rpms/selinux-policy/devel policy-20080509.patch, 1.9, 1.10 selinux-policy.spec, 1.667, 1.668
Daniel J Walsh (dwalsh)
fedora-extras-commits at redhat.com
Tue Jun 10 19:35:48 UTC 2008
- Previous message (by thread): rpms/meld/EL-5 import.log, NONE, 1.1 meld-1.1.5-git.patch, NONE, 1.1 .cvsignore, 1.9, 1.10 meld-scrollkeeper.patch, 1.1, 1.2 meld.spec, 1.18, 1.19 sources, 1.9, 1.10
- Next message (by thread): rpms/perl-File-Slurp/EL-5 import.log, NONE, 1.1 .cvsignore, 1.4, 1.5 perl-File-Slurp.spec, 1.7, 1.8 sources, 1.4, 1.5
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
Author: dwalsh
Update of /cvs/extras/rpms/selinux-policy/devel
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv31372
Modified Files:
policy-20080509.patch selinux-policy.spec
Log Message:
* Wed Jun 4 2008 Dan Walsh <dwalsh at redhat.com> 3.4.1-5
- Add livecd policy
policy-20080509.patch:
View full diff with command:
/usr/bin/cvs -f diff -kk -u -N -r 1.9 -r 1.10 policy-20080509.patch
Index: policy-20080509.patch
===================================================================
RCS file: /cvs/extras/rpms/selinux-policy/devel/policy-20080509.patch,v
retrieving revision 1.9
retrieving revision 1.10
diff -u -r1.9 -r1.10
--- policy-20080509.patch 4 Jun 2008 17:26:52 -0000 1.9
+++ policy-20080509.patch 10 Jun 2008 19:34:59 -0000 1.10
@@ -1,6 +1,6 @@
diff --exclude-from=exclude -N -u -r nsaserefpolicy/Makefile serefpolicy-3.4.1/Makefile
--- nsaserefpolicy/Makefile 2008-05-19 10:26:49.000000000 -0400
-+++ serefpolicy-3.4.1/Makefile 2008-06-03 09:53:54.000000000 -0400
++++ serefpolicy-3.4.1/Makefile 2008-06-05 08:23:27.000000000 -0400
@@ -311,20 +311,22 @@
# parse-rolemap modulename,outputfile
@@ -47,7 +47,7 @@
$(verbose) $(INSTALL) -m 644 $< $@
diff --exclude-from=exclude -N -u -r nsaserefpolicy/Rules.modular serefpolicy-3.4.1/Rules.modular
--- nsaserefpolicy/Rules.modular 2008-05-29 15:55:44.000000000 -0400
-+++ serefpolicy-3.4.1/Rules.modular 2008-06-03 09:53:54.000000000 -0400
++++ serefpolicy-3.4.1/Rules.modular 2008-06-05 08:23:27.000000000 -0400
@@ -73,8 +73,8 @@
$(tmpdir)/%.mod: $(m4support) $(tmpdir)/generated_definitions.conf $(tmpdir)/all_interfaces.conf %.te
@echo "Compliling $(NAME) $(@F) module"
@@ -79,13 +79,13 @@
$(tmpdir)/all_te_files.conf: $(m4support) $(tmpdir)/generated_definitions.conf $(tmpdir)/all_interfaces.conf $(base_te_files) $(tmpdir)/rolemap.conf
diff --exclude-from=exclude -N -u -r nsaserefpolicy/config/appconfig-mcs/failsafe_context serefpolicy-3.4.1/config/appconfig-mcs/failsafe_context
--- nsaserefpolicy/config/appconfig-mcs/failsafe_context 2008-05-19 10:26:48.000000000 -0400
-+++ serefpolicy-3.4.1/config/appconfig-mcs/failsafe_context 2008-06-03 09:53:54.000000000 -0400
++++ serefpolicy-3.4.1/config/appconfig-mcs/failsafe_context 2008-06-05 08:23:27.000000000 -0400
@@ -1 +1 @@
-sysadm_r:sysadm_t:s0
+system_r:unconfined_t:s0
