rpms/selinux-policy/devel policy-20070219.patch, 1.37, 1.38 selinux-policy.spec, 1.424, 1.425
fedora-cvs-commits at redhat.com
fedora-cvs-commits at redhat.com
Wed Apr 4 19:45:01 UTC 2007
- Previous message (by thread): rpms/kernel/FC-5 linux-2.6-20.5y-dm_crypt_disable_barriers.patch, NONE, 1.1 linux-2.6-20.5z-ide_use_proper_error_recovery.patch, NONE, 1.1 linux-2.6-20.5z-mmap_dont_spam_logs.patch, NONE, 1.1 linux-2.6-20.5z-nfs_allow_64bit_cookies.patch, NONE, 1.1 linux-2.6-20.5z-softmac_check_if_running.patch, NONE, 1.1 linux-2.6-proposed-i82875p-edac-fix.patch, NONE, 1.1 linux-2.6.20.5-rc1-ata_scsi_preserve_lba_bit.patch, NONE, 1.1 linux-2.6.20.5-rc1-crypto_walk_fix_advance_by.patch, NONE, 1.1 patch-2.6.20.5-rc1.bz2.sign, NONE, 1.1 .cvsignore, 1.438, 1.439 kernel-2.6.spec, 1.2310, 1.2311 sources, 1.378, 1.379 upstream, 1.341, 1.342
- Next message (by thread): rpms/gnome-panel/devel gnome-panel-2.18.0-fix-invalid-read.patch, NONE, 1.1 gnome-panel.spec, 1.192, 1.193
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
Author: dwalsh
Update of /cvs/dist/rpms/selinux-policy/devel
In directory cvs.devel.redhat.com:/tmp/cvs-serv27001
Modified Files:
policy-20070219.patch selinux-policy.spec
Log Message:
* Tue Apr 3 2007 Dan Walsh <dwalsh at redhat.com> 2.5.11-3
- Fix interface call
policy-20070219.patch:
Rules.modular | 12 +
policy/flask/access_vectors | 4
policy/global_booleans | 2
policy/global_tunables | 39 +++-
policy/mls | 31 ++-
policy/modules/admin/acct.te | 1
policy/modules/admin/acct.xml | 43 +++++
policy/modules/admin/alsa.xml | 43 +++++
policy/modules/admin/amanda.xml | 85 ++++++++++
policy/modules/admin/amtu.fc | 3
policy/modules/admin/amtu.if | 53 ++++++
policy/modules/admin/amtu.te | 56 ++++++
policy/modules/admin/amtu.xml | 36 ++++
policy/modules/admin/anaconda.xml | 3
policy/modules/admin/apt.xml | 95 +++++++++++
policy/modules/admin/backup.xml | 35 ++++
policy/modules/admin/bootloader.te | 2
policy/modules/admin/bootloader.xml | 79 +++++++++
policy/modules/admin/certwatch.xml | 37 ++++
policy/modules/admin/consoletype.te | 8
policy/modules/admin/consoletype.xml | 47 +++++
policy/modules/admin/ddcprobe.xml | 35 ++++
policy/modules/admin/dmesg.te | 1
policy/modules/admin/dmesg.xml | 24 ++
policy/modules/admin/dmidecode.xml | 35 ++++
policy/modules/admin/dpkg.xml | 125 +++++++++++++++
policy/modules/admin/firstboot.if | 18 ++
policy/modules/admin/firstboot.xml | 88 ++++++++++
policy/modules/admin/kudzu.te | 2
policy/modules/admin/kudzu.xml | 45 +++++
policy/modules/admin/logrotate.xml | 75 +++++++++
policy/modules/admin/logwatch.te | 2
policy/modules/admin/logwatch.xml | 23 ++
policy/modules/admin/netutils.te | 1
policy/modules/admin/rpm.fc | 3
policy/modules/admin/rpm.if | 65 +++++++
policy/modules/admin/rpm.te | 2
policy/modules/admin/su.if | 6
policy/modules/admin/usermanage.te | 42 +++--
policy/modules/apps/games.fc | 1
policy/modules/apps/gnome.if | 26 +++
policy/modules/apps/gpg.fc | 2
policy/modules/apps/loadkeys.if | 44 +----
policy/modules/apps/mozilla.if | 1
policy/modules/apps/slocate.te | 4
policy/modules/apps/usernetctl.te | 10 -
policy/modules/kernel/corecommands.fc | 7
policy/modules/kernel/corecommands.if | 20 ++
policy/modules/kernel/corenetwork.if.in | 54 ++++++
policy/modules/kernel/corenetwork.te.in | 18 +-
policy/modules/kernel/devices.if | 36 ++++
policy/modules/kernel/domain.if | 18 ++
policy/modules/kernel/domain.te | 46 +++++
policy/modules/kernel/files.fc | 1
policy/modules/kernel/files.if | 81 ++++++++-
policy/modules/kernel/filesystem.if | 39 ++++
policy/modules/kernel/filesystem.te | 11 +
policy/modules/kernel/kernel.if | 23 ++
policy/modules/kernel/kernel.te | 2
policy/modules/kernel/mls.if | 20 ++
policy/modules/kernel/mls.te | 3
policy/modules/kernel/selinux.if | 38 ++++
