rpms/selinux-policy/F-10 policy-20080710.patch, 1.105, 1.106 selinux-policy.spec, 1.755, 1.756
Daniel J Walsh
dwalsh at fedoraproject.org
Tue Dec 2 20:48:22 UTC 2008
- Previous message (by thread): rpms/fatsort/F-10 .cvsignore, 1.8, 1.9 fatsort.spec, 1.19, 1.20 sources, 1.8, 1.9 fatsort-0.9.8.2-CFLAGS.patch, 1.1, NONE fatsort-0.9.8.3-install.patch, 1.1, NONE
- Next message (by thread): rpms/fatsort/F-9 .cvsignore, 1.4, 1.5 fatsort.spec, 1.14, 1.15 sources, 1.6, 1.7 fatsort-0.9.8.2-CFLAGS.patch, 1.1, NONE fatsort-0.9.8.3-install.patch, 1.1, NONE
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
Author: dwalsh
Update of /cvs/extras/rpms/selinux-policy/F-10
In directory cvs1.fedora.phx.redhat.com:/tmp/cvs-serv9539
Modified Files:
policy-20080710.patch selinux-policy.spec
Log Message:
* Tue Dec 2 2008 Dan Walsh <dwalsh at redhat.com> 3.5.13-28
- Allow kismet to kill itself
policy-20080710.patch:
Index: policy-20080710.patch
===================================================================
RCS file: /cvs/extras/rpms/selinux-policy/F-10/policy-20080710.patch,v
retrieving revision 1.105
retrieving revision 1.106
diff -u -r1.105 -r1.106
--- policy-20080710.patch 1 Dec 2008 22:28:27 -0000 1.105
+++ policy-20080710.patch 2 Dec 2008 20:47:51 -0000 1.106
@@ -515,11 +515,13 @@
init_use_fds(consoletype_t)
diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/admin/kismet.te serefpolicy-3.5.13/policy/modules/admin/kismet.te
--- nsaserefpolicy/policy/modules/admin/kismet.te 2008-10-17 08:49:14.000000000 -0400
-+++ serefpolicy-3.5.13/policy/modules/admin/kismet.te 2008-11-24 10:49:49.000000000 -0500
-@@ -26,10 +26,12 @@
++++ serefpolicy-3.5.13/policy/modules/admin/kismet.te 2008-12-02 11:02:32.000000000 -0500
+@@ -25,11 +25,13 @@
+ # kismet local policy
#
- allow kismet_t self:capability { net_admin net_raw setuid setgid };
+-allow kismet_t self:capability { net_admin net_raw setuid setgid };
++allow kismet_t self:capability { kill net_admin net_raw setuid setgid };
+allow kismet_t self:process signal;
allow kismet_t self:fifo_file rw_file_perms;
allow kismet_t self:packet_socket create_socket_perms;
@@ -2195,8 +2197,8 @@
')
diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/apps/gnome.te serefpolicy-3.5.13/policy/modules/apps/gnome.te
--- nsaserefpolicy/policy/modules/apps/gnome.te 2008-10-17 08:49:14.000000000 -0400
-+++ serefpolicy-3.5.13/policy/modules/apps/gnome.te 2008-11-24 10:49:49.000000000 -0500
-@@ -8,8 +8,34 @@
++++ serefpolicy-3.5.13/policy/modules/apps/gnome.te 2008-12-02 15:46:33.000000000 -0500
+@@ -8,8 +8,33 @@
attribute gnomedomain;
@@ -2220,7 +2222,6 @@
+typealias gconf_home_t alias unconfined_gconf_home_t;
+typealias gconf_tmp_t alias unconfined_gconf_tmp_t;
+
-+
+##############################
+#
+# Declarations
@@ -14091,7 +14092,7 @@
+')
diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/cups.te serefpolicy-3.5.13/policy/modules/services/cups.te
--- nsaserefpolicy/policy/modules/services/cups.te 2008-10-17 08:49:13.000000000 -0400
-+++ serefpolicy-3.5.13/policy/modules/services/cups.te 2008-11-24 10:49:49.000000000 -0500
