rpms/selinux-policy/devel policy-20060829.patch, 1.10, 1.11 selinux-policy.spec, 1.271, 1.272
fedora-cvs-commits at redhat.com
fedora-cvs-commits at redhat.com
Tue Sep 5 20:19:58 UTC 2006
Author: dwalsh
Update of /cvs/dist/rpms/selinux-policy/devel
In directory cvs.devel.redhat.com:/tmp/cvs-serv8003
Modified Files:
policy-20060829.patch selinux-policy.spec
Log Message:
* Tue Sep 5 2006 Dan Walsh <dwalsh at redhat.com> 2.3.12-2
- Fixup for test6
policy-20060829.patch:
Makefile | 26 +
Rules.modular | 10
policy/modules/admin/anaconda.te | 6
policy/modules/admin/bootloader.fc | 1
policy/modules/admin/bootloader.te | 2
policy/modules/admin/consoletype.te | 7
policy/modules/admin/firstboot.if | 17 -
policy/modules/admin/rpm.fc | 2
policy/modules/admin/rpm.if | 13
policy/modules/apps/java.fc | 2
policy/modules/kernel/corecommands.fc | 1
policy/modules/kernel/corenetwork.te.in | 4
policy/modules/kernel/files.fc | 1
policy/modules/kernel/filesystem.if | 2
policy/modules/kernel/terminal.if | 22 +
policy/modules/services/amavis.te | 1
policy/modules/services/apache.te | 1
policy/modules/services/bluetooth.te | 4
policy/modules/services/ccs.fc | 8
policy/modules/services/ccs.if | 65 ++++
policy/modules/services/ccs.te | 87 ++++++
policy/modules/services/clamav.te | 1
policy/modules/services/cron.if | 18 -
policy/modules/services/cron.te | 1
policy/modules/services/dbus.if | 1
policy/modules/services/dovecot.te | 2
policy/modules/services/networkmanager.te | 4
policy/modules/services/oddjob.fc | 8
policy/modules/services/oddjob.if | 76 +++++
policy/modules/services/oddjob.te | 73 +++++
policy/modules/services/oddjob_mkhomedir.fc | 6
policy/modules/services/oddjob_mkhomedir.if | 24 +
policy/modules/services/oddjob_mkhomedir.te | 29 ++
policy/modules/services/pegasus.if | 31 ++
policy/modules/services/pegasus.te | 5
policy/modules/services/postfix.te | 6
policy/modules/services/rhgb.te | 45 +--
policy/modules/services/ricci.fc | 20 +
policy/modules/services/ricci.if | 184 +++++++++++++
policy/modules/services/ricci.te | 386 ++++++++++++++++++++++++++++
policy/modules/services/setroubleshoot.te | 2
policy/modules/services/ssh.te | 90 +++---
policy/modules/services/xserver.if | 44 +++
policy/modules/services/xserver.te | 10
policy/modules/system/authlogin.te | 2
policy/modules/system/hostname.te | 5
policy/modules/system/init.te | 3
policy/modules/system/selinuxutil.te | 7
policy/modules/system/userdomain.if | 247 ++++++++++++-----
policy/modules/system/userdomain.te | 48 +--
policy/modules/system/xen.te | 3
51 files changed, 1423 insertions(+), 240 deletions(-)
Index: policy-20060829.patch
===================================================================
RCS file: /cvs/dist/rpms/selinux-policy/devel/policy-20060829.patch,v
retrieving revision 1.10
retrieving revision 1.11
diff -u -r1.10 -r1.11
--- policy-20060829.patch 5 Sep 2006 19:45:06 -0000 1.10
+++ policy-20060829.patch 5 Sep 2006 20:19:56 -0000 1.11
@@ -1,3 +1,51 @@
+diff --exclude-from=exclude -N -u -r nsaserefpolicy/Makefile serefpolicy-2.3.12/Makefile
+--- nsaserefpolicy/Makefile 2006-08-31 14:57:06.000000000 -0400
++++ serefpolicy-2.3.12/Makefile 2006-09-05 16:16:40.000000000 -0400
+@@ -8,6 +8,7 @@
+ # reload - compile, install, and load/reload the policy configuration.
+ # relabel - relabel filesystems based on the file contexts configuration.
+ # checklabels - check filesystems against the file context configuration
++# checkfilecontext - check filesystems against the file context configuration
+ # restorelabels - check filesystems against the file context configuration
+ # and restore the label of files with incorrect labels
+ # policy - compile the policy configuration locally for testing/development.
