rpms/selinux-policy/devel nsadiff, 1.1, 1.2 policy-20090105.patch, 1.61, 1.62 selinux-policy.spec, 1.804, 1.805
Daniel J Walsh
dwalsh at fedoraproject.org
Thu Mar 12 15:33:43 UTC 2009
Author: dwalsh
Update of /cvs/extras/rpms/selinux-policy/devel
In directory cvs1.fedora.phx.redhat.com:/tmp/cvs-serv9900
Modified Files:
nsadiff policy-20090105.patch selinux-policy.spec
Log Message:
* Thu Mar 12 2009 Dan Walsh <dwalsh at redhat.com> 3.6.9-1
- Upgrade to latest upstream
Index: nsadiff
===================================================================
RCS file: /cvs/extras/rpms/selinux-policy/devel/nsadiff,v
retrieving revision 1.1
retrieving revision 1.2
diff -u -r1.1 -r1.2
--- nsadiff 9 Mar 2009 21:58:07 -0000 1.1
+++ nsadiff 12 Mar 2009 15:33:12 -0000 1.2
@@ -1 +1 @@
-diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy serefpolicy-3.6.8 > /tmp/diff
+diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy serefpolicy-3.6.9 > /tmp/diff
policy-20090105.patch:
View full diff with command:
/usr/bin/cvs -f diff -kk -u -N -r 1.61 -r 1.62 policy-20090105.patch
Index: policy-20090105.patch
===================================================================
RCS file: /cvs/extras/rpms/selinux-policy/devel/policy-20090105.patch,v
retrieving revision 1.61
retrieving revision 1.62
diff -u -r1.61 -r1.62
--- policy-20090105.patch 11 Mar 2009 20:25:16 -0000 1.61
+++ policy-20090105.patch 12 Mar 2009 15:33:12 -0000 1.62
@@ -1,6 +1,6 @@
-diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/config/appconfig-mcs/default_contexts serefpolicy-3.6.8/config/appconfig-mcs/default_contexts
+diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/config/appconfig-mcs/default_contexts serefpolicy-3.6.9/config/appconfig-mcs/default_contexts
--- nsaserefpolicy/config/appconfig-mcs/default_contexts 2008-11-11 16:13:50.000000000 -0500
-+++ serefpolicy-3.6.8/config/appconfig-mcs/default_contexts 2009-03-10 08:25:54.000000000 -0400
++++ serefpolicy-3.6.9/config/appconfig-mcs/default_contexts 2009-03-12 11:23:09.000000000 -0400
@@ -1,15 +1,6 @@
-system_r:crond_t:s0 user_r:cronjob_t:s0 staff_r:cronjob_t:s0 sysadm_r:cronjob_t:s0 system_r:cronjob_t:s0 unconfined_r:unconfined_cronjob_t:s0
-system_r:local_login_t:s0 user_r:user_t:s0 staff_r:staff_t:s0 sysadm_r:sysadm_t:s0 unconfined_r:unconfined_t:s0
@@ -22,15 +22,15 @@
-user_r:user_su_t:s0 user_r:user_t:s0 staff_r:staff_t:s0 sysadm_r:sysadm_t:s0
-user_r:user_sudo_t:s0 sysadm_r:sysadm_t:s0 user_r:user_t:s0
+system_r:xdm_t:s0 user_r:user_t:s0
-diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/config/appconfig-mcs/failsafe_context serefpolicy-3.6.8/config/appconfig-mcs/failsafe_context
+diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/config/appconfig-mcs/failsafe_context serefpolicy-3.6.9/config/appconfig-mcs/failsafe_context
--- nsaserefpolicy/config/appconfig-mcs/failsafe_context 2008-08-07 11:15:14.000000000 -0400
-+++ serefpolicy-3.6.8/config/appconfig-mcs/failsafe_context 2009-03-10 08:25:54.000000000 -0400
++++ serefpolicy-3.6.9/config/appconfig-mcs/failsafe_context 2009-03-12 11:23:09.000000000 -0400
@@ -1 +1 @@
-sysadm_r:sysadm_t:s0
+system_r:unconfined_t:s0
-diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/config/appconfig-mcs/guest_u_default_contexts serefpolicy-3.6.8/config/appconfig-mcs/guest_u_default_contexts
+diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/config/appconfig-mcs/guest_u_default_contexts serefpolicy-3.6.9/config/appconfig-mcs/guest_u_default_contexts
--- nsaserefpolicy/config/appconfig-mcs/guest_u_default_contexts 1969-12-31 19:00:00.000000000 -0500
-+++ serefpolicy-3.6.8/config/appconfig-mcs/guest_u_default_contexts 2009-03-10 08:25:54.000000000 -0400
