rpms/selinux-policy/devel policy-20080509.patch,1.26,1.27
Daniel J Walsh (dwalsh)
fedora-extras-commits at redhat.com
Tue Jul 1 13:42:22 UTC 2008
Author: dwalsh
Update of /cvs/extras/rpms/selinux-policy/devel
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv27027
Modified Files:
policy-20080509.patch
Log Message:
* Sun Jun 29 2008 Dan Walsh <dwalsh at redhat.com> 3.4.2-9
- Allow gdm to read rpm database
- Allow nsplugin to read mplayer config files
policy-20080509.patch:
Index: policy-20080509.patch
===================================================================
RCS file: /cvs/extras/rpms/selinux-policy/devel/policy-20080509.patch,v
retrieving revision 1.26
retrieving revision 1.27
diff -u -r1.26 -r1.27
--- policy-20080509.patch 30 Jun 2008 21:12:23 -0000 1.26
+++ policy-20080509.patch 1 Jul 2008 13:41:30 -0000 1.27
@@ -2626,7 +2626,7 @@
########################################
diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/apps/gpg.te serefpolicy-3.4.2/policy/modules/apps/gpg.te
--- nsaserefpolicy/policy/modules/apps/gpg.te 2008-06-12 23:25:03.000000000 -0400
-+++ serefpolicy-3.4.2/policy/modules/apps/gpg.te 2008-06-12 23:37:51.000000000 -0400
++++ serefpolicy-3.4.2/policy/modules/apps/gpg.te 2008-07-01 08:30:42.000000000 -0400
@@ -15,15 +15,251 @@
gen_tunable(gpg_agent_env_file, false)
@@ -8239,7 +8239,7 @@
## <summary>
diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/roles/unprivuser.if serefpolicy-3.4.2/policy/modules/roles/unprivuser.if
--- nsaserefpolicy/policy/modules/roles/unprivuser.if 2008-06-12 23:25:06.000000000 -0400
-+++ serefpolicy-3.4.2/policy/modules/roles/unprivuser.if 2008-06-24 05:57:35.000000000 -0400
++++ serefpolicy-3.4.2/policy/modules/roles/unprivuser.if 2008-07-01 08:30:34.000000000 -0400
@@ -62,6 +62,26 @@
files_home_filetrans($1,user_home_dir_t,dir)
')
@@ -8353,7 +8353,7 @@
')
########################################
-@@ -323,3 +340,553 @@
+@@ -323,3 +340,555 @@
manage_sock_files_pattern($1,{ user_home_dir_t user_home_t },user_home_t)
')
@@ -8521,6 +8521,7 @@
+ type user_tmp_t;
+ ')
+
++ files_search_tmp($1)
+ manage_files_pattern($1, user_tmp_t, user_tmp_t)
+')
+
@@ -8539,6 +8540,7 @@
+ type user_tmp_t;
+ ')
+
++ files_search_tmp($1)
+ manage_lnk_files_pattern($1, user_tmp_t, user_tmp_t)
+')
+
@@ -36613,8 +36615,8 @@
+
diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/virt.te serefpolicy-3.4.2/policy/modules/system/virt.te
--- nsaserefpolicy/policy/modules/system/virt.te 1969-12-31 19:00:00.000000000 -0500
-+++ serefpolicy-3.4.2/policy/modules/system/virt.te 2008-06-22 06:51:23.000000000 -0400
-@@ -0,0 +1,198 @@
++++ serefpolicy-3.4.2/policy/modules/system/virt.te 2008-07-01 09:38:45.000000000 -0400
+@@ -0,0 +1,203 @@
+
+policy_module(virt,1.0.0)
+
@@ -36731,6 +36733,7 @@
+files_read_usr_files(virtd_t)
+files_read_etc_runtime_files(virtd_t)
+files_search_all(virtd_t)
++files_list_kernel_modules(virtd_t)
+
+fs_list_auto_mountpoints(virtd_t)
+
@@ -36813,6 +36816,10 @@
+ fs_manage_cifs_files(virtd_t)
+ fs_read_cifs_symlinks(virtd_t)
+')
++
++optional_policy(`
++ unconfined_domain(virtd_t)
++')
diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/xen.fc serefpolicy-3.4.2/policy/modules/system/xen.fc
--- nsaserefpolicy/policy/modules/system/xen.fc 2008-06-12 23:25:07.000000000 -0400
+++ serefpolicy-3.4.2/policy/modules/system/xen.fc 2008-06-12 23:37:52.000000000 -0400
More information about the fedora-extras-commits
mailing list