rpms/selinux-policy-strict/devel policy-20050414.patch, 1.7, 1.8 selinux-policy-strict.spec, 1.283, 1.284

fedora-cvs-commits at redhat.com fedora-cvs-commits at redhat.com
Thu Apr 21 15:26:48 UTC 2005


Update of /cvs/dist/rpms/selinux-policy-strict/devel
In directory cvs.devel.redhat.com:/tmp/cvs-serv16082

Modified Files:
	policy-20050414.patch selinux-policy-strict.spec 
Log Message:
* Thu Apr 21 2005 Dan Walsh <dwalsh at redhat.com> 1.23.12-2
- Fix conflicting context files


policy-20050414.patch:
 domains/program/getty.te            |    1 +
 domains/program/hostname.te         |    6 ++----
 domains/program/initrc.te           |    8 ++++----
 domains/program/load_policy.te      |    3 +--
 domains/program/modutil.te          |    2 +-
 domains/program/unused/amanda.te    |   18 ++++++++++++++----
 domains/program/unused/apache.te    |    4 ++--
 domains/program/unused/auditd.te    |   35 +++++++++++++++++++++++++----------
 domains/program/unused/cups.te      |    1 +
 domains/program/unused/dhcpc.te     |   11 +++++++----
 domains/program/unused/prelink.te   |    2 +-
 domains/program/unused/tinydns.te   |    2 +-
 domains/program/unused/udev.te      |    1 +
 file_contexts/program/auditd.fc     |    2 +-
 file_contexts/program/compat.fc     |    1 -
 file_contexts/program/i18n_input.fc |    2 +-
 file_contexts/program/traceroute.fc |    2 ++
 file_contexts/program/udev.fc       |    1 +
 file_contexts/types.fc              |    2 +-
 macros/core_macros.te               |    1 +
 macros/program/ypbind_macros.te     |    4 +++-
 targeted/domains/program/compat.te  |    1 -
 tunables/distro.tun                 |    2 +-
 tunables/tunable.tun                |    6 +++---
 24 files changed, 75 insertions(+), 43 deletions(-)

Index: policy-20050414.patch
===================================================================
RCS file: /cvs/dist/rpms/selinux-policy-strict/devel/policy-20050414.patch,v
retrieving revision 1.7
retrieving revision 1.8
diff -u -r1.7 -r1.8
--- policy-20050414.patch	20 Apr 2005 20:10:42 -0000	1.7
+++ policy-20050414.patch	21 Apr 2005 15:26:45 -0000	1.8
@@ -1,6 +1,6 @@
-diff --exclude-from=exclude -N -u -r nsapolicy/domains/program/getty.te policy-1.23.11/domains/program/getty.te
+diff --exclude-from=exclude -N -u -r nsapolicy/domains/program/getty.te policy-1.23.12/domains/program/getty.te
 --- nsapolicy/domains/program/getty.te	2005-04-14 15:01:53.000000000 -0400
-+++ policy-1.23.11/domains/program/getty.te	2005-04-20 15:31:44.000000000 -0400
++++ policy-1.23.12/domains/program/getty.te	2005-04-21 08:05:17.000000000 -0400
 @@ -51,6 +51,7 @@
  # Chown, chmod, read and write ttys.
  allow getty_t tty_device_t:chr_file { setattr rw_file_perms };
@@ -9,9 +9,9 @@
  
  # for error condition handling
  allow getty_t fs_t:filesystem getattr;
-diff --exclude-from=exclude -N -u -r nsapolicy/domains/program/hostname.te policy-1.23.11/domains/program/hostname.te
+diff --exclude-from=exclude -N -u -r nsapolicy/domains/program/hostname.te policy-1.23.12/domains/program/hostname.te
 --- nsapolicy/domains/program/hostname.te	2005-02-24 14:51:07.000000000 -0500
-+++ policy-1.23.11/domains/program/hostname.te	2005-04-20 15:13:49.000000000 -0400
++++ policy-1.23.12/domains/program/hostname.te	2005-04-21 08:05:17.000000000 -0400
 @@ -4,13 +4,11 @@
  # X-Debian-Packages: hostname
  