++++ serefpolicy-3.6.9/config/appconfig-mcs/guest_u_default_contexts 2009-03-12 11:23:09.000000000 -0400
@@ -0,0 +1,6 @@
+system_r:local_login_t:s0 guest_r:guest_t:s0
+system_r:remote_login_t:s0 guest_r:guest_t:s0
@@ -38,9 +38,9 @@
+system_r:crond_t:s0 guest_r:guest_t:s0
+system_r:initrc_su_t:s0 guest_r:guest_t:s0
+guest_r:guest_t:s0 guest_r:guest_t:s0
-diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/config/appconfig-mcs/root_default_contexts serefpolicy-3.6.8/config/appconfig-mcs/root_default_contexts
+diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/config/appconfig-mcs/root_default_contexts serefpolicy-3.6.9/config/appconfig-mcs/root_default_contexts
--- nsaserefpolicy/config/appconfig-mcs/root_default_contexts 2008-11-11 16:13:50.000000000 -0500
-+++ serefpolicy-3.6.8/config/appconfig-mcs/root_default_contexts 2009-03-10 08:25:54.000000000 -0400
++++ serefpolicy-3.6.9/config/appconfig-mcs/root_default_contexts 2009-03-12 11:23:09.000000000 -0400
@@ -1,11 +1,7 @@
-system_r:crond_t:s0 unconfined_r:unconfined_t:s0 sysadm_r:cronjob_t:s0 staff_r:cronjob_t:s0 user_r:cronjob_t:s0
+system_r:crond_t:s0 unconfined_r:unconfined_t:s0 sysadm_r:sysadm_t:s0 staff_r:staff_t:s0 user_r:user_t:s0
@@ -55,18 +55,18 @@
#
-#system_r:sshd_t:s0 unconfined_r:unconfined_t:s0 sysadm_r:sysadm_t:s0 staff_r:staff_t:s0 user_r:user_t:s0
+system_r:sshd_t:s0 unconfined_r:unconfined_t:s0 sysadm_r:sysadm_t:s0 staff_r:staff_t:s0 user_r:user_t:s0
-diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/config/appconfig-mcs/seusers serefpolicy-3.6.8/config/appconfig-mcs/seusers
+diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/config/appconfig-mcs/seusers serefpolicy-3.6.9/config/appconfig-mcs/seusers
--- nsaserefpolicy/config/appconfig-mcs/seusers 2008-08-07 11:15:14.000000000 -0400
-+++ serefpolicy-3.6.8/config/appconfig-mcs/seusers 2009-03-10 08:25:54.000000000 -0400
++++ serefpolicy-3.6.9/config/appconfig-mcs/seusers 2009-03-12 11:23:09.000000000 -0400
@@ -1,3 +1,3 @@
system_u:system_u:s0-mcs_systemhigh
-root:root:s0-mcs_systemhigh
-__default__:user_u:s0
+root:unconfined_u:s0-mcs_systemhigh
+__default__:unconfined_u:s0-mcs_systemhigh
-diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/config/appconfig-mcs/staff_u_default_contexts serefpolicy-3.6.8/config/appconfig-mcs/staff_u_default_contexts
+diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/config/appconfig-mcs/staff_u_default_contexts serefpolicy-3.6.9/config/appconfig-mcs/staff_u_default_contexts
--- nsaserefpolicy/config/appconfig-mcs/staff_u_default_contexts 2008-11-11 16:13:50.000000000 -0500
-+++ serefpolicy-3.6.8/config/appconfig-mcs/staff_u_default_contexts 2009-03-10 08:25:54.000000000 -0400
++++ serefpolicy-3.6.9/config/appconfig-mcs/staff_u_default_contexts 2009-03-12 11:23:09.000000000 -0400
@@ -1,10 +1,12 @@
system_r:local_login_t:s0 staff_r:staff_t:s0 sysadm_r:sysadm_t:s0
system_r:remote_login_t:s0 staff_r:staff_t:s0
@@ -81,9 +81,9 @@
sysadm_r:sysadm_su_t:s0 sysadm_r:sysadm_t:s0
sysadm_r:sysadm_sudo_t:s0 sysadm_r:sysadm_t:s0
-diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/config/appconfig-mcs/unconfined_u_default_contexts serefpolicy-3.6.8/config/appconfig-mcs/unconfined_u_default_contexts
+diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/config/appconfig-mcs/unconfined_u_default_contexts serefpolicy-3.6.9/config/appconfig-mcs/unconfined_u_default_contexts
--- nsaserefpolicy/config/appconfig-mcs/unconfined_u_default_contexts 2008-11-11 16:13:50.000000000 -0500
-+++ serefpolicy-3.6.8/config/appconfig-mcs/unconfined_u_default_contexts 2009-03-10 08:25:54.000000000 -0400
