rpms/selinux-policy/F-10 policy-20080710.patch,1.140,1.141

Miroslav Grepl mgrepl at fedoraproject.org
Mon Feb 23 14:09:28 UTC 2009 

Author: mgrepl

Update of /cvs/extras/rpms/selinux-policy/F-10
In directory cvs1.fedora.phx.redhat.com:/tmp/cvs-serv15990

Modified Files:
	policy-20080710.patch 
Log Message:
- Allow rpcd_t to send signal to mount_t


policy-20080710.patch:

Index: policy-20080710.patch
===================================================================
RCS file: /cvs/extras/rpms/selinux-policy/F-10/policy-20080710.patch,v
retrieving revision 1.140
retrieving revision 1.141
diff -u -r1.140 -r1.141
--- policy-20080710.patch	19 Feb 2009 08:50:17 -0000	1.140
+++ policy-20080710.patch	23 Feb 2009 14:09:26 -0000	1.141
@@ -9443,6 +9443,7 @@
 +optional_policy(`
 +	unprivuser_role_change_template(staff)
 +')
+Binary files nsaserefpolicy/policy/modules/roles/.staff.te.swp and serefpolicy-3.5.13/policy/modules/roles/.staff.te.swp differ
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/roles/sysadm.if serefpolicy-3.5.13/policy/modules/roles/sysadm.if
 --- nsaserefpolicy/policy/modules/roles/sysadm.if	2008-10-17 14:49:14.000000000 +0200
 +++ serefpolicy-3.5.13/policy/modules/roles/sysadm.if	2009-02-18 10:14:24.000000000 +0100
@@ -24748,7 +24749,7 @@
  /usr/sbin/rpc\.nfsd	--	gen_context(system_u:object_r:nfsd_exec_t,s0)
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/rpc.if serefpolicy-3.5.13/policy/modules/services/rpc.if
 --- nsaserefpolicy/policy/modules/services/rpc.if	2008-10-17 14:49:13.000000000 +0200
-+++ serefpolicy-3.5.13/policy/modules/services/rpc.if	2009-02-10 15:07:15.000000000 +0100
++++ serefpolicy-3.5.13/policy/modules/services/rpc.if	2009-02-23 15:03:51.000000000 +0100
 @@ -88,8 +88,11 @@
  	# bind to arbitary unused ports
  	corenet_tcp_bind_generic_port($1_t)
@@ -24762,7 +24763,7 @@
  
  	fs_rw_rpc_named_pipes($1_t) 
  	fs_search_auto_mountpoints($1_t)
-@@ -208,6 +211,24 @@
+@@ -208,6 +211,25 @@
  
  ########################################
  ## <summary>
@@ -24780,6 +24781,7 @@
 +	')
 +
 +	domtrans_pattern($1, rpcd_exec_t, rpcd_t)
++	allow rpcd_t $1:process signal;
 +')
 +
 +########################################
@@ -24787,7 +24789,7 @@
  ##      Read NFS exported content.
  ## </summary>
  ## <param name="domain">
-@@ -338,3 +359,22 @@
+@@ -338,3 +360,22 @@
  	files_search_var_lib($1)
  	read_files_pattern($1, var_lib_nfs_t, var_lib_nfs_t)
  ')

More information about the fedora-extras-commits mailing list