rpms/selinux-policy-strict/devel policy-20050425.patch, 1.1, 1.2 selinux-policy-strict.spec, 1.289, 1.290
fedora-cvs-commits at redhat.com
fedora-cvs-commits at redhat.com
Tue Apr 26 01:40:48 UTC 2005
- Previous message (by thread): rpms/dbus/devel .cvsignore, 1.9, 1.10 dbus.spec, 1.44, 1.45 sources, 1.9, 1.10
- Next message (by thread): rpms/selinux-policy-targeted/devel policy-20050425.patch, 1.1, 1.2 selinux-policy-targeted.spec, 1.285, 1.286
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
Author: dwalsh
Update of /cvs/dist/rpms/selinux-policy-strict/devel
In directory cvs.devel.redhat.com:/tmp/cvs-serv20378
Modified Files:
policy-20050425.patch selinux-policy-strict.spec
Log Message:
* Mon Apr 25 2005 Dan Walsh <dwalsh at redhat.com> 1.23.13-2
- Small fixes for targeted policy
- Add updfstab
policy-20050425.patch:
domains/misc/kernel.te | 4 ++
domains/program/fsadm.te | 2 -
domains/program/getty.te | 14 ++--------
domains/program/hostname.te | 1
domains/program/init.te | 3 --
domains/program/initrc.te | 1
domains/program/klogd.te | 3 ++
domains/program/load_policy.te | 3 --
domains/program/unused/amavis.te | 7 -----
domains/program/unused/apache.te | 16 +++--------
domains/program/unused/apmd.te | 1
domains/program/unused/auditd.te | 15 ++++++++--
domains/program/unused/clamav.te | 2 -
domains/program/unused/consoletype.te | 13 ++++-----
domains/program/unused/cups.te | 2 +
domains/program/unused/hald.te | 4 ++
domains/program/unused/hotplug.te | 8 +----
domains/program/unused/ntpd.te | 3 --
domains/program/unused/portmap.te | 5 ++-
domains/program/unused/samba.te | 1
domains/program/unused/squid.te | 4 --
domains/program/unused/tinydns.te | 2 -
domains/program/unused/udev.te | 6 ++--
domains/program/unused/webalizer.te | 2 -
domains/user.te | 7 +++++
file_contexts/distros.fc | 1
file_contexts/program/compat.fc | 17 ++++++++----
file_contexts/program/getty.fc | 2 +
file_contexts/program/lvm.fc | 1
file_contexts/program/portmap.fc | 1
file_contexts/program/traceroute.fc | 1
file_contexts/program/webalizer.fc | 2 +
file_contexts/types.fc | 3 +-
macros/base_user_macros.te | 2 -
macros/core_macros.te | 1
macros/global_macros.te | 12 ++++++++
macros/program/cdrecord_macros.te | 2 -
macros/program/mozilla_macros.te | 2 -
man/man8/httpd_selinux.8 | 6 ++++
targeted/appconfig/default_contexts | 1
targeted/domains/program/compat.te | 2 -
targeted/domains/program/crond.te | 2 -
targeted/domains/program/hotplug.te | 17 ------------
targeted/domains/program/sendmail.te | 3 +-
targeted/domains/program/udev.te | 17 ------------
targeted/domains/program/xdm.te | 1
targeted/domains/unconfined.te | 3 +-
targeted/initial_sid_contexts | 47 ----------------------------------
tunables/distro.tun | 2 -
tunables/tunable.tun | 6 ++--
types/network.te | 1
51 files changed, 122 insertions(+), 162 deletions(-)
Index: policy-20050425.patch
===================================================================
RCS file: /cvs/dist/rpms/selinux-policy-strict/devel/policy-20050425.patch,v
retrieving revision 1.1
retrieving revision 1.2
diff -u -r1.1 -r1.2
--- policy-20050425.patch 25 Apr 2005 19:12:42 -0000 1.1
+++ policy-20050425.patch 26 Apr 2005 01:40:45 -0000 1.2
@@ -1,6 +1,6 @@
-diff --exclude-from=exclude -N -u -r nsapolicy/domains/misc/kernel.te policy-1.23.12/domains/misc/kernel.te
+diff --exclude-from=exclude -N -u -r nsapolicy/domains/misc/kernel.te policy-1.23.13/domains/misc/kernel.te