++++ serefpolicy-3.6.9/config/appconfig-mcs/unconfined_u_default_contexts 2009-03-12 11:23:09.000000000 -0400
@@ -1,4 +1,4 @@
-system_r:crond_t:s0 unconfined_r:unconfined_t:s0 unconfined_r:unconfined_cronjob_t:s0
+system_r:crond_t:s0 unconfined_r:unconfined_t:s0
@@ -97,15 +97,15 @@
+system_r:initrc_su_t:s0 unconfined_r:unconfined_t:s0
+unconfined_r:unconfined_t:s0 unconfined_r:unconfined_t:s0
system_r:xdm_t:s0 unconfined_r:unconfined_t:s0
-diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/config/appconfig-mcs/userhelper_context serefpolicy-3.6.8/config/appconfig-mcs/userhelper_context
+diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/config/appconfig-mcs/userhelper_context serefpolicy-3.6.9/config/appconfig-mcs/userhelper_context
--- nsaserefpolicy/config/appconfig-mcs/userhelper_context 2008-08-07 11:15:14.000000000 -0400
-+++ serefpolicy-3.6.8/config/appconfig-mcs/userhelper_context 2009-03-10 08:25:54.000000000 -0400
++++ serefpolicy-3.6.9/config/appconfig-mcs/userhelper_context 2009-03-12 11:23:09.000000000 -0400
@@ -1 +1 @@
-system_u:sysadm_r:sysadm_t:s0
+system_u:system_r:unconfined_t:s0
-diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/config/appconfig-mcs/user_u_default_contexts serefpolicy-3.6.8/config/appconfig-mcs/user_u_default_contexts
+diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/config/appconfig-mcs/user_u_default_contexts serefpolicy-3.6.9/config/appconfig-mcs/user_u_default_contexts
--- nsaserefpolicy/config/appconfig-mcs/user_u_default_contexts 2008-11-11 16:13:50.000000000 -0500
-+++ serefpolicy-3.6.8/config/appconfig-mcs/user_u_default_contexts 2009-03-10 08:25:54.000000000 -0400
++++ serefpolicy-3.6.9/config/appconfig-mcs/user_u_default_contexts 2009-03-12 11:23:09.000000000 -0400
@@ -1,8 +1,9 @@
system_r:local_login_t:s0 user_r:user_t:s0
system_r:remote_login_t:s0 user_r:user_t:s0
@@ -118,19 +118,19 @@
-
+system_r:initrc_su_t:s0 user_r:user_t:s0
+user_r:user_t:s0 user_r:user_t:s0
-diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/config/appconfig-mcs/virtual_domain_context serefpolicy-3.6.8/config/appconfig-mcs/virtual_domain_context
+diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/config/appconfig-mcs/virtual_domain_context serefpolicy-3.6.9/config/appconfig-mcs/virtual_domain_context
--- nsaserefpolicy/config/appconfig-mcs/virtual_domain_context 1969-12-31 19:00:00.000000000 -0500
-+++ serefpolicy-3.6.8/config/appconfig-mcs/virtual_domain_context 2009-03-10 08:25:54.000000000 -0400
++++ serefpolicy-3.6.9/config/appconfig-mcs/virtual_domain_context 2009-03-12 11:23:09.000000000 -0400
@@ -0,0 +1 @@
+system_u:system_r:svirt_t:s0
-diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/config/appconfig-mcs/virtual_image_context serefpolicy-3.6.8/config/appconfig-mcs/virtual_image_context
+diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/config/appconfig-mcs/virtual_image_context serefpolicy-3.6.9/config/appconfig-mcs/virtual_image_context
--- nsaserefpolicy/config/appconfig-mcs/virtual_image_context 1969-12-31 19:00:00.000000000 -0500
-+++ serefpolicy-3.6.8/config/appconfig-mcs/virtual_image_context 2009-03-10 08:25:54.000000000 -0400
++++ serefpolicy-3.6.9/config/appconfig-mcs/virtual_image_context 2009-03-12 11:23:09.000000000 -0400
@@ -0,0 +1 @@
+system_u:object_r:virt_image_t:s0
-diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/config/appconfig-mcs/xguest_u_default_contexts serefpolicy-3.6.8/config/appconfig-mcs/xguest_u_default_contexts
+diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/config/appconfig-mcs/xguest_u_default_contexts serefpolicy-3.6.9/config/appconfig-mcs/xguest_u_default_contexts
--- nsaserefpolicy/config/appconfig-mcs/xguest_u_default_contexts 1969-12-31 19:00:00.000000000 -0500
