rpms/selinux-policy/F-8 policy-20070703.patch,1.175,1.176
Daniel J Walsh (dwalsh)
fedora-extras-commits at redhat.com
Mon Jan 21 22:15:10 UTC 2008
Author: dwalsh
Update of /cvs/extras/rpms/selinux-policy/F-8
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv26017
Modified Files:
policy-20070703.patch
Log Message:
* Thu Jan 17 2008 Dan Walsh <dwalsh at redhat.com> 3.0.8-79
- Add procmail_log support
- Lots of fixes for munin
- fixes for dnsmasq
- Allow tmpreaper to delete aqmavis spool files
policy-20070703.patch:
Index: policy-20070703.patch
===================================================================
RCS file: /cvs/extras/rpms/selinux-policy/F-8/policy-20070703.patch,v
retrieving revision 1.175
retrieving revision 1.176
diff -u -r1.175 -r1.176
--- policy-20070703.patch 21 Jan 2008 21:42:36 -0000 1.175
+++ policy-20070703.patch 21 Jan 2008 22:15:05 -0000 1.176
@@ -7352,7 +7352,7 @@
+')
diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/consolekit.te serefpolicy-3.0.8/policy/modules/services/consolekit.te
--- nsaserefpolicy/policy/modules/services/consolekit.te 2007-10-22 13:21:39.000000000 -0400
-+++ serefpolicy-3.0.8/policy/modules/services/consolekit.te 2008-01-17 09:03:07.000000000 -0500
++++ serefpolicy-3.0.8/policy/modules/services/consolekit.te 2008-01-21 17:06:07.000000000 -0500
@@ -10,7 +10,6 @@
type consolekit_exec_t;
init_daemon_domain(consolekit_t, consolekit_exec_t)
@@ -7416,7 +7416,7 @@
+')
+
+optional_policy(`
-+ userdom_read_user_tmp_files(consolekit_t)
++ userdom_read_user_tmp_files(user,consolekit_t)
')
+
+
@@ -7464,7 +7464,7 @@
+/var/lib/misc(/.*)? gen_context(system_u:object_r:system_crond_var_lib_t,s0)
diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/cron.if serefpolicy-3.0.8/policy/modules/services/cron.if
--- nsaserefpolicy/policy/modules/services/cron.if 2007-10-22 13:21:39.000000000 -0400
-+++ serefpolicy-3.0.8/policy/modules/services/cron.if 2008-01-17 09:03:07.000000000 -0500
++++ serefpolicy-3.0.8/policy/modules/services/cron.if 2008-01-21 15:45:30.000000000 -0500
@@ -35,6 +35,7 @@
#
template(`cron_per_role_template',`
@@ -10553,7 +10553,7 @@
+')
diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/munin.te serefpolicy-3.0.8/policy/modules/services/munin.te
--- nsaserefpolicy/policy/modules/services/munin.te 2007-10-22 13:21:36.000000000 -0400
-+++ serefpolicy-3.0.8/policy/modules/services/munin.te 2008-01-17 13:34:16.000000000 -0500
++++ serefpolicy-3.0.8/policy/modules/services/munin.te 2008-01-21 17:08:25.000000000 -0500
@@ -1,5 +1,5 @@
-policy_module(munin,1.3.0)
@@ -10566,9 +10566,8 @@
#
-allow munin_t self:capability { setgid setuid };
--dontaudit munin_t self:capability sys_tty_config;
+allow munin_t self:capability { chown dac_override setgid setuid sys_rawio };
-+dontaudit munin_t self:ocapability sys_tty_config;
+ dontaudit munin_t self:capability sys_tty_config;
allow munin_t self:process { getsched setsched signal_perms };
allow munin_t self:unix_stream_socket { create_stream_socket_perms connectto };
allow munin_t self:unix_dgram_socket { create_socket_perms sendto };
More information about the fedora-extras-commits
mailing list