rpms/selinux-policy/F-8 policy-20070703.patch, 1.202, 1.203 selinux-policy.spec, 1.627, 1.628

Daniel J Walsh (dwalsh) fedora-extras-commits at redhat.com
Thu Apr 17 18:06:37 UTC 2008 

Author: dwalsh

Update of /cvs/extras/rpms/selinux-policy/F-8
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv21475

Modified Files:
	policy-20070703.patch selinux-policy.spec 
Log Message:
* Thu Apr 17 2008 Dan Walsh <dwalsh at redhat.com> 3.0.8-101
- Allow nfs to look at all filesystem directories


policy-20070703.patch:

Index: policy-20070703.patch
===================================================================
RCS file: /cvs/extras/rpms/selinux-policy/F-8/policy-20070703.patch,v
retrieving revision 1.202
retrieving revision 1.203
diff -u -r1.202 -r1.203
--- policy-20070703.patch	17 Apr 2008 15:27:53 -0000	1.202
+++ policy-20070703.patch	17 Apr 2008 18:06:25 -0000	1.203
@@ -15080,7 +15080,7 @@
  ## <param name="domain">
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/rpc.te serefpolicy-3.0.8/policy/modules/services/rpc.te
 --- nsaserefpolicy/policy/modules/services/rpc.te	2007-10-22 13:21:39.000000000 -0400
-+++ serefpolicy-3.0.8/policy/modules/services/rpc.te	2008-04-04 16:11:03.000000000 -0400
++++ serefpolicy-3.0.8/policy/modules/services/rpc.te	2008-04-17 13:41:16.000000000 -0400
 @@ -59,10 +59,14 @@
  manage_files_pattern(rpcd_t,rpcd_var_run_t,rpcd_var_run_t)
  files_pid_filetrans(rpcd_t,rpcd_var_run_t,file)
@@ -15136,7 +15136,15 @@
  
  corenet_tcp_bind_all_rpc_ports(nfsd_t)
  corenet_udp_bind_all_rpc_ports(nfsd_t)
-@@ -123,6 +143,7 @@
+@@ -102,6 +122,7 @@
+ fs_search_nfsd_fs(nfsd_t) 
+ fs_getattr_all_fs(nfsd_t) 
+ fs_rw_nfsd_fs(nfsd_t) 
++fs_search_all(nfsd_t) 
+ 
+ term_use_controlling_term(nfsd_t) 
+ 
+@@ -123,6 +144,7 @@
  tunable_policy(`nfs_export_all_rw',`
  	fs_read_noxattr_fs_files(nfsd_t) 
  	auth_manage_all_files_except_shadow(nfsd_t)
@@ -15144,7 +15152,7 @@
  ')
  
  tunable_policy(`nfs_export_all_ro',`
-@@ -143,6 +164,9 @@
+@@ -143,6 +165,9 @@
  manage_files_pattern(gssd_t,gssd_tmp_t,gssd_tmp_t)
  files_tmp_filetrans(gssd_t, gssd_tmp_t, { file dir })
  
@@ -15154,7 +15162,7 @@
  kernel_read_network_state(gssd_t)
  kernel_read_network_state_symlinks(gssd_t)	
  kernel_search_network_sysctl(gssd_t)	
-@@ -158,6 +182,9 @@
+@@ -158,6 +183,9 @@
  
  miscfiles_read_certs(gssd_t)
  


Index: selinux-policy.spec
===================================================================
RCS file: /cvs/extras/rpms/selinux-policy/F-8/selinux-policy.spec,v
retrieving revision 1.627
retrieving revision 1.628
diff -u -r1.627 -r1.628
--- selinux-policy.spec	15 Apr 2008 20:26:28 -0000	1.627
+++ selinux-policy.spec	17 Apr 2008 18:06:25 -0000	1.628
@@ -17,7 +17,7 @@
 Summary: SELinux policy configuration
 Name: selinux-policy
 Version: 3.0.8
-Release: 100%{?dist}
+Release: 101%{?dist}
 License: GPLv2+
 Group: System Environment/Base
 Source: serefpolicy-%{version}.tgz
@@ -381,6 +381,9 @@
 %endif
 
 %changelog
+* Thu Apr 17 2008 Dan Walsh <dwalsh at redhat.com> 3.0.8-101
+- Allow nfs to look at all filesystem directories
+
 * Tue Apr 15 2008 Dan Walsh <dwalsh at redhat.com> 3.0.8-100
 - Dontaudit validating context when using kerberos libraries
 - Allow postfix_virtual write access to postfix_private sockets

More information about the fedora-extras-commits mailing list