rpms/selinux-policy/F-10 policy-20080710.patch,1.115,1.116
Daniel J Walsh
dwalsh at fedoraproject.org
Thu Dec 18 21:01:27 UTC 2008
- Previous message (by thread): rpms/xcb-util/devel xcb-util-0.3.2-revert-keysyms-use-xcb_key_lookup_t.patch, NONE, 1.1 xcb-util-0.3.2-xcb_keysyms-remove-xcb_lookup_t.patch, NONE, 1.1 .cvsignore, 1.2, 1.3 import.log, 1.1, 1.2 sources, 1.2, 1.3 xcb-util.spec, 1.1, 1.2 xcb-util-0.3.1-copyright-resolution.patch, 1.1, NONE xcb-util-0.3.1-exit-in-library.patch, 1.1, NONE
- Next message (by thread): rpms/snake/F-10 .cvsignore, 1.8, 1.9 import.log, 1.3, 1.4 snake.spec, 1.15, 1.16 sources, 1.16, 1.17
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
Author: dwalsh
Update of /cvs/extras/rpms/selinux-policy/F-10
In directory cvs1.fedora.phx.redhat.com:/tmp/cvs-serv12488
Modified Files:
policy-20080710.patch
Log Message:
* Tue Dec 9 2008 Dan Walsh <dwalsh at redhat.com> 3.5.13-35
- Allow staff_t to execute at jobs
policy-20080710.patch:
Index: policy-20080710.patch
===================================================================
RCS file: /cvs/extras/rpms/selinux-policy/F-10/policy-20080710.patch,v
retrieving revision 1.115
retrieving revision 1.116
diff -u -r1.115 -r1.116
--- policy-20080710.patch 18 Dec 2008 19:45:35 -0000 1.115
+++ policy-20080710.patch 18 Dec 2008 21:00:56 -0000 1.116
@@ -13314,7 +13314,7 @@
+/var/log/rpmpkgs.* -- gen_context(system_u:object_r:cron_log_t,s0)
diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/cron.if serefpolicy-3.5.13/policy/modules/services/cron.if
--- nsaserefpolicy/policy/modules/services/cron.if 2008-10-17 08:49:11.000000000 -0400
-+++ serefpolicy-3.5.13/policy/modules/services/cron.if 2008-12-10 10:11:34.000000000 -0500
++++ serefpolicy-3.5.13/policy/modules/services/cron.if 2008-12-18 15:54:11.000000000 -0500
@@ -35,39 +35,25 @@
#
template(`cron_per_role_template',`
@@ -13490,7 +13490,7 @@
# dac_override is to create the file in the directory under /tmp
allow $1_crontab_t self:capability { fowner setuid setgid chown dac_override };
- allow $1_crontab_t self:process signal_perms;
-+ allow $1_cronjob_t self:process { signal_perms setsched };
++ allow $1_crontab_t self:process { signal_perms setsched };
+ allow $1_crontab_t self:fifo_file rw_fifo_file_perms;
+ allow $1_crontab_t crond_t:process signal;
@@ -25917,7 +25917,7 @@
/etc/ssh/ssh_host_key -- gen_context(system_u:object_r:sshd_key_t,s0)
diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/ssh.if serefpolicy-3.5.13/policy/modules/services/ssh.if
--- nsaserefpolicy/policy/modules/services/ssh.if 2008-10-17 08:49:11.000000000 -0400
-+++ serefpolicy-3.5.13/policy/modules/services/ssh.if 2008-12-18 10:02:59.000000000 -0500
++++ serefpolicy-3.5.13/policy/modules/services/ssh.if 2008-12-18 15:57:42.000000000 -0500
@@ -36,6 +36,7 @@
gen_require(`
attribute ssh_server;
@@ -26048,7 +26048,7 @@
userdom_dontaudit_list_user_home_dirs($1,$1_ssh_t)
userdom_search_user_home_dirs($1,$1_ssh_t)
+ userdom_write_user_tmp_sockets(user,$1_ssh_t)
-+ userdom_read_user_home_content_symlinks($1_ssh_t)
++ userdom_read_user_home_content_symlinks(user, $1_ssh_t)
+
# Write to the user domain tty.
userdom_use_user_terminals($1,$1_ssh_t)
- Previous message (by thread): rpms/xcb-util/devel xcb-util-0.3.2-revert-keysyms-use-xcb_key_lookup_t.patch, NONE, 1.1 xcb-util-0.3.2-xcb_keysyms-remove-xcb_lookup_t.patch, NONE, 1.1 .cvsignore, 1.2, 1.3 import.log, 1.1, 1.2 sources, 1.2, 1.3 xcb-util.spec, 1.1, 1.2 xcb-util-0.3.1-copyright-resolution.patch, 1.1, NONE xcb-util-0.3.1-exit-in-library.patch, 1.1, NONE
- Next message (by thread): rpms/snake/F-10 .cvsignore, 1.8, 1.9 import.log, 1.3, 1.4 snake.spec, 1.15, 1.16 sources, 1.16, 1.17
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
More information about the fedora-extras-commits
mailing list