rpms/selinux-policy/F-10 policy-20080710.patch,1.154,1.155

Miroslav Grepl mgrepl at fedoraproject.org
Fri Mar 27 16:39:59 UTC 2009 

Author: mgrepl

Update of /cvs/extras/rpms/selinux-policy/F-10
In directory cvs1.fedora.phx.redhat.com:/tmp/cvs-serv728

Modified Files:
	policy-20080710.patch 
Log Message:
- Fix lircd policy


policy-20080710.patch:

Index: policy-20080710.patch
===================================================================
RCS file: /cvs/extras/rpms/selinux-policy/F-10/policy-20080710.patch,v
retrieving revision 1.154
retrieving revision 1.155
diff -u -r1.154 -r1.155
--- policy-20080710.patch	27 Mar 2009 08:33:15 -0000	1.154
+++ policy-20080710.patch	27 Mar 2009 16:39:58 -0000	1.155
@@ -1869,7 +1869,7 @@
  ## </summary>
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/apps/awstats.te serefpolicy-3.5.13/policy/modules/apps/awstats.te
 --- nsaserefpolicy/policy/modules/apps/awstats.te	2008-10-17 14:49:14.000000000 +0200
-+++ serefpolicy-3.5.13/policy/modules/apps/awstats.te	2009-02-10 15:07:15.000000000 +0100
++++ serefpolicy-3.5.13/policy/modules/apps/awstats.te	2009-03-27 14:17:48.000000000 +0100
 @@ -47,6 +47,8 @@
  # e.g. /usr/share/awstats/lang/awstats-en.txt
  files_read_usr_files(awstats_t)
@@ -1879,6 +1879,15 @@
  libs_read_lib_files(awstats_t)
  libs_use_ld_so(awstats_t)
  libs_use_shared_libs(awstats_t)
+@@ -55,6 +57,8 @@
+ 
+ sysnet_dns_name_resolve(awstats_t)
+ 
++logging_read_generic_logs(awstats_t)
++
+ apache_read_log(awstats_t)
+ 
+ optional_policy(`
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/apps/ethereal.fc serefpolicy-3.5.13/policy/modules/apps/ethereal.fc
 --- nsaserefpolicy/policy/modules/apps/ethereal.fc	2008-10-17 14:49:14.000000000 +0200
 +++ serefpolicy-3.5.13/policy/modules/apps/ethereal.fc	2009-02-10 15:07:15.000000000 +0100
@@ -15964,6 +15973,17 @@
 +		xserver_rw_xdm_xserver_shm(unconfined_dbusd_t)
 +	')
 +')
+diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/dcc.fc serefpolicy-3.5.13/policy/modules/services/dcc.fc
+--- nsaserefpolicy/policy/modules/services/dcc.fc	2008-10-17 14:49:11.000000000 +0200
++++ serefpolicy-3.5.13/policy/modules/services/dcc.fc	2009-03-27 15:03:55.000000000 +0100
+@@ -10,6 +10,7 @@
+ /usr/libexec/dcc/dccifd		--	gen_context(system_u:object_r:dccifd_exec_t,s0)
+ /usr/libexec/dcc/dccm		--	gen_context(system_u:object_r:dccm_exec_t,s0)
+ 
++/var/lib/dcc(/.*)?   			gen_context(system_u:object_r:dcc_var_t,s0)
+ /var/dcc(/.*)?				gen_context(system_u:object_r:dcc_var_t,s0)
+ /var/dcc/map			--	gen_context(system_u:object_r:dcc_client_map_t,s0)
+ 
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/dcc.if serefpolicy-3.5.13/policy/modules/services/dcc.if
 --- nsaserefpolicy/policy/modules/services/dcc.if	2008-10-17 14:49:11.000000000 +0200
 +++ serefpolicy-3.5.13/policy/modules/services/dcc.if	2009-02-10 15:07:15.000000000 +0100
@@ -18199,7 +18219,7 @@
  optional_policy(`
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/lircd.fc serefpolicy-3.5.13/policy/modules/services/lircd.fc
 --- nsaserefpolicy/policy/modules/services/lircd.fc	1970-01-01 01:00:00.000000000 +0100
-+++ serefpolicy-3.5.13/policy/modules/services/lircd.fc	2009-03-23 11:39:14.000000000 +0100
++++ serefpolicy-3.5.13/policy/modules/services/lircd.fc	2009-03-27 14:57:13.000000000 +0100
 @@ -0,0 +1,9 @@
 +
 +/dev/lircd             			-s      	gen_context(system_u:object_r:lircd_sock_t,s0)
@@ -18316,8 +18336,8 @@
 +
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/lircd.te serefpolicy-3.5.13/policy/modules/services/lircd.te
 --- nsaserefpolicy/policy/modules/services/lircd.te	1970-01-01 01:00:00.000000000 +0100
-+++ serefpolicy-3.5.13/policy/modules/services/lircd.te	2009-03-22 16:10:02.000000000 +0100
-@@ -0,0 +1,53 @@
++++ serefpolicy-3.5.13/policy/modules/services/lircd.te	2009-03-27 14:56:59.000000000 +0100
+@@ -0,0 +1,60 @@
 +policy_module(lircd,1.0.0)
 +
 +########################################
@@ -18364,12 +18384,19 @@
 +manage_sock_files_pattern(lircd_t, lircd_sock_t, lircd_sock_t)
 +dev_filetrans(lircd_t, lircd_sock_t, sock_file )
 +
++files_read_etc_files(lircd_t)
++
++files_list_var(lircd_t)
++files_manage_generic_locks(lircd_t)
++files_read_all_locks(lircd_t)
++
 +logging_send_syslog_msg(lircd_t)
 +
 +libs_use_ld_so(lircd_t)
 +libs_use_shared_libs(lircd_t)
 +miscfiles_read_localization(lircd_t)
 +
++permissive lircd_t;
 +
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/lpd.fc serefpolicy-3.5.13/policy/modules/services/lpd.fc
 --- nsaserefpolicy/policy/modules/services/lpd.fc	2008-10-17 14:49:11.000000000 +0200
@@ -18842,7 +18869,7 @@
 -#')
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/mta.if serefpolicy-3.5.13/policy/modules/services/mta.if
 --- nsaserefpolicy/policy/modules/services/mta.if	2008-10-17 14:49:11.000000000 +0200
-+++ serefpolicy-3.5.13/policy/modules/services/mta.if	2009-02-10 15:07:15.000000000 +0100
++++ serefpolicy-3.5.13/policy/modules/services/mta.if	2009-03-27 13:19:43.000000000 +0100
 @@ -133,6 +133,15 @@
  		sendmail_create_log($1_mail_t)
  	')
@@ -18981,6 +19008,14 @@
  ##	Create, read, write, and delete
  ##	mail queue files.
  ## </summary>
+@@ -909,6 +964,7 @@
+ 
+ 	files_search_spool($1)
+ 	manage_files_pattern($1, mqueue_spool_t, mqueue_spool_t)
++	manage_dirs_pattern($1, mqueue_spool_t, mqueue_spool_t)
+ ')
+ 
+ #######################################
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/mta.te serefpolicy-3.5.13/policy/modules/services/mta.te
 --- nsaserefpolicy/policy/modules/services/mta.te	2008-10-17 14:49:11.000000000 +0200
 +++ serefpolicy-3.5.13/policy/modules/services/mta.te	2009-02-10 15:07:15.000000000 +0100
@@ -28326,7 +28361,7 @@
 +')
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/spamassassin.te serefpolicy-3.5.13/policy/modules/services/spamassassin.te
 --- nsaserefpolicy/policy/modules/services/spamassassin.te	2008-10-17 14:49:11.000000000 +0200
-+++ serefpolicy-3.5.13/policy/modules/services/spamassassin.te	2009-03-17 16:50:53.000000000 +0100
++++ serefpolicy-3.5.13/policy/modules/services/spamassassin.te	2009-03-27 16:44:52.000000000 +0100
 @@ -21,16 +21,24 @@
  gen_tunable(spamd_enable_home_dirs, true)
  