+@@ -44,22 +45,25 @@
+ endif
+
+ # executable paths
+-BINDIR ?= /usr/bin
+-SBINDIR ?= /usr/sbin
++USRBINDIR ?= /usr/bin
++USRSBINDIR ?= /usr/sbin
++SBINDIR ?= /sbin
+ ifdef TEST_TOOLCHAIN
+-tc_bindir := env LD_LIBRARY_PATH="$(TEST_TOOLCHAIN)/lib" $(TEST_TOOLCHAIN)$(BINDIR)
++tc_usrbindir := env LD_LIBRARY_PATH="$(TEST_TOOLCHAIN)/lib" $(TEST_TOOLCHAIN)$(BINDIR)
++tc_usrsbindir := env LD_LIBRARY_PATH="$(TEST_TOOLCHAIN)/lib" $(TEST_TOOLCHAIN)$(USRSBINDIR)
+ tc_sbindir := env LD_LIBRARY_PATH="$(TEST_TOOLCHAIN)/lib" $(TEST_TOOLCHAIN)$(SBINDIR)
+ else
+-tc_bindir := $(BINDIR)
++tc_usrbindir := $(USRBINDIR)
++tc_usrsbindir := $(USRSBINDIR)
+ tc_sbindir := $(SBINDIR)
+ endif
+-CHECKPOLICY ?= $(tc_bindir)/checkpolicy
+-CHECKMODULE ?= $(tc_bindir)/checkmodule
+-SEMODULE ?= $(tc_sbindir)/semodule
+-SEMOD_PKG ?= $(tc_bindir)/semodule_package
+-SEMOD_LNK ?= $(tc_bindir)/semodule_link
+-SEMOD_EXP ?= $(tc_bindir)/semodule_expand
+-LOADPOLICY ?= $(tc_sbindir)/load_policy
++CHECKPOLICY ?= $(tc_usrbindir)/checkpolicy
++CHECKMODULE ?= $(tc_usrbindir)/checkmodule
++SEMODULE ?= $(tc_usrsbindir)/semodule
++SEMOD_PKG ?= $(tc_usrbindir)/semodule_package
++SEMOD_LNK ?= $(tc_usrbindir)/semodule_link
++SEMOD_EXP ?= $(tc_usrbindir)/semodule_expand
++LOADPOLICY ?= $(tc_usrsbindir)/load_policy
+ SETFILES ?= $(tc_sbindir)/setfiles
+ XMLLINT ?= $(BINDIR)/xmllint
+ SECHECK ?= $(BINDIR)/sechecker
diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/admin/anaconda.te serefpolicy-2.3.12/policy/modules/admin/anaconda.te
--- nsaserefpolicy/policy/modules/admin/anaconda.te 2006-09-01 14:10:19.000000000 -0400
+++ serefpolicy-2.3.12/policy/modules/admin/anaconda.te 2006-09-05 09:37:39.000000000 -0400
@@ -2472,3 +2520,23 @@
xen_stream_connect_xenstore(xm_t)
+
+userdom_dontaudit_search_sysadm_home_dirs(xend_t)
+diff --exclude-from=exclude -N -u -r nsaserefpolicy/Rules.modular serefpolicy-2.3.12/Rules.modular
+--- nsaserefpolicy/Rules.modular 2006-08-31 14:57:06.000000000 -0400
++++ serefpolicy-2.3.12/Rules.modular 2006-09-05 16:00:01.000000000 -0400
+@@ -218,6 +218,16 @@
+
+ ########################################
+ #
++# Validate File Contexts
++#
++validatefc: $(base_pkg) $(base_fc)
++ @echo "Validating file context."
++ $(verbose) $(SEMOD_EXP) $(base_pkg) $(tmpdir)/policy.tmp
++ $(verbose) $(SETFILES) -c $(tmpdir)/policy.tmp $(base_fc)
++ @echo "Success."
++
++########################################
++#
+ # Clean the sources
+ #
+ clean:
Index: selinux-policy.spec
===================================================================
RCS file: /cvs/dist/rpms/selinux-policy/devel/selinux-policy.spec,v
retrieving revision 1.271
retrieving revision 1.272
diff -u -r1.271 -r1.272
--- selinux-policy.spec 5 Sep 2006 19:45:07 -0000 1.271
+++ selinux-policy.spec 5 Sep 2006 20:19:56 -0000 1.272
@@ -83,8 +83,8 @@
%define installCmds() \
make NAME=%1 TYPE=%2 DISTRO=%{distro} DIRECT_INITRC=%3 MONOLITHIC=%{monolithic} POLY=%3 base.pp \
+make NAME=%1 TYPE=%2 DISTRO=%{distro} DIRECT_INITRC=%3 MONOLITHIC=%{monolithic} POLY=%3 validatefc \
make NAME=%1 TYPE=%2 DISTRO=%{distro} DIRECT_INITRC=%3 MONOLITHIC=%{monolithic} POLY=%3 modules \
-make NAME=%1 TYPE=%2 DISTRO=%{distro} DIRECT_INITRC=%3 MONOLITHIC=%{monolithic} POLY=%3 check-labels \
make NAME=%1 TYPE=%2 DISTRO=%{distro} DIRECT_INITRC=%3 MONOLITHIC=%{monolithic} DESTDIR=%{buildroot} POLY=%3 install \
make NAME=%1 TYPE=%2 DISTRO=%{distro} DIRECT_INITRC=%3 MONOLITHIC=%{monolithic} DESTDIR=%{buildroot} POLY=%3 install-appconfig \
#%{__cp} *.pp %{buildroot}/%{_usr}/share/selinux/%1/ \
More information about the fedora-cvs-commits
mailing list