@@ -28,9 +28,9 @@
  read_locale(hostname_t)
  can_resolve(hostname_t)
  allow hostname_t userdomain:fd use;
-diff --exclude-from=exclude -N -u -r nsapolicy/domains/program/initrc.te policy-1.23.11/domains/program/initrc.te
+diff --exclude-from=exclude -N -u -r nsapolicy/domains/program/initrc.te policy-1.23.12/domains/program/initrc.te
 --- nsapolicy/domains/program/initrc.te	2005-04-20 15:40:34.000000000 -0400
-+++ policy-1.23.11/domains/program/initrc.te	2005-04-20 15:40:05.000000000 -0400
++++ policy-1.23.12/domains/program/initrc.te	2005-04-21 08:05:17.000000000 -0400
 @@ -208,6 +208,10 @@
  file_type_auto_trans({ initrc_t sysadm_t }, root_t, etc_runtime_t, file)
  
@@ -53,10 +53,27 @@
  ifdef(`unlimitedRC', `
  unconfined_domain(initrc_t) 
  ')
-diff --exclude-from=exclude -N -u -r nsapolicy/domains/program/modutil.te policy-1.23.11/domains/program/modutil.te
+diff --exclude-from=exclude -N -u -r nsapolicy/domains/program/load_policy.te policy-1.23.12/domains/program/load_policy.te
+--- nsapolicy/domains/program/load_policy.te	2005-04-20 15:40:34.000000000 -0400
++++ policy-1.23.12/domains/program/load_policy.te	2005-04-21 08:37:13.000000000 -0400
+@@ -39,6 +39,7 @@
+ # only allow read of policy config files
+ allow load_policy_t policy_src_t:dir search;
+ r_dir_file(load_policy_t, policy_config_t)
++r_dir_file(load_policy_t, selinux_config_t)
+ 
+ # directory search permissions for path to binary policy files
+ allow load_policy_t root_t:dir search;
+@@ -57,5 +58,3 @@
+ allow load_policy_t fs_t:filesystem getattr;
+ 
+ read_locale(load_policy_t)
+-r_dir_file(load_policy_t, selinux_config_t)
+-allow load_policy_t proc_t:file { getattr read };
+diff --exclude-from=exclude -N -u -r nsapolicy/domains/program/modutil.te policy-1.23.12/domains/program/modutil.te
 --- nsapolicy/domains/program/modutil.te	2005-04-20 15:40:34.000000000 -0400
-+++ policy-1.23.11/domains/program/modutil.te	2005-04-20 15:32:42.000000000 -0400
-@@ -95,7 +97,7 @@
++++ policy-1.23.12/domains/program/modutil.te	2005-04-21 08:05:17.000000000 -0400
+@@ -95,7 +95,7 @@
  allow insmod_t usr_t:file { getattr read };
  
  allow insmod_t privfd:fd use;
@@ -65,9 +82,9 @@
  ifdef(`gnome-pty-helper.te', `allow insmod_t sysadm_gph_t:fd use;')
  
  allow insmod_t { agp_device_t apm_bios_t }:chr_file { read write };
-diff --exclude-from=exclude -N -u -r nsapolicy/domains/program/unused/amanda.te policy-1.23.11/domains/program/unused/amanda.te
+diff --exclude-from=exclude -N -u -r nsapolicy/domains/program/unused/amanda.te policy-1.23.12/domains/program/unused/amanda.te
 --- nsapolicy/domains/program/unused/amanda.te	2005-03-11 15:31:06.000000000 -0500
-+++ policy-1.23.11/domains/program/unused/amanda.te	2005-04-15 14:13:03.000000000 -0400
++++ policy-1.23.12/domains/program/unused/amanda.te	2005-04-21 08:05:17.000000000 -0400
 @@ -128,10 +128,7 @@
  
