rpms/selinux-policy/devel policy-20060802.patch,1.6,1.7
fedora-cvs-commits at redhat.com
fedora-cvs-commits at redhat.com
Fri Aug 11 03:23:37 UTC 2006
Author: dwalsh
Update of /cvs/dist/rpms/selinux-policy/devel
In directory cvs.devel.redhat.com:/tmp/cvs-serv28465
Modified Files:
policy-20060802.patch
Log Message:
* Thu Aug 10 2006 Dan Walsh <dwalsh at redhat.com> 2.3.6-3
- Misc fixes
policy-20060802.patch:
mls | 9 -
modules/admin/anaconda.te | 20 ++-
modules/admin/bootloader.te | 4
modules/admin/consoletype.te | 11 +
modules/admin/firstboot.te | 2
modules/admin/prelink.te | 3
modules/admin/rpm.fc | 2
modules/admin/rpm.if | 13 +-
modules/admin/usermanage.te | 4
modules/apps/java.fc | 1
modules/apps/mozilla.if | 2
modules/kernel/corecommands.fc | 1
modules/kernel/corenetwork.te.in | 4
modules/kernel/devices.fc | 2
modules/kernel/devices.if | 37 +++++
modules/kernel/devices.te | 8 +
modules/kernel/files.if | 18 ++
modules/kernel/filesystem.te | 2
modules/kernel/kernel.if | 75 +++++++++++
modules/kernel/terminal.if | 19 ++
modules/services/amavis.te | 7 +
modules/services/apache.te | 1
modules/services/avahi.te | 1
modules/services/bind.te | 1
modules/services/bluetooth.te | 5
modules/services/clamav.if | 1
modules/services/cron.if | 16 ++
modules/services/cron.te | 1
modules/services/cups.te | 18 ++
modules/services/cyrus.te | 1
modules/services/dbus.if | 6
modules/services/ldap.te | 2
modules/services/mta.fc | 2
modules/services/nis.te | 2
modules/services/ntp.te | 2
modules/services/openvpn.te | 2
modules/services/pegasus.if | 31 ++++
modules/services/pegasus.te | 5
modules/services/postfix.te | 7 +
modules/services/procmail.te | 1
modules/services/samba.te | 6
modules/services/setroubleshoot.fc | 9 +
modules/services/setroubleshoot.if | 3
modules/services/setroubleshoot.te | 105 ++++++++++++++++
modules/services/spamassassin.te | 4
modules/services/squid.te | 4
modules/services/ssh.if | 26 +++-
modules/services/ssh.te | 9 +
modules/services/stunnel.te | 4
modules/services/xserver.if | 69 ++++++++++
modules/services/xserver.te | 19 ++
modules/system/authlogin.te | 1
modules/system/fstools.te | 1
modules/system/hostname.te | 10 +
modules/system/init.if | 7 -
modules/system/init.te | 2
modules/system/libraries.fc | 4
modules/system/locallogin.te | 4
modules/system/logging.fc | 3
modules/system/logging.if | 21 +++
modules/system/logging.te | 3
modules/system/miscfiles.fc | 1
modules/system/miscfiles.if | 18 ++
modules/system/modutils.te | 1
modules/system/mount.te | 3
modules/system/selinuxutil.te | 11 +
modules/system/udev.fc | 1
modules/system/udev.te | 1
modules/system/unconfined.if | 2
modules/system/unconfined.te | 5
modules/system/userdomain.if | 236 +++++++++++++++++++++++++------------
modules/system/userdomain.te | 48 +++----
modules/system/xen.if | 38 +++++
modules/system/xen.te | 26 +++-
74 files changed, 875 insertions(+), 179 deletions(-)
Index: policy-20060802.patch
===================================================================
RCS file: /cvs/dist/rpms/selinux-policy/devel/policy-20060802.patch,v
retrieving revision 1.6
retrieving revision 1.7
diff -u -r1.6 -r1.7
--- policy-20060802.patch 11 Aug 2006 03:11:59 -0000 1.6
+++ policy-20060802.patch 11 Aug 2006 03:23:35 -0000 1.7
@@ -1,163 +1,3 @@
-diff --exclude-from=exclude -N -u -r nsaserefpolicy/Makefile serefpolicy-2.3.6/Makefile
---- nsaserefpolicy/Makefile 2006-08-10 09:14:45.000000000 -0400
