rpms/selinux-policy/F-8 policy-20070703.patch, 1.202, 1.203 selinux-policy.spec, 1.627, 1.628
Daniel J Walsh (dwalsh)
fedora-extras-commits at redhat.com
Thu Apr 17 18:06:37 UTC 2008
Author: dwalsh
Update of /cvs/extras/rpms/selinux-policy/F-8
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv21475
Modified Files:
policy-20070703.patch selinux-policy.spec
Log Message:
* Thu Apr 17 2008 Dan Walsh <dwalsh at redhat.com> 3.0.8-101
- Allow nfs to look at all filesystem directories
policy-20070703.patch:
Index: policy-20070703.patch
===================================================================
RCS file: /cvs/extras/rpms/selinux-policy/F-8/policy-20070703.patch,v
retrieving revision 1.202
retrieving revision 1.203
diff -u -r1.202 -r1.203
--- policy-20070703.patch 17 Apr 2008 15:27:53 -0000 1.202
+++ policy-20070703.patch 17 Apr 2008 18:06:25 -0000 1.203
@@ -15080,7 +15080,7 @@
## <param name="domain">
diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/rpc.te serefpolicy-3.0.8/policy/modules/services/rpc.te
--- nsaserefpolicy/policy/modules/services/rpc.te 2007-10-22 13:21:39.000000000 -0400
-+++ serefpolicy-3.0.8/policy/modules/services/rpc.te 2008-04-04 16:11:03.000000000 -0400
++++ serefpolicy-3.0.8/policy/modules/services/rpc.te 2008-04-17 13:41:16.000000000 -0400
@@ -59,10 +59,14 @@
manage_files_pattern(rpcd_t,rpcd_var_run_t,rpcd_var_run_t)
files_pid_filetrans(rpcd_t,rpcd_var_run_t,file)
@@ -15136,7 +15136,15 @@
corenet_tcp_bind_all_rpc_ports(nfsd_t)
corenet_udp_bind_all_rpc_ports(nfsd_t)
-@@ -123,6 +143,7 @@
+@@ -102,6 +122,7 @@
+ fs_search_nfsd_fs(nfsd_t)
+ fs_getattr_all_fs(nfsd_t)
+ fs_rw_nfsd_fs(nfsd_t)
++fs_search_all(nfsd_t)
+
+ term_use_controlling_term(nfsd_t)
+
+@@ -123,6 +144,7 @@
tunable_policy(`nfs_export_all_rw',`
fs_read_noxattr_fs_files(nfsd_t)
auth_manage_all_files_except_shadow(nfsd_t)
@@ -15144,7 +15152,7 @@
')
tunable_policy(`nfs_export_all_ro',`
-@@ -143,6 +164,9 @@
+@@ -143,6 +165,9 @@
manage_files_pattern(gssd_t,gssd_tmp_t,gssd_tmp_t)
files_tmp_filetrans(gssd_t, gssd_tmp_t, { file dir })
@@ -15154,7 +15162,7 @@
kernel_read_network_state(gssd_t)
kernel_read_network_state_symlinks(gssd_t)
kernel_search_network_sysctl(gssd_t)
-@@ -158,6 +182,9 @@
+@@ -158,6 +183,9 @@
miscfiles_read_certs(gssd_t)
Index: selinux-policy.spec
===================================================================
RCS file: /cvs/extras/rpms/selinux-policy/F-8/selinux-policy.spec,v
retrieving revision 1.627
retrieving revision 1.628
diff -u -r1.627 -r1.628
--- selinux-policy.spec 15 Apr 2008 20:26:28 -0000 1.627
+++ selinux-policy.spec 17 Apr 2008 18:06:25 -0000 1.628
@@ -17,7 +17,7 @@
Summary: SELinux policy configuration
Name: selinux-policy
Version: 3.0.8
-Release: 100%{?dist}
+Release: 101%{?dist}
License: GPLv2+
Group: System Environment/Base
Source: serefpolicy-%{version}.tgz
@@ -381,6 +381,9 @@
%endif
%changelog
+* Thu Apr 17 2008 Dan Walsh <dwalsh at redhat.com> 3.0.8-101
+- Allow nfs to look at all filesystem directories
+
* Tue Apr 15 2008 Dan Walsh <dwalsh at redhat.com> 3.0.8-100
- Dontaudit validating context when using kerberos libraries
- Allow postfix_virtual write access to postfix_private sockets
More information about the fedora-extras-commits
mailing list