rpms/selinux-policy/devel policy-20071130.patch, 1.82, 1.83 selinux-policy.spec, 1.620, 1.621
Daniel J Walsh (dwalsh)
fedora-extras-commits at redhat.com
Thu Feb 28 05:02:00 UTC 2008
Author: dwalsh
Update of /cvs/extras/rpms/selinux-policy/devel
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv14272
Modified Files:
policy-20071130.patch selinux-policy.spec
Log Message:
* Wed Feb 27 2008 Dan Walsh <dwalsh at redhat.com> 3.3.1-6
- Prepare policy for beta release
- Change some of the system domains back to unconfined
- Turn on some of the booleans
policy-20071130.patch:
Index: policy-20071130.patch
===================================================================
RCS file: /cvs/extras/rpms/selinux-policy/devel/policy-20071130.patch,v
retrieving revision 1.82
retrieving revision 1.83
diff -u -r1.82 -r1.83
--- policy-20071130.patch 28 Feb 2008 04:35:56 -0000 1.82
+++ policy-20071130.patch 28 Feb 2008 05:01:51 -0000 1.83
@@ -4127,7 +4127,7 @@
+
diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/apps/java.te serefpolicy-3.3.1/policy/modules/apps/java.te
--- nsaserefpolicy/policy/modules/apps/java.te 2007-12-19 05:32:09.000000000 -0500
-+++ serefpolicy-3.3.1/policy/modules/apps/java.te 2008-02-26 08:29:22.000000000 -0500
++++ serefpolicy-3.3.1/policy/modules/apps/java.te 2008-02-27 23:56:52.000000000 -0500
@@ -6,16 +6,10 @@
# Declarations
#
@@ -4146,7 +4146,7 @@
########################################
#
-@@ -23,11 +17,23 @@
+@@ -23,11 +17,28 @@
#
# execheap is needed for itanium/BEA jrocket
@@ -4164,15 +4164,20 @@
+ unconfined_dbus_chat(java_t)
+ ')
+')
++
++optional_policy(`
++ rpm_domtrans(java_t)
++')
optional_policy(`
unconfined_domain_noaudit(java_t)
- unconfined_dbus_chat(java_t)
-+')
+ ')
+
+optional_policy(`
-+ xserver_xdm_rw_shm(java_t)
- ')
++ xserver_xdm_rw_shm(java_t)
++')
++
diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/apps/loadkeys.te serefpolicy-3.3.1/policy/modules/apps/loadkeys.te
--- nsaserefpolicy/policy/modules/apps/loadkeys.te 2007-12-19 05:32:09.000000000 -0500
+++ serefpolicy-3.3.1/policy/modules/apps/loadkeys.te 2008-02-26 08:29:22.000000000 -0500
@@ -26657,8 +26662,8 @@
+/usr/bin/qemu-kvm -- gen_context(system_u:object_r:qemu_exec_t,s0)
diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/qemu.if serefpolicy-3.3.1/policy/modules/system/qemu.if
--- nsaserefpolicy/policy/modules/system/qemu.if 1969-12-31 19:00:00.000000000 -0500
-+++ serefpolicy-3.3.1/policy/modules/system/qemu.if 2008-02-26 08:29:22.000000000 -0500
-@@ -0,0 +1,290 @@
++++ serefpolicy-3.3.1/policy/modules/system/qemu.if 2008-02-27 23:40:38.000000000 -0500
+@@ -0,0 +1,291 @@
+
+## <summary>policy for qemu</summary>
+
@@ -26896,6 +26901,7 @@
+
+ domain_use_interactive_fds($1_t)
+
++ allow $1_t self:capability { dac_read_search dac_override };
+ allow $1_t self:process { execstack execmem signal getsched };
+ allow $1_t self:tcp_socket create_stream_socket_perms;
+
Index: selinux-policy.spec
===================================================================
RCS file: /cvs/extras/rpms/selinux-policy/devel/selinux-policy.spec,v
retrieving revision 1.620
retrieving revision 1.621
diff -u -r1.620 -r1.621
--- selinux-policy.spec 28 Feb 2008 04:35:56 -0000 1.620
+++ selinux-policy.spec 28 Feb 2008 05:01:51 -0000 1.621
@@ -17,7 +17,7 @@
Summary: SELinux policy configuration
Name: selinux-policy
Version: 3.3.1
-Release: 5%{?dist}
+Release: 6%{?dist}
License: GPLv2+
Group: System Environment/Base
Source: serefpolicy-%{version}.tgz
More information about the fedora-extras-commits
mailing list