-+++ serefpolicy-3.6.8/config/appconfig-mcs/xguest_u_default_contexts 2009-03-10 08:25:54.000000000 -0400
++++ serefpolicy-3.6.9/config/appconfig-mcs/xguest_u_default_contexts 2009-03-12 11:23:09.000000000 -0400
@@ -0,0 +1,7 @@
+system_r:local_login_t xguest_r:xguest_t:s0
+system_r:remote_login_t xguest_r:xguest_t:s0
@@ -139,9 +139,9 @@
+system_r:xdm_t xguest_r:xguest_t:s0
+system_r:initrc_su_t:s0 xguest_r:xguest_t:s0
+xguest_r:xguest_t:s0 xguest_r:xguest_t:s0
-diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/config/appconfig-mls/default_contexts serefpolicy-3.6.8/config/appconfig-mls/default_contexts
+diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/config/appconfig-mls/default_contexts serefpolicy-3.6.9/config/appconfig-mls/default_contexts
--- nsaserefpolicy/config/appconfig-mls/default_contexts 2008-11-11 16:13:50.000000000 -0500
-+++ serefpolicy-3.6.8/config/appconfig-mls/default_contexts 2009-03-10 08:25:54.000000000 -0400
++++ serefpolicy-3.6.9/config/appconfig-mls/default_contexts 2009-03-12 11:23:09.000000000 -0400
@@ -1,15 +1,6 @@
-system_r:crond_t:s0 user_r:cronjob_t:s0 staff_r:cronjob_t:s0 sysadm_r:cronjob_t:s0 system_r:cronjob_t:s0 unconfined_r:unconfined_cronjob_t:s0
-system_r:local_login_t:s0 user_r:user_t:s0 staff_r:staff_t:s0 sysadm_r:sysadm_t:s0 unconfined_r:unconfined_t:s0
@@ -163,17 +163,17 @@
-user_r:user_su_t:s0 user_r:user_t:s0 staff_r:staff_t:s0 sysadm_r:sysadm_t:s0
-user_r:user_sudo_t:s0 sysadm_r:sysadm_t:s0 user_r:user_t:s0
+system_r:xdm_t:s0 user_r:user_t:s0
-diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/config/appconfig-mls/guest_u_default_contexts serefpolicy-3.6.8/config/appconfig-mls/guest_u_default_contexts
+diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/config/appconfig-mls/guest_u_default_contexts serefpolicy-3.6.9/config/appconfig-mls/guest_u_default_contexts
--- nsaserefpolicy/config/appconfig-mls/guest_u_default_contexts 1969-12-31 19:00:00.000000000 -0500
-+++ serefpolicy-3.6.8/config/appconfig-mls/guest_u_default_contexts 2009-03-10 08:25:54.000000000 -0400
++++ serefpolicy-3.6.9/config/appconfig-mls/guest_u_default_contexts 2009-03-12 11:23:09.000000000 -0400
@@ -0,0 +1,4 @@
+system_r:local_login_t:s0 guest_r:guest_t:s0
+system_r:remote_login_t:s0 guest_r:guest_t:s0
+system_r:sshd_t:s0 guest_r:guest_t:s0
+system_r:crond_t:s0 guest_r:guest_t:s0
-diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/config/appconfig-mls/root_default_contexts serefpolicy-3.6.8/config/appconfig-mls/root_default_contexts
+diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/config/appconfig-mls/root_default_contexts serefpolicy-3.6.9/config/appconfig-mls/root_default_contexts
--- nsaserefpolicy/config/appconfig-mls/root_default_contexts 2008-11-11 16:13:50.000000000 -0500
-+++ serefpolicy-3.6.8/config/appconfig-mls/root_default_contexts 2009-03-10 08:25:54.000000000 -0400
++++ serefpolicy-3.6.9/config/appconfig-mls/root_default_contexts 2009-03-12 11:23:09.000000000 -0400
@@ -1,11 +1,11 @@
-system_r:crond_t:s0 unconfined_r:unconfined_t:s0 sysadm_r:cronjob_t:s0 staff_r:cronjob_t:s0 user_r:cronjob_t:s0
-system_r:local_login_t:s0 unconfined_r:unconfined_t:s0 sysadm_r:sysadm_t:s0 staff_r:staff_t:s0 user_r:user_t:s0
@@ -192,19 +192,19 @@
#
-#system_r:sshd_t:s0 unconfined_r:unconfined_t:s0 sysadm_r:sysadm_t:s0 staff_r:staff_t:s0 user_r:user_t:s0
+#system_r:sshd_t:s0 sysadm_r:sysadm_t:s0 staff_r:staff_t:s0
-diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/config/appconfig-mls/virtual_domain_context serefpolicy-3.6.8/config/appconfig-mls/virtual_domain_context
+diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/config/appconfig-mls/virtual_domain_context serefpolicy-3.6.9/config/appconfig-mls/virtual_domain_context
