rpms/selinux-policy/F-8 policy-20070703.patch, 1.176, 1.177 selinux-policy.spec, 1.606, 1.607
Daniel J Walsh (dwalsh)
fedora-extras-commits at redhat.com
Wed Jan 23 20:16:56 UTC 2008
- Previous message (by thread): rpms/kernel/devel linux-2.6-firewire-config-rom-read-fixup.patch, NONE, 1.1 kernel.spec, 1.377, 1.378 linux-2.6-firewire-git-update.patch, 1.2, 1.3 linux-2.6-firewire-increase-login-orb-timeout.patch, 1.1, NONE
- Next message (by thread): rpms/cpipe/devel cpipe.spec, NONE, 1.1 .cvsignore, 1.1, 1.2 sources, 1.1, 1.2
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
Author: dwalsh
Update of /cvs/extras/rpms/selinux-policy/F-8
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv13141
Modified Files:
policy-20070703.patch selinux-policy.spec
Log Message:
* Tue Jan 22 2008 Dan Walsh <dwalsh at redhat.com> 3.0.8-81
- Allow zebra to listen on port 521
policy-20070703.patch:
Index: policy-20070703.patch
===================================================================
RCS file: /cvs/extras/rpms/selinux-policy/F-8/policy-20070703.patch,v
retrieving revision 1.176
retrieving revision 1.177
diff -u -r1.176 -r1.177
--- policy-20070703.patch 21 Jan 2008 22:15:05 -0000 1.176
+++ policy-20070703.patch 23 Jan 2008 20:16:45 -0000 1.177
@@ -4151,7 +4151,7 @@
## <param name="domain">
diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/kernel/corenetwork.te.in serefpolicy-3.0.8/policy/modules/kernel/corenetwork.te.in
--- nsaserefpolicy/policy/modules/kernel/corenetwork.te.in 2007-10-22 13:21:41.000000000 -0400
-+++ serefpolicy-3.0.8/policy/modules/kernel/corenetwork.te.in 2008-01-17 09:03:07.000000000 -0500
++++ serefpolicy-3.0.8/policy/modules/kernel/corenetwork.te.in 2008-01-22 09:06:06.000000000 -0500
@@ -55,6 +55,11 @@
type reserved_port_t, port_type, reserved_port_type;
@@ -4214,7 +4214,12 @@
network_port(pop, tcp,106,s0, tcp,109,s0, tcp,110,s0, tcp,143,s0, tcp,220,s0, tcp,993,s0, tcp,995,s0, tcp,1109,s0)
network_port(portmap, udp,111,s0, tcp,111,s0)
network_port(postgresql, tcp,5432,s0)
-@@ -141,12 +154,12 @@
+@@ -137,16 +150,16 @@
+ network_port(ricci_modcluster, tcp,16851,s0, udp,16851,s0)
+ network_port(rlogind, tcp,513,s0)
+ network_port(rndc, tcp,953,s0)
+-network_port(router, udp,520,s0)
++network_port(router, udp,520,s0, udp,521,s0, tcp,521,s0)
network_port(rsh, tcp,514,s0)
network_port(rsync, tcp,873,s0, udp,873,s0)
network_port(rwho, udp,513,s0)
@@ -11002,7 +11007,7 @@
+')
diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/networkmanager.te serefpolicy-3.0.8/policy/modules/services/networkmanager.te
--- nsaserefpolicy/policy/modules/services/networkmanager.te 2007-10-22 13:21:39.000000000 -0400
-+++ serefpolicy-3.0.8/policy/modules/services/networkmanager.te 2008-01-17 09:03:07.000000000 -0500
++++ serefpolicy-3.0.8/policy/modules/services/networkmanager.te 2008-01-22 09:24:05.000000000 -0500
@@ -13,6 +13,9 @@
type NetworkManager_var_run_t;
files_pid_file(NetworkManager_var_run_t)
@@ -11041,7 +11046,7 @@
init_read_utmp(NetworkManager_t)
init_domtrans_script(NetworkManager_t)
-@@ -129,15 +137,13 @@
+@@ -129,15 +137,17 @@
')
optional_policy(`