diff --exclude-from=exclude -N -u -r nsaserefpolicy/config/appconfig-mcs/guest_u_default_contexts serefpolicy-3.4.1/config/appconfig-mcs/guest_u_default_contexts
--- nsaserefpolicy/config/appconfig-mcs/guest_u_default_contexts 1969-12-31 19:00:00.000000000 -0500
-+++ serefpolicy-3.4.1/config/appconfig-mcs/guest_u_default_contexts 2008-06-03 09:53:54.000000000 -0400
++++ serefpolicy-3.4.1/config/appconfig-mcs/guest_u_default_contexts 2008-06-05 08:23:27.000000000 -0400
@@ -0,0 +1,4 @@
+system_r:local_login_t:s0 guest_r:guest_t:s0
+system_r:remote_login_t:s0 guest_r:guest_t:s0
@@ -93,7 +93,7 @@
+system_r:crond_t:s0 guest_r:guest_crond_t:s0
diff --exclude-from=exclude -N -u -r nsaserefpolicy/config/appconfig-mcs/root_default_contexts serefpolicy-3.4.1/config/appconfig-mcs/root_default_contexts
--- nsaserefpolicy/config/appconfig-mcs/root_default_contexts 2008-05-19 10:26:48.000000000 -0400
-+++ serefpolicy-3.4.1/config/appconfig-mcs/root_default_contexts 2008-06-03 09:53:54.000000000 -0400
++++ serefpolicy-3.4.1/config/appconfig-mcs/root_default_contexts 2008-06-05 08:23:27.000000000 -0400
@@ -1,11 +1,7 @@
system_r:crond_t:s0 unconfined_r:unconfined_t:s0 sysadm_r:sysadm_crond_t:s0 staff_r:staff_crond_t:s0 user_r:user_crond_t:s0
system_r:local_login_t:s0 unconfined_r:unconfined_t:s0 sysadm_r:sysadm_t:s0 staff_r:staff_t:s0 user_r:user_t:s0
@@ -109,7 +109,7 @@
+system_r:sshd_t:s0 unconfined_r:unconfined_t:s0 sysadm_r:sysadm_t:s0 staff_r:staff_t:s0 user_r:user_t:s0
diff --exclude-from=exclude -N -u -r nsaserefpolicy/config/appconfig-mcs/seusers serefpolicy-3.4.1/config/appconfig-mcs/seusers
--- nsaserefpolicy/config/appconfig-mcs/seusers 2008-05-19 10:26:47.000000000 -0400
-+++ serefpolicy-3.4.1/config/appconfig-mcs/seusers 2008-06-03 09:53:54.000000000 -0400
++++ serefpolicy-3.4.1/config/appconfig-mcs/seusers 2008-06-05 08:23:27.000000000 -0400
@@ -1,3 +1,3 @@
system_u:system_u:s0-mcs_systemhigh
root:root:s0-mcs_systemhigh
@@ -117,7 +117,7 @@
+__default__:unconfined_u:s0
diff --exclude-from=exclude -N -u -r nsaserefpolicy/config/appconfig-mcs/unconfined_u_default_contexts serefpolicy-3.4.1/config/appconfig-mcs/unconfined_u_default_contexts
--- nsaserefpolicy/config/appconfig-mcs/unconfined_u_default_contexts 1969-12-31 19:00:00.000000000 -0500
-+++ serefpolicy-3.4.1/config/appconfig-mcs/unconfined_u_default_contexts 2008-06-03 09:53:54.000000000 -0400
++++ serefpolicy-3.4.1/config/appconfig-mcs/unconfined_u_default_contexts 2008-06-05 08:23:27.000000000 -0400
@@ -0,0 +1,9 @@
+system_r:crond_t:s0 unconfined_r:unconfined_t:s0
+system_r:initrc_t:s0 unconfined_r:unconfined_t:s0
@@ -130,13 +130,13 @@
+system_r:xdm_t:s0 unconfined_r:unconfined_t:s0
diff --exclude-from=exclude -N -u -r nsaserefpolicy/config/appconfig-mcs/userhelper_context serefpolicy-3.4.1/config/appconfig-mcs/userhelper_context
--- nsaserefpolicy/config/appconfig-mcs/userhelper_context 2008-05-19 10:26:47.000000000 -0400
-+++ serefpolicy-3.4.1/config/appconfig-mcs/userhelper_context 2008-06-03 09:53:54.000000000 -0400
