rpms/selinux-policy/devel policy-F12.patch,1.29,1.30

Daniel J Walsh dwalsh at fedoraproject.org
Thu Jul 16 11:24:56 UTC 2009 

Author: dwalsh

Update of /cvs/extras/rpms/selinux-policy/devel
In directory cvs1.fedora.phx.redhat.com:/tmp/cvs-serv7135

Modified Files:
	policy-F12.patch 
Log Message:
* Tue Jul 14 2009 Dan Walsh <dwalsh at redhat.com> 3.6.22-1
- Update to upstream


policy-F12.patch:

Index: policy-F12.patch
===================================================================
RCS file: /cvs/extras/rpms/selinux-policy/devel/policy-F12.patch,v
retrieving revision 1.29
retrieving revision 1.30
diff -u -p -r1.29 -r1.30
--- policy-F12.patch	16 Jul 2009 11:06:59 -0000	1.29
+++ policy-F12.patch	16 Jul 2009 11:24:55 -0000	1.30
@@ -18509,7 +18509,7 @@ diff -b -B --ignore-all-space --exclude-
  
 diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/rsync.te serefpolicy-3.6.22/policy/modules/services/rsync.te
 --- nsaserefpolicy/policy/modules/services/rsync.te	2009-07-14 14:19:57.000000000 -0400
-+++ serefpolicy-3.6.22/policy/modules/services/rsync.te	2009-07-15 14:06:36.000000000 -0400
++++ serefpolicy-3.6.22/policy/modules/services/rsync.te	2009-07-16 07:21:18.000000000 -0400
 @@ -8,6 +8,13 @@
  
  ## <desc>
@@ -18524,7 +18524,7 @@ diff -b -B --ignore-all-space --exclude-
  ## Allow rsync to export any files/directories read only.
  ## </p>
  ## </desc>
-@@ -126,4 +133,16 @@
+@@ -126,4 +133,19 @@
  	auth_read_all_symlinks_except_shadow(rsync_t)
  	auth_tunable_read_shadow(rsync_t)
  ')
@@ -18535,7 +18535,10 @@ diff -b -B --ignore-all-space --exclude-
 +	manage_dirs_pattern(rsync_t, rsync_data_t, rsync_data_t)
 +	manage_files_pattern(rsync_t, rsync_data_t, rsync_data_t)
 +	manage_lnk_files_pattern(rsync_t, rsync_data_t, rsync_data_t)
-+	optional_policy(`
++')
++
++optional_policy(`
++	tunable_policy(`rsync_client',`
 +		ssh_exec(rsync_t) 
 +	')
 +')
@@ -23821,12 +23824,13 @@ diff -b -B --ignore-all-space --exclude-
 +
 diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/authlogin.if serefpolicy-3.6.22/policy/modules/system/authlogin.if
 --- nsaserefpolicy/policy/modules/system/authlogin.if	2009-07-14 14:19:57.000000000 -0400
-+++ serefpolicy-3.6.22/policy/modules/system/authlogin.if	2009-07-15 14:06:36.000000000 -0400
-@@ -40,17 +40,77 @@
++++ serefpolicy-3.6.22/policy/modules/system/authlogin.if	2009-07-16 07:17:46.000000000 -0400
+@@ -40,17 +40,76 @@
  ##	</summary>
  ## </param>
  #
 +interface(`auth_use_pam',`
++
 +	# for SSP/ProPolice
 +	dev_read_urand($1)
 +	# for encrypted homedir
@@ -23895,12 +23899,10 @@ diff -b -B --ignore-all-space --exclude-
 +	allow $1 self:key manage_key_perms;
 +	userdom_manage_all_users_keys($1)
 +
-+	auth_use_pam($1)
-+
  	files_list_var_lib($1)
  	manage_files_pattern($1, var_auth_t, var_auth_t)
  
-@@ -62,8 +122,6 @@
+@@ -62,8 +121,6 @@
  	manage_sock_files_pattern($1, auth_cache_t, auth_cache_t)
  	files_var_filetrans($1, auth_cache_t, dir)
  
@@ -23909,7 +23911,7 @@ diff -b -B --ignore-all-space --exclude-
  	# for fingerprint readers
  	dev_rw_input_dev($1)
  	dev_rw_generic_usb_dev($1)
-@@ -86,27 +144,45 @@
+@@ -86,27 +143,44 @@
  	mls_process_set_level($1)
  	mls_fd_share_all_levels($1)
  
@@ -23923,6 +23925,7 @@ diff -b -B --ignore-all-space --exclude-
 -	auth_exec_pam($1)
 -	auth_use_nsswitch($1)
 +	auth_manage_pam_pid($1)
++	auth_use_pam($1)
  
  	init_rw_utmp($1)
  
@@ -23945,10 +23948,8 @@ diff -b -B --ignore-all-space --exclude-
 +	')
 +
 +	optional_policy(`
-+		optional_policy(`
-+			oddjob_dbus_chat($1)
-+			oddjob_domtrans_mkhomedir($1)
-+		')
++		oddjob_dbus_chat($1)
++		oddjob_domtrans_mkhomedir($1)
 +	')
 +
 +	optional_policy(`
@@ -23968,7 +23969,7 @@ diff -b -B --ignore-all-space --exclude-
  	')
  ')
  
-@@ -305,19 +381,16 @@
+@@ -305,19 +379,16 @@
  	dev_read_rand($1)
  	dev_read_urand($1)
  
@@ -23993,7 +23994,7 @@ diff -b -B --ignore-all-space --exclude-
  	')
  
  	optional_policy(`
-@@ -328,6 +401,29 @@
+@@ -328,6 +399,29 @@
  	optional_policy(`
  		samba_stream_connect_winbind($1)
  	')
@@ -24023,7 +24024,7 @@ diff -b -B --ignore-all-space --exclude-
  ')
  
  ########################################
-@@ -352,6 +448,7 @@
+@@ -352,6 +446,7 @@
  
  	auth_domtrans_chk_passwd($1)
  	role $2 types chkpwd_t;
@@ -24031,7 +24032,7 @@ diff -b -B --ignore-all-space --exclude-
  ')
  
  ########################################
-@@ -1129,6 +1226,32 @@
+@@ -1129,6 +1224,32 @@
  
  ########################################
  ## <summary>
@@ -24064,7 +24065,7 @@ diff -b -B --ignore-all-space --exclude-
  ##	Manage all files on the filesystem, except
  ##	the shadow passwords and listed exceptions.
  ## </summary>
-@@ -1254,6 +1377,25 @@
+@@ -1254,6 +1375,25 @@
  
  ########################################
  ## <summary>
@@ -24090,7 +24091,7 @@ diff -b -B --ignore-all-space --exclude-
  ##	Do not audit attempts to write to
  ##	login records files.
  ## </summary>
-@@ -1395,6 +1537,14 @@
+@@ -1395,6 +1535,14 @@
  	')
  
  	optional_policy(`
@@ -24105,7 +24106,7 @@ diff -b -B --ignore-all-space --exclude-
  		nis_use_ypbind($1)
  	')
  
-@@ -1403,8 +1553,17 @@
+@@ -1403,8 +1551,17 @@
  	')
  
  	optional_policy(`

More information about the fedora-extras-commits mailing list