  # access to device_t and similar
@@ -107,9 +124,9 @@
 +dontaudit amanda_t sysfs_t:dir { getattr read };
 +dontaudit amanda_t unlabeled_t:file getattr;
 +dontaudit amanda_t usbfs_t:dir getattr;
-diff --exclude-from=exclude -N -u -r nsapolicy/domains/program/unused/apache.te policy-1.23.11/domains/program/unused/apache.te
+diff --exclude-from=exclude -N -u -r nsapolicy/domains/program/unused/apache.te policy-1.23.12/domains/program/unused/apache.te
 --- nsapolicy/domains/program/unused/apache.te	2005-04-20 15:40:34.000000000 -0400
-+++ policy-1.23.11/domains/program/unused/apache.te	2005-04-19 14:29:04.000000000 -0400
++++ policy-1.23.12/domains/program/unused/apache.te	2005-04-21 08:05:17.000000000 -0400
 @@ -335,8 +335,8 @@
  allow httpd_suexec_t { var_t var_log_t }:dir search;
  allow httpd_suexec_t home_root_t:dir search;
@@ -121,10 +138,10 @@
  allow httpd_suexec_t httpd_t:fifo_file getattr;
  allow httpd_suexec_t self:unix_stream_socket create_stream_socket_perms;
  
-diff --exclude-from=exclude -N -u -r nsapolicy/domains/program/unused/auditd.te policy-1.23.11/domains/program/unused/auditd.te
+diff --exclude-from=exclude -N -u -r nsapolicy/domains/program/unused/auditd.te policy-1.23.12/domains/program/unused/auditd.te
 --- nsapolicy/domains/program/unused/auditd.te	2005-04-20 15:40:34.000000000 -0400
-+++ policy-1.23.11/domains/program/unused/auditd.te	2005-04-19 16:05:58.000000000 -0400
-@@ -5,16 +5,14 @@
++++ policy-1.23.12/domains/program/unused/auditd.te	2005-04-21 08:38:21.000000000 -0400
+@@ -5,30 +5,45 @@
  define(`audit_manager_domain', `
  allow $1 auditd_etc_t:file rw_file_perms;
  create_dir_file($1, auditd_log_t)
@@ -142,9 +159,13 @@
 +allow auditd_t self:capability { audit_write audit_control sys_nice };
  allow auditd_t etc_t:file { getattr read };
  
- # Don't use logdir_domain since this is a security file
-@@ -23,12 +21,29 @@
- allow auditd_t auditd_log_t:dir { setattr rw_dir_perms };
+-# Don't use logdir_domain since this is a security file
++# Do not use logdir_domain since this is a security file
+ type auditd_log_t, file_type, secure_file_type;
+-file_type_auto_trans(auditd_t, var_log_t, auditd_log_t, file)
+-allow auditd_t auditd_log_t:dir { setattr rw_dir_perms };
++allow auditd_t var_log_t:dir search;
++rw_dir_create_file(auditd_t, auditd_log_t)
  
  can_exec(auditd_t, init_exec_t)
 -allow auditd_t auditd_etc_t:file r_file_perms;
@@ -176,18 +197,18 @@
 +allow auditctl_t proc_t:dir search;
 +allow auditctl_t sysctl_kernel_t:dir search;
 +allow auditctl_t sysctl_kernel_t:file read;
-diff --exclude-from=exclude -N -u -r nsapolicy/domains/program/unused/cups.te policy-1.23.11/domains/program/unused/cups.te
+diff --exclude-from=exclude -N -u -r nsapolicy/domains/program/unused/cups.te policy-1.23.12/domains/program/unused/cups.te
 --- nsapolicy/domains/program/unused/cups.te	2005-04-20 15:40:35.000000000 -0400
-+++ policy-1.23.11/domains/program/unused/cups.te	2005-04-15 14:26:15.000000000 -0400
++++ policy-1.23.12/domains/program/unused/cups.te	2005-04-21 08:05:17.000000000 -0400
 @@ -254,4 +254,5 @@
  can_unix_connect(cupsd_t, initrc_t)
  allow cupsd_t initrc_t:dbus send_msg;
  allow initrc_t cupsd_t:dbus send_msg;
 +allow cupsd_t unconfined_t:dbus send_msg;
  ')
-diff --exclude-from=exclude -N -u -r nsapolicy/domains/program/unused/dhcpc.te policy-1.23.11/domains/program/unused/dhcpc.te
+diff --exclude-from=exclude -N -u -r nsapolicy/domains/program/unused/dhcpc.te policy-1.23.12/domains/program/unused/dhcpc.te
 --- nsapolicy/domains/program/unused/dhcpc.te	2005-04-14 15:01:53.000000000 -0400
-+++ policy-1.23.11/domains/program/unused/dhcpc.te	2005-04-20 15:15:39.000000000 -0400
++++ policy-1.23.12/domains/program/unused/dhcpc.te	2005-04-21 08:05:17.000000000 -0400
 @@ -17,7 +17,7 @@
  #
  type dhcpc_port_t, port_type, reserved_port_type;
@@ -213,7 +234,7 @@
  