policy/modules/kernel/storage.if | 2
policy/modules/kernel/terminal.if | 2
policy/modules/kernel/terminal.te | 1
policy/modules/services/apache.fc | 14 -
policy/modules/services/apache.if | 161 +++++++++++++++++++
policy/modules/services/apache.te | 59 +++++++
policy/modules/services/apcupsd.fc | 9 +
policy/modules/services/apcupsd.if | 108 +++++++++++++
policy/modules/services/apcupsd.te | 81 +++++++++
policy/modules/services/automount.te | 2
policy/modules/services/ccs.te | 12 +
policy/modules/services/consolekit.fc | 1
policy/modules/services/consolekit.te | 22 ++
policy/modules/services/cron.fc | 1
policy/modules/services/cron.if | 33 +---
policy/modules/services/cron.te | 51 ++++--
policy/modules/services/cups.te | 2
policy/modules/services/cvs.te | 2
policy/modules/services/cyrus.te | 5
policy/modules/services/dbus.if | 63 +++++++
policy/modules/services/dhcp.te | 2
policy/modules/services/djbdns.te | 5
policy/modules/services/dovecot.te | 5
policy/modules/services/ftp.te | 5
policy/modules/services/hal.fc | 6
policy/modules/services/hal.te | 130 +++++++++++++++
policy/modules/services/inetd.te | 5
policy/modules/services/kerberos.if | 58 ++-----
policy/modules/services/kerberos.te | 36 ++++
policy/modules/services/mta.if | 19 ++
policy/modules/services/mta.te | 2
policy/modules/services/networkmanager.te | 2
policy/modules/services/nis.if | 4
policy/modules/services/nscd.te | 10 +
policy/modules/services/ntp.te | 1
policy/modules/services/pegasus.if | 18 ++
policy/modules/services/pegasus.te | 6
policy/modules/services/postfix.if | 1
policy/modules/services/postfix.te | 8
policy/modules/services/ppp.te | 9 -
policy/modules/services/procmail.te | 1
policy/modules/services/pyzor.te | 1
policy/modules/services/radius.te | 4
policy/modules/services/rpc.if | 5
policy/modules/services/rsync.te | 1
policy/modules/services/samba.fc | 3
policy/modules/services/samba.if | 63 +++++++
policy/modules/services/samba.te | 77 +++++++++
policy/modules/services/sasl.te | 11 +
policy/modules/services/sendmail.if | 20 ++
policy/modules/services/smartmon.te | 1
policy/modules/services/snmp.te | 10 +
policy/modules/services/spamassassin.te | 7
policy/modules/services/squid.fc | 2
policy/modules/services/squid.if | 22 ++
policy/modules/services/squid.te | 12 +
policy/modules/services/ssh.if | 39 ++++
policy/modules/services/ssh.te | 5
policy/modules/services/xserver.te | 10 -
policy/modules/services/zabbix.fc | 4
policy/modules/services/zabbix.if | 87 ++++++++++
policy/modules/services/zabbix.te | 64 +++++++
policy/modules/system/application.fc | 1
policy/modules/system/application.if | 104 ++++++++++++
policy/modules/system/application.te | 14 +
policy/modules/system/authlogin.if | 83 ++++++++--
policy/modules/system/authlogin.te | 3
policy/modules/system/fstools.fc | 1
policy/modules/system/fstools.te | 1
policy/modules/system/fusermount.fc | 6
policy/modules/system/fusermount.if | 41 +++++
policy/modules/system/fusermount.te | 45 +++++
policy/modules/system/getty.te | 3
policy/modules/system/hostname.te | 14 +
policy/modules/system/init.if | 3
policy/modules/system/init.te | 35 +++-
policy/modules/system/ipsec.if | 20 ++
policy/modules/system/iptables.te | 4
policy/modules/system/libraries.fc | 8
policy/modules/system/libraries.te | 20 ++
policy/modules/system/locallogin.te | 7
policy/modules/system/logging.if | 21 ++
policy/modules/system/logging.te | 2
policy/modules/system/lvm.te | 5
policy/modules/system/modutils.te | 11 +
policy/modules/system/mount.fc | 3
policy/modules/system/mount.if | 37 ++++
policy/modules/system/mount.te | 64 +++++++
policy/modules/system/raid.te | 1
policy/modules/system/selinuxutil.fc | 1
policy/modules/system/selinuxutil.if | 5
policy/modules/system/selinuxutil.te | 68 +++-----