++++ serefpolicy-3.4.1/config/appconfig-mcs/userhelper_context 2008-06-05 08:23:27.000000000 -0400
@@ -1 +1 @@
-system_u:sysadm_r:sysadm_t:s0
+system_u:system_r:unconfined_t:s0
diff --exclude-from=exclude -N -u -r nsaserefpolicy/config/appconfig-mcs/xguest_u_default_contexts serefpolicy-3.4.1/config/appconfig-mcs/xguest_u_default_contexts
--- nsaserefpolicy/config/appconfig-mcs/xguest_u_default_contexts 1969-12-31 19:00:00.000000000 -0500
-+++ serefpolicy-3.4.1/config/appconfig-mcs/xguest_u_default_contexts 2008-06-03 09:53:54.000000000 -0400
++++ serefpolicy-3.4.1/config/appconfig-mcs/xguest_u_default_contexts 2008-06-05 08:23:27.000000000 -0400
@@ -0,0 +1,5 @@
+system_r:local_login_t xguest_r:xguest_t:s0
+system_r:remote_login_t xguest_r:xguest_t:s0
@@ -145,7 +145,7 @@
+system_r:xdm_t xguest_r:xguest_t:s0
diff --exclude-from=exclude -N -u -r nsaserefpolicy/config/appconfig-mls/guest_u_default_contexts serefpolicy-3.4.1/config/appconfig-mls/guest_u_default_contexts
--- nsaserefpolicy/config/appconfig-mls/guest_u_default_contexts 1969-12-31 19:00:00.000000000 -0500
-+++ serefpolicy-3.4.1/config/appconfig-mls/guest_u_default_contexts 2008-06-03 09:53:54.000000000 -0400
++++ serefpolicy-3.4.1/config/appconfig-mls/guest_u_default_contexts 2008-06-05 08:23:27.000000000 -0400
@@ -0,0 +1,4 @@
+system_r:local_login_t:s0 guest_r:guest_t:s0
+system_r:remote_login_t:s0 guest_r:guest_t:s0
@@ -153,7 +153,7 @@
+system_r:crond_t:s0 guest_r:guest_crond_t:s0
diff --exclude-from=exclude -N -u -r nsaserefpolicy/config/appconfig-standard/guest_u_default_contexts serefpolicy-3.4.1/config/appconfig-standard/guest_u_default_contexts
--- nsaserefpolicy/config/appconfig-standard/guest_u_default_contexts 1969-12-31 19:00:00.000000000 -0500
-+++ serefpolicy-3.4.1/config/appconfig-standard/guest_u_default_contexts 2008-06-03 09:53:54.000000000 -0400
++++ serefpolicy-3.4.1/config/appconfig-standard/guest_u_default_contexts 2008-06-05 08:23:27.000000000 -0400
@@ -0,0 +1,4 @@
+system_r:local_login_t guest_r:guest_t
+system_r:remote_login_t guest_r:guest_t
@@ -161,7 +161,7 @@
+system_r:crond_t guest_r:guest_crond_t
diff --exclude-from=exclude -N -u -r nsaserefpolicy/config/appconfig-standard/root_default_contexts serefpolicy-3.4.1/config/appconfig-standard/root_default_contexts
--- nsaserefpolicy/config/appconfig-standard/root_default_contexts 2008-05-19 10:26:47.000000000 -0400
-+++ serefpolicy-3.4.1/config/appconfig-standard/root_default_contexts 2008-06-03 09:53:54.000000000 -0400
++++ serefpolicy-3.4.1/config/appconfig-standard/root_default_contexts 2008-06-05 08:23:27.000000000 -0400
@@ -1,11 +1,7 @@
system_r:crond_t unconfined_r:unconfined_t sysadm_r:sysadm_crond_t staff_r:staff_crond_t user_r:user_crond_t
system_r:local_login_t unconfined_r:unconfined_t sysadm_r:sysadm_t staff_r:staff_t user_r:user_t
@@ -177,7 +177,7 @@
+system_r:sshd_t unconfined_r:unconfined_t sysadm_r:sysadm_t staff_r:staff_t user_r:user_t