--- nsapolicy/domains/misc/kernel.te 2005-04-14 15:01:53.000000000 -0400
-+++ policy-1.23.12/domains/misc/kernel.te 2005-04-22 10:14:15.000000000 -0400
++++ policy-1.23.13/domains/misc/kernel.te 2005-04-25 15:18:00.000000000 -0400
@@ -63,4 +63,6 @@
# /proc/sys/kernel/modprobe is set to /bin/true if not using modules.
can_exec(kernel_t, bin_t)
@@ -9,9 +9,9 @@
+ifdef(`targeted_policy', `
+typeattribute kernel_t unrestricted;
+')
-diff --exclude-from=exclude -N -u -r nsapolicy/domains/program/fsadm.te policy-1.23.12/domains/program/fsadm.te
+diff --exclude-from=exclude -N -u -r nsapolicy/domains/program/fsadm.te policy-1.23.13/domains/program/fsadm.te
--- nsapolicy/domains/program/fsadm.te 2005-04-04 10:21:10.000000000 -0400
-+++ policy-1.23.12/domains/program/fsadm.te 2005-04-25 10:04:33.000000000 -0400
++++ policy-1.23.13/domains/program/fsadm.te 2005-04-25 15:18:00.000000000 -0400
@@ -100,7 +100,7 @@
allow fsadm_t kernel_t:system syslog_console;
@@ -21,9 +21,9 @@
ifdef(`gnome-pty-helper.te', `allow fsadm_t sysadm_gph_t:fd use;')
allow fsadm_t privfd:fd use;
allow fsadm_t devpts_t:dir { getattr search };
-diff --exclude-from=exclude -N -u -r nsapolicy/domains/program/getty.te policy-1.23.12/domains/program/getty.te
+diff --exclude-from=exclude -N -u -r nsapolicy/domains/program/getty.te policy-1.23.13/domains/program/getty.te
--- nsapolicy/domains/program/getty.te 2005-04-25 14:48:58.000000000 -0400
-+++ policy-1.23.12/domains/program/getty.te 2005-04-22 16:17:17.000000000 -0400
++++ policy-1.23.13/domains/program/getty.te 2005-04-25 15:18:00.000000000 -0400
@@ -23,18 +23,9 @@
allow getty_t self:unix_dgram_socket create_socket_perms;
allow getty_t self:unix_stream_socket create_socket_perms;
@@ -58,9 +58,17 @@
+# for mgetty
+var_run_domain(getty)
+allow getty_t self:capability { fowner fsetid };
-diff --exclude-from=exclude -N -u -r nsapolicy/domains/program/initrc.te policy-1.23.12/domains/program/initrc.te
+diff --exclude-from=exclude -N -u -r nsapolicy/domains/program/hostname.te policy-1.23.13/domains/program/hostname.te
+--- nsapolicy/domains/program/hostname.te 2005-04-25 14:48:58.000000000 -0400
++++ policy-1.23.13/domains/program/hostname.te 2005-04-25 15:48:24.000000000 -0400
+@@ -24,3 +24,4 @@
+ ifdef(`distro_redhat', `
+ allow hostname_t tmpfs_t:chr_file rw_file_perms;
+ ')
++allow hostname_t initrc_devpts_t:chr_file { read write };
+diff --exclude-from=exclude -N -u -r nsapolicy/domains/program/initrc.te policy-1.23.13/domains/program/initrc.te
--- nsapolicy/domains/program/initrc.te 2005-04-25 14:48:58.000000000 -0400
-+++ policy-1.23.12/domains/program/initrc.te 2005-04-22 15:07:04.000000000 -0400
++++ policy-1.23.13/domains/program/initrc.te 2005-04-25 15:18:00.000000000 -0400
@@ -253,6 +253,7 @@
allow unconfined_t initrc_t:dbus { acquire_svc send_msg };
allow initrc_t unconfined_t:dbus { acquire_svc send_msg };
@@ -69,10 +77,10 @@
', `
run_program(sysadm_t, sysadm_r, init, initrc_exec_t, initrc_t)
')
-diff --exclude-from=exclude -N -u -r nsapolicy/domains/program/init.te policy-1.23.12/domains/program/init.te
