rpms/selinux-policy/devel policy-20060829.patch,1.7,1.8
fedora-cvs-commits at redhat.com
fedora-cvs-commits at redhat.com
Fri Sep 1 20:27:54 UTC 2006
- Previous message (by thread): rpms/setroubleshoot/devel .cvsignore, 1.34, 1.35 setroubleshoot.spec, 1.40, 1.41 sources, 1.38, 1.39
- Next message (by thread): rpms/mkinitrd/devel .cvsignore, 1.128, 1.129 mkinitrd.spec, 1.157, 1.158 sources, 1.155, 1.156
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
Author: dwalsh
Update of /cvs/dist/rpms/selinux-policy/devel
In directory cvs.devel.redhat.com:/tmp/cvs-serv13819
Modified Files:
policy-20060829.patch
Log Message:
* Fri Sep 1 2006 Dan Walsh <dwalsh at redhat.com> 2.3.11-1
- Update to upstream
policy-20060829.patch:
admin/amanda.fc | 50 -----
admin/amanda.te | 12 -
admin/anaconda.te | 6
admin/bootloader.fc | 1
admin/bootloader.te | 2
admin/consoletype.te | 7
admin/firstboot.te | 13 -
admin/rpm.fc | 2
admin/rpm.if | 13 -
apps/java.fc | 2
kernel/corecommands.if | 1
kernel/corenetwork.te.in | 4
kernel/files.fc | 1
kernel/terminal.if | 2
services/amavis.te | 1
services/apache.te | 2
services/bluetooth.te | 4
services/ccs.fc | 8
services/ccs.if | 65 +++++++
services/ccs.te | 87 +++++++++
services/clamav.te | 1
services/cron.if | 9 +
services/cron.te | 4
services/cyrus.te | 1
services/dbus.if | 1
services/dbus.te | 1
services/dovecot.te | 2
services/ftp.te | 1
services/hal.te | 2
services/ldap.te | 2
services/networkmanager.te | 4
services/ntp.te | 1
services/oddjob.fc | 8
services/oddjob.if | 76 ++++++++
services/oddjob.te | 73 ++++++++
services/oddjob_mkhomedir.fc | 6
services/oddjob_mkhomedir.if | 24 ++
services/oddjob_mkhomedir.te | 29 +++
services/pegasus.if | 31 +++
services/pegasus.te | 5
services/postfix.te | 6
services/ricci.fc | 20 ++
services/ricci.if | 184 ++++++++++++++++++++
services/ricci.te | 386 +++++++++++++++++++++++++++++++++++++++++++
services/setroubleshoot.te | 2
services/stunnel.te | 3
services/xserver.if | 22 ++
system/hostname.te | 5
system/init.te | 3
system/selinuxutil.fc | 1
system/selinuxutil.te | 7
system/userdomain.if | 246 ++++++++++++++++++---------
system/userdomain.te | 48 ++---
53 files changed, 1292 insertions(+), 205 deletions(-)
Index: policy-20060829.patch
===================================================================
RCS file: /cvs/dist/rpms/selinux-policy/devel/policy-20060829.patch,v
retrieving revision 1.7
retrieving revision 1.8
diff -u -r1.7 -r1.8
--- policy-20060829.patch 1 Sep 2006 19:45:39 -0000 1.7
+++ policy-20060829.patch 1 Sep 2006 20:27:51 -0000 1.8
@@ -1,6 +1,6 @@
diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/admin/amanda.fc serefpolicy-2.3.11/policy/modules/admin/amanda.fc
--- nsaserefpolicy/policy/modules/admin/amanda.fc 2006-08-29 09:00:30.000000000 -0400
-+++ serefpolicy-2.3.11/policy/modules/admin/amanda.fc 2006-09-01 15:33:55.000000000 -0400
++++ serefpolicy-2.3.11/policy/modules/admin/amanda.fc 2006-09-01 15:41:44.000000000 -0400
@@ -11,61 +11,11 @@
/usr/lib(64)?/amanda -d gen_context(system_u:object_r:amanda_usr_lib_t,s0)
/usr/lib(64)?/amanda/.+ -- gen_context(system_u:object_r:amanda_exec_t,s0)
@@ -65,7 +65,7 @@
/var/lib/amanda/index gen_context(system_u:object_r:amanda_data_t,s0)
diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/admin/amanda.te serefpolicy-2.3.11/policy/modules/admin/amanda.te
--- nsaserefpolicy/policy/modules/admin/amanda.te 2006-08-29 09:00:30.000000000 -0400
-+++ serefpolicy-2.3.11/policy/modules/admin/amanda.te 2006-09-01 15:33:55.000000000 -0400
++++ serefpolicy-2.3.11/policy/modules/admin/amanda.te 2006-09-01 15:41:44.000000000 -0400
@@ -33,18 +33,6 @@
type amanda_gnutarlists_t;
files_type(amanda_gnutarlists_t)
@@ -87,7 +87,7 @@
diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/admin/anaconda.te serefpolicy-2.3.11/policy/modules/admin/anaconda.te
--- nsaserefpolicy/policy/modules/admin/anaconda.te 2006-09-01 14:10:19.000000000 -0400