diff --exclude-from=exclude -N -u -r nsaserefpolicy/config/appconfig-standard/xguest_u_default_contexts serefpolicy-3.4.1/config/appconfig-standard/xguest_u_default_contexts
--- nsaserefpolicy/config/appconfig-standard/xguest_u_default_contexts 1969-12-31 19:00:00.000000000 -0500
-+++ serefpolicy-3.4.1/config/appconfig-standard/xguest_u_default_contexts 2008-06-03 09:53:54.000000000 -0400
++++ serefpolicy-3.4.1/config/appconfig-standard/xguest_u_default_contexts 2008-06-05 08:23:27.000000000 -0400
@@ -0,0 +1,5 @@
+system_r:local_login_t xguest_r:xguest_t
+system_r:remote_login_t xguest_r:xguest_t
@@ -186,7 +186,7 @@
+system_r:xdm_t xguest_r:xguest_t
diff --exclude-from=exclude -N -u -r nsaserefpolicy/man/man8/ftpd_selinux.8 serefpolicy-3.4.1/man/man8/ftpd_selinux.8
--- nsaserefpolicy/man/man8/ftpd_selinux.8 2008-05-19 10:26:48.000000000 -0400
-+++ serefpolicy-3.4.1/man/man8/ftpd_selinux.8 2008-06-03 09:53:54.000000000 -0400
++++ serefpolicy-3.4.1/man/man8/ftpd_selinux.8 2008-06-05 08:23:27.000000000 -0400
@@ -35,10 +35,6 @@
directorories, you need to set the ftp_home_dir boolean.
.TP
@@ -200,7 +200,7 @@
.TP
diff --exclude-from=exclude -N -u -r nsaserefpolicy/man/man8/httpd_selinux.8 serefpolicy-3.4.1/man/man8/httpd_selinux.8
--- nsaserefpolicy/man/man8/httpd_selinux.8 2008-05-19 10:26:48.000000000 -0400
-+++ serefpolicy-3.4.1/man/man8/httpd_selinux.8 2008-06-03 09:53:54.000000000 -0400
++++ serefpolicy-3.4.1/man/man8/httpd_selinux.8 2008-06-05 08:23:27.000000000 -0400
@@ -22,23 +22,19 @@
.EX
httpd_sys_content_t
@@ -232,7 +232,7 @@
.EE
diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/global_tunables serefpolicy-3.4.1/policy/global_tunables
--- nsaserefpolicy/policy/global_tunables 2008-05-19 10:26:46.000000000 -0400
-+++ serefpolicy-3.4.1/policy/global_tunables 2008-06-03 09:53:54.000000000 -0400
++++ serefpolicy-3.4.1/policy/global_tunables 2008-06-05 08:23:27.000000000 -0400
@@ -34,7 +34,7 @@
## <desc>
@@ -273,7 +273,7 @@
+
diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/admin/amanda.te serefpolicy-3.4.1/policy/modules/admin/amanda.te
--- nsaserefpolicy/policy/modules/admin/amanda.te 2008-05-29 15:55:44.000000000 -0400
-+++ serefpolicy-3.4.1/policy/modules/admin/amanda.te 2008-06-03 09:53:54.000000000 -0400
++++ serefpolicy-3.4.1/policy/modules/admin/amanda.te 2008-06-10 15:04:02.776162000 -0400
@@ -82,8 +82,7 @@
allow amanda_t amanda_config_t:file { getattr read };
@@ -284,9 +284,17 @@
# access to amanda_dumpdates_t
allow amanda_t amanda_dumpdates_t:file { getattr lock read write };
+@@ -220,6 +219,7 @@
+ auth_use_nsswitch(amanda_recover_t)
+
+ fstools_domtrans(amanda_t)
++fstools_signal(amanda_t)
+
+ libs_use_ld_so(amanda_recover_t)
+ libs_use_shared_libs(amanda_recover_t)
diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/admin/anaconda.te serefpolicy-3.4.1/policy/modules/admin/anaconda.te
--- nsaserefpolicy/policy/modules/admin/anaconda.te 2008-05-19 10:26:45.000000000 -0400
