rpms/selinux-policy/F-9 policy-20071130.patch, 1.183, 1.184 selinux-policy.spec, 1.689, 1.690

[Daniel J Walsh (dwalsh)]

Author: dwalsh

Update of /cvs/extras/rpms/selinux-policy/F-9
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv2298

Modified Files:
	policy-20071130.patch selinux-policy.spec 
Log Message:
* Mon Jun 29 2008 Dan Walsh <dwalsh at redhat.com> 3.3.1-73
- Allow exim to use system_cron pipes
- Allow gdm to read rpm database
- Allow nsplugin to read mplayer config files
- Allow login programs to write to /var/run/pam directory (Encrypted directories)
- Fixes for courier domain
- Add courier domain to mls policy 


policy-20071130.patch:

Index: policy-20071130.patch
===================================================================
RCS file: /cvs/extras/rpms/selinux-policy/F-9/policy-20071130.patch,v
retrieving revision 1.183
retrieving revision 1.184
diff -u -r1.183 -r1.184
--- policy-20071130.patch	30 Jun 2008 21:02:21 -0000	1.183
+++ policy-20071130.patch	30 Jun 2008 21:12:48 -0000	1.184
@@ -12329,7 +12329,7 @@
 +/var/spool/courier(/.*)?		gen_context(system_u:object_r:courier_spool_t,s0)
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/courier.if serefpolicy-3.3.1/policy/modules/services/courier.if
 --- nsaserefpolicy/policy/modules/services/courier.if	2008-06-12 23:38:02.000000000 -0400
-+++ serefpolicy-3.3.1/policy/modules/services/courier.if	2008-06-12 23:38:04.000000000 -0400
++++ serefpolicy-3.3.1/policy/modules/services/courier.if	2008-06-30 17:07:34.000000000 -0400
 @@ -123,3 +123,77 @@
  
  	domtrans_pattern($1, courier_pop_exec_t, courier_pop_t)
@@ -12402,10 +12402,10 @@
 +#
 +interface(`courier_rw_pipes',`
 +	gen_require(`
-+		type courier_t;
++		type courier_authdaemon_t;
 +	')
 +
-+	allow $1 courier_t:fifo_file rw_fifo_file_perms; 
++	allow $1 courier_authdaemon_t:fifo_file rw_fifo_file_perms; 
 +')
 +
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/courier.te serefpolicy-3.3.1/policy/modules/services/courier.te
@@ -17904,7 +17904,7 @@
  ## </summary>
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/mta.te serefpolicy-3.3.1/policy/modules/services/mta.te
 --- nsaserefpolicy/policy/modules/services/mta.te	2008-06-12 23:38:02.000000000 -0400
-+++ serefpolicy-3.3.1/policy/modules/services/mta.te	2008-06-30 13:57:46.000000000 -0400
++++ serefpolicy-3.3.1/policy/modules/services/mta.te	2008-06-30 17:10:14.000000000 -0400
 @@ -6,6 +6,8 @@
  # Declarations
  #
@@ -17975,7 +17975,7 @@
  ')
  
  optional_policy(`
-@@ -73,7 +97,18 @@
+@@ -73,7 +97,17 @@
  
  optional_policy(`
  	cron_read_system_job_tmp_files(system_mail_t)
@@ -17989,12 +17989,11 @@
 +	courier_read_config(system_mail_t)
 +	courier_manage_spool_dirs(system_mail_t)
 +	courier_manage_spool_files(system_mail_t)
-+	courier_rw_pipes(system_mail_t)
-+
++#	courier_rw_pipes(system_mail_t)
  ')
  
  optional_policy(`
-@@ -81,6 +116,11 @@
+@@ -81,6 +115,11 @@
  ')
  
  optional_policy(`
@@ -18006,7 +18005,7 @@
  	logrotate_read_tmp_files(system_mail_t)
  ')
  
-@@ -136,11 +176,38 @@
+@@ -136,11 +175,38 @@
  ')
  
  optional_policy(`
@@ -18046,7 +18045,7 @@
  optional_policy(`
  	# why is mail delivered to a directory of type arpwatch_data_t?
  	arpwatch_search_data(mailserver_delivery)
-@@ -154,3 +221,4 @@
+@@ -154,3 +220,4 @@
  		cron_read_system_job_tmp_files(mta_user_agent)
  	')
  ')


Index: selinux-policy.spec
===================================================================
RCS file: /cvs/extras/rpms/selinux-policy/F-9/selinux-policy.spec,v
retrieving revision 1.689
retrieving revision 1.690
diff -u -r1.689 -r1.690
--- selinux-policy.spec	30 Jun 2008 20:52:17 -0000	1.689
+++ selinux-policy.spec	30 Jun 2008 21:12:48 -0000	1.690
@@ -390,6 +390,8 @@
 - Allow gdm to read rpm database
 - Allow nsplugin to read mplayer config files
 - Allow login programs to write to /var/run/pam directory (Encrypted directories)
+- Fixes for courier domain
+- Add courier domain to mls policy 
 
 * Wed Jun 23 2008 Dan Walsh <dwalsh at redhat.com> 3.3.1-72
 - Fix file context of real player