@@ -11056,10 +11061,14 @@
dbus_send_system_bus(NetworkManager_t)
+ dbus_dontaudit_rw_system_selinux_socket(NetworkManager_t)
+ dbus_system_domain(NetworkManager_t,NetworkManager_exec_t)
++')
++
++optional_policy(`
++ hal_write_log(NetworkManager_t)
')
optional_policy(`
-@@ -151,6 +157,8 @@
+@@ -151,6 +161,8 @@
optional_policy(`
nscd_socket_use(NetworkManager_t)
nscd_signal(NetworkManager_t)
@@ -11068,7 +11077,7 @@
')
optional_policy(`
-@@ -162,6 +170,7 @@
+@@ -162,6 +174,7 @@
ppp_domtrans(NetworkManager_t)
ppp_read_pid_files(NetworkManager_t)
ppp_signal(NetworkManager_t)
@@ -11076,7 +11085,7 @@
')
optional_policy(`
-@@ -173,8 +182,10 @@
+@@ -173,8 +186,10 @@
')
optional_policy(`
@@ -19498,9 +19507,13 @@
')
diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/unconfined.fc serefpolicy-3.0.8/policy/modules/system/unconfined.fc
--- nsaserefpolicy/policy/modules/system/unconfined.fc 2007-10-22 13:21:39.000000000 -0400
-+++ serefpolicy-3.0.8/policy/modules/system/unconfined.fc 2008-01-17 09:03:07.000000000 -0500
-@@ -10,3 +10,7 @@
- /usr/lib/openoffice\.org.*/program/.+\.bin -- gen_context(system_u:object_r:unconfined_execmem_exec_t,s0)
++++ serefpolicy-3.0.8/policy/modules/system/unconfined.fc 2008-01-22 09:29:20.000000000 -0500
+@@ -7,6 +7,10 @@
+ /usr/bin/vncserver -- gen_context(system_u:object_r:unconfined_exec_t,s0)
+
+ /usr/lib/ia32el/ia32x_loader -- gen_context(system_u:object_r:unconfined_execmem_exec_t,s0)
+-/usr/lib/openoffice\.org.*/program/.+\.bin -- gen_context(system_u:object_r:unconfined_execmem_exec_t,s0)
++/usr/lib(64)?/openoffice\.org.*/program/.+\.bin -- gen_context(system_u:object_r:unconfined_execmem_exec_t,s0)
/usr/local/RealPlayer/realplay\.bin -- gen_context(system_u:object_r:unconfined_execmem_exec_t,s0)
+/usr/bin/rhythmbox -- gen_context(system_u:object_r:unconfined_execmem_exec_t,s0)
Index: selinux-policy.spec
===================================================================
RCS file: /cvs/extras/rpms/selinux-policy/F-8/selinux-policy.spec,v
retrieving revision 1.606
retrieving revision 1.607
diff -u -r1.606 -r1.607
--- selinux-policy.spec 21 Jan 2008 21:42:36 -0000 1.606
+++ selinux-policy.spec 23 Jan 2008 20:16:45 -0000 1.607
@@ -17,7 +17,7 @@
Summary: SELinux policy configuration
Name: selinux-policy
Version: 3.0.8
-Release: 80%{?dist}
+Release: 81%{?dist}
License: GPLv2+
Group: System Environment/Base
Source: serefpolicy-%{version}.tgz
@@ -381,6 +381,9 @@
%endif
%changelog
+* Tue Jan 22 2008 Dan Walsh <dwalsh at redhat.com> 3.0.8-81
+- Allow zebra to listen on port 521
+
* Thu Jan 17 2008 Dan Walsh <dwalsh at redhat.com> 3.0.8-79
- Add procmail_log support
- Lots of fixes for munin
- Previous message (by thread): rpms/kernel/devel linux-2.6-firewire-config-rom-read-fixup.patch, NONE, 1.1 kernel.spec, 1.377, 1.378 linux-2.6-firewire-git-update.patch, 1.2, 1.3 linux-2.6-firewire-increase-login-orb-timeout.patch, 1.1, NONE
- Next message (by thread): rpms/cpipe/devel cpipe.spec, NONE, 1.1 .cvsignore, 1.1, 1.2 sources, 1.1, 1.2
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
More information about the fedora-extras-commits
mailing list