rpms/selinux-policy/devel policy-20080509.patch,1.25,1.26

Daniel J Walsh (dwalsh) fedora-extras-commits at redhat.com
Mon Jun 30 21:13:06 UTC 2008 

Author: dwalsh

Update of /cvs/extras/rpms/selinux-policy/devel
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv2167

Modified Files:
	policy-20080509.patch 
Log Message:
* Sun Jun 29 2008 Dan Walsh <dwalsh at redhat.com> 3.4.2-9
- Allow gdm to read rpm database
- Allow nsplugin to read mplayer config files


policy-20080509.patch:

Index: policy-20080509.patch
===================================================================
RCS file: /cvs/extras/rpms/selinux-policy/devel/policy-20080509.patch,v
retrieving revision 1.25
retrieving revision 1.26
diff -u -r1.25 -r1.26
--- policy-20080509.patch	30 Jun 2008 21:03:01 -0000	1.25
+++ policy-20080509.patch	30 Jun 2008 21:12:23 -0000	1.26
@@ -12336,7 +12336,7 @@
 +/var/spool/courier(/.*)?		gen_context(system_u:object_r:courier_spool_t,s0)
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/courier.if serefpolicy-3.4.2/policy/modules/services/courier.if
 --- nsaserefpolicy/policy/modules/services/courier.if	2008-06-12 23:25:06.000000000 -0400
-+++ serefpolicy-3.4.2/policy/modules/services/courier.if	2008-06-12 23:37:52.000000000 -0400
++++ serefpolicy-3.4.2/policy/modules/services/courier.if	2008-06-30 17:10:40.000000000 -0400
 @@ -123,3 +123,77 @@
  
  	domtrans_pattern($1, courier_pop_exec_t, courier_pop_t)
@@ -12410,10 +12410,10 @@
 +#
 +interface(`courier_rw_pipes',`
 +	gen_require(`
-+		type courier_t;
++		type courier_authdaemon_t;
 +	')
 +
-+	allow $1 courier_t:fifo_file rw_fifo_file_perms; 
++	allow $1 courier_authdaemon_t:fifo_file rw_fifo_file_perms; 
 +')
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/courier.te serefpolicy-3.4.2/policy/modules/services/courier.te
 --- nsaserefpolicy/policy/modules/services/courier.te	2008-06-12 23:25:05.000000000 -0400
@@ -17867,7 +17867,7 @@
  ## </summary>
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/mta.te serefpolicy-3.4.2/policy/modules/services/mta.te
 --- nsaserefpolicy/policy/modules/services/mta.te	2008-06-12 23:25:05.000000000 -0400
-+++ serefpolicy-3.4.2/policy/modules/services/mta.te	2008-06-30 08:33:53.000000000 -0400
++++ serefpolicy-3.4.2/policy/modules/services/mta.te	2008-06-30 17:10:20.000000000 -0400
 @@ -6,6 +6,8 @@
  # Declarations
  #
@@ -17939,7 +17939,7 @@
  ')
  
  optional_policy(`
-@@ -73,7 +98,10 @@
+@@ -73,7 +98,17 @@
  
  optional_policy(`
  	cron_read_system_job_tmp_files(system_mail_t)
@@ -17947,10 +17947,17 @@
  	cron_dontaudit_write_pipes(system_mail_t)
 +	cron_dontaudit_write_system_job_tmp_files(system_mail_t)
 +	cron_rw_system_stream_sockets(system_mail_t)
++')
++
++optional_policy(`
++	courier_read_config(system_mail_t)
++	courier_manage_spool_dirs(system_mail_t)
++	courier_manage_spool_files(system_mail_t)
++#	courier_rw_pipes(system_mail_t)
  ')
  
  optional_policy(`
-@@ -81,6 +109,11 @@
+@@ -81,6 +116,11 @@
  ')
  
  optional_policy(`
@@ -17962,7 +17969,7 @@
  	logrotate_read_tmp_files(system_mail_t)
  ')
  
-@@ -136,11 +169,38 @@
+@@ -136,11 +176,38 @@
  ')
  
  optional_policy(`
@@ -18002,7 +18009,7 @@
  optional_policy(`
  	# why is mail delivered to a directory of type arpwatch_data_t?
  	arpwatch_search_data(mailserver_delivery)
-@@ -154,3 +214,5 @@
+@@ -154,3 +221,5 @@
  		cron_read_system_job_tmp_files(mta_user_agent)
  	')
  ')

More information about the fedora-extras-commits mailing list