policy/modules/system/udev.fc | 2
policy/modules/system/udev.te | 11 +
policy/modules/system/unconfined.fc | 1
policy/modules/system/unconfined.if | 10 -
policy/modules/system/unconfined.te | 24 ++
policy/modules/system/userdomain.if | 246 ++++++++++++++++--------------
policy/modules/system/userdomain.te | 46 ++++-
policy/modules/system/xen.te | 35 ++++
policy/support/obj_perm_sets.spt | 12 +
163 files changed, 3819 insertions(+), 422 deletions(-)
View full diff with command:
/usr/bin/cvs -f diff -kk -u -N -r 1.37 -r 1.38 policy-20070219.patch
Index: policy-20070219.patch
===================================================================
RCS file: /cvs/dist/rpms/selinux-policy/devel/policy-20070219.patch,v
retrieving revision 1.37
retrieving revision 1.38
diff -u -r1.37 -r1.38
--- policy-20070219.patch 3 Apr 2007 19:25:58 -0000 1.37
+++ policy-20070219.patch 4 Apr 2007 19:44:58 -0000 1.38
@@ -1,6 +1,6 @@
diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/flask/access_vectors serefpolicy-2.5.11/policy/flask/access_vectors
--- nsaserefpolicy/policy/flask/access_vectors 2007-02-26 09:43:33.000000000 -0500
-+++ serefpolicy-2.5.11/policy/flask/access_vectors 2007-04-02 11:16:11.000000000 -0400
++++ serefpolicy-2.5.11/policy/flask/access_vectors 2007-04-04 13:46:37.000000000 -0400
@@ -598,6 +598,8 @@
shmempwd
shmemgrp
@@ -21,7 +21,7 @@
class key
diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/global_booleans serefpolicy-2.5.11/policy/global_booleans
--- nsaserefpolicy/policy/global_booleans 2006-11-16 17:15:26.000000000 -0500
-+++ serefpolicy-2.5.11/policy/global_booleans 2007-04-02 11:16:11.000000000 -0400
++++ serefpolicy-2.5.11/policy/global_booleans 2007-04-04 13:46:37.000000000 -0400
@@ -4,7 +4,6 @@
# file should be used.
#
@@ -40,7 +40,7 @@
## <p>
diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/global_tunables serefpolicy-2.5.11/policy/global_tunables
--- nsaserefpolicy/policy/global_tunables 2007-03-26 16:24:14.000000000 -0400
-+++ serefpolicy-2.5.11/policy/global_tunables 2007-04-02 11:16:11.000000000 -0400
++++ serefpolicy-2.5.11/policy/global_tunables 2007-04-04 13:46:37.000000000 -0400
@@ -49,6 +49,14 @@
## <desc>
@@ -121,7 +121,7 @@
-')
diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/mls serefpolicy-2.5.11/policy/mls
--- nsaserefpolicy/policy/mls 2007-03-09 13:02:20.000000000 -0500
-+++ serefpolicy-2.5.11/policy/mls 2007-04-02 11:16:11.000000000 -0400
++++ serefpolicy-2.5.11/policy/mls 2007-04-04 13:46:37.000000000 -0400
@@ -89,12 +89,14 @@
mlsconstrain { file lnk_file fifo_file dir chr_file blk_file sock_file } { write create setattr relabelfrom append unlink link rename mounton }
(( l1 eq l2 ) or
@@ -195,7 +195,7 @@
mlsconstrain association { polmatch }
diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/admin/acct.te serefpolicy-2.5.11/policy/modules/admin/acct.te
--- nsaserefpolicy/policy/modules/admin/acct.te 2007-03-26 10:39:08.000000000 -0400
-+++ serefpolicy-2.5.11/policy/modules/admin/acct.te 2007-04-02 11:16:11.000000000 -0400
++++ serefpolicy-2.5.11/policy/modules/admin/acct.te 2007-04-04 13:46:37.000000000 -0400
@@ -9,6 +9,7 @@
type acct_t;
type acct_exec_t;
@@ -204,16 +204,199 @@
type acct_data_t;
logging_log_file(acct_data_t)
+diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/admin/acct.xml serefpolicy-2.5.11/policy/modules/admin/acct.xml
+--- nsaserefpolicy/policy/modules/admin/acct.xml 1969-12-31 19:00:00.000000000 -0500
++++ serefpolicy-2.5.11/policy/modules/admin/acct.xml 2007-04-04 13:46:37.000000000 -0400
+@@ -0,0 +1,43 @@
++<module name="acct" filename="policy/modules/admin/acct.if">
++<summary>Berkeley process accounting</summary>
++<interface name="acct_domtrans" lineno="13">
++<summary>
++Transition to the accounting management domain.