  # for access("/etc/bashrc", X_OK) on Red Hat
  dontaudit dhcpc_t self:capability { dac_read_search sys_module };
-@@ -120,14 +119,14 @@
+@@ -120,14 +120,14 @@
  allow dhcpc_t var_lib_t:dir search;
  file_type_auto_trans(dhcpc_t, dhcp_state_t, dhcpc_state_t, file)
  
@@ -230,7 +251,7 @@
  allow dhcpc_t { userdomain kernel_t }:fd use;
  
  allow dhcpc_t home_root_t:dir search;
-@@ -143,7 +142,10 @@
+@@ -143,7 +143,10 @@
  can_exec(dhcpc_t, initrc_exec_t)
  ifdef(`ypbind.te', `
  domain_auto_trans(dhcpc_t, ypbind_exec_t, ypbind_t)
@@ -241,9 +262,9 @@
  ')
 +role sysadm_r types dhcpc_t;
 +domain_auto_trans(sysadm_t, dhcpc_exec_t, dhcpc_t)
-diff --exclude-from=exclude -N -u -r nsapolicy/domains/program/unused/prelink.te policy-1.23.11/domains/program/unused/prelink.te
+diff --exclude-from=exclude -N -u -r nsapolicy/domains/program/unused/prelink.te policy-1.23.12/domains/program/unused/prelink.te
 --- nsapolicy/domains/program/unused/prelink.te	2005-04-04 10:21:11.000000000 -0400
-+++ policy-1.23.11/domains/program/unused/prelink.te	2005-04-15 18:15:23.000000000 -0400
++++ policy-1.23.12/domains/program/unused/prelink.te	2005-04-21 08:05:17.000000000 -0400
 @@ -9,7 +9,7 @@
  #
  # prelink_exec_t is the type of the prelink executable.
@@ -253,9 +274,21 @@
  