-+++ serefpolicy-2.3.11/policy/modules/admin/anaconda.te 2006-09-01 15:33:55.000000000 -0400
++++ serefpolicy-2.3.11/policy/modules/admin/anaconda.te 2006-09-01 15:41:44.000000000 -0400
@@ -64,3 +64,9 @@
optional_policy(`
usermanage_domtrans_admin_passwd(anaconda_t)
@@ -100,7 +100,7 @@
+domain_dontaudit_use_interactive_fds(anaconda_t)
diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/admin/bootloader.fc serefpolicy-2.3.11/policy/modules/admin/bootloader.fc
--- nsaserefpolicy/policy/modules/admin/bootloader.fc 2006-07-14 17:04:46.000000000 -0400
-+++ serefpolicy-2.3.11/policy/modules/admin/bootloader.fc 2006-09-01 15:33:55.000000000 -0400
++++ serefpolicy-2.3.11/policy/modules/admin/bootloader.fc 2006-09-01 15:41:44.000000000 -0400
@@ -10,3 +10,4 @@
/sbin/lilo.* -- gen_context(system_u:object_r:bootloader_exec_t,s0)
/sbin/mkinitrd -- gen_context(system_u:object_r:bootloader_exec_t,s0)
@@ -108,7 +108,7 @@
+/boot/grub/.* -- gen_context(system_u:object_r:boot_runtime_t,s0)
diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/admin/bootloader.te serefpolicy-2.3.11/policy/modules/admin/bootloader.te
--- nsaserefpolicy/policy/modules/admin/bootloader.te 2006-08-29 09:00:30.000000000 -0400
-+++ serefpolicy-2.3.11/policy/modules/admin/bootloader.te 2006-09-01 15:33:55.000000000 -0400
++++ serefpolicy-2.3.11/policy/modules/admin/bootloader.te 2006-09-01 15:41:44.000000000 -0400
@@ -161,7 +161,7 @@
allow bootloader_t self:capability ipc_lock;
@@ -120,7 +120,7 @@
files_mountpoint(bootloader_tmp_t)
diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/admin/consoletype.te serefpolicy-2.3.11/policy/modules/admin/consoletype.te
--- nsaserefpolicy/policy/modules/admin/consoletype.te 2006-08-29 09:00:30.000000000 -0400
-+++ serefpolicy-2.3.11/policy/modules/admin/consoletype.te 2006-09-01 15:33:55.000000000 -0400
++++ serefpolicy-2.3.11/policy/modules/admin/consoletype.te 2006-09-01 15:41:44.000000000 -0400
@@ -8,7 +8,12 @@
type consoletype_t;
@@ -137,7 +137,7 @@
role system_r types consoletype_t;
diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/admin/firstboot.te serefpolicy-2.3.11/policy/modules/admin/firstboot.te
--- nsaserefpolicy/policy/modules/admin/firstboot.te 2006-08-29 09:00:30.000000000 -0400
-+++ serefpolicy-2.3.11/policy/modules/admin/firstboot.te 2006-09-01 15:33:55.000000000 -0400
++++ serefpolicy-2.3.11/policy/modules/admin/firstboot.te 2006-09-01 15:41:44.000000000 -0400
@@ -20,9 +20,6 @@
type firstboot_etc_t;
files_config_file(firstboot_etc_t)
@@ -174,7 +174,7 @@
diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/admin/rpm.fc serefpolicy-2.3.11/policy/modules/admin/rpm.fc
--- nsaserefpolicy/policy/modules/admin/rpm.fc 2006-07-14 17:04:46.000000000 -0400
-+++ serefpolicy-2.3.11/policy/modules/admin/rpm.fc 2006-09-01 15:33:56.000000000 -0400
++++ serefpolicy-2.3.11/policy/modules/admin/rpm.fc 2006-09-01 15:41:44.000000000 -0400
@@ -19,6 +19,8 @@
/usr/sbin/pup -- gen_context(system_u:object_r:rpm_exec_t,s0)
/usr/sbin/rhn_check -- gen_context(system_u:object_r:rpm_exec_t,s0)
@@ -186,7 +186,7 @@
/var/lib/alternatives(/.*)? gen_context(system_u:object_r:rpm_var_lib_t,s0)
diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/admin/rpm.if serefpolicy-2.3.11/policy/modules/admin/rpm.if
--- nsaserefpolicy/policy/modules/admin/rpm.if 2006-08-02 10:34:09.000000000 -0400
-+++ serefpolicy-2.3.11/policy/modules/admin/rpm.if 2006-09-01 15:33:56.000000000 -0400
++++ serefpolicy-2.3.11/policy/modules/admin/rpm.if 2006-09-01 15:41:44.000000000 -0400
@@ -75,12 +75,13 @@
')
@@ -209,7 +209,7 @@
diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/apps/java.fc serefpolicy-2.3.11/policy/modules/apps/java.fc
--- nsaserefpolicy/policy/modules/apps/java.fc 2006-08-29 09:00:26.000000000 -0400
-+++ serefpolicy-2.3.11/policy/modules/apps/java.fc 2006-09-01 15:33:56.000000000 -0400
++++ serefpolicy-2.3.11/policy/modules/apps/java.fc 2006-09-01 15:41:44.000000000 -0400
