rpms/selinux-policy/devel policy-20071130.patch, 1.45, 1.46 selinux-policy.spec, 1.595, 1.596
Daniel J Walsh (dwalsh)
fedora-extras-commits at redhat.com
Thu Jan 31 20:59:12 UTC 2008
- Previous message (by thread): rpms/e2fsprogs/F-8 e2fsprogs-1.40.4-no-static-e2fsck.patch, NONE, 1.1 e2fsprogs-1.40.4-sb_feature_check_ignore.patch, NONE, 1.1 e2fsprogs-1.40.4-uuidd-tidy.patch, NONE, 1.1 uuidd.init, NONE, 1.1 .cvsignore, 1.16, 1.17 e2fsprogs-1.39-mkinstalldirs.patch, 1.2, 1.3 e2fsprogs.spec, 1.86, 1.87 sources, 1.16, 1.17 e2fsprogs-1.38-no_pottcdate.patch, 1.2, NONE e2fsprogs-1.38-resize-inode.patch, 1.1, NONE e2fsprogs-1.39-multilib.patch, 1.3, NONE e2fsprogs-1.40.2-blkid-FAT-magic-not-on-strict-position.patch, 1.2, NONE e2fsprogs-1.40.2-blkid-squashfs.patch, 1.2, NONE e2fsprogs-1.40.2-fix-open-create-modes.patch, 1.1, NONE e2fsprogs-1.40.2-integer-overflows.patch, 1.1, NONE e2fsprogs-1.40.2-protect-open-ops.patch, 1.1, NONE e2fsprogs-1.40.2-swapfs.patch, 1.1, NONE e2fsprogs-1.40.2-warning-fixes.patch, 1.1, NONE
- Next message (by thread): rpms/selinux-policy/F-8 policy-20070703.patch, 1.179, 1.180 selinux-policy.spec, 1.608, 1.609
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
Author: dwalsh
Update of /cvs/extras/rpms/selinux-policy/devel
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv23543
Modified Files:
policy-20071130.patch selinux-policy.spec
Log Message:
* Wed Jan 30 2008 Dan Walsh <dwalsh at redhat.com> 3.2.5-24
- Allow allow_httpd_mod_auth_pam to work
policy-20071130.patch:
Index: policy-20071130.patch
===================================================================
RCS file: /cvs/extras/rpms/selinux-policy/devel/policy-20071130.patch,v
retrieving revision 1.45
retrieving revision 1.46
diff -u -r1.45 -r1.46
--- policy-20071130.patch 31 Jan 2008 19:32:51 -0000 1.45
+++ policy-20071130.patch 31 Jan 2008 20:59:05 -0000 1.46
@@ -13893,18 +13893,52 @@
/opt/NX/bin/nxserver -- gen_context(system_u:object_r:nx_server_exec_t,s0)
/opt/NX/home/nx/\.ssh(/.*)? gen_context(system_u:object_r:nx_server_home_ssh_t,s0)
+diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/oddjob.fc serefpolicy-3.2.5/policy/modules/services/oddjob.fc
+--- nsaserefpolicy/policy/modules/services/oddjob.fc 2007-10-12 08:56:07.000000000 -0400
++++ serefpolicy-3.2.5/policy/modules/services/oddjob.fc 2008-01-31 15:22:43.000000000 -0500
+@@ -1,4 +1,4 @@
+-/usr/lib/oddjob/mkhomedir -- gen_context(system_u:object_r:oddjob_mkhomedir_exec_t,s0)
++/usr/lib(64)?/oddjob/mkhomedir -- gen_context(system_u:object_r:oddjob_mkhomedir_exec_t,s0)
+
+ /usr/sbin/oddjobd -- gen_context(system_u:object_r:oddjob_exec_t,s0)
+
+diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/oddjob.if serefpolicy-3.2.5/policy/modules/services/oddjob.if