++</summary>
++<param name="domain">
++<summary>
++Domain allowed access.
++</summary>
++</param>
++</interface>
++<interface name="acct_exec" lineno="32">
++<summary>
++Execute accounting management tools in the caller domain.
++</summary>
++<param name="domain">
++<summary>
++The type of the process performing this action.
++</summary>
++</param>
++</interface>
++<interface name="acct_exec_data" lineno="53">
++<summary>
++Execute accounting management data in the caller domain.
++</summary>
++<param name="domain">
++<summary>
++The type of the process performing this action.
++</summary>
++</param>
++</interface>
++<interface name="acct_manage_data" lineno="72">
++<summary>
++Create, read, write, and delete process accounting data.
++</summary>
++<param name="domain">
++<summary>
++The type of the process performing this action.
++</summary>
++</param>
++</interface>
++</module>
+diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/admin/alsa.xml serefpolicy-2.5.11/policy/modules/admin/alsa.xml
+--- nsaserefpolicy/policy/modules/admin/alsa.xml 1969-12-31 19:00:00.000000000 -0500
++++ serefpolicy-2.5.11/policy/modules/admin/alsa.xml 2007-04-04 13:46:38.000000000 -0400
+@@ -0,0 +1,43 @@
++<module name="alsa" filename="policy/modules/admin/alsa.if">
++<summary>Ainit ALSA configuration tool</summary>
++<interface name="alsa_domtrans" lineno="13">
++<summary>
++Domain transition to alsa
++</summary>
++<param name="domain">
++<summary>
++Domain allowed access.
++</summary>
++</param>
++</interface>
++<interface name="alsa_rw_semaphores" lineno="32">
++<summary>
++Allow read and write access to alsa semaphores.
++</summary>
++<param name="domain">
++<summary>
++Domain allowed access.
++</summary>
++</param>
++</interface>
++<interface name="alsa_rw_shared_mem" lineno="50">
++<summary>
++Allow read and write access to alsa shared memory.
++</summary>
++<param name="domain">
++<summary>
++Domain allowed access.
++</summary>
++</param>
++</interface>
++<interface name="alsa_read_rw_config" lineno="68">
++<summary>
++Read alsa writable config files.
++</summary>
++<param name="domain">
++<summary>
++Domain allowed access.
++</summary>
++</param>
++</interface>
++</module>
+diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/admin/amanda.xml serefpolicy-2.5.11/policy/modules/admin/amanda.xml
+--- nsaserefpolicy/policy/modules/admin/amanda.xml 1969-12-31 19:00:00.000000000 -0500
++++ serefpolicy-2.5.11/policy/modules/admin/amanda.xml 2007-04-04 13:46:38.000000000 -0400
+@@ -0,0 +1,85 @@
++<module name="amanda" filename="policy/modules/admin/amanda.if">
++<summary>Automated backup program.</summary>
++<interface name="amanda_domtrans_recover" lineno="13">
++<summary>
++Execute amrecover in the amanda_recover domain.
++</summary>
++<param name="domain">
++<summary>
++The type of the process performing this action.
++</summary>
++</param>
++</interface>
++<interface name="amanda_run_recover" lineno="43">
++<summary>
++Execute amrecover in the amanda_recover domain, and
++allow the specified role the amanda_recover domain.
++</summary>
++<param name="domain">
++<summary>
++The type of the process performing this action.