-+++ serefpolicy-2.3.6/Makefile 2006-08-08 16:00:22.000000000 -0400
-@@ -67,7 +67,6 @@
- # interpreters and aux tools
- AWK ?= gawk
- GREP ?= egrep
--INSTALL ?= install
- M4 ?= m4
- PYTHON ?= python
- SED ?= sed
-@@ -305,8 +304,8 @@
-
- # parse-rolemap modulename,outputfile
- define parse-rolemap
-- $(verbose) $(M4) $(M4PARAM) $(ROLEMAP) | \
-- $(AWK) '/^[[:blank:]]*[A-Za-z]/{ print "gen_require(type " $$3 "; role " $$1 ";)\n$1_per_userdomain_template(" $$2 "," $$3 "," $$1 ")" }' >> $2
-+ $(verbose) m4 $(M4PARAM) $(ROLEMAP) | \
-+ awk '/^[[:blank:]]*[A-Za-z]/{ print "gen_require(type " $$3 "; role " $$1 ";)\n$1_per_userdomain_template(" $$2 "," $$3 "," $$1 ")" }' >> $2
- endef
-
- # peruser-expansion modulename,outputfile
-@@ -341,17 +340,17 @@
- @echo "# $(notdir $@).in or $(notdir $@).m4 file should be modified." >> $@
- @echo "#" >> $@
- $(verbose) cat $(MODDIR)/kernel/corenetwork.if.in >> $@
-- $(verbose) $(GREP) "^[[:blank:]]*network_(interface|node|port|packet)\(.*\)" $(@:.if=.te).in \
-- | $(M4) -D self_contained_policy $(M4PARAM) $(MODDIR)/kernel/corenetwork.if.m4 - \
-- | $(SED) -e 's/dollarsone/\$$1/g' -e 's/dollarszero/\$$0/g' >> $@
-+ $(verbose) egrep "^[[:blank:]]*network_(interface|node|port|packet)\(.*\)" $(@:.if=.te).in \
-+ | m4 -D self_contained_policy $(M4PARAM) $(MODDIR)/kernel/corenetwork.if.m4 - \
-+ | sed -e 's/dollarsone/\$$1/g' -e 's/dollarszero/\$$0/g' >> $@
-
- $(MODDIR)/kernel/corenetwork.te: $(MODDIR)/kernel/corenetwork.te.m4 $(MODDIR)/kernel/corenetwork.te.in
- @echo "#" > $@
- @echo "# This is a generated file! Instead of modifying this file, the" >> $@
- @echo "# $(notdir $@).in or $(notdir $@).m4 file should be modified." >> $@
- @echo "#" >> $@
-- $(verbose) $(M4) -D self_contained_policy $(M4PARAM) $^ \
-- | $(SED) -e 's/dollarsone/\$$1/g' -e 's/dollarszero/\$$0/g' >> $@
-+ $(verbose) m4 -D self_contained_policy $(M4PARAM) $^ \
-+ | sed -e 's/dollarsone/\$$1/g' -e 's/dollarszero/\$$0/g' >> $@
-
- ########################################
- #
-@@ -422,14 +421,14 @@
- @echo "# This file is replaced on reinstalls of this policy." >> $(TMPDIR)/system.users
- @echo "# Please edit local.users to make local changes." >> $(TMPDIR)/system.users
- @echo "#" >> $(TMPDIR)/system.users
-- $(verbose) $(M4) -D self_contained_policy $(M4PARAM) $^ | $(SED) -r -e 's/^[[:blank:]]+//' \
-+ $(verbose) m4 -D self_contained_policy $(M4PARAM) $^ | sed -r -e 's/^[[:blank:]]+//' \
- -e '/^[[:blank:]]*($$|#)/d' >> $(TMPDIR)/system.users
-- $(verbose) $(INSTALL) -m 644 $(TMPDIR)/system.users $@
-+ $(verbose) install -m 644 $(TMPDIR)/system.users $@
-
- $(USERPATH)/local.users: config/local.users
- @mkdir -p $(USERPATH)
- @echo "Installing local.users"
-- $(verbose) $(INSTALL) -b -m 644 $< $@
-+ $(verbose) install -b -m 644 $< $@
-
- ########################################
- #
-@@ -440,45 +439,45 @@
- $(INSTALLDIR)/booleans: $(BOOLEANS)
- @mkdir -p $(TMPDIR)
- @mkdir -p $(INSTALLDIR)
-- $(verbose) $(SED) -r -e 's/false/0/g' -e 's/true/1/g' \
-- -e '/^[[:blank:]]*($$|#)/d' $(BOOLEANS) | $(SORT) > $(TMPDIR)/booleans
-- $(verbose) $(INSTALL) -m 644 $(TMPDIR)/booleans $@
-+ $(verbose) sed -r -e 's/false/0/g' -e 's/true/1/g' \
-+ -e '/^[[:blank:]]*($$|#)/d' $(BOOLEANS) | sort > $(TMPDIR)/booleans
-+ $(verbose) install -m 644 $(TMPDIR)/booleans $@
-
- $(CONTEXTPATH)/files/media: $(APPCONF)/media
- @mkdir -p $(CONTEXTPATH)/files/
-- $(verbose) $(INSTALL) -m 644 $< $@