+diff --exclude-from=exclude -N -u -r nsapolicy/domains/program/init.te policy-1.23.13/domains/program/init.te
--- nsapolicy/domains/program/init.te 2005-02-24 14:51:07.000000000 -0500
-+++ policy-1.23.12/domains/program/init.te 2005-04-22 14:07:40.000000000 -0400
-@@ -131,10 +131,8 @@
++++ policy-1.23.13/domains/program/init.te 2005-04-25 16:11:57.000000000 -0400
+@@ -131,10 +131,9 @@
allow init_t lib_t:file { getattr read };
@@ -80,12 +88,13 @@
allow init_t devtty_t:chr_file { read write };
allow init_t ramfs_t:dir search;
-')
++allow init_t ramfs_t:sock_file write;
r_dir_file(init_t, sysfs_t)
r_dir_file(init_t, selinux_config_t)
-diff --exclude-from=exclude -N -u -r nsapolicy/domains/program/klogd.te policy-1.23.12/domains/program/klogd.te
+diff --exclude-from=exclude -N -u -r nsapolicy/domains/program/klogd.te policy-1.23.13/domains/program/klogd.te
--- nsapolicy/domains/program/klogd.te 2005-02-24 14:51:08.000000000 -0500
-+++ policy-1.23.12/domains/program/klogd.te 2005-04-22 14:10:06.000000000 -0400
++++ policy-1.23.13/domains/program/klogd.te 2005-04-25 15:18:00.000000000 -0400
@@ -43,3 +43,6 @@
# Read /boot/System.map*
allow klogd_t system_map_t:file r_file_perms;
@@ -93,9 +102,9 @@
+ifdef(`targeted_policy', `
+allow klogd_t unconfined_t:system syslog_mod;
+')
-diff --exclude-from=exclude -N -u -r nsapolicy/domains/program/load_policy.te policy-1.23.12/domains/program/load_policy.te
+diff --exclude-from=exclude -N -u -r nsapolicy/domains/program/load_policy.te policy-1.23.13/domains/program/load_policy.te
--- nsapolicy/domains/program/load_policy.te 2005-04-20 15:40:34.000000000 -0400
-+++ policy-1.23.12/domains/program/load_policy.te 2005-04-21 08:37:13.000000000 -0400
++++ policy-1.23.13/domains/program/load_policy.te 2005-04-25 15:18:00.000000000 -0400
@@ -39,6 +39,7 @@
# only allow read of policy config files
allow load_policy_t policy_src_t:dir search;
@@ -110,9 +119,9 @@
read_locale(load_policy_t)
-r_dir_file(load_policy_t, selinux_config_t)
-allow load_policy_t proc_t:file { getattr read };
-diff --exclude-from=exclude -N -u -r nsapolicy/domains/program/unused/amavis.te policy-1.23.12/domains/program/unused/amavis.te
+diff --exclude-from=exclude -N -u -r nsapolicy/domains/program/unused/amavis.te policy-1.23.13/domains/program/unused/amavis.te
--- nsapolicy/domains/program/unused/amavis.te 2005-04-06 06:57:44.000000000 -0400
-+++ policy-1.23.12/domains/program/unused/amavis.te 2005-04-22 07:09:19.000000000 -0400
++++ policy-1.23.13/domains/program/unused/amavis.te 2005-04-25 15:18:00.000000000 -0400
@@ -13,7 +13,7 @@
type amavisd_lib_t, file_type, sysadmfile;
@@ -131,9 +140,9 @@
-allow tmpreaper_t amavisd_quarantine_t:dir { read search getattr setattr unlink };
-allow tmpreaper_t amavisd_quarantine_t:file getattr;
-')
-diff --exclude-from=exclude -N -u -r nsapolicy/domains/program/unused/apache.te policy-1.23.12/domains/program/unused/apache.te
+diff --exclude-from=exclude -N -u -r nsapolicy/domains/program/unused/apache.te policy-1.23.13/domains/program/unused/apache.te
--- nsapolicy/domains/program/unused/apache.te 2005-04-25 14:48:58.000000000 -0400
