rpms/selinux-policy/devel policy-20060829.patch, 1.10, 1.11 selinux-policy.spec, 1.271, 1.272

fedora-cvs-commits at redhat.com fedora-cvs-commits at redhat.com
Tue Sep 5 20:19:58 UTC 2006 

Author: dwalsh

Update of /cvs/dist/rpms/selinux-policy/devel
In directory cvs.devel.redhat.com:/tmp/cvs-serv8003

Modified Files:
	policy-20060829.patch selinux-policy.spec 
Log Message:
* Tue Sep 5 2006 Dan Walsh <dwalsh at redhat.com> 2.3.12-2
- Fixup for test6


policy-20060829.patch:
 Makefile                                    |   26 +
 Rules.modular                               |   10 
 policy/modules/admin/anaconda.te            |    6 
 policy/modules/admin/bootloader.fc          |    1 
 policy/modules/admin/bootloader.te          |    2 
 policy/modules/admin/consoletype.te         |    7 
 policy/modules/admin/firstboot.if           |   17 -
 policy/modules/admin/rpm.fc                 |    2 
 policy/modules/admin/rpm.if                 |   13 
 policy/modules/apps/java.fc                 |    2 
 policy/modules/kernel/corecommands.fc       |    1 
 policy/modules/kernel/corenetwork.te.in     |    4 
 policy/modules/kernel/files.fc              |    1 
 policy/modules/kernel/filesystem.if         |    2 
 policy/modules/kernel/terminal.if           |   22 +
 policy/modules/services/amavis.te           |    1 
 policy/modules/services/apache.te           |    1 
 policy/modules/services/bluetooth.te        |    4 
 policy/modules/services/ccs.fc              |    8 
 policy/modules/services/ccs.if              |   65 ++++
 policy/modules/services/ccs.te              |   87 ++++++
 policy/modules/services/clamav.te           |    1 
 policy/modules/services/cron.if             |   18 -
 policy/modules/services/cron.te             |    1 
 policy/modules/services/dbus.if             |    1 
 policy/modules/services/dovecot.te          |    2 
 policy/modules/services/networkmanager.te   |    4 
 policy/modules/services/oddjob.fc           |    8 
 policy/modules/services/oddjob.if           |   76 +++++
 policy/modules/services/oddjob.te           |   73 +++++
 policy/modules/services/oddjob_mkhomedir.fc |    6 
 policy/modules/services/oddjob_mkhomedir.if |   24 +
 policy/modules/services/oddjob_mkhomedir.te |   29 ++
 policy/modules/services/pegasus.if          |   31 ++
 policy/modules/services/pegasus.te          |    5 
 policy/modules/services/postfix.te          |    6 
 policy/modules/services/rhgb.te             |   45 +--
 policy/modules/services/ricci.fc            |   20 +
 policy/modules/services/ricci.if            |  184 +++++++++++++
 policy/modules/services/ricci.te            |  386 ++++++++++++++++++++++++++++
 policy/modules/services/setroubleshoot.te   |    2 
 policy/modules/services/ssh.te              |   90 +++---
 policy/modules/services/xserver.if          |   44 +++
 policy/modules/services/xserver.te          |   10 
 policy/modules/system/authlogin.te          |    2 
 policy/modules/system/hostname.te           |    5 
 policy/modules/system/init.te               |    3 
 policy/modules/system/selinuxutil.te        |    7 
 policy/modules/system/userdomain.if         |  247 ++++++++++++-----
 policy/modules/system/userdomain.te         |   48 +--
 policy/modules/system/xen.te                |    3 
 51 files changed, 1423 insertions(+), 240 deletions(-)

