rpms/selinux-policy/F-9 policy-20071130.patch, 1.233, 1.234 selinux-policy.spec, 1.722, 1.723
Daniel J Walsh
dwalsh at fedoraproject.org
Mon Nov 3 19:54:19 UTC 2008
- Previous message (by thread): rpms/bit/devel bit.spec,1.11,1.12
- Next message (by thread): rpms/perl-Devel-GlobalDestruction/devel import.log, NONE, 1.1 perl-Devel-GlobalDestruction.spec, NONE, 1.1 .cvsignore, 1.1, 1.2 sources, 1.1, 1.2
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
Author: dwalsh
Update of /cvs/extras/rpms/selinux-policy/F-9
In directory cvs1.fedora.phx.redhat.com:/tmp/cvs-serv2471
Modified Files:
policy-20071130.patch selinux-policy.spec
Log Message:
* Mon Nov 3 2008 Dan Walsh <dwalsh at redhat.com> 3.3.1-105
- Allow kismet to send signals to itself
policy-20071130.patch:
Index: policy-20071130.patch
===================================================================
RCS file: /cvs/extras/rpms/selinux-policy/F-9/policy-20071130.patch,v
retrieving revision 1.233
retrieving revision 1.234
diff -u -r1.233 -r1.234
--- policy-20071130.patch 29 Oct 2008 21:21:36 -0000 1.233
+++ policy-20071130.patch 3 Nov 2008 19:53:47 -0000 1.234
@@ -2083,8 +2083,8 @@
+')
diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/admin/kismet.te serefpolicy-3.3.1/policy/modules/admin/kismet.te
--- nsaserefpolicy/policy/modules/admin/kismet.te 1969-12-31 19:00:00.000000000 -0500
-+++ serefpolicy-3.3.1/policy/modules/admin/kismet.te 2008-10-14 11:43:20.000000000 -0400
-@@ -0,0 +1,66 @@
++++ serefpolicy-3.3.1/policy/modules/admin/kismet.te 2008-11-03 14:19:56.000000000 -0500
+@@ -0,0 +1,67 @@
+
+policy_module(kismet, 1.0.2)
+
@@ -2113,6 +2113,7 @@
+#
+
+allow kismet_t self:capability { kill net_admin net_raw setuid setgid };
++allow kismet_t self:process signal;
+allow kismet_t self:fifo_file rw_file_perms;
+allow kismet_t self:packet_socket create_socket_perms;
+allow kismet_t self:unix_dgram_socket { create_socket_perms sendto };
@@ -20819,7 +20820,7 @@
+')
diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/networkmanager.te serefpolicy-3.3.1/policy/modules/services/networkmanager.te
--- nsaserefpolicy/policy/modules/services/networkmanager.te 2008-06-12 23:38:02.000000000 -0400
-+++ serefpolicy-3.3.1/policy/modules/services/networkmanager.te 2008-10-16 14:35:00.000000000 -0400
++++ serefpolicy-3.3.1/policy/modules/services/networkmanager.te 2008-10-30 11:45:10.000000000 -0400
@@ -1,5 +1,5 @@
-policy_module(networkmanager,1.9.0)
@@ -20896,7 +20897,12 @@
corenet_all_recvfrom_unlabeled(NetworkManager_t)
corenet_all_recvfrom_netlabel(NetworkManager_t)
-@@ -64,9 +87,11 @@
+@@ -60,13 +83,16 @@
+ corenet_sendrecv_isakmp_server_packets(NetworkManager_t)
+ corenet_sendrecv_dhcpc_server_packets(NetworkManager_t)
+ corenet_sendrecv_all_client_packets(NetworkManager_t)
++corenet_rw_tun_tap_dev(NetworkManager_t)
+
dev_read_sysfs(NetworkManager_t)
dev_read_rand(NetworkManager_t)
dev_read_urand(NetworkManager_t)
@@ -20908,7 +20914,7 @@