@@ -1,7 +1,7 @@
#
# /opt
@@ -221,7 +221,7 @@
# /usr
diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/kernel/corecommands.if serefpolicy-2.3.11/policy/modules/kernel/corecommands.if
--- nsaserefpolicy/policy/modules/kernel/corecommands.if 2006-08-02 10:34:05.000000000 -0400
-+++ serefpolicy-2.3.11/policy/modules/kernel/corecommands.if 2006-09-01 15:33:56.000000000 -0400
++++ serefpolicy-2.3.11/policy/modules/kernel/corecommands.if 2006-09-01 15:41:44.000000000 -0400
@@ -950,6 +950,7 @@
allow $1 exec_type:file manage_file_perms;
@@ -232,7 +232,7 @@
########################################
diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/kernel/corenetwork.te.in serefpolicy-2.3.11/policy/modules/kernel/corenetwork.te.in
--- nsaserefpolicy/policy/modules/kernel/corenetwork.te.in 2006-09-01 14:10:17.000000000 -0400
-+++ serefpolicy-2.3.11/policy/modules/kernel/corenetwork.te.in 2006-09-01 15:33:56.000000000 -0400
++++ serefpolicy-2.3.11/policy/modules/kernel/corenetwork.te.in 2006-09-01 15:41:44.000000000 -0400
@@ -67,6 +67,7 @@
network_port(clamd, tcp,3310,s0)
network_port(clockspeed, udp,4041,s0)
@@ -258,7 +258,7 @@
network_port(snmp, udp,161,s0, udp,162,s0, tcp,199,s0)
diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/kernel/files.fc serefpolicy-2.3.11/policy/modules/kernel/files.fc
--- nsaserefpolicy/policy/modules/kernel/files.fc 2006-09-01 14:10:17.000000000 -0400
-+++ serefpolicy-2.3.11/policy/modules/kernel/files.fc 2006-09-01 15:33:56.000000000 -0400
++++ serefpolicy-2.3.11/policy/modules/kernel/files.fc 2006-09-01 15:41:44.000000000 -0400
@@ -32,6 +32,7 @@
/boot/lost\+found -d gen_context(system_u:object_r:lost_found_t,s15:c0.c255)
/boot/lost\+found/.* <<none>>
@@ -269,7 +269,7 @@
# /emul
diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/kernel/terminal.if serefpolicy-2.3.11/policy/modules/kernel/terminal.if
--- nsaserefpolicy/policy/modules/kernel/terminal.if 2006-08-29 09:00:26.000000000 -0400
-+++ serefpolicy-2.3.11/policy/modules/kernel/terminal.if 2006-09-01 15:33:56.000000000 -0400
++++ serefpolicy-2.3.11/policy/modules/kernel/terminal.if 2006-09-01 15:41:44.000000000 -0400
@@ -886,7 +886,7 @@
type tty_device_t;
')
@@ -281,7 +281,7 @@
########################################
diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/amavis.te serefpolicy-2.3.11/policy/modules/services/amavis.te
--- nsaserefpolicy/policy/modules/services/amavis.te 2006-08-29 09:00:27.000000000 -0400
-+++ serefpolicy-2.3.11/policy/modules/services/amavis.te 2006-09-01 15:33:56.000000000 -0400
++++ serefpolicy-2.3.11/policy/modules/services/amavis.te 2006-09-01 15:41:44.000000000 -0400
@@ -155,6 +155,7 @@
ifdef(`targeted_policy',`
@@ -292,7 +292,7 @@
optional_policy(`
diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/apache.te serefpolicy-2.3.11/policy/modules/services/apache.te
--- nsaserefpolicy/policy/modules/services/apache.te 2006-08-29 09:00:28.000000000 -0400
-+++ serefpolicy-2.3.11/policy/modules/services/apache.te 2006-09-01 15:36:23.000000000 -0400
++++ serefpolicy-2.3.11/policy/modules/services/apache.te 2006-09-01 15:41:44.000000000 -0400
@@ -141,7 +141,6 @@
allow httpd_t self:msg { send receive };
allow httpd_t self:unix_dgram_socket { create_socket_perms sendto };
@@ -309,7 +309,7 @@
')
diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/bluetooth.te serefpolicy-2.3.11/policy/modules/services/bluetooth.te
--- nsaserefpolicy/policy/modules/services/bluetooth.te 2006-08-02 10:34:07.000000000 -0400
-+++ serefpolicy-2.3.11/policy/modules/services/bluetooth.te 2006-09-01 15:33:56.000000000 -0400
++++ serefpolicy-2.3.11/policy/modules/services/bluetooth.te 2006-09-01 15:41:44.000000000 -0400
@@ -217,14 +217,16 @@
fs_rw_tmpfs_files(bluetooth_helper_t)
@@ -330,7 +330,7 @@
xserver_rw_xdm_pipes(bluetooth_helper_t)
diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/ccs.fc serefpolicy-2.3.11/policy/modules/services/ccs.fc
--- nsaserefpolicy/policy/modules/services/ccs.fc 1969-12-31 19:00:00.000000000 -0500
-+++ serefpolicy-2.3.11/policy/modules/services/ccs.fc 2006-09-01 15:33:56.000000000 -0400
++++ serefpolicy-2.3.11/policy/modules/services/ccs.fc 2006-09-01 15:41:44.000000000 -0400
@@ -0,0 +1,8 @@
+# ccs executable will have:
+# label: system_u:object_r:ccs_exec_t
@@ -342,7 +342,7 @@
+/etc/cluster(/.*)? gen_context(system_u:object_r:cluster_conf_t,s0)
diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/ccs.if serefpolicy-2.3.11/policy/modules/services/ccs.if
--- nsaserefpolicy/policy/modules/services/ccs.if 1969-12-31 19:00:00.000000000 -0500
-+++ serefpolicy-2.3.11/policy/modules/services/ccs.if 2006-09-01 15:33:56.000000000 -0400
++++ serefpolicy-2.3.11/policy/modules/services/ccs.if 2006-09-01 15:41:44.000000000 -0400
@@ -0,0 +1,65 @@
+## <summary>policy for ccs</summary>
+
@@ -411,7 +411,7 @@
+
diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/ccs.te serefpolicy-2.3.11/policy/modules/services/ccs.te
--- nsaserefpolicy/policy/modules/services/ccs.te 1969-12-31 19:00:00.000000000 -0500
-+++ serefpolicy-2.3.11/policy/modules/services/ccs.te 2006-09-01 15:33:56.000000000 -0400
++++ serefpolicy-2.3.11/policy/modules/services/ccs.te 2006-09-01 15:41:44.000000000 -0400
@@ -0,0 +1,87 @@
+policy_module(ccs,1.0.0)
+
@@ -502,7 +502,7 @@
+allow ccs_t cluster_conf_t:file rw_file_perms;
diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/clamav.te serefpolicy-2.3.11/policy/modules/services/clamav.te
--- nsaserefpolicy/policy/modules/services/clamav.te 2006-08-02 10:34:07.000000000 -0400
-+++ serefpolicy-2.3.11/policy/modules/services/clamav.te 2006-09-01 15:33:56.000000000 -0400
++++ serefpolicy-2.3.11/policy/modules/services/clamav.te 2006-09-01 15:41:44.000000000 -0400
@@ -121,6 +121,7 @@
cron_rw_pipes(clamd_t)
@@ -513,7 +513,7 @@
diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/cron.if serefpolicy-2.3.11/policy/modules/services/cron.if
--- nsaserefpolicy/policy/modules/services/cron.if 2006-08-29 09:00:28.000000000 -0400
-+++ serefpolicy-2.3.11/policy/modules/services/cron.if 2006-09-01 15:33:56.000000000 -0400
++++ serefpolicy-2.3.11/policy/modules/services/cron.if 2006-09-01 15:41:44.000000000 -0400
@@ -54,6 +54,11 @@
domain_entry_file($1_crontab_t,crontab_exec_t)
role $3 types $1_crontab_t;
@@ -539,7 +539,7 @@
allow $1_crontab_t self:process signal_perms;
diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/cron.te serefpolicy-2.3.11/policy/modules/services/cron.te
--- nsaserefpolicy/policy/modules/services/cron.te 2006-08-29 09:00:28.000000000 -0400
-+++ serefpolicy-2.3.11/policy/modules/services/cron.te 2006-09-01 15:33:56.000000000 -0400
++++ serefpolicy-2.3.11/policy/modules/services/cron.te 2006-09-01 15:41:44.000000000 -0400
@@ -36,6 +36,9 @@
type crontab_exec_t;
corecmd_executable_file(crontab_exec_t)
@@ -560,7 +560,7 @@
tunable_policy(`fcron_crond', `
diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/cyrus.te serefpolicy-2.3.11/policy/modules/services/cyrus.te
--- nsaserefpolicy/policy/modules/services/cyrus.te 2006-08-29 09:00:28.000000000 -0400
-+++ serefpolicy-2.3.11/policy/modules/services/cyrus.te 2006-09-01 15:33:56.000000000 -0400
++++ serefpolicy-2.3.11/policy/modules/services/cyrus.te 2006-09-01 15:41:44.000000000 -0400
@@ -93,6 +93,7 @@
files_list_var_lib(cyrus_t)
files_read_etc_files(cyrus_t)
@@ -571,7 +571,7 @@
init_use_script_ptys(cyrus_t)
diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/dbus.if serefpolicy-2.3.11/policy/modules/services/dbus.if
--- nsaserefpolicy/policy/modules/services/dbus.if 2006-08-29 09:00:28.000000000 -0400
-+++ serefpolicy-2.3.11/policy/modules/services/dbus.if 2006-09-01 15:33:56.000000000 -0400
++++ serefpolicy-2.3.11/policy/modules/services/dbus.if 2006-09-01 15:41:44.000000000 -0400
@@ -123,6 +123,7 @@
