rpms/selinux-policy/F-11 policy-20090521.patch, 1.7, 1.8 selinux-policy.spec, 1.867, 1.868
Daniel J Walsh
dwalsh at fedoraproject.org
Tue Jun 2 15:55:43 UTC 2009
Author: dwalsh
Update of /cvs/extras/rpms/selinux-policy/F-11
In directory cvs1.fedora.phx.redhat.com:/tmp/cvs-serv5358
Modified Files:
policy-20090521.patch selinux-policy.spec
Log Message:
* Tue Jun 2 2009 Dan Walsh <dwalsh at redhat.com> 3.6.12-46
- Allow domains to check if the /selinux is mounted and search the directory
- Dontaudit rules are blocking audit events
policy-20090521.patch:
Index: policy-20090521.patch
===================================================================
RCS file: /cvs/extras/rpms/selinux-policy/F-11/policy-20090521.patch,v
retrieving revision 1.7
retrieving revision 1.8
diff -u -p -r1.7 -r1.8
--- policy-20090521.patch 2 Jun 2009 12:48:01 -0000 1.7
+++ policy-20090521.patch 2 Jun 2009 15:55:42 -0000 1.8
@@ -204,6 +204,19 @@ diff -b -B --ignore-all-space --exclude-
# Type for /dev/mapper/control
#
type lvm_control_t;
+diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/kernel/domain.if serefpolicy-3.6.12/policy/modules/kernel/domain.if
+--- nsaserefpolicy/policy/modules/kernel/domain.if 2009-05-21 08:27:59.000000000 -0400
++++ serefpolicy-3.6.12/policy/modules/kernel/domain.if 2009-06-02 11:40:14.000000000 -0400
+@@ -65,7 +65,8 @@
+ ')
+
+ optional_policy(`
+- selinux_dontaudit_getattr_fs($1)
++ selinux_getattr_fs($1)
++ selinux_search_fs($1)
+ selinux_dontaudit_read_fs($1)
+ ')
+
diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/kernel/files.if serefpolicy-3.6.12/policy/modules/kernel/files.if
--- nsaserefpolicy/policy/modules/kernel/files.if 2009-05-21 08:27:59.000000000 -0400
+++ serefpolicy-3.6.12/policy/modules/kernel/files.if 2009-05-29 11:03:57.000000000 -0400
Index: selinux-policy.spec
===================================================================
RCS file: /cvs/extras/rpms/selinux-policy/F-11/selinux-policy.spec,v
retrieving revision 1.867
retrieving revision 1.868
diff -u -p -r1.867 -r1.868
--- selinux-policy.spec 2 Jun 2009 12:48:01 -0000 1.867
+++ selinux-policy.spec 2 Jun 2009 15:55:42 -0000 1.868
@@ -20,7 +20,7 @@
Summary: SELinux policy configuration
Name: selinux-policy
Version: 3.6.12
-Release: 45%{?dist}
+Release: 46%{?dist}
License: GPLv2+
Group: System Environment/Base
Source: serefpolicy-%{version}.tgz
@@ -475,6 +475,10 @@ exit 0
%endif
%changelog
+* Tue Jun 2 2009 Dan Walsh <dwalsh at redhat.com> 3.6.12-46
+- Allow domains to check if the /selinux is mounted and search the directory
+- Dontaudit rules are blocking audit events
+
* Tue Jun 2 2009 Dan Walsh <dwalsh at redhat.com> 3.6.12-45
- Add proper labeling for shorewall
More information about the fedora-extras-commits
mailing list