@@ -28510,7 +28545,7 @@
  ')
  
  optional_policy(`
-@@ -211,5 +261,137 @@
+@@ -211,5 +261,141 @@
  ')
  
  optional_policy(`
@@ -28639,6 +28674,10 @@
 +')
 +
 +optional_policy(`
++        spamass_milter_manage_state(spamc_t)
++')
++
++optional_policy(`
 +        postfix_rw_local_pipes(spamc_t)
 +')
 +
@@ -35190,7 +35229,7 @@
 +
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/sysnetwork.fc serefpolicy-3.5.13/policy/modules/system/sysnetwork.fc
 --- nsaserefpolicy/policy/modules/system/sysnetwork.fc	2008-10-17 14:49:13.000000000 +0200
-+++ serefpolicy-3.5.13/policy/modules/system/sysnetwork.fc	2009-03-23 16:28:46.000000000 +0100
++++ serefpolicy-3.5.13/policy/modules/system/sysnetwork.fc	2009-03-27 15:20:43.000000000 +0100
 @@ -11,15 +11,24 @@
  /etc/dhclient-script	--	gen_context(system_u:object_r:dhcp_etc_t,s0)
  /etc/dhcpc.*			gen_context(system_u:object_r:dhcp_etc_t,s0)
@@ -35214,7 +35253,7 @@
 +/etc/sysconfig/networking/profiles/.*/hosts        -- 	gen_context(system_u:object_r:net_conf_t,s0)
 +/etc/sysconfig/network-scripts(/.*)? 			gen_context(system_u:object_r:net_conf_t,s0)
 +/etc/sysconfig/networking/profiles(/.*)? 		gen_context(system_u:object_r:net_conf_t,s0)
-+
++/etc/sysconfig/networking/devices(/.*)?                	gen_context(system_u:object_r:net_conf_t,s0)
  ')
  
  #

More information about the fedora-extras-commits mailing list