++++ serefpolicy-3.5.13/policy/modules/services/cups.te 2008-12-02 10:19:35.000000000 -0500
@@ -20,6 +20,12 @@
type cupsd_etc_t;
files_config_file(cupsd_etc_t)
@@ -14423,7 +14424,16 @@
fs_getattr_all_fs(hplip_t)
fs_search_auto_mountpoints(hplip_t)
-@@ -564,12 +626,14 @@
+@@ -552,6 +614,8 @@
+ files_read_etc_runtime_files(hplip_t)
+ files_read_usr_files(hplip_t)
+
++fs_read_anon_inodefs_files(hplip_t)
++
+ libs_use_ld_so(hplip_t)
+ libs_use_shared_libs(hplip_t)
+
+@@ -564,12 +628,14 @@
userdom_dontaudit_use_unpriv_user_fds(hplip_t)
userdom_dontaudit_search_all_users_home_content(hplip_t)
@@ -14439,7 +14449,7 @@
')
optional_policy(`
-@@ -651,3 +715,44 @@
+@@ -651,3 +717,44 @@
optional_policy(`
udev_read_db(ptal_t)
')
@@ -17366,7 +17376,7 @@
+
diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/munin.te serefpolicy-3.5.13/policy/modules/services/munin.te
--- nsaserefpolicy/policy/modules/services/munin.te 2008-10-17 08:49:11.000000000 -0400
-+++ serefpolicy-3.5.13/policy/modules/services/munin.te 2008-11-24 10:49:49.000000000 -0500
++++ serefpolicy-3.5.13/policy/modules/services/munin.te 2008-12-02 15:11:02.000000000 -0500
@@ -13,6 +13,9 @@
type munin_etc_t alias lrrd_etc_t;
files_config_file(munin_etc_t)
@@ -17461,7 +17471,7 @@
sysadm_dontaudit_search_home_dirs(munin_t)
optional_policy(`
-@@ -109,7 +127,21 @@
+@@ -109,7 +127,30 @@
')
optional_policy(`
@@ -17472,6 +17482,7 @@
+optional_policy(`
+ mta_read_config(munin_t)
+ mta_send_mail(munin_t)
++ mta_read_queue(munin_t)
+')
+
+optional_policy(`
@@ -17480,11 +17491,19 @@
+')
+
+optional_policy(`
++ postfix_list_spool(munin_t)
++')
++
++optional_policy(`
++ rpc_search_nfs_state_data(munin_t)
++')
++
++optional_policy(`
+ sendmail_read_log(munin_t)
')
optional_policy(`
-@@ -119,3 +151,9 @@
+@@ -119,3 +160,9 @@
optional_policy(`
udev_read_db(munin_t)
')
@@ -17889,7 +17908,7 @@
## <param name="domain">
diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/networkmanager.te serefpolicy-3.5.13/policy/modules/services/networkmanager.te
--- nsaserefpolicy/policy/modules/services/networkmanager.te 2008-10-17 08:49:13.000000000 -0400
-+++ serefpolicy-3.5.13/policy/modules/services/networkmanager.te 2008-11-27 17:38:06.000000000 -0500
++++ serefpolicy-3.5.13/policy/modules/services/networkmanager.te 2008-12-02 11:37:43.000000000 -0500
@@ -33,9 +33,9 @@
# networkmanager will ptrace itself if gdb is installed
@@ -17956,7 +17975,7 @@
libs_use_ld_so(NetworkManager_t)
libs_use_shared_libs(NetworkManager_t)
-@@ -119,27 +131,41 @@
+@@ -119,27 +131,42 @@
seutil_read_config(NetworkManager_t)
@@ -17979,6 +17998,7 @@
+sysnet_read_dhcpc_state(NetworkManager_t)
+sysnet_signal_dhcpc(NetworkManager_t)
++userdom_dgram_send(NetworkManager_t)
userdom_dontaudit_use_unpriv_user_fds(NetworkManager_t)
userdom_dontaudit_use_unpriv_users_ttys(NetworkManager_t)
# Read gnome-keyring
@@ -18005,7 +18025,7 @@
')
optional_policy(`
-@@ -151,8 +177,25 @@
+@@ -151,8 +178,25 @@
')
optional_policy(`
@@ -18033,7 +18053,7 @@
')
optional_policy(`
-@@ -160,23 +203,48 @@