selinux_compute_relabel_context($1_dbusd_t)
selinux_compute_user_contexts($1_dbusd_t)
@@ -582,7 +582,7 @@
corecmd_read_bin_files($1_dbusd_t)
diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/dbus.te serefpolicy-2.3.11/policy/modules/services/dbus.te
--- nsaserefpolicy/policy/modules/services/dbus.te 2006-08-29 09:00:28.000000000 -0400
-+++ serefpolicy-2.3.11/policy/modules/services/dbus.te 2006-09-01 15:36:59.000000000 -0400
++++ serefpolicy-2.3.11/policy/modules/services/dbus.te 2006-09-01 15:41:44.000000000 -0400
@@ -38,7 +38,6 @@
allow system_dbusd_t self:unix_stream_socket { connectto create_stream_socket_perms connectto };
allow system_dbusd_t self:unix_dgram_socket create_socket_perms;
@@ -593,7 +593,7 @@
diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/dovecot.te serefpolicy-2.3.11/policy/modules/services/dovecot.te
--- nsaserefpolicy/policy/modules/services/dovecot.te 2006-09-01 14:10:18.000000000 -0400
-+++ serefpolicy-2.3.11/policy/modules/services/dovecot.te 2006-09-01 15:37:16.000000000 -0400
++++ serefpolicy-2.3.11/policy/modules/services/dovecot.te 2006-09-01 15:41:44.000000000 -0400
@@ -46,8 +46,6 @@
allow dovecot_t self:tcp_socket create_stream_socket_perms;
allow dovecot_t self:unix_dgram_socket create_socket_perms;
@@ -605,7 +605,7 @@
allow dovecot_auth_t dovecot_t:process sigchld;
diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/ftp.te serefpolicy-2.3.11/policy/modules/services/ftp.te
--- nsaserefpolicy/policy/modules/services/ftp.te 2006-08-23 12:14:53.000000000 -0400
-+++ serefpolicy-2.3.11/policy/modules/services/ftp.te 2006-09-01 15:37:26.000000000 -0400
++++ serefpolicy-2.3.11/policy/modules/services/ftp.te 2006-09-01 15:41:44.000000000 -0400
@@ -50,7 +50,6 @@
allow ftpd_t self:unix_stream_socket create_stream_socket_perms;
allow ftpd_t self:tcp_socket create_stream_socket_perms;
@@ -616,7 +616,7 @@
diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/hal.te serefpolicy-2.3.11/policy/modules/services/hal.te
--- nsaserefpolicy/policy/modules/services/hal.te 2006-09-01 14:10:18.000000000 -0400
-+++ serefpolicy-2.3.11/policy/modules/services/hal.te 2006-09-01 15:37:39.000000000 -0400
++++ serefpolicy-2.3.11/policy/modules/services/hal.te 2006-09-01 15:41:44.000000000 -0400
@@ -28,7 +28,6 @@
allow hald_t self:fifo_file rw_file_perms;
allow hald_t self:unix_stream_socket { create_stream_socket_perms connectto };
@@ -635,7 +635,7 @@
files_read_etc_files(hald_t)
diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/ldap.te serefpolicy-2.3.11/policy/modules/services/ldap.te
--- nsaserefpolicy/policy/modules/services/ldap.te 2006-08-16 08:46:30.000000000 -0400
-+++ serefpolicy-2.3.11/policy/modules/services/ldap.te 2006-09-01 15:33:56.000000000 -0400
++++ serefpolicy-2.3.11/policy/modules/services/ldap.te 2006-09-01 15:41:44.000000000 -0400
@@ -72,7 +72,7 @@
allow slapd_t slapd_var_run_t:file create_file_perms;
@@ -647,7 +647,7 @@
kernel_read_kernel_sysctls(slapd_t)
diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/networkmanager.te serefpolicy-2.3.11/policy/modules/services/networkmanager.te
--- nsaserefpolicy/policy/modules/services/networkmanager.te 2006-07-14 17:04:41.000000000 -0400
-+++ serefpolicy-2.3.11/policy/modules/services/networkmanager.te 2006-09-01 15:33:56.000000000 -0400
++++ serefpolicy-2.3.11/policy/modules/services/networkmanager.te 2006-09-01 15:41:44.000000000 -0400
@@ -18,9 +18,9 @@
# Local policy
#
@@ -662,7 +662,7 @@
allow NetworkManager_t self:unix_stream_socket create_stream_socket_perms;
diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/ntp.te serefpolicy-2.3.11/policy/modules/services/ntp.te
--- nsaserefpolicy/policy/modules/services/ntp.te 2006-08-23 12:14:54.000000000 -0400
-+++ serefpolicy-2.3.11/policy/modules/services/ntp.te 2006-09-01 15:38:01.000000000 -0400
++++ serefpolicy-2.3.11/policy/modules/services/ntp.te 2006-09-01 15:41:44.000000000 -0400
