.d/printer_remove\.hal -- 	gen_context(system_u:object_r:hald_exec_t,s0)
  /etc/hal/capability\.d/printer_update\.hal --	gen_context(system_u:object_r:hald_exec_t,s0)
  
@@ -5283,6 +5281,8 @@
 +
 +/var/log/pm-suspend.log				gen_context(system_u:object_r:hald_log_t,s0)
 +
++/var/run/pm(/.*)?				gen_context(system_u:object_r:hald_var_run_t,s0)
++/var/log/pm(/.*)?				gen_context(system_u:object_r:hald_log_t,s0)
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/hal.if serefpolicy-2.6.4/policy/modules/services/hal.if
 --- nsaserefpolicy/policy/modules/services/hal.if	2007-05-07 14:51:01.000000000 -0400
 +++ serefpolicy-2.6.4/policy/modules/services/hal.if	2007-08-07 09:42:35.000000000 -0400