rpms/selinux-policy-targeted/devel policy-20050404.patch, 1.8, 1.9 selinux-policy-targeted.spec, 1.271, 1.272
fedora-cvs-commits at redhat.com
fedora-cvs-commits at redhat.com
Tue Apr 12 15:57:19 UTC 2005
Update of /cvs/dist/rpms/selinux-policy-targeted/devel
In directory cvs.devel.redhat.com:/tmp/cvs-serv3533
Modified Files:
policy-20050404.patch selinux-policy-targeted.spec
Log Message:
* Tue Apr 12 2005 Dan Walsh <dwalsh at redhat.com> 1.23.10-3
- Fix Makefile to load policy before installing FC
- Fix patch
- Remove unlimited tunables from strict
policy-20050404.patch:
Makefile | 6 +-
appconfig/default_type | 1
assert.te | 4 -
attrib.te | 14 +++++
domains/admin.te | 23 +++++----
domains/misc/kernel.te | 2
domains/program/checkpolicy.te | 5 -
domains/program/crond.te | 2
domains/program/cvs.te | 16 ++++++
domains/program/load_policy.te | 4 -
domains/program/login.te | 3 -
domains/program/modutil.te | 3 -
domains/program/newrole.te | 1
domains/program/restorecon.te | 3 -
domains/program/setfiles.te | 3 -
domains/program/ssh.te | 2
domains/program/unused/NetworkManager.te | 9 ++-
domains/program/unused/apache.te | 1
domains/program/unused/auditd.te | 2
domains/program/unused/cups.te | 12 +---
domains/program/unused/dmidecode.te | 1
domains/program/unused/ftpd.te | 3 -
domains/program/unused/howl.te | 2
domains/program/unused/kudzu.te | 1
domains/program/unused/named.te | 3 +
domains/program/unused/publicfile.te | 6 --
domains/program/unused/rsync.te | 2
domains/program/unused/snmpd.te | 3 +
domains/program/unused/updfstab.te | 1
domains/program/unused/xdm.te | 2
domains/program/useradd.te | 4 +
domains/program/uucpd.te | 24 +++++++++
domains/user.te | 2
file_contexts/distros.fc | 10 ++-
file_contexts/program/apache.fc | 1
file_contexts/program/auditd.fc | 1
file_contexts/program/crack.fc | 1
file_contexts/program/cvs.fc | 2
file_contexts/program/ftpd.fc | 1
file_contexts/program/named.fc | 1
file_contexts/program/rsync.fc | 1
file_contexts/program/uucpd.fc | 5 +
file_contexts/types.fc | 6 ++
macros/admin_macros.te | 75 ++++++++++++++++++-----------
macros/base_user_macros.te | 9 ---
macros/program/apache_macros.te | 2
macros/program/dbusd_macros.te | 4 +
macros/program/gift_macros.te | 2
macros/program/mozilla_macros.te | 5 +
macros/program/mplayer_macros.te | 10 ++-
macros/user_macros.te | 78 +++++++++++++++++++++----------
net_contexts | 9 ++-
targeted/domains/unconfined.te | 6 --
tunables/distro.tun | 2
tunables/tunable.tun | 6 +-
types/file.te | 3 -
types/network.te | 9 +--
users | 2
58 files changed, 282 insertions(+), 139 deletions(-)
Index: policy-20050404.patch
===================================================================
RCS file: /cvs/dist/rpms/selinux-policy-targeted/devel/policy-20050404.patch,v
retrieving revision 1.8
retrieving revision 1.9
diff -u -r1.8 -r1.9
--- policy-20050404.patch 12 Apr 2005 14:40:39 -0000 1.8
+++ policy-20050404.patch 12 Apr 2005 15:57:15 -0000 1.9
@@ -638,17 +638,6 @@
/etc/cron\.monthly/proftpd -- system_u:object_r:ftpd_exec_t
/var/ftp(/.*)? system_u:object_r:ftpd_anon_t
+/srv/([^/]*/)?ftp(/.*)? system_u:object_r:ftpd_anon_t
-diff --exclude-from=exclude -N -u -r nsapolicy/file_contexts/program/inetd.fc policy-1.23.10/file_contexts/program/inetd.fc
---- nsapolicy/file_contexts/program/inetd.fc 2005-02-24 14:51:09.000000000 -0500
-+++ policy-1.23.10/file_contexts/program/inetd.fc 2005-04-12 09:53:46.000000000 -0400
-@@ -3,6 +3,7 @@
- /usr/sbin/xinetd -- system_u:object_r:inetd_exec_t
- /usr/sbin/rlinetd -- system_u:object_r:inetd_exec_t
- /usr/sbin/identd -- system_u:object_r:inetd_child_exec_t
-+/usr/sbin/uucico -- system_u:object_r:inetd_child_exec_t
- /usr/sbin/in\..*d -- system_u:object_r:inetd_child_exec_t
- /var/log/(x)?inetd\.log -- system_u:object_r:inetd_log_t
- /var/run/inetd\.pid -- system_u:object_r:inetd_var_run_t
diff --exclude-from=exclude -N -u -r nsapolicy/file_contexts/program/named.fc policy-1.23.10/file_contexts/program/named.fc
--- nsapolicy/file_contexts/program/named.fc 2005-04-04 10:21:11.000000000 -0400
+++ policy-1.23.10/file_contexts/program/named.fc 2005-04-12 09:58:09.000000000 -0400