-+ $(verbose) install -m 644 $< $@
-
- $(APPDIR)/default_contexts: $(APPCONF)/default_contexts
- @mkdir -p $(APPDIR)
-- $(verbose) $(INSTALL) -m 644 $< $@
-+ $(verbose) install -m 644 $< $@
-
- $(APPDIR)/removable_context: $(APPCONF)/removable_context
- @mkdir -p $(APPDIR)
-- $(verbose) $(INSTALL) -m 644 $< $@
-+ $(verbose) install -m 644 $< $@
-
- $(APPDIR)/default_type: $(APPCONF)/default_type
- @mkdir -p $(APPDIR)
-- $(verbose) $(INSTALL) -m 644 $< $@
-+ $(verbose) install -m 644 $< $@
-
- $(APPDIR)/userhelper_context: $(APPCONF)/userhelper_context
- @mkdir -p $(APPDIR)
-- $(verbose) $(INSTALL) -m 644 $< $@
-+ $(verbose) install -m 644 $< $@
-
- $(APPDIR)/initrc_context: $(APPCONF)/initrc_context
- @mkdir -p $(APPDIR)
-- $(verbose) $(INSTALL) -m 644 $< $@
-+ $(verbose) install -m 644 $< $@
-
- $(APPDIR)/failsafe_context: $(APPCONF)/failsafe_context
- @mkdir -p $(APPDIR)
-- $(verbose) $(INSTALL) -m 644 $< $@
-+ $(verbose) install -m 644 $< $@
-
- $(APPDIR)/dbus_contexts: $(APPCONF)/dbus_contexts
- @mkdir -p $(APPDIR)
-- $(verbose) $(INSTALL) -m 644 $< $@
-+ $(verbose) install -m 644 $< $@
-
- $(APPDIR)/users/root: $(APPCONF)/root_default_contexts
- @mkdir -p $(APPDIR)/users
-- $(verbose) $(INSTALL) -m 644 $< $@
-+ $(verbose) install -m 644 $< $@
-
- ########################################
- #
-@@ -487,14 +486,14 @@
- install-headers: $(TUNXML) $(BOOLXML)
- @mkdir -p $(HEADERDIR)
- @echo "Installing $(TYPE) policy headers."
-- $(verbose) $(INSTALL) -m 644 $(TUNXML) $(BOOLXML) $(HEADERDIR)
-- $(verbose) $(M4) $(M4PARAM) $(ROLEMAP) > $(HEADERDIR)/$(notdir $(ROLEMAP))
-+ $(verbose) install -m 644 $(TUNXML) $(BOOLXML) $(HEADERDIR)
-+ $(verbose) m4 $(M4PARAM) $(ROLEMAP) > $(HEADERDIR)/$(notdir $(ROLEMAP))
- $(verbose) mkdir -p $(HEADERDIR)/support
-- $(verbose) $(INSTALL) -m 644 $(M4SUPPORT) $(word $(words $(GENXML)),$(GENXML)) $(XMLDTD) $(HEADERDIR)/support
-+ $(verbose) install -m 644 $(M4SUPPORT) $(word $(words $(GENXML)),$(GENXML)) $(XMLDTD) $(HEADERDIR)/support
- $(verbose) $(GENPERM) $(AVS) $(SECCLASS) > $(HEADERDIR)/support/all_perms.spt
- $(verbose) for i in $(notdir $(ALL_LAYERS)); do \
- mkdir -p $(HEADERDIR)/$$i ;\
-- $(INSTALL) -m 644 $(MODDIR)/$$i/*.if \
-+ install -m 644 $(MODDIR)/$$i/*.if \
- $(MODDIR)/$$i/metadata.xml \
- $(HEADERDIR)/$$i ;\
- done
-@@ -506,7 +505,7 @@
- $(verbose) echo "MONOLITHIC ?= n" >> $(HEADERDIR)/build.conf
- $(verbose) echo "DIRECT_INITRC ?= $(DIRECT_INITRC)" >> $(HEADERDIR)/build.conf
- $(verbose) echo "POLY ?= $(POLY)" >> $(HEADERDIR)/build.conf
-- $(verbose) $(INSTALL) -m 644 $(SUPPORT)/Makefile.devel $(HEADERDIR)/Makefile
-+ $(verbose) install -m 644 $(SUPPORT)/Makefile.devel $(HEADERDIR)/Makefile
-
- ########################################
- #
-@@ -515,8 +514,8 @@
- install-docs: $(TMPDIR)/html
- @mkdir -p $(DOCSDIR)/html
- @echo "Installing policy documentation"
-- $(verbose) $(INSTALL) -m 644 $(DOCFILES) $(DOCSDIR)
-- $(verbose) $(INSTALL) -m 644 $(wildcard $(HTMLDIR)/*) $(DOCSDIR)/html
-+ $(verbose) install -m 644 $(DOCFILES) $(DOCSDIR)
-+ $(verbose) install -m 644 $(wildcard $(HTMLDIR)/*) $(DOCSDIR)/html
-
- ########################################
- #
diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/mls serefpolicy-2.3.6/policy/mls
--- nsaserefpolicy/policy/mls 2006-07-14 17:04:46.000000000 -0400
+++ serefpolicy-2.3.6/policy/mls 2006-08-08 16:15:43.000000000 -0400
More information about the fedora-cvs-commits
mailing list