rpms/selinux-policy/F-8 policy-20070703.patch, 1.176, 1.177 selinux-policy.spec, 1.606, 1.607

Daniel J Walsh (dwalsh) fedora-extras-commits at redhat.com
Wed Jan 23 20:16:56 UTC 2008 

Author: dwalsh

Update of /cvs/extras/rpms/selinux-policy/F-8
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv13141

Modified Files:
	policy-20070703.patch selinux-policy.spec 
Log Message:
* Tue Jan 22 2008 Dan Walsh <dwalsh at redhat.com> 3.0.8-81
- Allow zebra to listen on port 521


policy-20070703.patch:

Index: policy-20070703.patch
===================================================================
RCS file: /cvs/extras/rpms/selinux-policy/F-8/policy-20070703.patch,v
retrieving revision 1.176
retrieving revision 1.177
diff -u -r1.176 -r1.177
--- policy-20070703.patch	21 Jan 2008 22:15:05 -0000	1.176
+++ policy-20070703.patch	23 Jan 2008 20:16:45 -0000	1.177
@@ -4151,7 +4151,7 @@
  ## <param name="domain">
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/kernel/corenetwork.te.in serefpolicy-3.0.8/policy/modules/kernel/corenetwork.te.in
 --- nsaserefpolicy/policy/modules/kernel/corenetwork.te.in	2007-10-22 13:21:41.000000000 -0400
-+++ serefpolicy-3.0.8/policy/modules/kernel/corenetwork.te.in	2008-01-17 09:03:07.000000000 -0500
++++ serefpolicy-3.0.8/policy/modules/kernel/corenetwork.te.in	2008-01-22 09:06:06.000000000 -0500
 @@ -55,6 +55,11 @@
  type reserved_port_t, port_type, reserved_port_type;
  
@@ -4214,7 +4214,12 @@
  network_port(pop, tcp,106,s0, tcp,109,s0, tcp,110,s0, tcp,143,s0, tcp,220,s0, tcp,993,s0, tcp,995,s0, tcp,1109,s0)
  network_port(portmap, udp,111,s0, tcp,111,s0)
  network_port(postgresql, tcp,5432,s0)
-@@ -141,12 +154,12 @@
+@@ -137,16 +150,16 @@
+ network_port(ricci_modcluster, tcp,16851,s0, udp,16851,s0)
+ network_port(rlogind, tcp,513,s0)
+ network_port(rndc, tcp,953,s0)
+-network_port(router, udp,520,s0)
++network_port(router, udp,520,s0, udp,521,s0, tcp,521,s0)
  network_port(rsh, tcp,514,s0)
  network_port(rsync, tcp,873,s0, udp,873,s0)
  network_port(rwho, udp,513,s0)
@@ -11002,7 +11007,7 @@
 +')
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/networkmanager.te serefpolicy-3.0.8/policy/modules/services/networkmanager.te
 --- nsaserefpolicy/policy/modules/services/networkmanager.te	2007-10-22 13:21:39.000000000 -0400
-+++ serefpolicy-3.0.8/policy/modules/services/networkmanager.te	2008-01-17 09:03:07.000000000 -0500
++++ serefpolicy-3.0.8/policy/modules/services/networkmanager.te	2008-01-22 09:24:05.000000000 -0500
 @@ -13,6 +13,9 @@
  type NetworkManager_var_run_t;
  files_pid_file(NetworkManager_var_run_t)
@@ -11041,7 +11046,7 @@
  
  init_read_utmp(NetworkManager_t)
  init_domtrans_script(NetworkManager_t)
-@@ -129,15 +137,13 @@
+@@ -129,15 +137,17 @@
  ')
  
  optional_policy(`
@@ -11056,10 +11061,14 @@
  	dbus_send_system_bus(NetworkManager_t)
 +	dbus_dontaudit_rw_system_selinux_socket(NetworkManager_t)
 +	dbus_system_domain(NetworkManager_t,NetworkManager_exec_t)
++')
++
++optional_policy(`
++	hal_write_log(NetworkManager_t)
  ')
  
  optional_policy(`
-@@ -151,6 +157,8 @@
+@@ -151,6 +161,8 @@
  optional_policy(`
  	nscd_socket_use(NetworkManager_t)
  	nscd_signal(NetworkManager_t)
@@ -11068,7 +11077,7 @@
  ')
  
  optional_policy(`
-@@ -162,6 +170,7 @@
+@@ -162,6 +174,7 @@
  	ppp_domtrans(NetworkManager_t)
  	ppp_read_pid_files(NetworkManager_t)
  	ppp_signal(NetworkManager_t)
@@ -11076,7 +11085,7 @@
  ')
  
  optional_policy(`
-@@ -173,8 +182,10 @@
+@@ -173,8 +186,10 @@
  ')
  
  optional_policy(`
@@ -19498,9 +19507,13 @@
  ')
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/unconfined.fc serefpolicy-3.0.8/policy/modules/system/unconfined.fc
 --- nsaserefpolicy/policy/modules/system/unconfined.fc	2007-10-22 13:21:39.000000000 -0400
-+++ serefpolicy-3.0.8/policy/modules/system/unconfined.fc	2008-01-17 09:03:07.000000000 -0500
-@@ -10,3 +10,7 @@
- /usr/lib/openoffice\.org.*/program/.+\.bin -- gen_context(system_u:object_r:unconfined_execmem_exec_t,s0)
++++ serefpolicy-3.0.8/policy/modules/system/unconfined.fc	2008-01-22 09:29:20.000000000 -0500
+@@ -7,6 +7,10 @@
+ /usr/bin/vncserver		--	gen_context(system_u:object_r:unconfined_exec_t,s0)
+ 
+ /usr/lib/ia32el/ia32x_loader 	--	gen_context(system_u:object_r:unconfined_execmem_exec_t,s0)
+-/usr/lib/openoffice\.org.*/program/.+\.bin -- gen_context(system_u:object_r:unconfined_execmem_exec_t,s0)
++/usr/lib(64)?/openoffice\.org.*/program/.+\.bin -- gen_context(system_u:object_r:unconfined_execmem_exec_t,s0)
  
  /usr/local/RealPlayer/realplay\.bin --	gen_context(system_u:object_r:unconfined_execmem_exec_t,s0)
 +/usr/bin/rhythmbox		    --	gen_context(system_u:object_r:unconfined_execmem_exec_t,s0)


Index: selinux-policy.spec
===================================================================
RCS file: /cvs/extras/rpms/selinux-policy/F-8/selinux-policy.spec,v
retrieving revision 1.606
retrieving revision 1.607
diff -u -r1.606 -r1.607
--- selinux-policy.spec	21 Jan 2008 21:42:36 -0000	1.606
+++ selinux-policy.spec	23 Jan 2008 20:16:45 -0000	1.607
@@ -17,7 +17,7 @@
 Summary: SELinux policy configuration
 Name: selinux-policy
 Version: 3.0.8
-Release: 80%{?dist}
+Release: 81%{?dist}
 License: GPLv2+
 Group: System Environment/Base
 Source: serefpolicy-%{version}.tgz
@@ -381,6 +381,9 @@
 %endif
 
 %changelog
+* Tue Jan 22 2008 Dan Walsh <dwalsh at redhat.com> 3.0.8-81
+- Allow zebra to listen on port 521
+
 * Thu Jan 17 2008 Dan Walsh <dwalsh at redhat.com> 3.0.8-79
 - Add procmail_log support
 - Lots of fixes for munin

More information about the fedora-extras-commits mailing list