@@ -38,7 +38,6 @@
allow ntpd_t self:fifo_file { read write getattr };
allow ntpd_t self:unix_dgram_socket create_socket_perms;
@@ -673,7 +673,7 @@
diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/oddjob.fc serefpolicy-2.3.11/policy/modules/services/oddjob.fc
--- nsaserefpolicy/policy/modules/services/oddjob.fc 1969-12-31 19:00:00.000000000 -0500
-+++ serefpolicy-2.3.11/policy/modules/services/oddjob.fc 2006-09-01 15:33:56.000000000 -0400
++++ serefpolicy-2.3.11/policy/modules/services/oddjob.fc 2006-09-01 15:41:44.000000000 -0400
@@ -0,0 +1,8 @@
+# oddjob executable will have:
+# label: system_u:object_r:oddjob_exec_t
@@ -685,7 +685,7 @@
+/usr/lib/oddjobd gen_context(system_u:object_r:oddjob_var_lib_t,s0)
diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/oddjob.if serefpolicy-2.3.11/policy/modules/services/oddjob.if
--- nsaserefpolicy/policy/modules/services/oddjob.if 1969-12-31 19:00:00.000000000 -0500
-+++ serefpolicy-2.3.11/policy/modules/services/oddjob.if 2006-09-01 15:33:56.000000000 -0400
++++ serefpolicy-2.3.11/policy/modules/services/oddjob.if 2006-09-01 15:41:44.000000000 -0400
@@ -0,0 +1,76 @@
+## <summary>policy for oddjob</summary>
+
@@ -765,7 +765,7 @@
+')
diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/oddjob_mkhomedir.fc serefpolicy-2.3.11/policy/modules/services/oddjob_mkhomedir.fc
--- nsaserefpolicy/policy/modules/services/oddjob_mkhomedir.fc 1969-12-31 19:00:00.000000000 -0500
-+++ serefpolicy-2.3.11/policy/modules/services/oddjob_mkhomedir.fc 2006-09-01 15:33:56.000000000 -0400
++++ serefpolicy-2.3.11/policy/modules/services/oddjob_mkhomedir.fc 2006-09-01 15:41:44.000000000 -0400
@@ -0,0 +1,6 @@
+# oddjob_mkhomedir executable will have:
+# label: system_u:object_r:oddjob_mkhomedir_exec_t
@@ -775,7 +775,7 @@
+/usr/lib/oddjob/mkhomedir -- gen_context(system_u:object_r:oddjob_mkhomedir_exec_t,s0)
diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/oddjob_mkhomedir.if serefpolicy-2.3.11/policy/modules/services/oddjob_mkhomedir.if
--- nsaserefpolicy/policy/modules/services/oddjob_mkhomedir.if 1969-12-31 19:00:00.000000000 -0500
-+++ serefpolicy-2.3.11/policy/modules/services/oddjob_mkhomedir.if 2006-09-01 15:33:56.000000000 -0400
++++ serefpolicy-2.3.11/policy/modules/services/oddjob_mkhomedir.if 2006-09-01 15:41:44.000000000 -0400
@@ -0,0 +1,24 @@
+## <summary>policy for oddjob_mkhomedir</summary>
+
@@ -803,7 +803,7 @@
+')
diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/oddjob_mkhomedir.te serefpolicy-2.3.11/policy/modules/services/oddjob_mkhomedir.te
--- nsaserefpolicy/policy/modules/services/oddjob_mkhomedir.te 1969-12-31 19:00:00.000000000 -0500
-+++ serefpolicy-2.3.11/policy/modules/services/oddjob_mkhomedir.te 2006-09-01 15:33:56.000000000 -0400
++++ serefpolicy-2.3.11/policy/modules/services/oddjob_mkhomedir.te 2006-09-01 15:41:44.000000000 -0400
@@ -0,0 +1,29 @@
+policy_module(oddjob_mkhomedir,1.0.0)
+
@@ -836,7 +836,7 @@
+
diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/oddjob.te serefpolicy-2.3.11/policy/modules/services/oddjob.te
--- nsaserefpolicy/policy/modules/services/oddjob.te 1969-12-31 19:00:00.000000000 -0500
-+++ serefpolicy-2.3.11/policy/modules/services/oddjob.te 2006-09-01 15:33:56.000000000 -0400
++++ serefpolicy-2.3.11/policy/modules/services/oddjob.te 2006-09-01 15:41:44.000000000 -0400
@@ -0,0 +1,73 @@
+policy_module(oddjob,1.0.0)
+
@@ -913,7 +913,7 @@
+
diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/pegasus.if serefpolicy-2.3.11/policy/modules/services/pegasus.if
--- nsaserefpolicy/policy/modules/services/pegasus.if 2006-07-14 17:04:41.000000000 -0400
-+++ serefpolicy-2.3.11/policy/modules/services/pegasus.if 2006-09-01 15:33:56.000000000 -0400
++++ serefpolicy-2.3.11/policy/modules/services/pegasus.if 2006-09-01 15:41:44.000000000 -0400
@@ -1 +1,32 @@
## <summary>The Open Group Pegasus CIM/WBEM Server.</summary>
+
@@ -949,7 +949,7 @@
+')
diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/pegasus.te serefpolicy-2.3.11/policy/modules/services/pegasus.te
--- nsaserefpolicy/policy/modules/services/pegasus.te 2006-08-23 12:14:54.000000000 -0400
-+++ serefpolicy-2.3.11/policy/modules/services/pegasus.te 2006-09-01 15:33:56.000000000 -0400
++++ serefpolicy-2.3.11/policy/modules/services/pegasus.te 2006-09-01 15:41:44.000000000 -0400
@@ -100,13 +100,12 @@
auth_use_nsswitch(pegasus_t)
@@ -968,7 +968,7 @@
hostname_exec(pegasus_t)
diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/postfix.te serefpolicy-2.3.11/policy/modules/services/postfix.te
--- nsaserefpolicy/policy/modules/services/postfix.te 2006-08-29 09:00:28.000000000 -0400
-+++ serefpolicy-2.3.11/policy/modules/services/postfix.te 2006-09-01 15:33:56.000000000 -0400
++++ serefpolicy-2.3.11/policy/modules/services/postfix.te 2006-09-01 15:41:44.000000000 -0400
@@ -171,6 +171,11 @@
mta_rw_aliases(postfix_master_t)
mta_read_sendmail_bin(postfix_master_t)
@@ -991,7 +991,7 @@
diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/ricci.fc serefpolicy-2.3.11/policy/modules/services/ricci.fc
--- nsaserefpolicy/policy/modules/services/ricci.fc 1969-12-31 19:00:00.000000000 -0500
-+++ serefpolicy-2.3.11/policy/modules/services/ricci.fc 2006-09-01 15:33:56.000000000 -0400
++++ serefpolicy-2.3.11/policy/modules/services/ricci.fc 2006-09-01 15:41:44.000000000 -0400
@@ -0,0 +1,20 @@
+# ricci executable will have:
+# label: system_u:object_r:ricci_exec_t
@@ -1015,7 +1015,7 @@
+
diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/ricci.if serefpolicy-2.3.11/policy/modules/services/ricci.if
--- nsaserefpolicy/policy/modules/services/ricci.if 1969-12-31 19:00:00.000000000 -0500
-+++ serefpolicy-2.3.11/policy/modules/services/ricci.if 2006-09-01 15:33:56.000000000 -0400
++++ serefpolicy-2.3.11/policy/modules/services/ricci.if 2006-09-01 15:41:44.000000000 -0400
@@ -0,0 +1,184 @@
+## <summary>policy for ricci</summary>
+
@@ -1203,7 +1203,7 @@
+')
diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/ricci.te serefpolicy-2.3.11/policy/modules/services/ricci.te
--- nsaserefpolicy/policy/modules/services/ricci.te 1969-12-31 19:00:00.000000000 -0500
-+++ serefpolicy-2.3.11/policy/modules/services/ricci.te 2006-09-01 15:33:56.000000000 -0400
++++ serefpolicy-2.3.11/policy/modules/services/ricci.te 2006-09-01 15:41:44.000000000 -0400
@@ -0,0 +1,386 @@
+policy_module(ricci,1.0.0)
+
@@ -1591,9 +1591,22 @@
+')
+
+
+diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/setroubleshoot.te serefpolicy-2.3.11/policy/modules/services/setroubleshoot.te
+--- nsaserefpolicy/policy/modules/services/setroubleshoot.te 2006-09-01 14:10:18.000000000 -0400
++++ serefpolicy-2.3.11/policy/modules/services/setroubleshoot.te 2006-09-01 16:22:41.000000000 -0400
+@@ -64,9 +64,7 @@
+ corenet_tcp_sendrecv_all_nodes(setroubleshootd_t)
+ corenet_tcp_sendrecv_all_ports(setroubleshootd_t)
+ corenet_tcp_bind_all_nodes(setroubleshootd_t)
+-corenet_tcp_bind_setroubleshoot_port(setroubleshootd_t)
+ corenet_tcp_connect_smtp_port(setroubleshootd_t)
+-corenet_sendrecv_setroubleshoot_server_packets(setroubleshootd_t)
+ corenet_sendrecv_smtp_client_packets(setroubleshootd_t)
+
+ dev_read_urand(setroubleshootd_t)
diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/stunnel.te serefpolicy-2.3.11/policy/modules/services/stunnel.te
--- nsaserefpolicy/policy/modules/services/stunnel.te 2006-08-02 10:34:07.000000000 -0400
-+++ serefpolicy-2.3.11/policy/modules/services/stunnel.te 2006-09-01 15:33:56.000000000 -0400
++++ serefpolicy-2.3.11/policy/modules/services/stunnel.te 2006-09-01 15:41:44.000000000 -0400
@@ -38,6 +38,7 @@
allow stunnel_t self:fifo_file rw_file_perms;
allow stunnel_t self:tcp_socket create_stream_socket_perms;
@@ -1613,7 +1626,7 @@
diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/xserver.if serefpolicy-2.3.11/policy/modules/services/xserver.if
