rpms/selinux-policy-targeted/devel policy-20050425.patch, 1.6, 1.7 selinux-policy-targeted.spec, 1.290, 1.291
fedora-cvs-commits at redhat.com
fedora-cvs-commits at redhat.com
Fri Apr 29 20:37:02 UTC 2005
- Previous message (by thread): rpms/selinux-policy-strict/devel policy-20050425.patch, 1.7, 1.8 selinux-policy-strict.spec, 1.295, 1.296
- Next message (by thread): rpms/audit/devel .cvsignore, 1.16, 1.17 audit.spec, 1.27, 1.28 sources, 1.16, 1.17
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
Author: dwalsh
Update of /cvs/dist/rpms/selinux-policy-targeted/devel
In directory cvs.devel.redhat.com:/tmp/cvs-serv30850
Modified Files:
policy-20050425.patch selinux-policy-targeted.spec
Log Message:
* Fri Apr 29 2005 Dan Walsh <dwalsh at redhat.com> 1.23.13-8
- Fixes for consoletype, kudzu reading proc_t
- Add label /dev/adb
- Fixes for hal
policy-20050425.patch:
domains/misc/kernel.te | 4 +-
domains/program/fsadm.te | 2 -
domains/program/getty.te | 14 ++-------
domains/program/hostname.te | 1
domains/program/ifconfig.te | 2 +
domains/program/init.te | 4 +-
domains/program/initrc.te | 1
domains/program/klogd.te | 3 +
domains/program/load_policy.te | 3 -
domains/program/modutil.te | 2 -
domains/program/mount.te | 1
domains/program/unused/NetworkManager.te | 4 ++
domains/program/unused/amanda.te | 2 +
domains/program/unused/amavis.te | 7 ----
domains/program/unused/apache.te | 16 +++-------
domains/program/unused/apmd.te | 3 +
domains/program/unused/auditd.te | 20 +++++++++----
domains/program/unused/cardmgr.te | 4 +-
domains/program/unused/clamav.te | 2 -
domains/program/unused/consoletype.te | 14 ++++-----
domains/program/unused/cups.te | 3 +
domains/program/unused/cyrus.te | 4 --
domains/program/unused/hald.te | 9 ++++-
domains/program/unused/hotplug.te | 10 +-----
domains/program/unused/i18n_input.te | 2 +
domains/program/unused/kudzu.te | 1
domains/program/unused/lvm.te | 2 -
domains/program/unused/ntpd.te | 7 ++--
domains/program/unused/portmap.te | 5 +--
domains/program/unused/samba.te | 1
domains/program/unused/snmpd.te | 2 -
domains/program/unused/squid.te | 4 --
domains/program/unused/tinydns.te | 2 -
domains/program/unused/udev.te | 8 +++--
domains/program/unused/updfstab.te | 6 +++
domains/program/unused/webalizer.te | 2 -
domains/user.te | 16 +++++++++-
file_contexts/distros.fc | 2 +
file_contexts/program/apache.fc | 3 +
file_contexts/program/compat.fc | 17 +++++++----
file_contexts/program/crack.fc | 1
file_contexts/program/cups.fc | 1
file_contexts/program/getty.fc | 2 +
file_contexts/program/i18n_input.fc | 4 ++
file_contexts/program/lvm.fc | 1
file_contexts/program/portmap.fc | 1
file_contexts/program/rhgb.fc | 1
file_contexts/program/traceroute.fc | 1
file_contexts/program/webalizer.fc | 2 +
file_contexts/types.fc | 9 +++++
flask/access_vectors | 2 +
macros/base_user_macros.te | 10 +++++-
macros/core_macros.te | 5 +--
macros/global_macros.te | 22 +++++++++++++-
macros/program/cdrecord_macros.te | 2 -
macros/program/chkpwd_macros.te | 4 +-
macros/program/mozilla_macros.te | 2 -
macros/program/su_macros.te | 2 -
macros/program/xserver_macros.te | 2 +
man/man8/httpd_selinux.8 | 6 +++
targeted/appconfig/default_contexts | 1
targeted/domains/program/compat.te | 7 ----
targeted/domains/program/crond.te | 2 -
targeted/domains/program/hotplug.te | 17 -----------
targeted/domains/program/sendmail.te | 3 +