+@@ -160,23 +204,48 @@
')
optional_policy(`
@@ -18084,7 +18104,7 @@
')
optional_policy(`
-@@ -194,7 +262,9 @@
+@@ -194,7 +263,9 @@
optional_policy(`
vpn_domtrans(NetworkManager_t)
@@ -26648,7 +26668,7 @@
/var/lib/pam_devperm/:0 -- gen_context(system_u:object_r:xdm_var_lib_t,s0)
diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/xserver.if serefpolicy-3.5.13/policy/modules/services/xserver.if
--- nsaserefpolicy/policy/modules/services/xserver.if 2008-10-17 08:49:13.000000000 -0400
-+++ serefpolicy-3.5.13/policy/modules/services/xserver.if 2008-11-24 10:49:49.000000000 -0500
++++ serefpolicy-3.5.13/policy/modules/services/xserver.if 2008-12-02 15:46:34.000000000 -0500
@@ -16,6 +16,7 @@
gen_require(`
type xkb_var_lib_t, xserver_exec_t, xserver_log_t;
@@ -27930,7 +27950,7 @@
')
diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/xserver.te serefpolicy-3.5.13/policy/modules/services/xserver.te
--- nsaserefpolicy/policy/modules/services/xserver.te 2008-10-17 08:49:13.000000000 -0400
-+++ serefpolicy-3.5.13/policy/modules/services/xserver.te 2008-11-27 06:38:45.000000000 -0500
++++ serefpolicy-3.5.13/policy/modules/services/xserver.te 2008-12-02 15:46:42.000000000 -0500
@@ -8,6 +8,14 @@
## <desc>
@@ -28003,7 +28023,7 @@
# type for /var/lib/xkb
type xkb_var_lib_t;
files_type(xkb_var_lib_t)
-@@ -122,6 +150,31 @@
+@@ -122,6 +150,37 @@
type xserver_log_t;
logging_log_file(xserver_log_t)
@@ -28032,10 +28052,16 @@
+type xauth_tmp_t;
+files_tmp_file(xauth_tmp_t)
+
++typealias fonts_home_t alias unconfined_fonts_t;
++typealias fonts_cache_home_t alias unconfined_fonts_cache_t;
++typealias fonts_config_home_t alias unconfined_fonts_config_t;
++typealias iceauth_home_t alias uncofined_iceauth_home_t;
++typealias xauth_home_t alias unconfiend_xauth_rw_t;
++
xserver_common_domain_template(xdm)
xserver_common_x_domain_template(xdm, xdm, xdm_t)
init_system_domain(xdm_xserver_t, xserver_exec_t)
-@@ -140,13 +193,14 @@
+@@ -140,13 +199,14 @@
# XDM Local policy
#
@@ -28053,7 +28079,7 @@
allow xdm_t self:tcp_socket create_stream_socket_perms;
allow xdm_t self:udp_socket create_socket_perms;
allow xdm_t self:socket create_socket_perms;
-@@ -154,6 +208,12 @@
+@@ -154,6 +214,12 @@
allow xdm_t self:key { search link write };
allow xdm_t xconsole_device_t:fifo_file { getattr setattr };
@@ -28066,7 +28092,7 @@
# Allow gdm to run gdm-binary
can_exec(xdm_t, xdm_exec_t)
-@@ -169,6 +229,8 @@
+@@ -169,6 +235,8 @@
manage_files_pattern(xdm_t, xdm_tmp_t, xdm_tmp_t)
manage_sock_files_pattern(xdm_t, xdm_tmp_t, xdm_tmp_t)
files_tmp_filetrans(xdm_t, xdm_tmp_t, { file dir sock_file })
@@ -28075,7 +28101,7 @@
manage_dirs_pattern(xdm_t, xdm_tmpfs_t, xdm_tmpfs_t)
manage_files_pattern(xdm_t, xdm_tmpfs_t, xdm_tmpfs_t)
-@@ -176,15 +238,32 @@
+@@ -176,15 +244,32 @@
manage_fifo_files_pattern(xdm_t, xdm_tmpfs_t, xdm_tmpfs_t)
manage_sock_files_pattern(xdm_t, xdm_tmpfs_t, xdm_tmpfs_t)
fs_tmpfs_filetrans(xdm_t, xdm_tmpfs_t,{ dir file lnk_file sock_file fifo_file })
@@ -28110,7 +28136,7 @@
allow xdm_t xdm_xserver_t:process signal;
allow xdm_t xdm_xserver_t:unix_stream_socket connectto;