Index: policy-20060829.patch
===================================================================
RCS file: /cvs/dist/rpms/selinux-policy/devel/policy-20060829.patch,v
retrieving revision 1.10
retrieving revision 1.11
diff -u -r1.10 -r1.11
--- policy-20060829.patch	5 Sep 2006 19:45:06 -0000	1.10
+++ policy-20060829.patch	5 Sep 2006 20:19:56 -0000	1.11
@@ -1,3 +1,51 @@
+diff --exclude-from=exclude -N -u -r nsaserefpolicy/Makefile serefpolicy-2.3.12/Makefile
+--- nsaserefpolicy/Makefile	2006-08-31 14:57:06.000000000 -0400
++++ serefpolicy-2.3.12/Makefile	2006-09-05 16:16:40.000000000 -0400
+@@ -8,6 +8,7 @@
+ # reload        - compile, install, and load/reload the policy configuration.
+ # relabel       - relabel filesystems based on the file contexts configuration.
+ # checklabels   - check filesystems against the file context configuration
++# checkfilecontext  - check filesystems against the file context configuration
+ # restorelabels - check filesystems against the file context configuration
+ #                 and restore the label of files with incorrect labels
+ # policy        - compile the policy configuration locally for testing/development.
+@@ -44,22 +45,25 @@
+ endif
+ 
+ # executable paths
+-BINDIR ?= /usr/bin
+-SBINDIR ?= /usr/sbin
++USRBINDIR ?= /usr/bin
++USRSBINDIR ?= /usr/sbin
++SBINDIR ?= /sbin
+ ifdef TEST_TOOLCHAIN
+-tc_bindir := env LD_LIBRARY_PATH="$(TEST_TOOLCHAIN)/lib" $(TEST_TOOLCHAIN)$(BINDIR)
++tc_usrbindir := env LD_LIBRARY_PATH="$(TEST_TOOLCHAIN)/lib" $(TEST_TOOLCHAIN)$(BINDIR)
++tc_usrsbindir := env LD_LIBRARY_PATH="$(TEST_TOOLCHAIN)/lib" $(TEST_TOOLCHAIN)$(USRSBINDIR)
+ tc_sbindir := env LD_LIBRARY_PATH="$(TEST_TOOLCHAIN)/lib" $(TEST_TOOLCHAIN)$(SBINDIR)
+ else
+-tc_bindir := $(BINDIR)
++tc_usrbindir := $(USRBINDIR)
++tc_usrsbindir := $(USRSBINDIR)
+ tc_sbindir := $(SBINDIR)
+ endif
+-CHECKPOLICY ?= $(tc_bindir)/checkpolicy
+-CHECKMODULE ?= $(tc_bindir)/checkmodule
+-SEMODULE ?= $(tc_sbindir)/semodule
+-SEMOD_PKG ?= $(tc_bindir)/semodule_package
+-SEMOD_LNK ?= $(tc_bindir)/semodule_link
+-SEMOD_EXP ?= $(tc_bindir)/semodule_expand
+-LOADPOLICY ?= $(tc_sbindir)/load_policy
++CHECKPOLICY ?= $(tc_usrbindir)/checkpolicy
++CHECKMODULE ?= $(tc_usrbindir)/checkmodule
++SEMODULE ?= $(tc_usrsbindir)/semodule
++SEMOD_PKG ?= $(tc_usrbindir)/semodule_package
++SEMOD_LNK ?= $(tc_usrbindir)/semodule_link
++SEMOD_EXP ?= $(tc_usrbindir)/semodule_expand
++LOADPOLICY ?= $(tc_usrsbindir)/load_policy
+ SETFILES ?= $(tc_sbindir)/setfiles
+ XMLLINT ?= $(BINDIR)/xmllint
+ SECHECK ?= $(BINDIR)/sechecker
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/admin/anaconda.te serefpolicy-2.3.12/policy/modules/admin/anaconda.te
 --- nsaserefpolicy/policy/modules/admin/anaconda.te	2006-09-01 14:10:19.000000000 -0400
 +++ serefpolicy-2.3.12/policy/modules/admin/anaconda.te	2006-09-05 09:37:39.000000000 -0400
@@ -2472,3 +2520,23 @@
  xen_stream_connect_xenstore(xm_t)
 +
 +userdom_dontaudit_search_sysadm_home_dirs(xend_t)
+diff --exclude-from=exclude -N -u -r nsaserefpolicy/Rules.modular serefpolicy-2.3.12/Rules.modular
+--- nsaserefpolicy/Rules.modular	2006-08-31 14:57:06.000000000 -0400
++++ serefpolicy-2.3.12/Rules.modular	2006-09-05 16:00:01.000000000 -0400
+@@ -218,6 +218,16 @@
+ 
+ ########################################
+ #
++# Validate File Contexts
++#
++validatefc: $(base_pkg) $(base_fc) 
++	@echo "Validating file context."
++	$(verbose) $(SEMOD_EXP) $(base_pkg) $(tmpdir)/policy.tmp
++	$(verbose) $(SETFILES) -c $(tmpdir)/policy.tmp $(base_fc)
++	@echo "Success."
++
++########################################
++#
+ # Clean the sources
+ #
+ clean:


Index: selinux-policy.spec
===================================================================
RCS file: /cvs/dist/rpms/selinux-policy/devel/selinux-policy.spec,v
retrieving revision 1.271
retrieving revision 1.272
diff -u -r1.271 -r1.272
--- selinux-policy.spec	5 Sep 2006 19:45:07 -0000	1.271
+++ selinux-policy.spec	5 Sep 2006 20:19:56 -0000	1.272
@@ -83,8 +83,8 @@
 
 %define installCmds() \
 make NAME=%1 TYPE=%2 DISTRO=%{distro} DIRECT_INITRC=%3 MONOLITHIC=%{monolithic} POLY=%3 base.pp \
+make NAME=%1 TYPE=%2 DISTRO=%{distro} DIRECT_INITRC=%3 MONOLITHIC=%{monolithic} POLY=%3 validatefc \
 make NAME=%1 TYPE=%2 DISTRO=%{distro} DIRECT_INITRC=%3 MONOLITHIC=%{monolithic} POLY=%3 modules \
-make NAME=%1 TYPE=%2 DISTRO=%{distro} DIRECT_INITRC=%3 MONOLITHIC=%{monolithic} POLY=%3 check-labels \
 make NAME=%1 TYPE=%2 DISTRO=%{distro} DIRECT_INITRC=%3 MONOLITHIC=%{monolithic} DESTDIR=%{buildroot} POLY=%3 install \
 make NAME=%1 TYPE=%2 DISTRO=%{distro} DIRECT_INITRC=%3 MONOLITHIC=%{monolithic} DESTDIR=%{buildroot} POLY=%3 install-appconfig \
 #%{__cp} *.pp %{buildroot}/%{_usr}/share/selinux/%1/ \

More information about the fedora-cvs-commits mailing list