  if (allow_execmem) {
  allow prelink_t self:process execmem;
-diff --exclude-from=exclude -N -u -r nsapolicy/domains/program/unused/udev.te policy-1.23.11/domains/program/unused/udev.te
+diff --exclude-from=exclude -N -u -r nsapolicy/domains/program/unused/tinydns.te policy-1.23.12/domains/program/unused/tinydns.te
+--- nsapolicy/domains/program/unused/tinydns.te	2005-02-24 14:51:08.000000000 -0500
++++ policy-1.23.12/domains/program/unused/tinydns.te	2005-04-21 08:22:26.000000000 -0400
+@@ -36,7 +36,7 @@
+ can_udp_send(domain, tinydns_t)
+ can_udp_send(tinydns_t, domain)
+ # tinydns itself doesn't do zone transfers
+-# so we don't need to have it tcp_connect
++# so we do not need to have it tcp_connect
+ 
+ #read configuration files
+ r_dir_file(tinydns_t, tinydns_conf_t)
+diff --exclude-from=exclude -N -u -r nsapolicy/domains/program/unused/udev.te policy-1.23.12/domains/program/unused/udev.te
 --- nsapolicy/domains/program/unused/udev.te	2005-04-14 15:01:54.000000000 -0400
-+++ policy-1.23.11/domains/program/unused/udev.te	2005-04-20 15:36:54.000000000 -0400
++++ policy-1.23.12/domains/program/unused/udev.te	2005-04-21 08:05:17.000000000 -0400
 @@ -33,6 +33,7 @@
  allow udev_t self:unix_stream_socket {connectto create_stream_socket_perms};
  allow udev_t self:unix_dgram_socket create_socket_perms;
@@ -264,9 +297,9 @@
  allow udev_t device_t:sock_file create_file_perms;
  allow udev_t device_t:lnk_file create_lnk_perms;
  allow udev_t { device_t device_type }:{ chr_file blk_file } { relabelfrom relabelto create_file_perms };
-diff --exclude-from=exclude -N -u -r nsapolicy/file_contexts/program/auditd.fc policy-1.23.11/file_contexts/program/auditd.fc
+diff --exclude-from=exclude -N -u -r nsapolicy/file_contexts/program/auditd.fc policy-1.23.12/file_contexts/program/auditd.fc
 --- nsapolicy/file_contexts/program/auditd.fc	2005-04-20 15:40:35.000000000 -0400
-+++ policy-1.23.11/file_contexts/program/auditd.fc	2005-04-19 13:37:34.000000000 -0400
++++ policy-1.23.12/file_contexts/program/auditd.fc	2005-04-21 08:05:17.000000000 -0400
 @@ -1,5 +1,5 @@
  # auditd
 -/sbin/auditctl		--	system_u:object_r:auditd_exec_t
@@ -274,9 +307,20 @@
  /sbin/auditd		--	system_u:object_r:auditd_exec_t
  /var/log/audit.log 	-- 	system_u:object_r:auditd_log_t
  /var/log/audit(/.*)?  	 	system_u:object_r:auditd_log_t
-diff --exclude-from=exclude -N -u -r nsapolicy/file_contexts/program/i18n_input.fc policy-1.23.11/file_contexts/program/i18n_input.fc
+diff --exclude-from=exclude -N -u -r nsapolicy/file_contexts/program/compat.fc policy-1.23.12/file_contexts/program/compat.fc
+--- nsapolicy/file_contexts/program/compat.fc	2005-04-20 08:58:41.000000000 -0400
++++ policy-1.23.12/file_contexts/program/compat.fc	2005-04-21 11:17:41.000000000 -0400
+@@ -6,7 +6,6 @@
+ /bin/umount.*			--	system_u:object_r:mount_exec_t
+ # restorecon
+ /sbin/restorecon	--	system_u:object_r:restorecon_exec_t
+-/bin/hostname		--	system_u:object_r:hostname_exec_t
+ # consoletype
+ /sbin/consoletype	--	system_u:object_r:consoletype_exec_t
+ # loadkeys
+diff --exclude-from=exclude -N -u -r nsapolicy/file_contexts/program/i18n_input.fc policy-1.23.12/file_contexts/program/i18n_input.fc
 --- nsapolicy/file_contexts/program/i18n_input.fc	2005-04-20 15:40:35.000000000 -0400
-+++ policy-1.23.11/file_contexts/program/i18n_input.fc	2005-04-19 13:41:08.000000000 -0400
++++ policy-1.23.12/file_contexts/program/i18n_input.fc	2005-04-21 08:05:17.000000000 -0400
 @@ -1,7 +1,7 @@
  # i18n_input.fc
  /usr/sbin/htt                   --     system_u:object_r:i18n_input_exec_t
@@ -286,21 +330,20 @@
