rpms/selinux-policy/F-9 policy-20071130.patch, 1.267, 1.268 selinux-policy.spec, 1.750, 1.751

Miroslav Grepl mgrepl at fedoraproject.org
Thu Jun 18 14:11:02 UTC 2009 

Author: mgrepl

Update of /cvs/extras/rpms/selinux-policy/F-9
In directory cvs1.fedora.phx.redhat.com:/tmp/cvs-serv28129

Modified Files:
	policy-20071130.patch selinux-policy.spec 
Log Message:
- Add labeling for Zend extensions



policy-20071130.patch:

Index: policy-20071130.patch
===================================================================
RCS file: /cvs/extras/rpms/selinux-policy/F-9/policy-20071130.patch,v
retrieving revision 1.267
retrieving revision 1.268
diff -u -p -r1.267 -r1.268
--- policy-20071130.patch	15 May 2009 10:08:33 -0000	1.267
+++ policy-20071130.patch	18 Jun 2009 14:10:53 -0000	1.268
@@ -655066,7 +655066,7 @@ diff --exclude-from=exclude -N -u -r nsa
  ')
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/mysql.te serefpolicy-3.3.1/policy/modules/services/mysql.te
 --- nsaserefpolicy/policy/modules/services/mysql.te	2008-02-26 14:23:10.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/services/mysql.te	2009-03-25 00:08:28.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/services/mysql.te	2009-06-11 14:20:43.000000000 +0200
 @@ -10,6 +10,10 @@
  type mysqld_exec_t;
  init_daemon_domain(mysqld_t,mysqld_exec_t)
@@ -655108,7 +655108,7 @@ diff --exclude-from=exclude -N -u -r nsa
  
  domain_use_interactive_fds(mysqld_t)
  
-@@ -119,3 +128,38 @@
+@@ -119,3 +128,44 @@
  optional_policy(`
  	udev_read_db(mysqld_t)
  ')
@@ -655147,6 +655147,12 @@ diff --exclude-from=exclude -N -u -r nsa
 +
 +hostname_exec(mysqld_safe_t)
 +
++userdom_dontaudit_search_sysadm_home_dirs(mysqld_safe_t)
++userdom_dontaudit_search_users_home_dirs(mysqld_safe_t)
++
++
++
++
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/nagios.fc serefpolicy-3.3.1/policy/modules/services/nagios.fc
 --- nsaserefpolicy/policy/modules/services/nagios.fc	2008-02-26 14:23:10.000000000 +0100
 +++ serefpolicy-3.3.1/policy/modules/services/nagios.fc	2009-02-12 22:21:57.000000000 +0100
@@ -670265,7 +670271,7 @@ diff --exclude-from=exclude -N -u -r nsa
  