++</summary>
++</param>
++<param name="role">
++<summary>
++The role to be allowed the amanda_recover domain.
++</summary>
++</param>
++<param name="terminal">
++<summary>
++The type of the terminal allow the amanda_recover domain to use.
++</summary>
++</param>
++<rolecap/>
++</interface>
++<interface name="amanda_search_lib" lineno="63">
++<summary>
++Search amanda library directories.
++</summary>
++<param name="domain">
++<summary>
++The type of the process performing this action.
++</summary>
++</param>
++</interface>
++<interface name="amanda_dontaudit_read_dumpdates" lineno="82">
++<summary>
[...2189 lines suppressed...]
init_system_domain(ldconfig_t,ldconfig_exec_t)
role system_r types ldconfig_t;
@@ -4756,7 +5873,7 @@
+
diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/locallogin.te serefpolicy-2.5.11/policy/modules/system/locallogin.te
--- nsaserefpolicy/policy/modules/system/locallogin.te 2007-03-26 10:39:07.000000000 -0400
-+++ serefpolicy-2.5.11/policy/modules/system/locallogin.te 2007-04-02 11:16:11.000000000 -0400
++++ serefpolicy-2.5.11/policy/modules/system/locallogin.te 2007-04-04 13:46:37.000000000 -0400
@@ -48,6 +48,8 @@
allow local_login_t self:msgq create_msgq_perms;
allow local_login_t self:msg { send receive };
@@ -4787,7 +5904,7 @@
')
diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/logging.if serefpolicy-2.5.11/policy/modules/system/logging.if
--- nsaserefpolicy/policy/modules/system/logging.if 2007-03-26 10:39:07.000000000 -0400
-+++ serefpolicy-2.5.11/policy/modules/system/logging.if 2007-04-02 11:16:11.000000000 -0400
++++ serefpolicy-2.5.11/policy/modules/system/logging.if 2007-04-04 13:46:37.000000000 -0400
@@ -480,6 +480,8 @@
files_search_var($1)
manage_files_pattern($1,logfile,logfile)
@@ -4822,7 +5939,7 @@
+
diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/logging.te serefpolicy-2.5.11/policy/modules/system/logging.te
--- nsaserefpolicy/policy/modules/system/logging.te 2007-03-26 10:39:07.000000000 -0400
-+++ serefpolicy-2.5.11/policy/modules/system/logging.te 2007-04-03 07:38:23.000000000 -0400
++++ serefpolicy-2.5.11/policy/modules/system/logging.te 2007-04-04 13:46:37.000000000 -0400
@@ -11,6 +11,7 @@
type auditctl_t;
type auditctl_exec_t;
@@ -4841,7 +5958,7 @@
files_dontaudit_search_isid_type_dirs(syslogd_t)
diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/lvm.te serefpolicy-2.5.11/policy/modules/system/lvm.te
--- nsaserefpolicy/policy/modules/system/lvm.te 2007-03-26 10:39:07.000000000 -0400
-+++ serefpolicy-2.5.11/policy/modules/system/lvm.te 2007-04-02 11:16:11.000000000 -0400
++++ serefpolicy-2.5.11/policy/modules/system/lvm.te 2007-04-04 13:46:37.000000000 -0400
@@ -16,6 +16,7 @@
type lvm_t;
type lvm_exec_t;
@@ -4863,7 +5980,7 @@
# LVM will complain a lot if it cannot set its priority.
diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/modutils.te serefpolicy-2.5.11/policy/modules/system/modutils.te
--- nsaserefpolicy/policy/modules/system/modutils.te 2007-03-26 10:39:07.000000000 -0400
-+++ serefpolicy-2.5.11/policy/modules/system/modutils.te 2007-04-02 15:52:33.000000000 -0400
++++ serefpolicy-2.5.11/policy/modules/system/modutils.te 2007-04-04 13:46:37.000000000 -0400