-@@ -198,6 +277,7 @@
+@@ -198,6 +283,7 @@
allow xdm_t xdm_xserver_t:process { noatsecure siginh rlimitinh signal sigkill };
allow xdm_t xdm_xserver_t:shm rw_shm_perms;
@@ -28118,7 +28144,7 @@
# connect to xdm xserver over stream socket
stream_connect_pattern(xdm_t, xdm_xserver_tmp_t, xdm_xserver_tmp_t, xdm_xserver_t)
-@@ -229,11 +309,13 @@
+@@ -229,11 +315,13 @@
corenet_udp_sendrecv_all_ports(xdm_t)
corenet_tcp_bind_all_nodes(xdm_t)
corenet_udp_bind_all_nodes(xdm_t)
@@ -28132,7 +28158,7 @@
dev_read_rand(xdm_t)
dev_read_sysfs(xdm_t)
dev_getattr_framebuffer_dev(xdm_t)
-@@ -241,6 +323,7 @@
+@@ -241,6 +329,7 @@
dev_getattr_mouse_dev(xdm_t)
dev_setattr_mouse_dev(xdm_t)
dev_rw_apm_bios(xdm_t)
@@ -28140,7 +28166,7 @@
dev_setattr_apm_bios_dev(xdm_t)
dev_rw_dri(xdm_t)
dev_rw_agp(xdm_t)
-@@ -253,14 +336,17 @@
+@@ -253,14 +342,17 @@
dev_setattr_video_dev(xdm_t)
dev_getattr_scanner_dev(xdm_t)
dev_setattr_scanner_dev(xdm_t)
@@ -28160,7 +28186,7 @@
files_read_etc_files(xdm_t)
files_read_var_files(xdm_t)
-@@ -271,9 +357,13 @@
+@@ -271,9 +363,13 @@
files_read_usr_files(xdm_t)
# Poweroff wants to create the /poweroff file when run from xdm
files_create_boot_flag(xdm_t)
@@ -28174,7 +28200,7 @@
storage_dontaudit_read_fixed_disk(xdm_t)
storage_dontaudit_write_fixed_disk(xdm_t)
-@@ -282,6 +372,7 @@
+@@ -282,6 +378,7 @@
storage_dontaudit_raw_write_removable_device(xdm_t)
storage_dontaudit_setattr_removable_dev(xdm_t)
storage_dontaudit_rw_scsi_generic(xdm_t)
@@ -28182,7 +28208,7 @@
term_setattr_console(xdm_t)
term_use_unallocated_ttys(xdm_t)
-@@ -290,6 +381,7 @@
+@@ -290,6 +387,7 @@
auth_domtrans_pam_console(xdm_t)
auth_manage_pam_pid(xdm_t)
auth_manage_pam_console_data(xdm_t)
@@ -28190,7 +28216,7 @@
auth_rw_faillog(xdm_t)
auth_write_login_records(xdm_t)
-@@ -301,21 +393,26 @@
+@@ -301,21 +399,26 @@
libs_exec_lib_files(xdm_t)
logging_read_generic_logs(xdm_t)
@@ -28222,7 +28248,7 @@
xserver_rw_session_template(xdm, xdm_t, xdm_tmpfs_t)
xserver_unconfined(xdm_t)
-@@ -348,10 +445,12 @@
+@@ -348,10 +451,12 @@
optional_policy(`
alsa_domtrans(xdm_t)
@@ -28235,7 +28261,7 @@
')
optional_policy(`
-@@ -359,6 +458,22 @@
+@@ -359,6 +464,22 @@
')
optional_policy(`
@@ -28258,7 +28284,7 @@
# Talk to the console mouse server.
gpm_stream_connect(xdm_t)
gpm_setattr_gpmctl(xdm_t)
-@@ -382,16 +497,34 @@
+@@ -382,16 +503,34 @@
')
optional_policy(`
@@ -28294,7 +28320,7 @@
ifndef(`distro_redhat',`
allow xdm_t self:process { execheap execmem };
-@@ -411,6 +544,10 @@
+@@ -411,6 +550,10 @@
')
optional_policy(`
@@ -28305,7 +28331,7 @@
xfs_stream_connect(xdm_t)
')
-@@ -427,7 +564,7 @@
+@@ -427,7 +570,7 @@
allow xdm_xserver_t xdm_var_lib_t:file { getattr read };
dontaudit xdm_xserver_t xdm_var_lib_t:dir search;
@@ -28314,7 +28340,7 @@
# Label pid and temporary files with derived types.
manage_files_pattern(xdm_xserver_t, xdm_tmp_t, xdm_tmp_t)
-@@ -439,6 +576,15 @@
+@@ -439,6 +582,15 @@
can_exec(xdm_xserver_t, xkb_var_lib_t)
files_search_var_lib(xdm_xserver_t)
@@ -28330,7 +28356,7 @@
# VNC v4 module in X server
corenet_tcp_bind_vnc_port(xdm_xserver_t)
