rpms/selinux-policy/devel policy-20071130.patch,1.26,1.27
Daniel J Walsh (dwalsh)
fedora-extras-commits at redhat.com
Fri Jan 4 13:38:53 UTC 2008
Author: dwalsh
Update of /cvs/extras/rpms/selinux-policy/devel
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv7688
Modified Files:
policy-20071130.patch
Log Message:
* Wed Jan 2 2008 Dan Walsh <dwalsh at redhat.com> 3.2.5-8
- Change user and staff roles to work correctly with varied perms
policy-20071130.patch:
Index: policy-20071130.patch
===================================================================
RCS file: /cvs/extras/rpms/selinux-policy/devel/policy-20071130.patch,v
retrieving revision 1.26
retrieving revision 1.27
diff -u -r1.26 -r1.27
--- policy-20071130.patch 3 Jan 2008 22:13:09 -0000 1.26
+++ policy-20071130.patch 4 Jan 2008 13:38:45 -0000 1.27
@@ -3601,8 +3601,8 @@
+/usr/lib/mozilla/plugins-wrapped(/.*)? gen_context(system_u:object_r:nsplugin_rw_t,s0)
diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/apps/nsplugin.if serefpolicy-3.2.5/policy/modules/apps/nsplugin.if
--- nsaserefpolicy/policy/modules/apps/nsplugin.if 1969-12-31 19:00:00.000000000 -0500
-+++ serefpolicy-3.2.5/policy/modules/apps/nsplugin.if 2008-01-03 17:03:53.000000000 -0500
-@@ -0,0 +1,205 @@
++++ serefpolicy-3.2.5/policy/modules/apps/nsplugin.if 2008-01-04 08:37:32.000000000 -0500
+@@ -0,0 +1,227 @@
+
+## <summary>policy for nsplugin</summary>
+
@@ -3659,7 +3659,25 @@
+ type nsplugin_rw_t;
+ ')
+
-+ read_fils_pattern($1, nsplugin_rw_t, nsplugin_rw_t)
++ read_files_pattern($1, nsplugin_rw_t, nsplugin_rw_t)
++')
++
++########################################
++## <summary>
++## Exec nsplugin rw files.
++## </summary>
++## <param name="domain">
++## <summary>
++## Domain allowed access.
++## </summary>
++## </param>
++#
++interface(`nsplugin_rw_exec',`
++ gen_require(`
++ type nsplugin_rw_t;
++ ')
++
++ can_exec($1, nsplugin_rw_t)
+')
+
+########################################
@@ -3803,10 +3821,14 @@
+template(`nsplugin_per_role_template',`
+ gen_require(`
+ type nsplugin_t;
++ type nsplugin_rw_t;
+ ')
+ nsplugin_domtrans($2)
+ role $3 types nsplugin_t;
-+ nsplugin_read_rw_files($2)
++
++ read_files_pattern($2, , nsplugin_rw_t, nsplugin_rw_t)
++ read_lnk_files_pattern($2, , nsplugin_rw_t, nsplugin_rw_t)
++ can_exec($2, nsplugin_rw_t)
+')
diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/apps/nsplugin.te serefpolicy-3.2.5/policy/modules/apps/nsplugin.te
--- nsaserefpolicy/policy/modules/apps/nsplugin.te 1969-12-31 19:00:00.000000000 -0500
More information about the fedora-extras-commits
mailing list