rpms/selinux-policy/devel policy-20080509.patch,1.26,1.27

[Daniel J Walsh (dwalsh)]

Author: dwalsh

Update of /cvs/extras/rpms/selinux-policy/devel
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv27027

Modified Files:
	policy-20080509.patch 
Log Message:
* Sun Jun 29 2008 Dan Walsh <dwalsh at redhat.com> 3.4.2-9
- Allow gdm to read rpm database
- Allow nsplugin to read mplayer config files


policy-20080509.patch:

Index: policy-20080509.patch
===================================================================
RCS file: /cvs/extras/rpms/selinux-policy/devel/policy-20080509.patch,v
retrieving revision 1.26
retrieving revision 1.27
diff -u -r1.26 -r1.27
--- policy-20080509.patch	30 Jun 2008 21:12:23 -0000	1.26
+++ policy-20080509.patch	1 Jul 2008 13:41:30 -0000	1.27
@@ -2626,7 +2626,7 @@
  ########################################
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/apps/gpg.te serefpolicy-3.4.2/policy/modules/apps/gpg.te
 --- nsaserefpolicy/policy/modules/apps/gpg.te	2008-06-12 23:25:03.000000000 -0400
-+++ serefpolicy-3.4.2/policy/modules/apps/gpg.te	2008-06-12 23:37:51.000000000 -0400
++++ serefpolicy-3.4.2/policy/modules/apps/gpg.te	2008-07-01 08:30:42.000000000 -0400
 @@ -15,15 +15,251 @@
  gen_tunable(gpg_agent_env_file, false)
  
@@ -8239,7 +8239,7 @@
  ## <summary>
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/roles/unprivuser.if serefpolicy-3.4.2/policy/modules/roles/unprivuser.if
 --- nsaserefpolicy/policy/modules/roles/unprivuser.if	2008-06-12 23:25:06.000000000 -0400
-+++ serefpolicy-3.4.2/policy/modules/roles/unprivuser.if	2008-06-24 05:57:35.000000000 -0400
++++ serefpolicy-3.4.2/policy/modules/roles/unprivuser.if	2008-07-01 08:30:34.000000000 -0400
 @@ -62,6 +62,26 @@
  	files_home_filetrans($1,user_home_dir_t,dir)
  ')
@@ -8353,7 +8353,7 @@
  ')
  
  ########################################
-@@ -323,3 +340,553 @@
+@@ -323,3 +340,555 @@
  	manage_sock_files_pattern($1,{ user_home_dir_t user_home_t },user_home_t)
  ')
  
@@ -8521,6 +8521,7 @@
 +		type user_tmp_t;
 +	')
 +
++	files_search_tmp($1)
 +	manage_files_pattern($1, user_tmp_t,  user_tmp_t)
 +')
 +
@@ -8539,6 +8540,7 @@
 +		type user_tmp_t;
 +	')
 +
++	files_search_tmp($1)
 +	manage_lnk_files_pattern($1, user_tmp_t,  user_tmp_t)
 +')
 +
@@ -36613,8 +36615,8 @@
 +
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/virt.te serefpolicy-3.4.2/policy/modules/system/virt.te
 --- nsaserefpolicy/policy/modules/system/virt.te	1969-12-31 19:00:00.000000000 -0500
-+++ serefpolicy-3.4.2/policy/modules/system/virt.te	2008-06-22 06:51:23.000000000 -0400
-@@ -0,0 +1,198 @@
++++ serefpolicy-3.4.2/policy/modules/system/virt.te	2008-07-01 09:38:45.000000000 -0400
+@@ -0,0 +1,203 @@
 +
 +policy_module(virt,1.0.0)
 +
@@ -36731,6 +36733,7 @@
 +files_read_usr_files(virtd_t)
 +files_read_etc_runtime_files(virtd_t)
 +files_search_all(virtd_t)
++files_list_kernel_modules(virtd_t)
 +
 +fs_list_auto_mountpoints(virtd_t)
 +
@@ -36813,6 +36816,10 @@
 +	fs_manage_cifs_files(virtd_t)
 +	fs_read_cifs_symlinks(virtd_t)
 +')
++
++optional_policy(`
++	unconfined_domain(virtd_t)
++')
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/xen.fc serefpolicy-3.4.2/policy/modules/system/xen.fc
 --- nsaserefpolicy/policy/modules/system/xen.fc	2008-06-12 23:25:07.000000000 -0400
 +++ serefpolicy-3.4.2/policy/modules/system/xen.fc	2008-06-12 23:37:52.000000000 -0400