rpms/selinux-policy-strict/devel policy-20050404.patch,1.6,1.7
fedora-cvs-commits at redhat.com
fedora-cvs-commits at redhat.com
Sat Apr 9 14:55:22 UTC 2005
Update of /cvs/dist/rpms/selinux-policy-strict/devel
In directory cvs.devel.redhat.com:/tmp/cvs-serv18490
Modified Files:
policy-20050404.patch
Log Message:
* Fri Apr 8 2005 Dan Walsh <dwalsh at redhat.com> 1.23.9-1
- Create separate secadm_r/secadm_t domain
policy-20050404.patch:
appconfig/default_type | 1
assert.te | 4 -
attrib.te | 14 +++++
domains/admin.te | 23 +++++----
domains/misc/kernel.te | 2
domains/program/checkpolicy.te | 5 -
domains/program/load_policy.te | 4 -
domains/program/modutil.te | 2
domains/program/newrole.te | 1
domains/program/restorecon.te | 3 -
domains/program/setfiles.te | 3 -
domains/program/unused/NetworkManager.te | 9 ++-
domains/program/unused/cups.te | 12 +---
domains/program/unused/dmidecode.te | 1
domains/program/unused/howl.te | 2
domains/program/unused/kudzu.te | 1
domains/program/unused/snmpd.te | 3 +
domains/program/unused/updfstab.te | 1
domains/user.te | 2
file_contexts/distros.fc | 4 +
macros/admin_macros.te | 75 ++++++++++++++++++-----------
macros/base_user_macros.te | 9 ---
macros/program/dbusd_macros.te | 4 +
macros/program/gift_macros.te | 2
macros/program/mplayer_macros.te | 10 ++-
macros/user_macros.te | 78 +++++++++++++++++++++----------
targeted/domains/program/modutil.te | 17 ------
tunables/distro.tun | 2
tunables/tunable.tun | 12 ++--
users | 2
30 files changed, 186 insertions(+), 122 deletions(-)
Index: policy-20050404.patch
===================================================================
RCS file: /cvs/dist/rpms/selinux-policy-strict/devel/policy-20050404.patch,v
retrieving revision 1.6
retrieving revision 1.7
diff -u -r1.6 -r1.7
--- policy-20050404.patch 9 Apr 2005 11:08:37 -0000 1.6
+++ policy-20050404.patch 9 Apr 2005 14:55:19 -0000 1.7
@@ -295,7 +295,16 @@
+allow kudzu_t initrc_t:unix_stream_socket connectto;
diff --exclude-from=exclude -N -u -r nsapolicy/domains/program/unused/NetworkManager.te policy-1.23.9/domains/program/unused/NetworkManager.te
--- nsapolicy/domains/program/unused/NetworkManager.te 2005-04-07 22:22:55.000000000 -0400
-+++ policy-1.23.9/domains/program/unused/NetworkManager.te 2005-04-09 05:56:10.000000000 -0400
++++ policy-1.23.9/domains/program/unused/NetworkManager.te 2005-04-09 10:46:20.000000000 -0400
+@@ -11,7 +11,7 @@
+ # NetworkManager_t is the domain for the NetworkManager daemon.
+ # NetworkManager_exec_t is the type of the NetworkManager executable.
+ #
+-daemon_domain(NetworkManager, `, nscd_client_domain' )
++daemon_domain(NetworkManager, `, nscd_client_domain, privsysmod' )
+
+ can_network(NetworkManager_t)
+ allow NetworkManager_t port_type:tcp_socket name_connect;
@@ -20,7 +20,7 @@
can_ypbind(NetworkManager_t)
More information about the fedora-cvs-commits
mailing list