--- nsaserefpolicy/config/appconfig-mls/virtual_domain_context 1969-12-31 19:00:00.000000000 -0500
-+++ serefpolicy-3.6.8/config/appconfig-mls/virtual_domain_context 2009-03-10 08:25:54.000000000 -0400
++++ serefpolicy-3.6.9/config/appconfig-mls/virtual_domain_context 2009-03-12 11:23:09.000000000 -0400
@@ -0,0 +1 @@
+system_u:system_r:qemu_t:s0
-diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/config/appconfig-mls/virtual_image_context serefpolicy-3.6.8/config/appconfig-mls/virtual_image_context
+diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/config/appconfig-mls/virtual_image_context serefpolicy-3.6.9/config/appconfig-mls/virtual_image_context
--- nsaserefpolicy/config/appconfig-mls/virtual_image_context 1969-12-31 19:00:00.000000000 -0500
-+++ serefpolicy-3.6.8/config/appconfig-mls/virtual_image_context 2009-03-10 08:25:54.000000000 -0400
++++ serefpolicy-3.6.9/config/appconfig-mls/virtual_image_context 2009-03-12 11:23:09.000000000 -0400
@@ -0,0 +1 @@
+system_u:object_r:virt_image_t:s0
-diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/config/appconfig-mls/xguest_u_default_contexts serefpolicy-3.6.8/config/appconfig-mls/xguest_u_default_contexts
+diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/config/appconfig-mls/xguest_u_default_contexts serefpolicy-3.6.9/config/appconfig-mls/xguest_u_default_contexts
--- nsaserefpolicy/config/appconfig-mls/xguest_u_default_contexts 1969-12-31 19:00:00.000000000 -0500
-+++ serefpolicy-3.6.8/config/appconfig-mls/xguest_u_default_contexts 2009-03-10 08:25:54.000000000 -0400
++++ serefpolicy-3.6.9/config/appconfig-mls/xguest_u_default_contexts 2009-03-12 11:23:09.000000000 -0400
@@ -0,0 +1,7 @@
+system_r:local_login_t xguest_r:xguest_t:s0
+system_r:remote_login_t xguest_r:xguest_t:s0
@@ -213,9 +213,9 @@
+system_r:xdm_t xguest_r:xguest_t:s0
+system_r:initrc_su_t:s0 xguest_r:xguest_t:s0
+xguest_r:xguest_t:s0 xguest_r:xguest_t:s0
-diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/Makefile serefpolicy-3.6.8/Makefile
+diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/Makefile serefpolicy-3.6.9/Makefile
--- nsaserefpolicy/Makefile 2009-01-19 11:07:35.000000000 -0500
-+++ serefpolicy-3.6.8/Makefile 2009-03-10 08:25:54.000000000 -0400
++++ serefpolicy-3.6.9/Makefile 2009-03-12 11:23:09.000000000 -0400
@@ -241,7 +241,7 @@
[...4682 lines suppressed...]
+')
+
-diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/userdomain.te serefpolicy-3.6.8/policy/modules/system/userdomain.te
+diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/userdomain.te serefpolicy-3.6.9/policy/modules/system/userdomain.te
--- nsaserefpolicy/policy/modules/system/userdomain.te 2009-01-19 11:07:34.000000000 -0500
-+++ serefpolicy-3.6.8/policy/modules/system/userdomain.te 2009-03-10 15:58:19.000000000 -0400
++++ serefpolicy-3.6.9/policy/modules/system/userdomain.te 2009-03-12 11:23:09.000000000 -0400
@@ -8,13 +8,6 @@
## <desc>
@@ -30417,14 +29802,14 @@
+ fs_read_cifs_named_sockets(userhomereader)
+ fs_read_cifs_named_pipes(userhomereader)
+')
-diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/virtual.fc serefpolicy-3.6.8/policy/modules/system/virtual.fc
+diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/virtual.fc serefpolicy-3.6.9/policy/modules/system/virtual.fc
--- nsaserefpolicy/policy/modules/system/virtual.fc 1969-12-31 19:00:00.000000000 -0500
-+++ serefpolicy-3.6.8/policy/modules/system/virtual.fc 2009-03-10 08:25:55.000000000 -0400
++++ serefpolicy-3.6.9/policy/modules/system/virtual.fc 2009-03-12 11:23:09.000000000 -0400
@@ -0,0 +1 @@
+# No application file contexts.
-diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/virtual.if serefpolicy-3.6.8/policy/modules/system/virtual.if
+diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/virtual.if serefpolicy-3.6.9/policy/modules/system/virtual.if
--- nsaserefpolicy/policy/modules/system/virtual.if 1969-12-31 19:00:00.000000000 -0500
-+++ serefpolicy-3.6.8/policy/modules/system/virtual.if 2009-03-10 08:25:55.000000000 -0400
++++ serefpolicy-3.6.9/policy/modules/system/virtual.if 2009-03-12 11:23:09.000000000 -0400
@@ -0,0 +1,99 @@
+## <summary>Virtual machine emulator and virtualizer</summary>
+
@@ -30525,9 +29910,9 @@
+ manage_lnk_files_pattern($1, virtual_image_type, virtual_image_type)
+ rw_blk_files_pattern($1, virtual_image_type, virtual_image_type)
+')
-diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/virtual.te serefpolicy-3.6.8/policy/modules/system/virtual.te
+diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/virtual.te serefpolicy-3.6.9/policy/modules/system/virtual.te
--- nsaserefpolicy/policy/modules/system/virtual.te 1969-12-31 19:00:00.000000000 -0500
-+++ serefpolicy-3.6.8/policy/modules/system/virtual.te 2009-03-11 14:43:06.000000000 -0400
++++ serefpolicy-3.6.9/policy/modules/system/virtual.te 2009-03-12 11:23:09.000000000 -0400
@@ -0,0 +1,80 @@
+
+policy_module(virtualization, 1.1.2)
@@ -30609,9 +29994,9 @@
+ xserver_read_xdm_pid(virtualdomain)
+ xserver_rw_shm(virtualdomain)
+')
-diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/xen.fc serefpolicy-3.6.8/policy/modules/system/xen.fc
+diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/xen.fc serefpolicy-3.6.9/policy/modules/system/xen.fc
--- nsaserefpolicy/policy/modules/system/xen.fc 2009-01-05 15:39:43.000000000 -0500
-+++ serefpolicy-3.6.8/policy/modules/system/xen.fc 2009-03-10 08:25:55.000000000 -0400
++++ serefpolicy-3.6.9/policy/modules/system/xen.fc 2009-03-12 11:23:09.000000000 -0400
@@ -2,17 +2,10 @@
/usr/bin/virsh -- gen_context(system_u:object_r:xm_exec_t,s0)
@@ -30638,9 +30023,9 @@
/var/run/xenstore\.pid -- gen_context(system_u:object_r:xenstored_var_run_t,s0)
/var/run/xenstored(/.*)? gen_context(system_u:object_r:xenstored_var_run_t,s0)
-diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/xen.if serefpolicy-3.6.8/policy/modules/system/xen.if
+diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/xen.if serefpolicy-3.6.9/policy/modules/system/xen.if
--- nsaserefpolicy/policy/modules/system/xen.if 2009-01-05 15:39:43.000000000 -0500
-+++ serefpolicy-3.6.8/policy/modules/system/xen.if 2009-03-10 08:25:55.000000000 -0400
++++ serefpolicy-3.6.9/policy/modules/system/xen.if 2009-03-12 11:23:09.000000000 -0400
@@ -167,11 +167,14 @@
#
interface(`xen_stream_connect',`
@@ -30682,9 +30067,9 @@
+ allow $1 xend_var_lib_t:dir search_dir_perms;
+ rw_files_pattern($1, xen_image_t, xen_image_t)
+')
-diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/xen.te serefpolicy-3.6.8/policy/modules/system/xen.te
+diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/xen.te serefpolicy-3.6.9/policy/modules/system/xen.te
--- nsaserefpolicy/policy/modules/system/xen.te 2009-01-19 11:07:34.000000000 -0500
-+++ serefpolicy-3.6.8/policy/modules/system/xen.te 2009-03-10 08:25:55.000000000 -0400
++++ serefpolicy-3.6.9/policy/modules/system/xen.te 2009-03-12 11:23:09.000000000 -0400
@@ -6,6 +6,13 @@
# Declarations
#
@@ -30906,39 +30291,27 @@
+optional_policy(`
+ unconfined_domain(xend_t)
+')
-diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/support/obj_perm_sets.spt serefpolicy-3.6.8/policy/support/obj_perm_sets.spt
---- nsaserefpolicy/policy/support/obj_perm_sets.spt 2008-10-16 17:21:16.000000000 -0400
-+++ serefpolicy-3.6.8/policy/support/obj_perm_sets.spt 2009-03-10 08:25:55.000000000 -0400
-@@ -179,20 +179,20 @@
- #
- # Directory (dir)
- #
--define(`getattr_dir_perms',`{ getattr }')
--define(`setattr_dir_perms',`{ setattr }')
--define(`search_dir_perms',`{ getattr search }')
-+define(`getattr_dir_perms',`{ getattr open }')
-+define(`setattr_dir_perms',`{ setattr open }')
-+define(`search_dir_perms',`{ getattr search open }')
- define(`list_dir_perms',`{ getattr search open read lock ioctl }')
