rpms/selinux-policy/F-8 policy-20070703.patch,1.220,1.221
Daniel J Walsh (dwalsh)
fedora-extras-commits at redhat.com
Tue Aug 5 14:05:51 UTC 2008
- Previous message (by thread): rpms/libselinux/devel .cvsignore, 1.174, 1.175 libselinux-rhat.patch, 1.160, 1.161 libselinux.spec, 1.337, 1.338 sources, 1.176, 1.177
- Next message (by thread): rpms/guidance-power-manager/devel guidance-power-manager.spec, 1.4, 1.5
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
Author: dwalsh
Update of /cvs/extras/rpms/selinux-policy/F-8
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv32273
Modified Files:
policy-20070703.patch
Log Message:
* Tue Aug 5 2008 Dan Walsh <dwalsh at redhat.com> 3.0.8-113
- dontaudit semanage config_tty
- Allow samba to share fusefs
policy-20070703.patch:
Index: policy-20070703.patch
===================================================================
RCS file: /cvs/extras/rpms/selinux-policy/F-8/policy-20070703.patch,v
retrieving revision 1.220
retrieving revision 1.221
diff -u -r1.220 -r1.221
--- policy-20070703.patch 5 Aug 2008 13:11:58 -0000 1.220
+++ policy-20070703.patch 5 Aug 2008 14:05:20 -0000 1.221
@@ -5941,7 +5941,7 @@
#
diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/kernel/filesystem.if serefpolicy-3.0.8/policy/modules/kernel/filesystem.if
--- nsaserefpolicy/policy/modules/kernel/filesystem.if 2008-06-12 23:37:56.000000000 -0400
-+++ serefpolicy-3.0.8/policy/modules/kernel/filesystem.if 2008-06-22 06:45:05.000000000 -0400
++++ serefpolicy-3.0.8/policy/modules/kernel/filesystem.if 2008-08-05 09:21:37.000000000 -0400
@@ -271,45 +271,6 @@
########################################
@@ -6023,7 +6023,7 @@
## </summary>
## <param name="domain">
## <summary>
-@@ -1249,6 +1229,106 @@
+@@ -1249,6 +1229,126 @@
########################################
## <summary>
@@ -6127,10 +6127,30 @@
+
+########################################
+## <summary>
++## Search directories
++## on a FUSEFS filesystem.
++## </summary>
++## <param name="domain">
++## <summary>
++## Domain allowed access.
++## </summary>
++## </param>
++## <rolecap/>
++#
++interface(`fs_search_fusefs_dirs',`
++ gen_require(`
++ type fusefs_t;
++ ')
++
++ allow $1 fusefs_t:dir search_dir_perms;
++')
++
++########################################
++## <summary>
## Search inotifyfs filesystem.
## </summary>
## <param name="domain">
-@@ -1625,7 +1705,7 @@
+@@ -1625,7 +1725,7 @@
type nfs_t;
')
@@ -6139,7 +6159,7 @@
')
########################################
-@@ -2139,6 +2219,7 @@
+@@ -2139,6 +2239,7 @@
rw_files_pattern($1,nfsd_fs_t,nfsd_fs_t)
')
@@ -6147,7 +6167,7 @@
########################################
## <summary>
## Mount a RAM filesystem.
-@@ -2214,6 +2295,24 @@
+@@ -2214,6 +2315,24 @@
########################################
## <summary>
@@ -6172,7 +6192,7 @@
## Search directories on a ramfs
## </summary>
## <param name="domain">
-@@ -2276,7 +2375,7 @@
+@@ -2276,7 +2395,7 @@
## Domain allowed access.
## </summary>
## </param>
@@ -6181,7 +6201,7 @@
interface(`fs_dontaudit_read_ramfs_files',`
gen_require(`
type ramfs_t;
-@@ -2885,6 +2984,7 @@
+@@ -2885,6 +3004,7 @@
type tmpfs_t;
')
@@ -6189,7 +6209,7 @@
dontaudit $1 tmpfs_t:file rw_file_perms;
')
-@@ -3206,6 +3306,7 @@
+@@ -3206,6 +3326,7 @@
')
allow $1 filesystem_type:filesystem getattr;
@@ -6197,7 +6217,7 @@
')
########################################
-@@ -3322,6 +3423,24 @@
+@@ -3322,6 +3443,24 @@
########################################
## <summary>
@@ -6222,7 +6242,7 @@
## List all directories with a filesystem type.
## </summary>
## <param name="domain">
-@@ -3533,3 +3652,62 @@
+@@ -3533,3 +3672,62 @@
relabelfrom_blk_files_pattern($1,noxattrfs,noxattrfs)
relabelfrom_chr_files_pattern($1,noxattrfs,noxattrfs)
')
- Previous message (by thread): rpms/libselinux/devel .cvsignore, 1.174, 1.175 libselinux-rhat.patch, 1.160, 1.161 libselinux.spec, 1.337, 1.338 sources, 1.176, 1.177
- Next message (by thread): rpms/guidance-power-manager/devel guidance-power-manager.spec, 1.4, 1.5
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
More information about the fedora-extras-commits
mailing list