@@ -68,7 +68,7 @@
# for locking: (cjp: ????)
files_write_kernel_modules(insmod_t)
@@ -4912,7 +6029,7 @@
diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/mount.fc serefpolicy-2.5.11/policy/modules/system/mount.fc
--- nsaserefpolicy/policy/modules/system/mount.fc 2006-11-16 17:15:24.000000000 -0500
-+++ serefpolicy-2.5.11/policy/modules/system/mount.fc 2007-04-02 11:16:11.000000000 -0400
++++ serefpolicy-2.5.11/policy/modules/system/mount.fc 2007-04-04 13:46:37.000000000 -0400
@@ -1,4 +1,3 @@
/bin/mount.* -- gen_context(system_u:object_r:mount_exec_t,s0)
/bin/umount.* -- gen_context(system_u:object_r:mount_exec_t,s0)
@@ -4921,7 +6038,7 @@
+/sbin/mount.ntfs-3g -- gen_context(system_u:object_r:mount_ntfs_exec_t,s0)
diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/mount.if serefpolicy-2.5.11/policy/modules/system/mount.if
--- nsaserefpolicy/policy/modules/system/mount.if 2007-01-02 12:57:49.000000000 -0500
-+++ serefpolicy-2.5.11/policy/modules/system/mount.if 2007-04-02 11:16:11.000000000 -0400
++++ serefpolicy-2.5.11/policy/modules/system/mount.if 2007-04-04 13:46:37.000000000 -0400
@@ -143,3 +143,40 @@
mount_domtrans($1)
')
@@ -4965,7 +6082,7 @@
+')
diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/mount.te serefpolicy-2.5.11/policy/modules/system/mount.te
--- nsaserefpolicy/policy/modules/system/mount.te 2007-03-26 16:24:13.000000000 -0400
-+++ serefpolicy-2.5.11/policy/modules/system/mount.te 2007-04-02 12:05:34.000000000 -0400
++++ serefpolicy-2.5.11/policy/modules/system/mount.te 2007-04-04 13:46:37.000000000 -0400
@@ -9,6 +9,13 @@
ifdef(`targeted_policy',`
## <desc>
@@ -5069,7 +6186,7 @@
+')
diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/raid.te serefpolicy-2.5.11/policy/modules/system/raid.te
--- nsaserefpolicy/policy/modules/system/raid.te 2007-03-26 10:39:07.000000000 -0400
-+++ serefpolicy-2.5.11/policy/modules/system/raid.te 2007-04-02 11:16:11.000000000 -0400
++++ serefpolicy-2.5.11/policy/modules/system/raid.te 2007-04-04 13:46:37.000000000 -0400
@@ -46,6 +46,7 @@
# RAID block device access
storage_manage_fixed_disk(mdadm_t)
@@ -5080,7 +6197,7 @@
diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/selinuxutil.fc serefpolicy-2.5.11/policy/modules/system/selinuxutil.fc
--- nsaserefpolicy/policy/modules/system/selinuxutil.fc 2006-11-16 17:15:24.000000000 -0500
-+++ serefpolicy-2.5.11/policy/modules/system/selinuxutil.fc 2007-04-02 11:16:11.000000000 -0400
++++ serefpolicy-2.5.11/policy/modules/system/selinuxutil.fc 2007-04-04 13:46:37.000000000 -0400
@@ -40,6 +40,7 @@
/usr/sbin/setfiles.* -- gen_context(system_u:object_r:setfiles_exec_t,s0)
/usr/sbin/setsebool -- gen_context(system_u:object_r:semanage_exec_t,s0)
@@ -5091,7 +6208,7 @@
#
diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/selinuxutil.if serefpolicy-2.5.11/policy/modules/system/selinuxutil.if
--- nsaserefpolicy/policy/modules/system/selinuxutil.if 2007-03-26 10:39:07.000000000 -0400
-+++ serefpolicy-2.5.11/policy/modules/system/selinuxutil.if 2007-04-02 11:16:11.000000000 -0400
++++ serefpolicy-2.5.11/policy/modules/system/selinuxutil.if 2007-04-04 13:46:37.000000000 -0400
@@ -616,7 +616,7 @@
gen_require(`
type selinux_config_t;
@@ -5120,7 +6237,7 @@
')
diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/selinuxutil.te serefpolicy-2.5.11/policy/modules/system/selinuxutil.te
