rpms/selinux-policy/devel policy-20070703.patch,1.57,1.58
Daniel J Walsh (dwalsh)
fedora-extras-commits at redhat.com
Tue Sep 18 14:45:36 UTC 2007
- Previous message (by thread): rpms/emacs/devel emacs.spec, 1.98, 1.99 python-mode-init.el, 1.1, NONE python-mode.el, 1.3, NONE
- Next message (by thread): rpms/libX11/F-7 libX11-1.1.2-GetMotionEvents.patch, NONE, 1.1 libX11.spec, 1.35, 1.36
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
Author: dwalsh
Update of /cvs/extras/rpms/selinux-policy/devel
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv13174
Modified Files:
policy-20070703.patch
Log Message:
* Mon Sep 17 2007 Dan Walsh <dwalsh at redhat.com> 3.0.8-1
- Allow cron to search nfs and samba homedirs
policy-20070703.patch:
Index: policy-20070703.patch
===================================================================
RCS file: /cvs/extras/rpms/selinux-policy/devel/policy-20070703.patch,v
retrieving revision 1.57
retrieving revision 1.58
diff -u -r1.57 -r1.58
--- policy-20070703.patch 18 Sep 2007 14:42:55 -0000 1.57
+++ policy-20070703.patch 18 Sep 2007 14:45:04 -0000 1.58
@@ -4769,7 +4769,7 @@
+/usr/local/Brother/inf(/.*)? gen_context(system_u:object_r:cupsd_rw_etc_t,s0)
diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/cups.te serefpolicy-3.0.8/policy/modules/services/cups.te
--- nsaserefpolicy/policy/modules/services/cups.te 2007-09-12 10:34:50.000000000 -0400
-+++ serefpolicy-3.0.8/policy/modules/services/cups.te 2007-09-17 16:20:18.000000000 -0400
++++ serefpolicy-3.0.8/policy/modules/services/cups.te 2007-09-18 10:43:40.000000000 -0400
@@ -81,12 +81,11 @@
# /usr/lib/cups/backend/serial needs sys_admin(?!)
allow cupsd_t self:capability { sys_admin dac_override dac_read_search kill setgid setuid fsetid net_bind_service fowner chown dac_override sys_resource sys_tty_config };
@@ -4847,7 +4847,15 @@
files_list_world_readable(cupsd_t)
files_read_world_readable_files(cupsd_t)
files_read_world_readable_symlinks(cupsd_t)
-@@ -221,17 +228,37 @@
+@@ -202,6 +209,7 @@
+ files_dontaudit_getattr_all_tmp_files(cupsd_t)
+
+ selinux_compute_access_vector(cupsd_t)
++selinux_validate_context(cupsd_t)
+
+ init_exec_script_files(cupsd_t)
+
+@@ -221,17 +229,37 @@
sysnet_read_config(cupsd_t)
@@ -4885,7 +4893,7 @@
apm_domtrans_client(cupsd_t)
')
-@@ -263,16 +290,16 @@
+@@ -263,16 +291,16 @@
')
optional_policy(`
@@ -4906,7 +4914,7 @@
seutil_sigchld_newrole(cupsd_t)
')
-@@ -377,6 +404,14 @@
+@@ -377,6 +405,14 @@
')
optional_policy(`
@@ -4921,7 +4929,7 @@
cron_system_entry(cupsd_config_t, cupsd_config_exec_t)
')
-@@ -560,7 +595,7 @@
+@@ -560,7 +596,7 @@
dev_read_urand(hplip_t)
dev_read_rand(hplip_t)
dev_rw_generic_usb_dev(hplip_t)
@@ -4930,7 +4938,7 @@
fs_getattr_all_fs(hplip_t)
fs_search_auto_mountpoints(hplip_t)
-@@ -587,8 +622,6 @@
+@@ -587,8 +623,6 @@
userdom_dontaudit_search_sysadm_home_dirs(hplip_t)
userdom_dontaudit_search_all_users_home_content(hplip_t)
- Previous message (by thread): rpms/emacs/devel emacs.spec, 1.98, 1.99 python-mode-init.el, 1.1, NONE python-mode.el, 1.3, NONE
- Next message (by thread): rpms/libX11/F-7 libX11-1.1.2-GetMotionEvents.patch, NONE, 1.1 libX11.spec, 1.35, 1.36
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
More information about the fedora-extras-commits
mailing list