-@@ -450,10 +596,19 @@
+@@ -450,10 +602,19 @@
# xdm_xserver_t may no longer have any reason
# to read ROLE_home_t - examine this in more detail
# (xauth?)
@@ -28351,7 +28377,7 @@
tunable_policy(`use_nfs_home_dirs',`
fs_manage_nfs_dirs(xdm_xserver_t)
fs_manage_nfs_files(xdm_xserver_t)
-@@ -468,8 +623,19 @@
+@@ -468,8 +629,19 @@
optional_policy(`
dbus_system_bus_client_template(xdm_xserver, xdm_xserver_t)
@@ -28371,7 +28397,7 @@
optional_policy(`
resmgr_stream_connect(xdm_t)
-@@ -481,8 +647,25 @@
+@@ -481,8 +653,25 @@
')
optional_policy(`
@@ -28399,7 +28425,7 @@
ifndef(`distro_redhat',`
allow xdm_xserver_t self:process { execheap execmem };
-@@ -491,7 +674,6 @@
+@@ -491,7 +680,6 @@
ifdef(`distro_rhel4',`
allow xdm_xserver_t self:process { execheap execmem };
')
@@ -28407,7 +28433,7 @@
########################################
#
-@@ -512,6 +694,27 @@
+@@ -512,6 +700,27 @@
allow xserver_unconfined_type { x_domain x_server_domain }:x_resource *;
allow xserver_unconfined_type xevent_type:{ x_event x_synthetic_event } *;
@@ -28435,7 +28461,7 @@
ifdef(`TODO',`
# Need to further investigate these permissions and
# perhaps define derived types.
-@@ -544,3 +747,73 @@
+@@ -544,3 +753,73 @@
#
allow pam_t xdm_t:fifo_file { getattr ioctl write };
') dnl end TODO
@@ -32519,8 +32545,8 @@
+
diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/unconfined.te serefpolicy-3.5.13/policy/modules/system/unconfined.te
--- nsaserefpolicy/policy/modules/system/unconfined.te 2008-10-17 08:49:13.000000000 -0400
-+++ serefpolicy-3.5.13/policy/modules/system/unconfined.te 2008-11-24 10:49:49.000000000 -0500
-@@ -6,35 +6,76 @@
++++ serefpolicy-3.5.13/policy/modules/system/unconfined.te 2008-12-02 14:32:28.000000000 -0500
+@@ -6,35 +6,77 @@
# Declarations
#
@@ -32555,6 +32581,7 @@
+userdom_restricted_user_template(unconfined)
+#userdom_common_user_template(unconfined)
+#userdom_xwindows_client_template(unconfined)
++userdom_execmod_user_home_files(unconfined_t)
type unconfined_exec_t;
init_system_domain(unconfined_t, unconfined_exec_t)
@@ -32604,7 +32631,7 @@
libs_run_ldconfig(unconfined_t, unconfined_r, { unconfined_devpts_t unconfined_tty_device_t })
-@@ -42,28 +83,39 @@
+@@ -42,28 +84,39 @@
logging_run_auditctl(unconfined_t, unconfined_r, { unconfined_devpts_t unconfined_tty_device_t })
mount_run_unconfined(unconfined_t, unconfined_r, { unconfined_devpts_t unconfined_tty_device_t })
@@ -32648,7 +32675,7 @@
')
optional_policy(`
-@@ -75,12 +127,6 @@
+@@ -75,12 +128,6 @@
')
optional_policy(`
@@ -32661,7 +32688,7 @@
init_dbus_chat_script(unconfined_t)
dbus_stub(unconfined_t)
-@@ -106,12 +152,24 @@
+@@ -106,12 +153,24 @@
')
optional_policy(`
@@ -32686,7 +32713,7 @@
')
optional_policy(`
-@@ -123,31 +181,33 @@
+@@ -123,31 +182,33 @@
')
optional_policy(`
@@ -32727,7 +32754,7 @@
')
optional_policy(`
-@@ -159,43 +219,49 @@
+@@ -159,43 +220,49 @@
')
optional_policy(`
@@ -32793,7 +32820,7 @@
')
optional_policy(`
-@@ -203,7 +269,7 @@
+@@ -203,7 +270,7 @@
')
optional_policy(`
@@ -32802,7 +32829,7 @@
')
optional_policy(`
-@@ -215,11 +281,12 @@
+@@ -215,11 +282,12 @@
')
optional_policy(`
@@ -32817,7 +32844,7 @@
')
########################################
-@@ -229,14 +296,61 @@
+@@ -229,14 +297,61 @@
allow unconfined_execmem_t self:process { execstack execmem };
unconfined_domain_noaudit(unconfined_execmem_t)
@@ -32896,7 +32923,7 @@
+/root(/.*)? gen_context(system_u:object_r:admin_home_t,s0)
diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/userdomain.if serefpolicy-3.5.13/policy/modules/system/userdomain.if
--- nsaserefpolicy/policy/modules/system/userdomain.if 2008-10-17 08:49:13.000000000 -0400
-+++ serefpolicy-3.5.13/policy/modules/system/userdomain.if 2008-11-25 10:39:06.000000000 -0500
++++ serefpolicy-3.5.13/policy/modules/system/userdomain.if 2008-12-02 14:58:41.000000000 -0500
@@ -28,10 +28,14 @@
class context contains;
')
