rpms/selinux-policy/devel policy-20080509.patch,1.17,1.18

Sun Jun 22 13:10:01 UTC 2008

Author: dwalsh

Update of /cvs/extras/rpms/selinux-policy/devel
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv24851

Modified Files:
	policy-20080509.patch 
Log Message:
* Fri Jun 12 2008 Dan Walsh <dwalsh at redhat.com> 3.4.2-4
- allow hplip to talk dbus
- Fix context on ~/.local dir


policy-20080509.patch:

Index: policy-20080509.patch
===================================================================
RCS file: /cvs/extras/rpms/selinux-policy/devel/policy-20080509.patch,v
retrieving revision 1.17
retrieving revision 1.18
diff -u -r1.17 -r1.18

--- policy-20080509.patch	22 Jun 2008 12:22:25 -0000	1.17
+++ policy-20080509.patch	22 Jun 2008 13:09:13 -0000	1.18
@@ -6511,7 +6511,7 @@
  # /emul
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/kernel/files.if serefpolicy-3.4.2/policy/modules/kernel/files.if
 --- nsaserefpolicy/policy/modules/kernel/files.if	2008-06-12 23:25:02.000000000 -0400
-+++ serefpolicy-3.4.2/policy/modules/kernel/files.if	2008-06-13 11:31:13.000000000 -0400
++++ serefpolicy-3.4.2/policy/modules/kernel/files.if	2008-06-22 08:58:08.000000000 -0400
 @@ -110,6 +110,11 @@
  ## </param>
  #
@@ -12302,7 +12302,7 @@
 +')
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/courier.te serefpolicy-3.4.2/policy/modules/services/courier.te
 --- nsaserefpolicy/policy/modules/services/courier.te	2008-06-12 23:25:05.000000000 -0400
-+++ serefpolicy-3.4.2/policy/modules/services/courier.te	2008-06-12 23:37:52.000000000 -0400
++++ serefpolicy-3.4.2/policy/modules/services/courier.te	2008-06-22 08:34:20.000000000 -0400
 @@ -9,7 +9,10 @@
  courier_domain_template(authdaemon)
  
@@ -12315,7 +12315,15 @@
  
  courier_domain_template(pcp)
  
-@@ -97,12 +100,12 @@
+@@ -25,6 +28,7 @@
+ 
+ type courier_exec_t;
+ files_type(courier_exec_t)
++mta_mailclient(courier_exec_t)
+ 
+ courier_domain_template(sqwebmail)
+ typealias courier_sqwebmail_exec_t alias sqwebmail_cron_exec_t;
+@@ -97,12 +101,12 @@
  courier_domtrans_authdaemon(courier_pop_t)
  
  # do the actual work (read the Maildir)
@@ -18536,7 +18544,7 @@
 +
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/networkmanager.te serefpolicy-3.4.2/policy/modules/services/networkmanager.te
 --- nsaserefpolicy/policy/modules/services/networkmanager.te	2008-06-12 23:25:06.000000000 -0400
-+++ serefpolicy-3.4.2/policy/modules/services/networkmanager.te	2008-06-16 07:09:40.000000000 -0400
++++ serefpolicy-3.4.2/policy/modules/services/networkmanager.te	2008-06-22 08:58:20.000000000 -0400
 @@ -13,6 +13,13 @@
  type NetworkManager_var_run_t;
  files_pid_file(NetworkManager_var_run_t)
@@ -18559,7 +18567,7 @@
 +allow NetworkManager_t self:capability { chown fsetid kill setgid setuid sys_nice dac_override net_admin net_raw net_bind_service ipc_lock };
  dontaudit NetworkManager_t self:capability { sys_tty_config sys_ptrace };
 -allow NetworkManager_t self:process { ptrace setcap setpgid getsched signal_perms };
-+allow NetworkManager_t self:process { ptrace getcap setcap setpgid getsched signal_perms };
++allow NetworkManager_t self:process { ptrace getcap setcap setpgid getsched setsched signal_perms };
  allow NetworkManager_t self:fifo_file rw_fifo_file_perms;
  allow NetworkManager_t self:unix_dgram_socket { sendto create_socket_perms };
  allow NetworkManager_t self:unix_stream_socket create_stream_socket_perms;
@@ -18590,12 +18598,14 @@
  
  mls_file_read_all_levels(NetworkManager_t)
  
-@@ -83,9 +96,14 @@
+@@ -82,10 +95,16 @@
+ files_read_etc_files(NetworkManager_t)
  files_read_etc_runtime_files(NetworkManager_t)
  files_read_usr_files(NetworkManager_t)
- 
-+storage_getattr_fixed_disk_dev(NetworkManager_t)
++files_list_tmp(NetworkManager_t)
 +
++storage_getattr_fixed_disk_dev(NetworkManager_t)
+ 
  init_read_utmp(NetworkManager_t)
 +init_dontaudit_write_utmp(NetworkManager_t)
  init_domtrans_script(NetworkManager_t)
@@ -18605,7 +18615,7 @@
  libs_use_ld_so(NetworkManager_t)
  libs_use_shared_libs(NetworkManager_t)
  
-@@ -112,9 +130,12 @@
+@@ -112,9 +131,12 @@
  userdom_dontaudit_use_unpriv_users_ttys(NetworkManager_t)
  # Read gnome-keyring
  userdom_read_unpriv_users_home_content_files(NetworkManager_t)
@@ -18618,7 +18628,7 @@
  optional_policy(`
  	bind_domtrans(NetworkManager_t)
  	bind_manage_cache(NetworkManager_t)
-@@ -130,21 +151,21 @@
+@@ -130,21 +152,21 @@
  ')
  
  optional_policy(`
@@ -18645,7 +18655,7 @@
  ')
  
  optional_policy(`
-@@ -156,22 +177,24 @@
+@@ -156,22 +178,24 @@
  	ppp_domtrans(NetworkManager_t)
  	ppp_read_pid_files(NetworkManager_t)
  	ppp_signal(NetworkManager_t)
@@ -30265,7 +30275,7 @@
 +/usr/bin/qemu-kvm --	gen_context(system_u:object_r:qemu_exec_t,s0)
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/qemu.if serefpolicy-3.4.2/policy/modules/system/qemu.if
 --- nsaserefpolicy/policy/modules/system/qemu.if	1969-12-31 19:00:00.000000000 -0500
-+++ serefpolicy-3.4.2/policy/modules/system/qemu.if	2008-06-22 08:17:59.000000000 -0400
++++ serefpolicy-3.4.2/policy/modules/system/qemu.if	2008-06-22 08:27:37.000000000 -0400
 @@ -0,0 +1,336 @@
 +
 +## <summary>policy for qemu</summary>