--- nsaserefpolicy/policy/modules/system/selinuxutil.te 2007-03-26 10:39:07.000000000 -0400
-+++ serefpolicy-2.5.11/policy/modules/system/selinuxutil.te 2007-04-02 11:16:11.000000000 -0400
++++ serefpolicy-2.5.11/policy/modules/system/selinuxutil.te 2007-04-04 13:46:37.000000000 -0400
@@ -1,10 +1,8 @@
policy_module(selinuxutil,1.4.2)
@@ -5274,7 +6391,7 @@
dev_read_urand(semanage_t)
diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/udev.fc serefpolicy-2.5.11/policy/modules/system/udev.fc
--- nsaserefpolicy/policy/modules/system/udev.fc 2006-11-16 17:15:24.000000000 -0500
-+++ serefpolicy-2.5.11/policy/modules/system/udev.fc 2007-04-02 11:16:11.000000000 -0400
++++ serefpolicy-2.5.11/policy/modules/system/udev.fc 2007-04-04 13:46:37.000000000 -0400
@@ -1,6 +1,6 @@
# udev
@@ -5285,7 +6402,7 @@
diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/udev.te serefpolicy-2.5.11/policy/modules/system/udev.te
--- nsaserefpolicy/policy/modules/system/udev.te 2007-03-20 23:38:29.000000000 -0400
-+++ serefpolicy-2.5.11/policy/modules/system/udev.te 2007-04-02 14:36:57.000000000 -0400
++++ serefpolicy-2.5.11/policy/modules/system/udev.te 2007-04-04 13:46:37.000000000 -0400
@@ -89,6 +89,7 @@
dev_manage_all_dev_nodes(udev_t)
dev_rw_generic_files(udev_t)
@@ -5324,7 +6441,7 @@
+
diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/unconfined.fc serefpolicy-2.5.11/policy/modules/system/unconfined.fc
--- nsaserefpolicy/policy/modules/system/unconfined.fc 2007-02-19 11:32:53.000000000 -0500
-+++ serefpolicy-2.5.11/policy/modules/system/unconfined.fc 2007-04-02 11:16:11.000000000 -0400
++++ serefpolicy-2.5.11/policy/modules/system/unconfined.fc 2007-04-04 13:46:37.000000000 -0400
@@ -10,4 +10,5 @@
/usr/bin/valgrind -- gen_context(system_u:object_r:unconfined_execmem_exec_t,s0)
/usr/local/RealPlayer/realplay\.bin -- gen_context(system_u:object_r:unconfined_execmem_exec_t,s0)
@@ -5333,7 +6450,7 @@
')
diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/unconfined.if serefpolicy-2.5.11/policy/modules/system/unconfined.if
--- nsaserefpolicy/policy/modules/system/unconfined.if 2007-02-19 11:32:53.000000000 -0500
-+++ serefpolicy-2.5.11/policy/modules/system/unconfined.if 2007-04-02 11:16:11.000000000 -0400
++++ serefpolicy-2.5.11/policy/modules/system/unconfined.if 2007-04-04 13:46:37.000000000 -0400
@@ -18,7 +18,7 @@
')
@@ -5360,7 +6477,7 @@
corenet_unconfined($1)
diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/unconfined.te serefpolicy-2.5.11/policy/modules/system/unconfined.te
--- nsaserefpolicy/policy/modules/system/unconfined.te 2007-03-20 09:23:14.000000000 -0400
-+++ serefpolicy-2.5.11/policy/modules/system/unconfined.te 2007-04-02 11:16:11.000000000 -0400
++++ serefpolicy-2.5.11/policy/modules/system/unconfined.te 2007-04-04 13:46:37.000000000 -0400
@@ -6,6 +6,15 @@
# Declarations
#
@@ -5426,7 +6543,7 @@
init_dbus_chat_script(unconfined_execmem_t)
diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/userdomain.if serefpolicy-2.5.11/policy/modules/system/userdomain.if
--- nsaserefpolicy/policy/modules/system/userdomain.if 2007-03-26 16:24:13.000000000 -0400
-+++ serefpolicy-2.5.11/policy/modules/system/userdomain.if 2007-04-02 11:16:11.000000000 -0400
++++ serefpolicy-2.5.11/policy/modules/system/userdomain.if 2007-04-04 13:46:37.000000000 -0400