+--- nsaserefpolicy/policy/modules/services/oddjob.if 2007-01-02 12:57:43.000000000 -0500
++++ serefpolicy-3.2.5/policy/modules/services/oddjob.if 2008-01-31 15:49:10.000000000 -0500
+@@ -44,6 +44,7 @@
+ ')
+
+ domtrans_pattern(oddjob_t, $2, $1)
++ domain_user_exemption_target($1)
+ ')
+
+ ########################################
diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/oddjob.te serefpolicy-3.2.5/policy/modules/services/oddjob.te
--- nsaserefpolicy/policy/modules/services/oddjob.te 2007-12-19 05:32:17.000000000 -0500
-+++ serefpolicy-3.2.5/policy/modules/services/oddjob.te 2008-01-18 12:40:46.000000000 -0500
-@@ -15,6 +15,7 @@
++++ serefpolicy-3.2.5/policy/modules/services/oddjob.te 2008-01-31 15:44:28.000000000 -0500
+@@ -10,14 +10,20 @@
+ type oddjob_exec_t;
+ domain_type(oddjob_t)
+ init_daemon_domain(oddjob_t, oddjob_exec_t)
++domain_obj_id_change_exemption(oddjob_t)
+ domain_subj_id_change_exemption(oddjob_t)
+
type oddjob_mkhomedir_t;
type oddjob_mkhomedir_exec_t;
domain_type(oddjob_mkhomedir_t)
+-init_daemon_domain(oddjob_mkhomedir_t, oddjob_mkhomedir_exec_t)
+domain_obj_id_change_exemption(oddjob_mkhomedir_t)
- init_daemon_domain(oddjob_mkhomedir_t, oddjob_mkhomedir_exec_t)
++init_system_domain(oddjob_mkhomedir_t, oddjob_mkhomedir_exec_t)
oddjob_system_entry(oddjob_mkhomedir_t, oddjob_mkhomedir_exec_t)
-@@ -68,20 +69,38 @@
++ifdef(`enable_mcs',`
++ init_ranged_daemon_domain(oddjob_t,oddjob_exec_t,s0 - mcs_systemhigh)
++')
++
+ # pid files
+ type oddjob_var_run_t;
+ files_pid_file(oddjob_var_run_t)
+@@ -68,20 +74,38 @@
# oddjob_mkhomedir local policy
#
@@ -21350,7 +21384,7 @@
+/var/cache/coolkey(/.*)? gen_context(system_u:object_r:auth_cache_t,s0)
diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/authlogin.if serefpolicy-3.2.5/policy/modules/system/authlogin.if
--- nsaserefpolicy/policy/modules/system/authlogin.if 2007-11-29 13:29:35.000000000 -0500
-+++ serefpolicy-3.2.5/policy/modules/system/authlogin.if 2008-01-31 13:43:36.000000000 -0500
++++ serefpolicy-3.2.5/policy/modules/system/authlogin.if 2008-01-31 15:15:50.000000000 -0500
@@ -99,7 +99,7 @@
template(`authlogin_per_role_template',`
@@ -21396,7 +21430,7 @@
# for SSP/ProPolice
dev_read_urand($1)
# for fingerprint readers
-@@ -221,11 +237,35 @@
+@@ -221,11 +237,36 @@
logging_send_audit_msgs($1)
logging_send_syslog_msg($1)
@@ -21414,6 +21448,7 @@
+ dbus_system_bus_client_template(notused, $1)
+ optional_policy(`
+ oddjob_dbus_chat($1)
++ oddjob_domtrans_mkhomedir($1)
+ ')
+ ')
+
@@ -21433,7 +21468,7 @@
tunable_policy(`allow_polyinstantiation',`
files_polyinstantiate_all($1)
')
-@@ -342,6 +382,8 @@
+@@ -342,6 +383,8 @@
optional_policy(`
kerberos_use($1)
@@ -21442,7 +21477,7 @@
')
optional_policy(`