targeted/domains/program/udev.te | 17 -----------
targeted/domains/program/xdm.te | 1
targeted/domains/unconfined.te | 12 +++++--
targeted/initial_sid_contexts | 47 -------------------------------
tunables/distro.tun | 2 -
tunables/tunable.tun | 6 +--
types/network.te | 1
72 files changed, 216 insertions(+), 195 deletions(-)
Index: policy-20050425.patch
===================================================================
RCS file: /cvs/dist/rpms/selinux-policy-targeted/devel/policy-20050425.patch,v
retrieving revision 1.6
retrieving revision 1.7
diff -u -r1.6 -r1.7
--- policy-20050425.patch 29 Apr 2005 19:02:38 -0000 1.6
+++ policy-20050425.patch 29 Apr 2005 20:36:59 -0000 1.7
@@ -461,7 +461,7 @@
allow cyrus_t mail_port_t:tcp_socket name_bind;
diff --exclude-from=exclude -N -u -r nsapolicy/domains/program/unused/hald.te policy-1.23.13/domains/program/unused/hald.te
--- nsapolicy/domains/program/unused/hald.te 2005-04-27 10:28:51.000000000 -0400
-+++ policy-1.23.13/domains/program/unused/hald.te 2005-04-29 13:52:09.000000000 -0400
++++ policy-1.23.13/domains/program/unused/hald.te 2005-04-29 15:34:38.000000000 -0400
@@ -15,7 +15,7 @@
can_exec_any(hald_t)
@@ -471,7 +471,24 @@
allow hald_t self:unix_dgram_socket create_socket_perms;
ifdef(`dbusd.te', `
-@@ -93,3 +93,7 @@
+@@ -36,7 +36,7 @@
+
+ allow hald_t self:netlink_kobject_uevent_socket create_socket_perms;
+ allow hald_t self:netlink_route_socket r_netlink_socket_perms;
+-allow hald_t self:capability { net_admin sys_admin dac_override dac_read_search mknod };
++allow hald_t self:capability { net_admin sys_admin dac_override dac_read_search mknod sys_rawio };
+ can_network_server(hald_t)
+ can_ypbind(hald_t)
+
+@@ -47,6 +47,7 @@
+ allow hald_t printer_device_t:chr_file rw_file_perms;
+ allow hald_t urandom_device_t:chr_file read;
+ allow hald_t mouse_device_t:chr_file r_file_perms;
++allow hald_t memory_device_t:chr_file r_file_perms;
+
+ can_getsecurity(hald_t)
+
+@@ -93,3 +94,7 @@
ifdef(`lvm.te', `
allow hald_t lvm_control_t:chr_file r_file_perms;
')
Index: selinux-policy-targeted.spec
===================================================================
RCS file: /cvs/dist/rpms/selinux-policy-targeted/devel/selinux-policy-targeted.spec,v
retrieving revision 1.290
retrieving revision 1.291
diff -u -r1.290 -r1.291
--- selinux-policy-targeted.spec 29 Apr 2005 19:02:38 -0000 1.290
+++ selinux-policy-targeted.spec 29 Apr 2005 20:36:59 -0000 1.291
@@ -11,7 +11,7 @@
Summary: SELinux %{type} policy configuration
Name: selinux-policy-%{type}
Version: 1.23.13
-Release: 7
+Release: 8
License: GPL
Group: System Environment/Base
Source: http://www.nsa.gov/selinux/archives/policy-%{version}.tgz
@@ -234,9 +234,10 @@
exit 0
%changelog
-* Fri Apr 29 2005 Dan Walsh <dwalsh at redhat.com> 1.23.13-7
+* Fri Apr 29 2005 Dan Walsh <dwalsh at redhat.com> 1.23.13-8
- Fixes for consoletype, kudzu reading proc_t
- Add label /dev/adb
+- Fixes for hal
* Thu Apr 28 2005 Dan Walsh <dwalsh at redhat.com> 1.23.13-6
- Allow hal to connect to self
- Previous message (by thread): rpms/selinux-policy-strict/devel policy-20050425.patch, 1.7, 1.8 selinux-policy-strict.spec, 1.295, 1.296
- Next message (by thread): rpms/audit/devel .cvsignore, 1.16, 1.17 audit.spec, 1.27, 1.28 sources, 1.16, 1.17
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
More information about the fedora-cvs-commits
mailing list