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/libraries.fc serefpolicy-3.3.1/policy/modules/system/libraries.fc
 --- nsaserefpolicy/policy/modules/system/libraries.fc	2008-02-26 14:23:09.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/system/libraries.fc	2009-04-03 14:00:57.000000000 +0200
++++ serefpolicy-3.3.1/policy/modules/system/libraries.fc	2009-06-09 15:04:55.000000000 +0200
 @@ -69,8 +69,10 @@
  ifdef(`distro_gentoo',`
  # despite the extensions, they are actually libs
@@ -670382,7 +670388,16 @@ diff --exclude-from=exclude -N -u -r nsa
  # Java, Sun Microsystems (JPackage SRPM)
  /usr/(.*/)?jre.*/.*\.so(\.[^/]*)* --	gen_context(system_u:object_r:textrel_shlib_t,s0)
  /usr/local/(.*/)?jre.*/.*\.so(\.[^/]*)* --	gen_context(system_u:object_r:textrel_shlib_t,s0)
-@@ -287,11 +304,15 @@
+@@ -279,6 +296,8 @@
+ /usr/(local/)?matlab.*/bin/glnx86/libmwlapack\.so -- gen_context(system_u:object_r:textrel_shlib_t,s0)
+ /usr/(local/)?matlab.*/bin/glnx86/(libmw(lapack|mathutil|services)|lapack|libmkl)\.so -- gen_context(system_u:object_r:textrel_shlib_t,s0)
+ /usr/(local/)?matlab.*/sys/os/glnx86/libtermcap\.so -- gen_context(system_u:object_r:textrel_shlib_t,s0)
++/usr/local/Zend/lib/ZendExtensionManager\.so	gen_context(system_u:object_r:textrel_shlib_t,s0)
++/usr/local/Zend/lib/.*/ZendOptimizer\.so	gen_context(system_u:object_r:textrel_shlib_t,s0)
+ 
+ /usr/(.*/)?intellinux/SPPlugins/ADMPlugin\.apl -- gen_context(system_u:object_r:textrel_shlib_t,s0)
+ 
+@@ -287,11 +306,15 @@
  /usr/lib/acroread/(.*/)?lib/[^/]*\.so(\.[^/]*)* -- gen_context(system_u:object_r:textrel_shlib_t,s0)
  /usr/lib/acroread/.+\.api		--	gen_context(system_u:object_r:textrel_shlib_t,s0)
  /usr/lib/acroread/(.*/)?ADMPlugin\.apl	--	gen_context(system_u:object_r:textrel_shlib_t,s0)
@@ -670398,7 +670413,7 @@ diff --exclude-from=exclude -N -u -r nsa
  /var/ftp/lib(64)?(/.*)?				gen_context(system_u:object_r:lib_t,s0)
  /var/ftp/lib(64)?/ld[^/]*\.so(\.[^/]*)*	--	gen_context(system_u:object_r:ld_so_t,s0)
  
-@@ -301,6 +322,30 @@
+@@ -301,6 +324,30 @@
  /var/lib/samba/bin/.+\.so(\.[^/]*)*	-l	gen_context(system_u:object_r:lib_t,s0)
  ')
  
@@ -674527,7 +674542,7 @@ diff --exclude-from=exclude -N -u -r nsa
 +/root(/.*)?	 	gen_context(system_u:object_r:admin_home_t,s0)
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/userdomain.if serefpolicy-3.3.1/policy/modules/system/userdomain.if
 --- nsaserefpolicy/policy/modules/system/userdomain.if	2008-02-26 14:23:09.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/system/userdomain.if	2009-03-05 13:35:19.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/system/userdomain.if	2009-06-11 14:20:17.000000000 +0200
 @@ -29,9 +29,14 @@
  	')
  
@@ -677334,7 +677349,7 @@ diff --exclude-from=exclude -N -u -r nsa
  ##	Send a dbus message to all user domains.
  ## </summary>
  ## <param name="domain">
-@@ -5704,3 +6377,408 @@
+@@ -5704,3 +6377,407 @@
  interface(`userdom_unconfined',`
  	refpolicywarn(`$0($*) has been deprecated.')
  ')
@@ -677439,7 +677454,6 @@ diff --exclude-from=exclude -N -u -r nsa
 +	dontaudit $1 user_home_dir_type:dir search_dir_perms;
 +')
 +
-+
 +########################################
 +## <summary>
 +##	Identify specified type as being in a users home directory


Index: selinux-policy.spec
===================================================================
RCS file: /cvs/extras/rpms/selinux-policy/F-9/selinux-policy.spec,v
retrieving revision 1.750
retrieving revision 1.751
diff -u -p -r1.750 -r1.751
--- selinux-policy.spec	3 Jun 2009 08:22:06 -0000	1.750
+++ selinux-policy.spec	18 Jun 2009 14:10:58 -0000	1.751
@@ -20,7 +20,7 @@
 Summary: SELinux policy configuration
 Name: selinux-policy
 Version: 3.3.1
-Release: 134%{?dist}
+Release: 135%{?dist}
 License: GPLv2+
 Group: System Environment/Base
 Source: serefpolicy-%{version}.tgz
@@ -444,6 +444,9 @@ exit 0
 %endif
 
 %changelog
+* Thu Jun 18 2009 Miroslav Grepl <mgrepl at redhat.com> 3.3.1-135
+- Add labeling for Zend extensions
+
 * Wed Jun 3 2009 Miroslav Grepl <mgrepl at redhat.com> 3.3.1-134
 - Update Url line

More information about the fedora-extras-commits mailing list