rpms/selinux-policy-targeted/devel policy-20050404.patch, 1.8, 1.9 selinux-policy-targeted.spec, 1.271, 1.272

fedora-cvs-commits at redhat.com fedora-cvs-commits at redhat.com
Tue Apr 12 15:57:19 UTC 2005 

Update of /cvs/dist/rpms/selinux-policy-targeted/devel
In directory cvs.devel.redhat.com:/tmp/cvs-serv3533

Modified Files:
	policy-20050404.patch selinux-policy-targeted.spec 
Log Message:
* Tue Apr 12 2005 Dan Walsh <dwalsh at redhat.com> 1.23.10-3
- Fix Makefile to load policy before installing FC
- Fix patch
- Remove unlimited tunables from strict


policy-20050404.patch:
 Makefile                                 |    6 +-
 appconfig/default_type                   |    1 
 assert.te                                |    4 -
 attrib.te                                |   14 +++++
 domains/admin.te                         |   23 +++++----
 domains/misc/kernel.te                   |    2 
 domains/program/checkpolicy.te           |    5 -
 domains/program/crond.te                 |    2 
 domains/program/cvs.te                   |   16 ++++++
 domains/program/load_policy.te           |    4 -
 domains/program/login.te                 |    3 -
 domains/program/modutil.te               |    3 -
 domains/program/newrole.te               |    1 
 domains/program/restorecon.te            |    3 -
 domains/program/setfiles.te              |    3 -
 domains/program/ssh.te                   |    2 
 domains/program/unused/NetworkManager.te |    9 ++-
 domains/program/unused/apache.te         |    1 
 domains/program/unused/auditd.te         |    2 
 domains/program/unused/cups.te           |   12 +---
 domains/program/unused/dmidecode.te      |    1 
 domains/program/unused/ftpd.te           |    3 -
 domains/program/unused/howl.te           |    2 
 domains/program/unused/kudzu.te          |    1 
 domains/program/unused/named.te          |    3 +
 domains/program/unused/publicfile.te     |    6 --
 domains/program/unused/rsync.te          |    2 
 domains/program/unused/snmpd.te          |    3 +
 domains/program/unused/updfstab.te       |    1 
 domains/program/unused/xdm.te            |    2 
 domains/program/useradd.te               |    4 +
 domains/program/uucpd.te                 |   24 +++++++++
 domains/user.te                          |    2 
 file_contexts/distros.fc                 |   10 ++-
 file_contexts/program/apache.fc          |    1 
 file_contexts/program/auditd.fc          |    1 
 file_contexts/program/crack.fc           |    1 
 file_contexts/program/cvs.fc             |    2 
 file_contexts/program/ftpd.fc            |    1 
 file_contexts/program/named.fc           |    1 
 file_contexts/program/rsync.fc           |    1 
 file_contexts/program/uucpd.fc           |    5 +
 file_contexts/types.fc                   |    6 ++
 macros/admin_macros.te                   |   75 ++++++++++++++++++-----------
 macros/base_user_macros.te               |    9 ---
 macros/program/apache_macros.te          |    2 
 macros/program/dbusd_macros.te           |    4 +
 macros/program/gift_macros.te            |    2 
 macros/program/mozilla_macros.te         |    5 +
 macros/program/mplayer_macros.te         |   10 ++-
 macros/user_macros.te                    |   78 +++++++++++++++++++++----------
 net_contexts                             |    9 ++-
 targeted/domains/unconfined.te           |    6 --
 tunables/distro.tun                      |    2 
 tunables/tunable.tun                     |    6 +-
 types/file.te                            |    3 -
 types/network.te                         |    9 +--
 users                                    |    2 
 58 files changed, 282 insertions(+), 139 deletions(-)

