rpms/selinux-policy/devel policy-20071130.patch,1.91,1.92
Daniel J Walsh (dwalsh)
fedora-extras-commits at redhat.com
Thu Mar 6 22:25:13 UTC 2008
- Previous message (by thread): rpms/xorg-x11-drv-i810/devel intel-2.1.1-pciaccess-version.patch, NONE, 1.1 intel-disable-stepping.patch, NONE, 1.1 xorg-x11-drv-i810.spec, 1.81, 1.82
- Next message (by thread): rpms/libgdiplus/devel libgdiplus.spec,1.27,1.28 sources,1.16,1.17
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
Author: dwalsh
Update of /cvs/extras/rpms/selinux-policy/devel
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv28967
Modified Files:
policy-20071130.patch
Log Message:
* Thu Mar 6 2008 Dan Walsh <dwalsh at redhat.com> 3.3.1-12
- Fix initrc_context generation for MLS
policy-20071130.patch:
Index: policy-20071130.patch
===================================================================
RCS file: /cvs/extras/rpms/selinux-policy/devel/policy-20071130.patch,v
retrieving revision 1.91
retrieving revision 1.92
diff -u -r1.91 -r1.92
--- policy-20071130.patch 6 Mar 2008 21:55:29 -0000 1.91
+++ policy-20071130.patch 6 Mar 2008 22:25:06 -0000 1.92
@@ -23256,7 +23256,7 @@
/var/lib/pam_devperm/:0 -- gen_context(system_u:object_r:xdm_var_lib_t,s0)
diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/xserver.if serefpolicy-3.3.1/policy/modules/services/xserver.if
--- nsaserefpolicy/policy/modules/services/xserver.if 2007-12-04 11:02:50.000000000 -0500
-+++ serefpolicy-3.3.1/policy/modules/services/xserver.if 2008-03-06 13:07:32.000000000 -0500
++++ serefpolicy-3.3.1/policy/modules/services/xserver.if 2008-03-06 17:09:27.000000000 -0500
@@ -12,9 +12,15 @@
## </summary>
## </param>
@@ -23720,7 +23720,7 @@
# for when /tmp/.X11-unix is created by the system
allow $2 xdm_t:fd use;
-@@ -542,25 +540,473 @@
+@@ -542,25 +540,474 @@
allow $2 xdm_tmp_t:sock_file { read write };
dontaudit $2 xdm_t:tcp_socket { read write };
@@ -23918,6 +23918,7 @@
+ attribute x_server_domain, x_domain;
+ attribute xproperty_type;
+ attribute xevent_type, xextension_type;
++ attribute xserver_unconfined_type;
+ class x_drawable all_x_drawable_perms;
+ class x_screen all_x_screen_perms;
+ class x_gc all_x_gc_perms;
@@ -24200,7 +24201,7 @@
')
')
-@@ -593,26 +1039,44 @@
+@@ -593,26 +1040,44 @@
#
template(`xserver_use_user_fonts',`
gen_require(`
@@ -24252,7 +24253,7 @@
## Transition to a user Xauthority domain.
## </summary>
## <desc>
-@@ -638,10 +1102,77 @@
+@@ -638,10 +1103,77 @@
#
template(`xserver_domtrans_user_xauth',`
gen_require(`
@@ -24332,7 +24333,7 @@
')
########################################
-@@ -671,10 +1202,10 @@
+@@ -671,10 +1203,10 @@
#
template(`xserver_user_home_dir_filetrans_user_xauth',`
gen_require(`
@@ -24345,7 +24346,7 @@
')
########################################
-@@ -760,7 +1291,7 @@
+@@ -760,7 +1292,7 @@
type xconsole_device_t;
')
@@ -24354,7 +24355,7 @@
')
########################################
-@@ -860,6 +1391,25 @@
+@@ -860,6 +1392,25 @@
########################################
## <summary>
@@ -24380,7 +24381,7 @@
## Read xdm-writable configuration files.
## </summary>
## <param name="domain">
-@@ -914,6 +1464,7 @@
+@@ -914,6 +1465,7 @@
files_search_tmp($1)
allow $1 xdm_tmp_t:dir list_dir_perms;
create_sock_files_pattern($1,xdm_tmp_t,xdm_tmp_t)
@@ -24388,7 +24389,7 @@
')
########################################
-@@ -955,6 +1506,24 @@
+@@ -955,6 +1507,24 @@
########################################
## <summary>
@@ -24413,7 +24414,7 @@
## Execute the X server in the XDM X server domain.
## </summary>
## <param name="domain">
-@@ -965,15 +1534,47 @@
+@@ -965,15 +1535,47 @@
#
interface(`xserver_domtrans_xdm_xserver',`
gen_require(`
@@ -24462,7 +24463,7 @@
## Make an X session script an entrypoint for the specified domain.
## </summary>
## <param name="domain">
-@@ -1123,7 +1724,7 @@
+@@ -1123,7 +1725,7 @@
type xdm_xserver_tmp_t;
')
@@ -24471,7 +24472,7 @@
')
########################################
-@@ -1312,3 +1913,82 @@
+@@ -1312,3 +1914,82 @@
files_search_tmp($1)
stream_connect_pattern($1,xdm_xserver_tmp_t,xdm_xserver_tmp_t,xdm_xserver_t)
')
- Previous message (by thread): rpms/xorg-x11-drv-i810/devel intel-2.1.1-pciaccess-version.patch, NONE, 1.1 intel-disable-stepping.patch, NONE, 1.1 xorg-x11-drv-i810.spec, 1.81, 1.82
- Next message (by thread): rpms/libgdiplus/devel libgdiplus.spec,1.27,1.28 sources,1.16,1.17
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
More information about the fedora-extras-commits
mailing list