- define(`add_entry_dir_perms',`{ getattr search open lock ioctl write add_name }')
- define(`del_entry_dir_perms',`{ getattr search open lock ioctl write remove_name }')
- define(`rw_dir_perms', `{ open read getattr lock search ioctl add_name remove_name write }')
--define(`create_dir_perms',`{ getattr create }')
--define(`rename_dir_perms',`{ getattr rename }')
--define(`delete_dir_perms',`{ getattr rmdir }')
-+define(`create_dir_perms',`{ getattr create open }')
-+define(`rename_dir_perms',`{ getattr rename open }')
-+define(`delete_dir_perms',`{ getattr rmdir open }')
- define(`manage_dir_perms',`{ create open getattr setattr read write link unlink rename search add_name remove_name reparent rmdir lock ioctl }')
--define(`relabelfrom_dir_perms',`{ getattr relabelfrom }')
--define(`relabelto_dir_perms',`{ getattr relabelto }')
--define(`relabel_dir_perms',`{ getattr relabelfrom relabelto }')
-+define(`relabelfrom_dir_perms',`{ getattr open relabelfrom }')
-+define(`relabelto_dir_perms',`{ getattr open relabelto }')
-+define(`relabel_dir_perms',`{ getattr open relabelfrom relabelto }')
-
- #
- # Regular file (file)
+diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/support/ipc_patterns.spt serefpolicy-3.6.9/policy/support/ipc_patterns.spt
+--- nsaserefpolicy/policy/support/ipc_patterns.spt 2009-03-12 11:16:47.000000000 -0400
++++ serefpolicy-3.6.9/policy/support/ipc_patterns.spt 2009-03-12 11:23:09.000000000 -0400
+@@ -3,12 +3,12 @@
+ #
+ define(`stream_connect_pattern',`
+ allow $1 $2:dir search_dir_perms;
+- allow $1 $3:sock_file write_sock_file_perms;
++ allow $1 $3:sock_file { getattr write };
+ allow $1 $4:unix_stream_socket connectto;
+ ')
+
+ define(`dgram_send_pattern',`
+ allow $1 $2:dir search_dir_perms;
+- allow $1 $3:sock_file write_sock_file_perms;
++ allow $1 $3:sock_file { getattr write };
+ allow $1 $4:unix_dgram_socket sendto;
+ ')
+diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/support/obj_perm_sets.spt serefpolicy-3.6.9/policy/support/obj_perm_sets.spt
+--- nsaserefpolicy/policy/support/obj_perm_sets.spt 2009-03-12 11:16:47.000000000 -0400
++++ serefpolicy-3.6.9/policy/support/obj_perm_sets.spt 2009-03-12 11:23:09.000000000 -0400
@@ -225,7 +225,7 @@
define(`create_lnk_file_perms',`{ create getattr }')
define(`rename_lnk_file_perms',`{ getattr rename }')
@@ -30948,25 +30321,6 @@
define(`relabelfrom_lnk_file_perms',`{ getattr relabelfrom }')
define(`relabelto_lnk_file_perms',`{ getattr relabelto }')
define(`relabel_lnk_file_perms',`{ getattr relabelfrom relabelto }')
-@@ -252,13 +252,13 @@
- #
- define(`getattr_sock_file_perms',`{ getattr }')
- define(`setattr_sock_file_perms',`{ setattr }')
--define(`read_sock_file_perms',`{ getattr read }')
--define(`write_sock_file_perms',`{ getattr write append }')
--define(`rw_sock_file_perms',`{ getattr read write append }')
--define(`create_sock_file_perms',`{ getattr create }')
-+define(`read_sock_file_perms',`{ getattr open read }')
-+define(`write_sock_file_perms',`{ getattr write open append }')
-+define(`rw_sock_file_perms',`{ getattr open read write append }')
-+define(`create_sock_file_perms',`{ getattr create open }')
- define(`rename_sock_file_perms',`{ getattr rename }')
- define(`delete_sock_file_perms',`{ getattr unlink }')
--define(`manage_sock_file_perms',`{ create getattr setattr read write rename link unlink ioctl lock append }')
-+define(`manage_sock_file_perms',`{ create open getattr setattr read write rename link unlink ioctl lock append }')
- define(`relabelfrom_sock_file_perms',`{ getattr relabelfrom }')
- define(`relabelto_sock_file_perms',`{ getattr relabelto }')
- define(`relabel_sock_file_perms',`{ getattr relabelfrom relabelto }')
@@ -312,3 +312,13 @@
#
define(`client_stream_socket_perms', `{ create ioctl read getattr write setattr append bind getopt setopt shutdown }')
@@ -30981,9 +30335,9 @@
+define(`all_association_perms', `{ sendto recvfrom setcontext polmatch } ')
+
+define(`manage_key_perms', `{ create link read search setattr view write } ')
-diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/users serefpolicy-3.6.8/policy/users
+diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/users serefpolicy-3.6.9/policy/users