@@ -114,6 +114,10 @@
# Allow making the stack executable via mprotect.
allow $1_t self:process execstack;
@@ -5839,7 +6956,7 @@
+
diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/userdomain.te serefpolicy-2.5.11/policy/modules/system/userdomain.te
--- nsaserefpolicy/policy/modules/system/userdomain.te 2007-03-26 16:24:13.000000000 -0400
-+++ serefpolicy-2.5.11/policy/modules/system/userdomain.te 2007-04-02 11:16:11.000000000 -0400
++++ serefpolicy-2.5.11/policy/modules/system/userdomain.te 2007-04-04 13:46:37.000000000 -0400
@@ -15,7 +15,6 @@
# Declarations
#
@@ -5959,7 +7076,7 @@
')
diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/xen.te serefpolicy-2.5.11/policy/modules/system/xen.te
--- nsaserefpolicy/policy/modules/system/xen.te 2007-03-26 10:39:07.000000000 -0400
-+++ serefpolicy-2.5.11/policy/modules/system/xen.te 2007-04-02 17:05:45.000000000 -0400
++++ serefpolicy-2.5.11/policy/modules/system/xen.te 2007-04-04 13:46:37.000000000 -0400
@@ -25,6 +25,10 @@
domain_type(xend_t)
init_daemon_domain(xend_t, xend_exec_t)
@@ -6044,7 +7161,7 @@
+fs_read_dos_files(xend_t)
diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/support/obj_perm_sets.spt serefpolicy-2.5.11/policy/support/obj_perm_sets.spt
--- nsaserefpolicy/policy/support/obj_perm_sets.spt 2007-01-02 12:57:51.000000000 -0500
-+++ serefpolicy-2.5.11/policy/support/obj_perm_sets.spt 2007-04-02 11:16:11.000000000 -0400
++++ serefpolicy-2.5.11/policy/support/obj_perm_sets.spt 2007-04-04 13:46:37.000000000 -0400
@@ -215,7 +215,7 @@
define(`getattr_file_perms',`{ getattr }')
define(`setattr_file_perms',`{ setattr }')
@@ -6070,7 +7187,7 @@
+
diff --exclude-from=exclude -N -u -r nsaserefpolicy/Rules.modular serefpolicy-2.5.11/Rules.modular
--- nsaserefpolicy/Rules.modular 2007-03-22 14:30:10.000000000 -0400
-+++ serefpolicy-2.5.11/Rules.modular 2007-04-02 11:16:11.000000000 -0400
++++ serefpolicy-2.5.11/Rules.modular 2007-04-04 13:46:37.000000000 -0400
@@ -167,7 +167,7 @@
# these have to run individually because order matters:
$(verbose) $(GREP) '^sid ' $(tmpdir)/all_te_files.conf >> $(tmpdir)/all_post.conf || true
Index: selinux-policy.spec
===================================================================
RCS file: /cvs/dist/rpms/selinux-policy/devel/selinux-policy.spec,v
retrieving revision 1.424
retrieving revision 1.425
diff -u -r1.424 -r1.425
--- selinux-policy.spec 3 Apr 2007 19:25:58 -0000 1.424
+++ selinux-policy.spec 4 Apr 2007 19:44:58 -0000 1.425
@@ -17,7 +17,7 @@
Summary: SELinux policy configuration
Name: selinux-policy
Version: 2.5.11
-Release: 2%{?dist}
+Release: 3%{?dist}
License: GPL
Group: System Environment/Base
Source: serefpolicy-%{version}.tgz
@@ -358,6 +358,9 @@
%endif
%changelog
+* Tue Apr 3 2007 Dan Walsh <dwalsh at redhat.com> 2.5.11-3
+- Fix interface call
+
* Tue Apr 3 2007 Dan Walsh <dwalsh at redhat.com> 2.5.11-2
- Allow syslog-ng to read /var
- Allow locate to getattr on all filesystems
- Previous message (by thread): rpms/kernel/FC-5 linux-2.6-20.5y-dm_crypt_disable_barriers.patch, NONE, 1.1 linux-2.6-20.5z-ide_use_proper_error_recovery.patch, NONE, 1.1 linux-2.6-20.5z-mmap_dont_spam_logs.patch, NONE, 1.1 linux-2.6-20.5z-nfs_allow_64bit_cookies.patch, NONE, 1.1 linux-2.6-20.5z-softmac_check_if_running.patch, NONE, 1.1 linux-2.6-proposed-i82875p-edac-fix.patch, NONE, 1.1 linux-2.6.20.5-rc1-ata_scsi_preserve_lba_bit.patch, NONE, 1.1 linux-2.6.20.5-rc1-crypto_walk_fix_advance_by.patch, NONE, 1.1 patch-2.6.20.5-rc1.bz2.sign, NONE, 1.1 .cvsignore, 1.438, 1.439 kernel-2.6.spec, 1.2310, 1.2311 sources, 1.378, 1.379 upstream, 1.341, 1.342
- Next message (by thread): rpms/gnome-panel/devel gnome-panel-2.18.0-fix-invalid-read.patch, NONE, 1.1 gnome-panel.spec, 1.192, 1.193
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
More information about the fedora-cvs-commits
mailing list