-+++ serefpolicy-3.4.1/policy/modules/admin/anaconda.te 2008-06-03 09:53:54.000000000 -0400
++++ serefpolicy-3.4.1/policy/modules/admin/anaconda.te 2008-06-05 08:23:27.000000000 -0400
@@ -31,16 +31,11 @@
modutils_domtrans_insmod(anaconda_t)
@@ -317,7 +325,7 @@
')
diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/admin/bootloader.if serefpolicy-3.4.1/policy/modules/admin/bootloader.if
--- nsaserefpolicy/policy/modules/admin/bootloader.if 2008-05-19 10:26:45.000000000 -0400
-+++ serefpolicy-3.4.1/policy/modules/admin/bootloader.if 2008-06-03 09:53:54.000000000 -0400
++++ serefpolicy-3.4.1/policy/modules/admin/bootloader.if 2008-06-05 08:23:27.000000000 -0400
@@ -49,6 +49,11 @@
role $2 types bootloader_t;
@@ -332,7 +340,7 @@
########################################
diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/admin/bootloader.te serefpolicy-3.4.1/policy/modules/admin/bootloader.te
--- nsaserefpolicy/policy/modules/admin/bootloader.te 2008-05-19 10:26:45.000000000 -0400
-+++ serefpolicy-3.4.1/policy/modules/admin/bootloader.te 2008-06-03 09:53:54.000000000 -0400
++++ serefpolicy-3.4.1/policy/modules/admin/bootloader.te 2008-06-05 08:23:27.000000000 -0400
@@ -169,7 +169,6 @@
files_manage_isid_type_symlinks(bootloader_t)
files_manage_isid_type_blk_files(bootloader_t)
@@ -351,7 +359,7 @@
+')
diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/admin/brctl.te serefpolicy-3.4.1/policy/modules/admin/brctl.te
--- nsaserefpolicy/policy/modules/admin/brctl.te 2008-05-19 10:26:45.000000000 -0400
-+++ serefpolicy-3.4.1/policy/modules/admin/brctl.te 2008-06-03 09:53:54.000000000 -0400
++++ serefpolicy-3.4.1/policy/modules/admin/brctl.te 2008-06-05 08:23:27.000000000 -0400
@@ -33,6 +33,8 @@
[...6817 lines suppressed...]
#
@@ -35899,7 +36175,11 @@
# console ptys
type xen_devpts_t;
term_pty(xen_devpts_t);
-@@ -45,9 +52,7 @@
+@@ -42,25 +49,31 @@
+ # pid files
+ type xend_var_run_t;
+ files_pid_file(xend_var_run_t)
++files_mountpoint(xend_var_run_t)
type xenstored_t;
type xenstored_exec_t;
@@ -35907,10 +36187,22 @@
-domain_entry_file(xenstored_t,xenstored_exec_t)
-role system_r types xenstored_t;
+init_daemon_domain(xenstored_t,xenstored_exec_t)
++
++# tmp files
++type xenstored_tmp_t;
++files_tmp_file(xenstored_tmp_t)
# var/lib files
type xenstored_var_lib_t;
-@@ -59,8 +64,7 @@
+ files_type(xenstored_var_lib_t)
+
++# log files
++type xenstored_var_log_t;
++logging_log_file(xenstored_var_log_t)
++
+ # pid files
+ type xenstored_var_run_t;
+ files_pid_file(xenstored_var_run_t)
type xenconsoled_t;
type xenconsoled_exec_t;
@@ -35920,7 +36212,7 @@
role system_r types xenconsoled_t;
# pid files
-@@ -95,7 +99,7 @@
+@@ -95,7 +108,7 @@
read_lnk_files_pattern(xend_t,xen_image_t,xen_image_t)
rw_blk_files_pattern(xend_t,xen_image_t,xen_image_t)
@@ -35929,7 +36221,7 @@
dev_filetrans(xend_t, xenctl_t, fifo_file)
manage_files_pattern(xend_t,xend_tmp_t,xend_tmp_t)
-@@ -103,14 +107,14 @@
+@@ -103,14 +116,14 @@
