rpms/selinux-policy/F-11 policy-20090521.patch, 1.7, 1.8 selinux-policy.spec, 1.867, 1.868

Daniel J Walsh dwalsh at fedoraproject.org
Tue Jun 2 15:55:43 UTC 2009 

Author: dwalsh

Update of /cvs/extras/rpms/selinux-policy/F-11
In directory cvs1.fedora.phx.redhat.com:/tmp/cvs-serv5358

Modified Files:
	policy-20090521.patch selinux-policy.spec 
Log Message:
* Tue Jun 2 2009 Dan Walsh <dwalsh at redhat.com> 3.6.12-46
- Allow domains to check if the /selinux is mounted and search the directory
- Dontaudit rules are blocking audit events


policy-20090521.patch:

Index: policy-20090521.patch
===================================================================
RCS file: /cvs/extras/rpms/selinux-policy/F-11/policy-20090521.patch,v
retrieving revision 1.7
retrieving revision 1.8
diff -u -p -r1.7 -r1.8
--- policy-20090521.patch	2 Jun 2009 12:48:01 -0000	1.7
+++ policy-20090521.patch	2 Jun 2009 15:55:42 -0000	1.8
@@ -204,6 +204,19 @@ diff -b -B --ignore-all-space --exclude-
  # Type for /dev/mapper/control
  #
  type lvm_control_t;
+diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/kernel/domain.if serefpolicy-3.6.12/policy/modules/kernel/domain.if
+--- nsaserefpolicy/policy/modules/kernel/domain.if	2009-05-21 08:27:59.000000000 -0400
++++ serefpolicy-3.6.12/policy/modules/kernel/domain.if	2009-06-02 11:40:14.000000000 -0400
+@@ -65,7 +65,8 @@
+ 	')
+ 
+ 	optional_policy(`
+-		selinux_dontaudit_getattr_fs($1)
++		selinux_getattr_fs($1)
++		selinux_search_fs($1)
+ 		selinux_dontaudit_read_fs($1)
+ 	')
+ 
 diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/kernel/files.if serefpolicy-3.6.12/policy/modules/kernel/files.if
 --- nsaserefpolicy/policy/modules/kernel/files.if	2009-05-21 08:27:59.000000000 -0400
 +++ serefpolicy-3.6.12/policy/modules/kernel/files.if	2009-05-29 11:03:57.000000000 -0400


Index: selinux-policy.spec
===================================================================
RCS file: /cvs/extras/rpms/selinux-policy/F-11/selinux-policy.spec,v
retrieving revision 1.867
retrieving revision 1.868
diff -u -p -r1.867 -r1.868
--- selinux-policy.spec	2 Jun 2009 12:48:01 -0000	1.867
+++ selinux-policy.spec	2 Jun 2009 15:55:42 -0000	1.868
@@ -20,7 +20,7 @@
 Summary: SELinux policy configuration
 Name: selinux-policy
 Version: 3.6.12
-Release: 45%{?dist}
+Release: 46%{?dist}
 License: GPLv2+
 Group: System Environment/Base
 Source: serefpolicy-%{version}.tgz
@@ -475,6 +475,10 @@ exit 0
 %endif
 
 %changelog
+* Tue Jun 2 2009 Dan Walsh <dwalsh at redhat.com> 3.6.12-46
+- Allow domains to check if the /selinux is mounted and search the directory
+- Dontaudit rules are blocking audit events
+
 * Tue Jun 2 2009 Dan Walsh <dwalsh at redhat.com> 3.6.12-45
 - Add proper labeling for shorewall

More information about the fedora-extras-commits mailing list