@@ -1038,6 +1027,37 @@
# $1_t is also granted permissions specific to user domains.
user_domain($1)
+diff --exclude-from=exclude -N -u -r nsapolicy/Makefile policy-1.23.10/Makefile
+--- nsapolicy/Makefile 2005-04-04 10:21:10.000000000 -0400
++++ policy-1.23.10/Makefile 2005-04-12 11:07:50.000000000 -0400
+@@ -163,7 +163,7 @@
+ @echo "Validating file contexts files ..."
+ $(SETFILES) -q -c $(POLICYVER) $(FC)
+
+-reload tmp/load: $(FCPATH) $(LOADPATH)
++reload tmp/load: $(LOADPATH)
+ @echo "Loading Policy ..."
+ ifeq ($(VERS), $(KERNVERS))
+ $(LOADPOLICY) $(LOADPATH)
+@@ -172,7 +172,7 @@
+ endif
+ touch tmp/load
+
+-load: tmp/load
++load: tmp/load $(FCPATH)
+
+ enableaudit: policy.conf
+ grep -v dontaudit policy.conf > policy.audit
+@@ -213,8 +213,8 @@
+ $(FCPATH): tmp/valid_fc $(USERPATH)/system.users $(APPDIR)/customizable_types
+ @echo "Installing file contexts files..."
+ @mkdir -p $(CONTEXTPATH)/files
+- install -m 644 $(FC) $(FCPATH)
+ install -m 644 $(HOMEDIR_TEMPLATE) $(HOMEDIRPATH)
++ install -m 644 $(FC) $(FCPATH)
+ @$(GENHOMEDIRCON) -d $(TOPDIR) -t $(TYPE) $(USEPWD)
+
+ $(FC): $(ALL_TUNABLES) tmp/program_used_flags.te $(FCFILES) domains/program domains/misc file_contexts/program file_contexts/misc users /etc/passwd
diff --exclude-from=exclude -N -u -r nsapolicy/net_contexts policy-1.23.10/net_contexts
--- nsapolicy/net_contexts 2005-04-06 06:57:43.000000000 -0400
+++ policy-1.23.10/net_contexts 2005-04-12 09:53:46.000000000 -0400
Index: selinux-policy-targeted.spec
===================================================================
RCS file: /cvs/dist/rpms/selinux-policy-targeted/devel/selinux-policy-targeted.spec,v
retrieving revision 1.271
retrieving revision 1.272
diff -u -r1.271 -r1.272
--- selinux-policy-targeted.spec 12 Apr 2005 14:40:39 -0000 1.271
+++ selinux-policy-targeted.spec 12 Apr 2005 15:57:16 -0000 1.272
@@ -11,7 +11,7 @@
Summary: SELinux %{type} policy configuration
Name: selinux-policy-%{type}
Version: 1.23.10
-Release: 2
+Release: 3
License: GPL
Group: System Environment/Base
Source: http://www.nsa.gov/selinux/archives/policy-%{version}.tgz
@@ -233,7 +233,8 @@
exit 0
%changelog
-* Tue Apr 12 2005 Dan Walsh <dwalsh at redhat.com> 1.23.10-2
+* Tue Apr 12 2005 Dan Walsh <dwalsh at redhat.com> 1.23.10-3
+- Fix Makefile to load policy before installing FC
- Fix patch
- Remove unlimited tunables from strict
More information about the fedora-cvs-commits
mailing list