mls_file_read_all_levels(NetworkManager_t)
-@@ -83,9 +108,14 @@
+@@ -83,9 +109,14 @@
files_read_etc_runtime_files(NetworkManager_t)
files_read_usr_files(NetworkManager_t)
@@ -20923,7 +20929,7 @@
libs_use_ld_so(NetworkManager_t)
libs_use_shared_libs(NetworkManager_t)
-@@ -98,26 +128,40 @@
+@@ -98,26 +129,40 @@
seutil_read_config(NetworkManager_t)
@@ -20971,7 +20977,7 @@
')
optional_policy(`
-@@ -129,8 +173,18 @@
+@@ -129,8 +174,18 @@
')
optional_policy(`
@@ -20992,7 +20998,7 @@
')
optional_policy(`
-@@ -138,39 +192,86 @@
+@@ -138,39 +193,86 @@
')
optional_policy(`
@@ -24278,7 +24284,7 @@
-')
diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/ppp.te serefpolicy-3.3.1/policy/modules/services/ppp.te
--- nsaserefpolicy/policy/modules/services/ppp.te 2008-06-12 23:38:01.000000000 -0400
-+++ serefpolicy-3.3.1/policy/modules/services/ppp.te 2008-10-29 10:47:47.000000000 -0400
++++ serefpolicy-3.3.1/policy/modules/services/ppp.te 2008-10-30 15:01:26.000000000 -0400
@@ -71,7 +71,7 @@
# PPPD Local policy
#
@@ -24356,7 +24362,7 @@
corenet_all_recvfrom_unlabeled(pptp_t)
corenet_all_recvfrom_netlabel(pptp_t)
corenet_tcp_sendrecv_all_if(pptp_t)
-@@ -264,6 +275,8 @@
+@@ -264,12 +275,16 @@
fs_getattr_all_fs(pptp_t)
fs_search_auto_mountpoints(pptp_t)
@@ -24365,7 +24371,15 @@
term_ioctl_generic_ptys(pptp_t)
term_search_ptys(pptp_t)
term_use_ptmx(pptp_t)
-@@ -278,6 +291,7 @@
+
+ domain_use_interactive_fds(pptp_t)
+
++auth_use_nsswitch(pptp_t)
++
+ libs_use_ld_so(pptp_t)
+ libs_use_shared_libs(pptp_t)
+
+@@ -278,6 +293,7 @@
miscfiles_read_localization(pptp_t)
sysnet_read_config(pptp_t)
@@ -24373,7 +24387,7 @@
userdom_dontaudit_use_unpriv_user_fds(pptp_t)
userdom_dontaudit_search_sysadm_home_dirs(pptp_t)
-@@ -287,6 +301,14 @@
+@@ -287,6 +303,14 @@
')
optional_policy(`
Index: selinux-policy.spec
===================================================================
RCS file: /cvs/extras/rpms/selinux-policy/F-9/selinux-policy.spec,v
retrieving revision 1.722
retrieving revision 1.723
diff -u -r1.722 -r1.723
--- selinux-policy.spec 29 Oct 2008 18:40:51 -0000 1.722
+++ selinux-policy.spec 3 Nov 2008 19:53:48 -0000 1.723
@@ -17,7 +17,7 @@
Summary: SELinux policy configuration
Name: selinux-policy
Version: 3.3.1
-Release: 105%{?dist}
+Release: 106%{?dist}
License: GPLv2+
Group: System Environment/Base
Source: serefpolicy-%{version}.tgz
@@ -382,6 +382,9 @@
%endif
%changelog
+* Mon Nov 3 2008 Dan Walsh <dwalsh at redhat.com> 3.3.1-105
+- Allow kismet to send signals to itself
+
* Tue Oct 28 2008 Dan Walsh <dwalsh at redhat.com> 3.3.1-105
- Allow spamd to manage exim spool
- Previous message (by thread): rpms/bit/devel bit.spec,1.11,1.12
- Next message (by thread): rpms/perl-Devel-GlobalDestruction/devel import.log, NONE, 1.1 perl-Devel-GlobalDestruction.spec, NONE, 1.1 .cvsignore, 1.1, 1.2 sources, 1.1, 1.2
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
More information about the fedora-extras-commits
mailing list