Index: policy-20050404.patch
===================================================================
RCS file: /cvs/dist/rpms/selinux-policy-targeted/devel/policy-20050404.patch,v
retrieving revision 1.8
retrieving revision 1.9
diff -u -r1.8 -r1.9
--- policy-20050404.patch	12 Apr 2005 14:40:39 -0000	1.8
+++ policy-20050404.patch	12 Apr 2005 15:57:15 -0000	1.9
@@ -638,17 +638,6 @@
  /etc/cron\.monthly/proftpd --	system_u:object_r:ftpd_exec_t
  /var/ftp(/.*)?			system_u:object_r:ftpd_anon_t
 +/srv/([^/]*/)?ftp(/.*)?		system_u:object_r:ftpd_anon_t
-diff --exclude-from=exclude -N -u -r nsapolicy/file_contexts/program/inetd.fc policy-1.23.10/file_contexts/program/inetd.fc
---- nsapolicy/file_contexts/program/inetd.fc	2005-02-24 14:51:09.000000000 -0500
-+++ policy-1.23.10/file_contexts/program/inetd.fc	2005-04-12 09:53:46.000000000 -0400
-@@ -3,6 +3,7 @@
- /usr/sbin/xinetd	--	system_u:object_r:inetd_exec_t
- /usr/sbin/rlinetd	--	system_u:object_r:inetd_exec_t
- /usr/sbin/identd	--	system_u:object_r:inetd_child_exec_t
-+/usr/sbin/uucico	--	system_u:object_r:inetd_child_exec_t
- /usr/sbin/in\..*d	--	system_u:object_r:inetd_child_exec_t
- /var/log/(x)?inetd\.log	--	system_u:object_r:inetd_log_t
- /var/run/inetd\.pid	--	system_u:object_r:inetd_var_run_t
 diff --exclude-from=exclude -N -u -r nsapolicy/file_contexts/program/named.fc policy-1.23.10/file_contexts/program/named.fc
 --- nsapolicy/file_contexts/program/named.fc	2005-04-04 10:21:11.000000000 -0400
 +++ policy-1.23.10/file_contexts/program/named.fc	2005-04-12 09:58:09.000000000 -0400
@@ -1038,6 +1027,37 @@
  # $1_t is also granted permissions specific to user domains.
  user_domain($1)
  
+diff --exclude-from=exclude -N -u -r nsapolicy/Makefile policy-1.23.10/Makefile
+--- nsapolicy/Makefile	2005-04-04 10:21:10.000000000 -0400
++++ policy-1.23.10/Makefile	2005-04-12 11:07:50.000000000 -0400
+@@ -163,7 +163,7 @@
+ 	@echo "Validating file contexts files ..."
+ 	$(SETFILES) -q -c $(POLICYVER) $(FC)
+ 
+-reload tmp/load: $(FCPATH) $(LOADPATH)
++reload tmp/load: $(LOADPATH) 
+ 	@echo "Loading Policy ..."
+ ifeq ($(VERS), $(KERNVERS))
+ 	$(LOADPOLICY) $(LOADPATH)
+@@ -172,7 +172,7 @@
+ endif
+ 	touch tmp/load
+ 
+-load: tmp/load
++load: tmp/load $(FCPATH) 
+ 
+ enableaudit: policy.conf 
+ 	grep -v dontaudit policy.conf > policy.audit
+@@ -213,8 +213,8 @@
+ $(FCPATH): tmp/valid_fc $(USERPATH)/system.users  $(APPDIR)/customizable_types
+ 	@echo "Installing file contexts files..."
+ 	@mkdir -p $(CONTEXTPATH)/files
+-	install -m 644 $(FC) $(FCPATH)
+ 	install -m 644 $(HOMEDIR_TEMPLATE) $(HOMEDIRPATH)
++	install -m 644 $(FC) $(FCPATH)
+ 	@$(GENHOMEDIRCON) -d $(TOPDIR) -t $(TYPE) $(USEPWD)
+ 
+ $(FC): $(ALL_TUNABLES) tmp/program_used_flags.te $(FCFILES) domains/program domains/misc file_contexts/program file_contexts/misc users /etc/passwd
 diff --exclude-from=exclude -N -u -r nsapolicy/net_contexts policy-1.23.10/net_contexts
 --- nsapolicy/net_contexts	2005-04-06 06:57:43.000000000 -0400
 +++ policy-1.23.10/net_contexts	2005-04-12 09:53:46.000000000 -0400


Index: selinux-policy-targeted.spec
===================================================================
RCS file: /cvs/dist/rpms/selinux-policy-targeted/devel/selinux-policy-targeted.spec,v
retrieving revision 1.271
retrieving revision 1.272
diff -u -r1.271 -r1.272
--- selinux-policy-targeted.spec	12 Apr 2005 14:40:39 -0000	1.271
+++ selinux-policy-targeted.spec	12 Apr 2005 15:57:16 -0000	1.272
@@ -11,7 +11,7 @@
 Summary: SELinux %{type} policy configuration
 Name: selinux-policy-%{type}
 Version: 1.23.10
-Release: 2
+Release: 3
 License: GPL
 Group: System Environment/Base
 Source: http://www.nsa.gov/selinux/archives/policy-%{version}.tgz
@@ -233,7 +233,8 @@
 exit 0
 
 %changelog
-* Tue Apr 12 2005 Dan Walsh <dwalsh at redhat.com> 1.23.10-2
+* Tue Apr 12 2005 Dan Walsh <dwalsh at redhat.com> 1.23.10-3
+- Fix Makefile to load policy before installing FC
 - Fix patch
 - Remove unlimited tunables from strict

More information about the fedora-cvs-commits mailing list