files_tmp_filetrans(xend_t, xend_tmp_t, { file dir })
# pid file
@@ -35947,7 +36239,7 @@
manage_files_pattern(xend_t,xend_var_log_t,xend_var_log_t)
manage_sock_files_pattern(xend_t,xend_var_log_t,xend_var_log_t)
logging_log_filetrans(xend_t,xend_var_log_t,{ sock_file file dir })
-@@ -122,15 +126,13 @@
+@@ -122,15 +135,13 @@
manage_fifo_files_pattern(xend_t,xend_var_lib_t,xend_var_lib_t)
files_var_lib_filetrans(xend_t,xend_var_lib_t,{ file dir })
@@ -35967,7 +36259,7 @@
kernel_read_kernel_sysctls(xend_t)
kernel_read_system_state(xend_t)
-@@ -176,6 +178,7 @@
+@@ -176,6 +187,7 @@
files_manage_etc_runtime_files(xend_t)
files_etc_filetrans_etc_runtime(xend_t,file)
files_read_usr_files(xend_t)
@@ -35975,7 +36267,7 @@
storage_raw_read_fixed_disk(xend_t)
storage_raw_write_fixed_disk(xend_t)
-@@ -207,11 +210,15 @@
+@@ -207,11 +219,15 @@
sysnet_read_dhcpc_pid(xend_t)
sysnet_rw_dhcp_config(xend_t)
@@ -35992,7 +36284,7 @@
optional_policy(`
consoletype_exec(xend_t)
-@@ -224,7 +231,7 @@
+@@ -224,7 +240,7 @@
allow xenconsoled_t self:capability { dac_override fsetid ipc_lock };
allow xenconsoled_t self:unix_stream_socket create_stream_socket_perms;
@@ -36001,7 +36293,16 @@
allow xenconsoled_t xen_devpts_t:chr_file rw_term_perms;
-@@ -257,7 +264,7 @@
+@@ -245,6 +261,8 @@
+
+ files_read_usr_files(xenconsoled_t)
+
++fs_list_tmpfs(xenconsoled_t)
++
+ term_create_pty(xenconsoled_t,xen_devpts_t);
+ term_use_generic_ptys(xenconsoled_t)
+ term_use_console(xenconsoled_t)
+@@ -257,7 +275,7 @@
miscfiles_read_localization(xenconsoled_t)
@@ -36010,7 +36311,7 @@
xen_stream_connect_xenstore(xenconsoled_t)
########################################
-@@ -265,7 +272,7 @@
+@@ -265,15 +283,25 @@
# Xen store local policy
#
@@ -36019,7 +36320,25 @@
allow xenstored_t self:unix_stream_socket create_stream_socket_perms;
allow xenstored_t self:unix_dgram_socket create_socket_perms;
-@@ -318,12 +325,13 @@
++manage_files_pattern(xenstored_t,xenstored_tmp_t,xenstored_tmp_t)
++manage_dirs_pattern(xenstored_t,xenstored_tmp_t,xenstored_tmp_t)
++files_tmp_filetrans(xenstored_t, xenstored_tmp_t, { file dir })
++
+ # pid file
+ manage_files_pattern(xenstored_t,xenstored_var_run_t,xenstored_var_run_t)
+ manage_sock_files_pattern(xenstored_t,xenstored_var_run_t,xenstored_var_run_t)
+ files_pid_filetrans(xenstored_t,xenstored_var_run_t, { file sock_file })
+
++# log files
++manage_dirs_pattern(xenstored_t,xenstored_var_log_t,xenstored_var_log_t)
++manage_files_pattern(xenstored_t,xenstored_var_log_t,xenstored_var_log_t)
++manage_sock_files_pattern(xenstored_t,xenstored_var_log_t,xenstored_var_log_t)
++logging_log_filetrans(xenstored_t,xenstored_var_log_t,{ sock_file file dir })
++
+ # var/lib files for xenstored
+ manage_dirs_pattern(xenstored_t,xenstored_var_lib_t,xenstored_var_lib_t)
+ manage_files_pattern(xenstored_t,xenstored_var_lib_t,xenstored_var_lib_t)
+@@ -318,12 +346,13 @@
allow xm_t self:capability { dac_override ipc_lock sys_tty_config };