-@@ -356,6 +398,28 @@
+@@ -356,6 +399,28 @@
optional_policy(`
samba_stream_connect_winbind($1)
')
@@ -21471,7 +21506,7 @@
')
########################################
-@@ -369,12 +433,12 @@
+@@ -369,12 +434,12 @@
## </param>
## <param name="role">
## <summary>
@@ -21486,7 +21521,7 @@
## </summary>
## </param>
#
-@@ -386,6 +450,7 @@
+@@ -386,6 +451,7 @@
auth_domtrans_chk_passwd($1)
role $2 types system_chkpwd_t;
allow system_chkpwd_t $3:chr_file rw_file_perms;
@@ -21494,7 +21529,7 @@
')
########################################
-@@ -1457,6 +1522,7 @@
+@@ -1457,6 +1523,7 @@
optional_policy(`
samba_stream_connect_winbind($1)
samba_read_var_files($1)
@@ -21502,7 +21537,7 @@
')
')
-@@ -1491,3 +1557,23 @@
+@@ -1491,3 +1558,23 @@
typeattribute $1 can_write_shadow_passwords;
typeattribute $1 can_relabelto_shadow_passwords;
')
Index: selinux-policy.spec
===================================================================
RCS file: /cvs/extras/rpms/selinux-policy/devel/selinux-policy.spec,v
retrieving revision 1.595
retrieving revision 1.596
diff -u -r1.595 -r1.596
--- selinux-policy.spec 31 Jan 2008 19:32:51 -0000 1.595
+++ selinux-policy.spec 31 Jan 2008 20:59:05 -0000 1.596
@@ -17,7 +17,7 @@
Summary: SELinux policy configuration
Name: selinux-policy
Version: 3.2.5
-Release: 23%{?dist}
+Release: 24%{?dist}
License: GPLv2+
Group: System Environment/Base
Source: serefpolicy-%{version}.tgz
@@ -387,7 +387,7 @@
%endif
%changelog
-* Wed Jan 30 2008 Dan Walsh <dwalsh at redhat.com> 3.2.5-23
+* Wed Jan 30 2008 Dan Walsh <dwalsh at redhat.com> 3.2.5-24
- Allow allow_httpd_mod_auth_pam to work
* Wed Jan 30 2008 Dan Walsh <dwalsh at redhat.com> 3.2.5-22
- Previous message (by thread): rpms/e2fsprogs/F-8 e2fsprogs-1.40.4-no-static-e2fsck.patch, NONE, 1.1 e2fsprogs-1.40.4-sb_feature_check_ignore.patch, NONE, 1.1 e2fsprogs-1.40.4-uuidd-tidy.patch, NONE, 1.1 uuidd.init, NONE, 1.1 .cvsignore, 1.16, 1.17 e2fsprogs-1.39-mkinstalldirs.patch, 1.2, 1.3 e2fsprogs.spec, 1.86, 1.87 sources, 1.16, 1.17 e2fsprogs-1.38-no_pottcdate.patch, 1.2, NONE e2fsprogs-1.38-resize-inode.patch, 1.1, NONE e2fsprogs-1.39-multilib.patch, 1.3, NONE e2fsprogs-1.40.2-blkid-FAT-magic-not-on-strict-position.patch, 1.2, NONE e2fsprogs-1.40.2-blkid-squashfs.patch, 1.2, NONE e2fsprogs-1.40.2-fix-open-create-modes.patch, 1.1, NONE e2fsprogs-1.40.2-integer-overflows.patch, 1.1, NONE e2fsprogs-1.40.2-protect-open-ops.patch, 1.1, NONE e2fsprogs-1.40.2-swapfs.patch, 1.1, NONE e2fsprogs-1.40.2-warning-fixes.patch, 1.1, NONE
- Next message (by thread): rpms/selinux-policy/F-8 policy-20070703.patch, 1.179, 1.180 selinux-policy.spec, 1.608, 1.609
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
More information about the fedora-extras-commits
mailing list