-+++ policy-1.23.12/domains/program/unused/apache.te 2005-04-25 13:34:10.000000000 -0400
++++ policy-1.23.13/domains/program/unused/apache.te 2005-04-25 15:18:00.000000000 -0400
@@ -290,7 +290,7 @@
allow httpd_helper_t httpd_log_t:file { append };
@@ -186,9 +195,20 @@
')
-
-allow httpd_t var_t:file read;
-diff --exclude-from=exclude -N -u -r nsapolicy/domains/program/unused/auditd.te policy-1.23.12/domains/program/unused/auditd.te
+diff --exclude-from=exclude -N -u -r nsapolicy/domains/program/unused/apmd.te policy-1.23.13/domains/program/unused/apmd.te
+--- nsapolicy/domains/program/unused/apmd.te 2005-04-04 10:21:10.000000000 -0400
++++ policy-1.23.13/domains/program/unused/apmd.te 2005-04-25 16:03:20.000000000 -0400
+@@ -108,6 +108,7 @@
+ #
+ # Allow it to run killof5 and pidof
+ #
++typeattribute apmd_t unrestricted;
+ r_dir_file(apmd_t, domain)
+
+ # Same for apm/acpid scripts
+diff --exclude-from=exclude -N -u -r nsapolicy/domains/program/unused/auditd.te policy-1.23.13/domains/program/unused/auditd.te
--- nsapolicy/domains/program/unused/auditd.te 2005-04-25 14:48:58.000000000 -0400
-+++ policy-1.23.12/domains/program/unused/auditd.te 2005-04-25 11:10:33.000000000 -0400
++++ policy-1.23.13/domains/program/unused/auditd.te 2005-04-25 15:18:00.000000000 -0400
@@ -2,6 +2,8 @@
#
# Authors: Colin Walters <walters at verbum.org>
@@ -227,9 +247,9 @@
allow auditctl_t sysctl_kernel_t:file read;
+allow auditd_t self:process setsched;
+dontaudit auditctl_t init_t:fd use;
-diff --exclude-from=exclude -N -u -r nsapolicy/domains/program/unused/clamav.te policy-1.23.12/domains/program/unused/clamav.te
+diff --exclude-from=exclude -N -u -r nsapolicy/domains/program/unused/clamav.te policy-1.23.13/domains/program/unused/clamav.te
--- nsapolicy/domains/program/unused/clamav.te 2005-04-06 06:57:44.000000000 -0400
-+++ policy-1.23.12/domains/program/unused/clamav.te 2005-04-22 07:01:47.000000000 -0400
++++ policy-1.23.13/domains/program/unused/clamav.te 2005-04-25 15:18:00.000000000 -0400
@@ -22,7 +22,7 @@
# Freshclam
#
@@ -239,9 +259,9 @@
read_locale(freshclam_t)
# not sure why it needs this
-diff --exclude-from=exclude -N -u -r nsapolicy/domains/program/unused/consoletype.te policy-1.23.12/domains/program/unused/consoletype.te
+diff --exclude-from=exclude -N -u -r nsapolicy/domains/program/unused/consoletype.te policy-1.23.13/domains/program/unused/consoletype.te
--- nsapolicy/domains/program/unused/consoletype.te 2005-03-21 22:32:18.000000000 -0500
-+++ policy-1.23.12/domains/program/unused/consoletype.te 2005-04-22 16:37:44.000000000 -0400
++++ policy-1.23.13/domains/program/unused/consoletype.te 2005-04-25 15:18:00.000000000 -0400
@@ -19,29 +19,28 @@
uses_shlib(consoletype_t)
general_domain_access(consoletype_t)
@@ -278,9 +298,9 @@
allow consoletype_t nfs_t:file write;
allow consoletype_t sysadm_t:fifo_file rw_file_perms;
-diff --exclude-from=exclude -N -u -r nsapolicy/domains/program/unused/cups.te policy-1.23.12/domains/program/unused/cups.te
+diff --exclude-from=exclude -N -u -r nsapolicy/domains/program/unused/cups.te policy-1.23.13/domains/program/unused/cups.te
