rpms/selinux-policy/F-10 policy-20080710.patch, 1.101, 1.102 selinux-policy.spec, 1.751, 1.752
Daniel J Walsh
dwalsh at fedoraproject.org
Mon Nov 24 21:07:38 UTC 2008
- Previous message (by thread): rpms/clipper/EL-5 .cvsignore, 1.3, 1.4 clipper.spec, 1.2, 1.3 sources, 1.3, 1.4
- Next message (by thread): rpms/nagios/F-10 nagios.spec,1.62,1.63 sources,1.17,1.18
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
Author: dwalsh
Update of /cvs/extras/rpms/selinux-policy/F-10
In directory cvs1.fedora.phx.redhat.com:/tmp/cvs-serv29646
Modified Files:
policy-20080710.patch selinux-policy.spec
Log Message:
* Mon Nov 24 2008 Dan Walsh <dwalsh at redhat.com> 3.5.13-24
- Fix certwatch creating cache
policy-20080710.patch:
Index: policy-20080710.patch
===================================================================
RCS file: /cvs/extras/rpms/selinux-policy/F-10/policy-20080710.patch,v
retrieving revision 1.101
retrieving revision 1.102
diff -u -r1.101 -r1.102
--- policy-20080710.patch 24 Nov 2008 16:51:07 -0000 1.101
+++ policy-20080710.patch 24 Nov 2008 21:07:37 -0000 1.102
@@ -577,16 +577,17 @@
cron_search_spool(logrotate_t)
diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/admin/logwatch.te serefpolicy-3.5.13/policy/modules/admin/logwatch.te
--- nsaserefpolicy/policy/modules/admin/logwatch.te 2008-10-17 08:49:14.000000000 -0400
-+++ serefpolicy-3.5.13/policy/modules/admin/logwatch.te 2008-11-24 10:49:49.000000000 -0500
-@@ -43,6 +43,7 @@
++++ serefpolicy-3.5.13/policy/modules/admin/logwatch.te 2008-11-24 11:54:20.000000000 -0500
+@@ -43,6 +43,8 @@
kernel_read_fs_sysctls(logwatch_t)
kernel_read_kernel_sysctls(logwatch_t)
kernel_read_system_state(logwatch_t)
++kernel_read_network_state(logwatch_t)
+kernel_read_net_sysctls(logwatch_t)
corecmd_exec_bin(logwatch_t)
corecmd_exec_shell(logwatch_t)
-@@ -54,18 +55,19 @@
+@@ -54,18 +56,19 @@
domain_read_all_domains_state(logwatch_t)
files_list_var(logwatch_t)
@@ -609,7 +610,7 @@
term_dontaudit_getattr_pty_dirs(logwatch_t)
term_dontaudit_list_ptys(logwatch_t)
-@@ -87,6 +89,7 @@
+@@ -87,6 +90,7 @@
selinux_dontaudit_getattr_dir(logwatch_t)
sysnet_dns_name_resolve(logwatch_t)
@@ -617,7 +618,7 @@
mta_send_mail(logwatch_t)
-@@ -131,4 +134,5 @@
+@@ -131,4 +135,5 @@
optional_policy(`
samba_read_log(logwatch_t)
@@ -28556,7 +28557,7 @@
+/var/cache/coolkey(/.*)? gen_context(system_u:object_r:auth_cache_t,s0)
diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/authlogin.if serefpolicy-3.5.13/policy/modules/system/authlogin.if
--- nsaserefpolicy/policy/modules/system/authlogin.if 2008-10-17 08:49:13.000000000 -0400
-+++ serefpolicy-3.5.13/policy/modules/system/authlogin.if 2008-11-24 10:49:49.000000000 -0500
++++ serefpolicy-3.5.13/policy/modules/system/authlogin.if 2008-11-24 16:05:46.000000000 -0500
@@ -56,10 +56,6 @@
miscfiles_read_localization($1_chkpwd_t)
@@ -28799,7 +28800,7 @@
')
')
-@@ -1491,3 +1586,79 @@
+@@ -1491,3 +1586,81 @@
typeattribute $1 can_write_shadow_passwords;
typeattribute $1 can_relabelto_shadow_passwords;
')
@@ -28876,7 +28877,9 @@
+ type auth_cache_t;
+ ')
+
-+ files_var_filetrans($1,auth_cache_t,file)
++ manage_files_pattern($1, auth_cache_t, auth_cache_t)
++ manage_dirs_pattern($1, auth_cache_t, auth_cache_t)
++ files_var_filetrans($1,auth_cache_t,{ file dir } )
+')
+
diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/authlogin.te serefpolicy-3.5.13/policy/modules/system/authlogin.te
@@ -29653,7 +29656,16 @@
allow setkey_t ipsec_conf_file_t:dir list_dir_perms;
diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/iptables.te serefpolicy-3.5.13/policy/modules/system/iptables.te
--- nsaserefpolicy/policy/modules/system/iptables.te 2008-10-17 08:49:13.000000000 -0400
-+++ serefpolicy-3.5.13/policy/modules/system/iptables.te 2008-11-24 10:49:49.000000000 -0500
++++ serefpolicy-3.5.13/policy/modules/system/iptables.te 2008-11-24 14:40:10.000000000 -0500
+@@ -27,7 +27,7 @@
+ allow iptables_t self:process { sigchld sigkill sigstop signull signal };
+ allow iptables_t self:rawip_socket create_socket_perms;
+
+-allow iptables_t iptables_var_run_t:dir rw_dir_perms;
++manage_files_pattern(iptables_t, iptables_var_run_t, iptables_var_run_t)
+ files_pid_filetrans(iptables_t,iptables_var_run_t,file)
+
+ can_exec(iptables_t,iptables_exec_t)
@@ -53,6 +53,7 @@
mls_file_read_all_levels(iptables_t)
Index: selinux-policy.spec
===================================================================
RCS file: /cvs/extras/rpms/selinux-policy/F-10/selinux-policy.spec,v
retrieving revision 1.751
retrieving revision 1.752
diff -u -r1.751 -r1.752
--- selinux-policy.spec 24 Nov 2008 16:51:11 -0000 1.751
+++ selinux-policy.spec 24 Nov 2008 21:07:37 -0000 1.752
@@ -20,7 +20,7 @@
Summary: SELinux policy configuration
Name: selinux-policy
Version: 3.5.13
-Release: 23%{?dist}
+Release: 24%{?dist}
License: GPLv2+
Group: System Environment/Base
Source: serefpolicy-%{version}.tgz
@@ -457,6 +457,9 @@
%endif
%changelog
+* Mon Nov 24 2008 Dan Walsh <dwalsh at redhat.com> 3.5.13-24
+- Fix certwatch creating cache
+
* Mon Nov 24 2008 Dan Walsh <dwalsh at redhat.com> 3.5.13-23
- Add afs_client port definition
- Previous message (by thread): rpms/clipper/EL-5 .cvsignore, 1.3, 1.4 clipper.spec, 1.2, 1.3 sources, 1.3, 1.4
- Next message (by thread): rpms/nagios/F-10 nagios.spec,1.62,1.63 sources,1.17,1.18
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
More information about the fedora-extras-commits
mailing list