--- nsaserefpolicy/policy/modules/services/xserver.if 2006-09-01 14:10:18.000000000 -0400
-+++ serefpolicy-2.3.11/policy/modules/services/xserver.if 2006-09-01 15:33:56.000000000 -0400
++++ serefpolicy-2.3.11/policy/modules/services/xserver.if 2006-09-01 15:41:44.000000000 -0400
@@ -1133,3 +1133,25 @@
allow $1 xdm_xserver_tmp_t:sock_file write;
allow $1 xdm_xserver_t:unix_stream_socket connectto;
@@ -1642,7 +1655,7 @@
+')
diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/hostname.te serefpolicy-2.3.11/policy/modules/system/hostname.te
--- nsaserefpolicy/policy/modules/system/hostname.te 2006-08-29 09:00:29.000000000 -0400
-+++ serefpolicy-2.3.11/policy/modules/system/hostname.te 2006-09-01 15:33:56.000000000 -0400
++++ serefpolicy-2.3.11/policy/modules/system/hostname.te 2006-09-01 15:41:44.000000000 -0400
@@ -8,7 +8,10 @@
type hostname_t;
@@ -1657,7 +1670,7 @@
########################################
diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/init.te serefpolicy-2.3.11/policy/modules/system/init.te
--- nsaserefpolicy/policy/modules/system/init.te 2006-08-28 16:22:32.000000000 -0400
-+++ serefpolicy-2.3.11/policy/modules/system/init.te 2006-09-01 15:33:56.000000000 -0400
++++ serefpolicy-2.3.11/policy/modules/system/init.te 2006-09-01 15:41:44.000000000 -0400
@@ -361,7 +361,8 @@
logging_append_all_logs(initrc_t)
logging_read_audit_config(initrc_t)
@@ -1670,7 +1683,7 @@
diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/selinuxutil.fc serefpolicy-2.3.11/policy/modules/system/selinuxutil.fc
--- nsaserefpolicy/policy/modules/system/selinuxutil.fc 2006-08-02 10:34:08.000000000 -0400
-+++ serefpolicy-2.3.11/policy/modules/system/selinuxutil.fc 2006-09-01 15:33:56.000000000 -0400
++++ serefpolicy-2.3.11/policy/modules/system/selinuxutil.fc 2006-09-01 15:41:44.000000000 -0400
@@ -36,6 +36,7 @@
/usr/sbin/restorecond -- gen_context(system_u:object_r:restorecond_exec_t,s0)
/usr/sbin/run_init -- gen_context(system_u:object_r:run_init_exec_t,s0)
@@ -1681,7 +1694,7 @@
/usr/sbin/semodule -- gen_context(system_u:object_r:semanage_exec_t,s0)
diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/selinuxutil.te serefpolicy-2.3.11/policy/modules/system/selinuxutil.te
--- nsaserefpolicy/policy/modules/system/selinuxutil.te 2006-09-01 14:10:18.000000000 -0400
-+++ serefpolicy-2.3.11/policy/modules/system/selinuxutil.te 2006-09-01 15:33:56.000000000 -0400
++++ serefpolicy-2.3.11/policy/modules/system/selinuxutil.te 2006-09-01 15:41:44.000000000 -0400
@@ -450,6 +450,7 @@
selinux_compute_user_contexts(restorecond_t)
@@ -1705,7 +1718,7 @@
########################################
diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/userdomain.if serefpolicy-2.3.11/policy/modules/system/userdomain.if
--- nsaserefpolicy/policy/modules/system/userdomain.if 2006-08-16 08:46:31.000000000 -0400
-+++ serefpolicy-2.3.11/policy/modules/system/userdomain.if 2006-09-01 15:33:56.000000000 -0400
++++ serefpolicy-2.3.11/policy/modules/system/userdomain.if 2006-09-01 15:41:44.000000000 -0400
@@ -8,11 +8,10 @@
## <desc>
## <p>
@@ -2180,7 +2193,7 @@
+
diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/userdomain.te serefpolicy-2.3.11/policy/modules/system/userdomain.te
--- nsaserefpolicy/policy/modules/system/userdomain.te 2006-08-16 08:46:31.000000000 -0400
-+++ serefpolicy-2.3.11/policy/modules/system/userdomain.te 2006-09-01 15:33:56.000000000 -0400
++++ serefpolicy-2.3.11/policy/modules/system/userdomain.te 2006-09-01 15:41:44.000000000 -0400
@@ -56,14 +56,6 @@
# Local policy
#
- Previous message (by thread): rpms/setroubleshoot/devel .cvsignore, 1.34, 1.35 setroubleshoot.spec, 1.40, 1.41 sources, 1.38, 1.39
- Next message (by thread): rpms/mkinitrd/devel .cvsignore, 1.128, 1.129 mkinitrd.spec, 1.157, 1.158 sources, 1.155, 1.156
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
More information about the fedora-cvs-commits
mailing list