  /usr/bin/httx                   --     system_u:object_r:i18n_input_exec_t
  /usr/bin/htt_xbe                --     system_u:object_r:i18n_input_exec_t
  /usr/lib(64)?/im/.*\.so.*       --     system_u:object_r:shlib_t
-diff --exclude-from=exclude -N -u -r nsapolicy/file_contexts/program/traceroute.fc policy-1.23.11/file_contexts/program/traceroute.fc
+diff --exclude-from=exclude -N -u -r nsapolicy/file_contexts/program/traceroute.fc policy-1.23.12/file_contexts/program/traceroute.fc
 --- nsapolicy/file_contexts/program/traceroute.fc	2005-02-24 14:51:08.000000000 -0500
-+++ policy-1.23.11/file_contexts/program/traceroute.fc	2005-04-20 15:28:25.000000000 -0400
-@@ -1,5 +1,8 @@
++++ policy-1.23.12/file_contexts/program/traceroute.fc	2005-04-21 09:45:13.000000000 -0400
+@@ -1,5 +1,7 @@
  # traceroute
  /bin/traceroute.*	--	system_u:object_r:traceroute_exec_t
 +/bin/tracepath.*	--	system_u:object_r:traceroute_exec_t
 +/sbin/rdisc		--	system_u:object_r:traceroute_exec_t
-+/sbin/arping		--	system_u:object_r:traceroute_exec_t
  /usr/(s)?bin/traceroute.* --	system_u:object_r:traceroute_exec_t
  /usr/bin/lft		--	system_u:object_r:traceroute_exec_t
  /usr/bin/nmap		--	system_u:object_r:traceroute_exec_t
-diff --exclude-from=exclude -N -u -r nsapolicy/file_contexts/program/udev.fc policy-1.23.11/file_contexts/program/udev.fc
+diff --exclude-from=exclude -N -u -r nsapolicy/file_contexts/program/udev.fc policy-1.23.12/file_contexts/program/udev.fc
 --- nsapolicy/file_contexts/program/udev.fc	2005-02-24 14:51:09.000000000 -0500
-+++ policy-1.23.11/file_contexts/program/udev.fc	2005-04-15 15:16:26.000000000 -0400
++++ policy-1.23.12/file_contexts/program/udev.fc	2005-04-21 08:05:17.000000000 -0400
 @@ -3,6 +3,7 @@
  /sbin/udev	--	system_u:object_r:udev_exec_t
  /sbin/udevd	--	system_u:object_r:udev_exec_t
@@ -309,9 +352,32 @@
  /usr/bin/udevinfo --	system_u:object_r:udev_exec_t
  /etc/dev\.d/.+	--	system_u:object_r:udev_helper_exec_t
  /etc/udev/scripts/.+	-- system_u:object_r:udev_helper_exec_t
-diff --exclude-from=exclude -N -u -r nsapolicy/macros/program/ypbind_macros.te policy-1.23.11/macros/program/ypbind_macros.te
+diff --exclude-from=exclude -N -u -r nsapolicy/file_contexts/types.fc policy-1.23.12/file_contexts/types.fc
+--- nsapolicy/file_contexts/types.fc	2005-04-20 15:40:35.000000000 -0400
++++ policy-1.23.12/file_contexts/types.fc	2005-04-21 08:22:16.000000000 -0400
+@@ -58,7 +58,7 @@
+ 
+ #
+ # Mount points; do not relabel subdirectories, since
+-# we don't want to change any removable media by default.
++# we don not want to change any removable media by default.
+ /mnt(/[^/]*)?		-d	system_u:object_r:mnt_t
+ /mnt/[^/]*/.*			<<none>>
+ /media(/[^/]*)?		-d	system_u:object_r:mnt_t
+diff --exclude-from=exclude -N -u -r nsapolicy/macros/core_macros.te policy-1.23.12/macros/core_macros.te
+--- nsapolicy/macros/core_macros.te	2005-04-06 06:57:44.000000000 -0400
++++ policy-1.23.12/macros/core_macros.te	2005-04-21 08:36:01.000000000 -0400
+@@ -361,6 +361,7 @@
+ # Get the selinuxfs mount point via /proc/self/mounts.
+ allow $1 proc_t:dir search;
+ allow $1 proc_t:lnk_file read;
++allow $1 proc_t:file { getattr read };
+ allow $1 self:dir search;
+ allow $1 self:file { getattr read };
+ # Access selinuxfs.
+diff --exclude-from=exclude -N -u -r nsapolicy/macros/program/ypbind_macros.te policy-1.23.12/macros/program/ypbind_macros.te
 --- nsapolicy/macros/program/ypbind_macros.te	2005-02-24 14:51:09.000000000 -0500
-+++ policy-1.23.11/macros/program/ypbind_macros.te	2005-04-20 12:59:45.000000000 -0400
++++ policy-1.23.12/macros/program/ypbind_macros.te	2005-04-21 08:05:17.000000000 -0400
 @@ -1,10 +1,12 @@
  