--- nsaserefpolicy/policy/users 2008-08-07 11:15:13.000000000 -0400
-+++ serefpolicy-3.6.8/policy/users 2009-03-10 08:25:55.000000000 -0400
++++ serefpolicy-3.6.9/policy/users 2009-03-12 11:23:09.000000000 -0400
@@ -25,11 +25,8 @@
# permit any access to such users, then remove this entry.
#
@@ -31008,9 +30362,9 @@
- gen_user(root, sysadm, sysadm_r staff_r ifdef(`enable_mls',`secadm_r auditadm_r'), s0, s0 - mls_systemhigh, mcs_allcats)
-')
+gen_user(root, user, unconfined_r sysadm_r staff_r ifdef(`enable_mls',`secadm_r auditadm_r') system_r, s0, s0 - mls_systemhigh, mcs_allcats)
-diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/Rules.modular serefpolicy-3.6.8/Rules.modular
+diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/Rules.modular serefpolicy-3.6.9/Rules.modular
--- nsaserefpolicy/Rules.modular 2008-11-11 16:13:50.000000000 -0500
-+++ serefpolicy-3.6.8/Rules.modular 2009-03-10 08:25:55.000000000 -0400
++++ serefpolicy-3.6.9/Rules.modular 2009-03-12 11:23:09.000000000 -0400
@@ -73,8 +73,8 @@
$(tmpdir)/%.mod: $(m4support) $(tmpdir)/generated_definitions.conf $(tmpdir)/all_interfaces.conf %.te
@echo "Compliling $(NAME) $(@F) module"
@@ -31040,9 +30394,9 @@
$(tmpdir)/all_te_files.conf: M4PARAM += -D self_contained_policy
$(tmpdir)/all_te_files.conf: $(m4support) $(tmpdir)/generated_definitions.conf $(tmpdir)/all_interfaces.conf $(base_te_files) $(tmpdir)/rolemap.conf
-diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/support/Makefile.devel serefpolicy-3.6.8/support/Makefile.devel
+diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/support/Makefile.devel serefpolicy-3.6.9/support/Makefile.devel
--- nsaserefpolicy/support/Makefile.devel 2008-11-11 16:13:50.000000000 -0500
-+++ serefpolicy-3.6.8/support/Makefile.devel 2009-03-10 08:25:55.000000000 -0400
++++ serefpolicy-3.6.9/support/Makefile.devel 2009-03-12 11:23:09.000000000 -0400
@@ -185,8 +185,7 @@
tmp/%.mod: $(m4support) tmp/all_interfaces.conf %.te
@$(EINFO) "Compiling $(NAME) $(basename $(@F)) module"
Index: selinux-policy.spec
===================================================================
RCS file: /cvs/extras/rpms/selinux-policy/devel/selinux-policy.spec,v
retrieving revision 1.804
retrieving revision 1.805
diff -u -r1.804 -r1.805
--- selinux-policy.spec 11 Mar 2009 20:05:16 -0000 1.804
+++ selinux-policy.spec 12 Mar 2009 15:33:12 -0000 1.805
@@ -19,8 +19,8 @@
%define CHECKPOLICYVER 2.0.16-3
Summary: SELinux policy configuration
Name: selinux-policy
-Version: 3.6.8
-Release: 4%{?dist}
+Version: 3.6.9
+Release: 1%{?dist}
License: GPLv2+
Group: System Environment/Base
Source: serefpolicy-%{version}.tgz
@@ -186,7 +186,7 @@
%description
SELinux Reference Policy - modular.
-Based off of reference policy: Checked out revision 2920.
+Based off of reference policy: Checked out revision 2925.
%build
@@ -444,6 +444,9 @@
%endif
%changelog
+* Thu Mar 12 2009 Dan Walsh <dwalsh at redhat.com> 3.6.9-1
+- Upgrade to latest upstream
+
* Tue Mar 10 2009 Dan Walsh <dwalsh at redhat.com> 3.6.8-4
- Fixes for iscsid and sssd
- More cleanups for upgrade from F10 to Rawhide.
More information about the fedora-extras-commits
mailing list