# internal communication is often done using fifo and unix sockets.
@@ -36034,7 +36353,7 @@
files_search_var_lib(xm_t)
allow xm_t xen_image_t:dir rw_dir_perms;
-@@ -336,6 +344,7 @@
+@@ -336,6 +365,7 @@
kernel_write_xen_state(xm_t)
corecmd_exec_bin(xm_t)
@@ -36042,7 +36361,7 @@
corenet_tcp_sendrecv_generic_if(xm_t)
corenet_tcp_sendrecv_all_nodes(xm_t)
-@@ -351,8 +360,11 @@
+@@ -351,8 +381,11 @@
storage_raw_read_fixed_disk(xm_t)
@@ -36054,7 +36373,7 @@
init_rw_script_stream_sockets(xm_t)
init_use_fds(xm_t)
-@@ -363,6 +375,23 @@
+@@ -363,6 +396,23 @@
sysnet_read_config(xm_t)
@@ -36080,7 +36399,7 @@
+')
diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/support/file_patterns.spt serefpolicy-3.4.1/policy/support/file_patterns.spt
--- nsaserefpolicy/policy/support/file_patterns.spt 2008-05-19 10:26:46.000000000 -0400
-+++ serefpolicy-3.4.1/policy/support/file_patterns.spt 2008-06-03 09:53:56.000000000 -0400
++++ serefpolicy-3.4.1/policy/support/file_patterns.spt 2008-06-05 08:23:30.000000000 -0400
@@ -537,3 +537,23 @@
allow $1 $2:dir rw_dir_perms;
type_transition $1 $2:$4 $3;
@@ -36107,7 +36426,7 @@
+')
diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/support/obj_perm_sets.spt serefpolicy-3.4.1/policy/support/obj_perm_sets.spt
--- nsaserefpolicy/policy/support/obj_perm_sets.spt 2008-05-29 15:55:44.000000000 -0400
-+++ serefpolicy-3.4.1/policy/support/obj_perm_sets.spt 2008-06-03 09:53:56.000000000 -0400
++++ serefpolicy-3.4.1/policy/support/obj_perm_sets.spt 2008-06-05 08:23:30.000000000 -0400
@@ -316,3 +316,13 @@
#
define(`client_stream_socket_perms', `{ create ioctl read getattr write setattr append bind getopt setopt shutdown }')
@@ -36124,7 +36443,7 @@
+define(`manage_key_perms', `{ create link read search setattr view write } ')
diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/users serefpolicy-3.4.1/policy/users
--- nsaserefpolicy/policy/users 2008-05-23 09:15:07.000000000 -0400
-+++ serefpolicy-3.4.1/policy/users 2008-06-03 09:53:56.000000000 -0400
++++ serefpolicy-3.4.1/policy/users 2008-06-05 08:23:30.000000000 -0400
@@ -31,11 +31,8 @@
# permit any access to such users, then remove this entry.
#
Index: selinux-policy.spec
===================================================================
RCS file: /cvs/extras/rpms/selinux-policy/devel/selinux-policy.spec,v
retrieving revision 1.667
retrieving revision 1.668
diff -u -r1.667 -r1.668
--- selinux-policy.spec 4 Jun 2008 17:26:52 -0000 1.667
+++ selinux-policy.spec 10 Jun 2008 19:34:59 -0000 1.668
@@ -17,7 +17,7 @@
Summary: SELinux policy configuration
Name: selinux-policy
Version: 3.4.1
-Release: 4%{?dist}
+Release: 5%{?dist}
License: GPLv2+
Group: System Environment/Base
Source: serefpolicy-%{version}.tgz
@@ -375,7 +375,7 @@
%endif
%changelog
-* Wed Jun 4 2008 Dan Walsh <dwalsh at redhat.com> 3.4.1-4
+* Wed Jun 4 2008 Dan Walsh <dwalsh at redhat.com> 3.4.1-5
- Add livecd policy
* Wed Jun 4 2008 Dan Walsh <dwalsh at redhat.com> 3.4.1-3
- Previous message (by thread): rpms/meld/EL-5 import.log, NONE, 1.1 meld-1.1.5-git.patch, NONE, 1.1 .cvsignore, 1.9, 1.10 meld-scrollkeeper.patch, 1.1, 1.2 meld.spec, 1.18, 1.19 sources, 1.9, 1.10
- Next message (by thread): rpms/perl-File-Slurp/EL-5 import.log, NONE, 1.1 .cvsignore, 1.4, 1.5 perl-File-Slurp.spec, 1.7, 1.8 sources, 1.4, 1.5
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
More information about the fedora-extras-commits
mailing list