  define(`uncond_can_ypbind', `
@@ -326,9 +392,9 @@
  ')
  
  define(`can_ypbind', `
-diff --exclude-from=exclude -N -u -r nsapolicy/targeted/domains/program/compat.te policy-1.23.11/targeted/domains/program/compat.te
+diff --exclude-from=exclude -N -u -r nsapolicy/targeted/domains/program/compat.te policy-1.23.12/targeted/domains/program/compat.te
 --- nsapolicy/targeted/domains/program/compat.te	2005-04-20 08:58:43.000000000 -0400
-+++ policy-1.23.11/targeted/domains/program/compat.te	2005-04-20 12:55:32.000000000 -0400
++++ policy-1.23.12/targeted/domains/program/compat.te	2005-04-21 08:05:17.000000000 -0400
 @@ -1,7 +1,6 @@
  typealias sbin_t alias setfiles_exec_t;
  typealias bin_t alias mount_exec_t;
@@ -337,9 +403,9 @@
  typealias sbin_t alias consoletype_exec_t;
  typealias bin_t alias loadkeys_exec_t;
  typealias bin_t alias dmesg_exec_t;
-diff --exclude-from=exclude -N -u -r nsapolicy/tunables/distro.tun policy-1.23.11/tunables/distro.tun
+diff --exclude-from=exclude -N -u -r nsapolicy/tunables/distro.tun policy-1.23.12/tunables/distro.tun
 --- nsapolicy/tunables/distro.tun	2005-02-24 14:51:09.000000000 -0500
-+++ policy-1.23.11/tunables/distro.tun	2005-04-14 15:20:16.000000000 -0400
++++ policy-1.23.12/tunables/distro.tun	2005-04-21 08:05:17.000000000 -0400
 @@ -5,7 +5,7 @@
  # appropriate ifdefs.
  
@@ -349,9 +415,9 @@
  
  dnl define(`distro_suse')
  
-diff --exclude-from=exclude -N -u -r nsapolicy/tunables/tunable.tun policy-1.23.11/tunables/tunable.tun
+diff --exclude-from=exclude -N -u -r nsapolicy/tunables/tunable.tun policy-1.23.12/tunables/tunable.tun
 --- nsapolicy/tunables/tunable.tun	2005-04-14 15:01:54.000000000 -0400
-+++ policy-1.23.11/tunables/tunable.tun	2005-04-14 15:21:06.000000000 -0400
++++ policy-1.23.12/tunables/tunable.tun	2005-04-21 08:05:17.000000000 -0400
 @@ -2,7 +2,7 @@
  dnl define(`user_can_mount')
  


Index: selinux-policy-strict.spec
===================================================================
RCS file: /cvs/dist/rpms/selinux-policy-strict/devel/selinux-policy-strict.spec,v
retrieving revision 1.283
retrieving revision 1.284
diff -u -r1.283 -r1.284
--- selinux-policy-strict.spec	20 Apr 2005 20:10:42 -0000	1.283
+++ selinux-policy-strict.spec	21 Apr 2005 15:26:45 -0000	1.284
@@ -11,7 +11,7 @@
 Summary: SELinux %{type} policy configuration
 Name: selinux-policy-%{type}
 Version: 1.23.12
-Release: 1
+Release: 2
 License: GPL
 Group: System Environment/Base
 Source: http://www.nsa.gov/selinux/archives/policy-%{version}.tgz
@@ -220,6 +220,9 @@
 exit 0
 
 %changelog
+* Thu Apr 21 2005 Dan Walsh <dwalsh at redhat.com> 1.23.12-2
+- Fix conflicting context files
+
 * Wed Apr 20 2005 Dan Walsh <dwalsh at redhat.com> 1.23.12-1
 - Fix dhcpc.te
 - fix hostname.te for targeted domain




More information about the fedora-cvs-commits mailing list