@@ -35078,7 +35105,7 @@
## Send a dbus message to all user domains.
## </summary>
## <param name="domain">
-@@ -5513,3 +5667,546 @@
+@@ -5513,3 +5667,584 @@
interface(`userdom_unconfined',`
refpolicywarn(`$0($*) has been deprecated.')
')
@@ -35625,6 +35652,44 @@
+ manage_fifo_files_pattern($1, user_tmpfs_t, user_tmpfs_t)
+ fs_tmpfs_filetrans($1, user_tmpfs_t, { dir file lnk_file sock_file fifo_file })
+')
++
++########################################
++## <summary>
++## Send a message to unpriv users over a unix domain
++## datagram socket.
++## </summary>
++## <param name="domain">
++## <summary>
++## Domain allowed access.
++## </summary>
++## </param>
++#
++interface(`userdom_dgram_send',`
++ gen_require(`
++ attribute unpriv_userdomain;
++ ')
++
++ allow $1 unpriv_userdomain:unix_dgram_socket sendto;
++')
++
++#######################################
++## <summary>
++## Allow execmod on files in homedirectory
++## </summary>
++## <param name="domain">
++## <summary>
++## Domain allowed access.
++## </summary>
++## </param>
++## <rolebase/>
++#
++interface(`userdom_execmod_user_home_files',`
++ gen_require(`
++ type user_home_t;
++ ')
++
++ allow $1 user_home_t:file execmod;
++')
diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/userdomain.te serefpolicy-3.5.13/policy/modules/system/userdomain.te
--- nsaserefpolicy/policy/modules/system/userdomain.te 2008-10-17 08:49:13.000000000 -0400
+++ serefpolicy-3.5.13/policy/modules/system/userdomain.te 2008-11-24 10:49:49.000000000 -0500
Index: selinux-policy.spec
===================================================================
RCS file: /cvs/extras/rpms/selinux-policy/F-10/selinux-policy.spec,v
retrieving revision 1.755
retrieving revision 1.756
diff -u -r1.755 -r1.756
--- selinux-policy.spec 1 Dec 2008 22:28:28 -0000 1.755
+++ selinux-policy.spec 2 Dec 2008 20:47:51 -0000 1.756
@@ -20,7 +20,7 @@
Summary: SELinux policy configuration
Name: selinux-policy
Version: 3.5.13
-Release: 27%{?dist}
+Release: 28%{?dist}
License: GPLv2+
Group: System Environment/Base
Source: serefpolicy-%{version}.tgz
@@ -457,6 +457,9 @@
%endif
%changelog
+* Tue Dec 2 2008 Dan Walsh <dwalsh at redhat.com> 3.5.13-28
+- Allow kismet to kill itself
+
* Thu Nov 27 2008 Dan Walsh <dwalsh at redhat.com> 3.5.13-27
- Allow iptables dac permissions
- Allow awstates to use inotify
- Previous message (by thread): rpms/fatsort/F-10 .cvsignore, 1.8, 1.9 fatsort.spec, 1.19, 1.20 sources, 1.8, 1.9 fatsort-0.9.8.2-CFLAGS.patch, 1.1, NONE fatsort-0.9.8.3-install.patch, 1.1, NONE
- Next message (by thread): rpms/fatsort/F-9 .cvsignore, 1.4, 1.5 fatsort.spec, 1.14, 1.15 sources, 1.6, 1.7 fatsort-0.9.8.2-CFLAGS.patch, 1.1, NONE fatsort-0.9.8.3-install.patch, 1.1, NONE
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
More information about the fedora-extras-commits
mailing list