--- nsapolicy/domains/program/unused/cups.te 2005-04-25 14:48:59.000000000 -0400
-+++ policy-1.23.12/domains/program/unused/cups.te 2005-04-21 13:13:45.000000000 -0400
++++ policy-1.23.13/domains/program/unused/cups.te 2005-04-25 15:18:00.000000000 -0400
@@ -17,6 +17,7 @@
type cupsd_rw_etc_t, file_type, sysadmfile, usercanread;
@@ -297,9 +317,9 @@
allow cupsd_config_t port_type:tcp_socket name_connect;
can_tcp_connect(cupsd_config_t, cupsd_t)
allow cupsd_config_t self:fifo_file rw_file_perms;
-diff --exclude-from=exclude -N -u -r nsapolicy/domains/program/unused/hald.te policy-1.23.12/domains/program/unused/hald.te
+diff --exclude-from=exclude -N -u -r nsapolicy/domains/program/unused/hald.te policy-1.23.13/domains/program/unused/hald.te
--- nsapolicy/domains/program/unused/hald.te 2005-04-07 22:22:55.000000000 -0400
-+++ policy-1.23.12/domains/program/unused/hald.te 2005-04-22 09:43:35.000000000 -0400
++++ policy-1.23.13/domains/program/unused/hald.te 2005-04-25 15:18:00.000000000 -0400
@@ -93,3 +93,7 @@
ifdef(`lvm.te', `
allow hald_t lvm_control_t:chr_file r_file_perms;
@@ -308,9 +328,9 @@
+allow unconfined_t hald_t:dbus send_msg;
+allow hald_t unconfined_t:dbus send_msg;
+')
-diff --exclude-from=exclude -N -u -r nsapolicy/domains/program/unused/hotplug.te policy-1.23.12/domains/program/unused/hotplug.te
+diff --exclude-from=exclude -N -u -r nsapolicy/domains/program/unused/hotplug.te policy-1.23.13/domains/program/unused/hotplug.te
--- nsapolicy/domains/program/unused/hotplug.te 2005-03-11 15:31:06.000000000 -0500
-+++ policy-1.23.12/domains/program/unused/hotplug.te 2005-04-22 15:31:15.000000000 -0400
++++ policy-1.23.13/domains/program/unused/hotplug.te 2005-04-25 15:18:00.000000000 -0400
@@ -83,7 +83,9 @@
allow hotplug_t self:file getattr;
@@ -332,9 +352,9 @@
-')
-
allow kernel_t hotplug_etc_t:dir search;
-diff --exclude-from=exclude -N -u -r nsapolicy/domains/program/unused/ntpd.te policy-1.23.12/domains/program/unused/ntpd.te
+diff --exclude-from=exclude -N -u -r nsapolicy/domains/program/unused/ntpd.te policy-1.23.13/domains/program/unused/ntpd.te
--- nsapolicy/domains/program/unused/ntpd.te 2005-04-20 15:40:35.000000000 -0400
-+++ policy-1.23.12/domains/program/unused/ntpd.te 2005-04-22 11:42:46.000000000 -0400
++++ policy-1.23.13/domains/program/unused/ntpd.te 2005-04-25 15:18:00.000000000 -0400
@@ -14,7 +14,6 @@
type ntpdate_exec_t, file_type, sysadmfile, exec_type;
@@ -356,9 +376,9 @@
allow ntpd_t winbind_var_run_t:sock_file rw_file_perms;
')
-allow sysadm_t ntp_port_t:udp_socket name_bind;
-diff --exclude-from=exclude -N -u -r nsapolicy/domains/program/unused/portmap.te policy-1.23.12/domains/program/unused/portmap.te
+diff --exclude-from=exclude -N -u -r nsapolicy/domains/program/unused/portmap.te policy-1.23.13/domains/program/unused/portmap.te
--- nsapolicy/domains/program/unused/portmap.te 2005-03-24 08:58:27.000000000 -0500
-+++ policy-1.23.12/domains/program/unused/portmap.te 2005-04-25 10:04:05.000000000 -0400
++++ policy-1.23.13/domains/program/unused/portmap.te 2005-04-25 15:18:00.000000000 -0400
@@ -58,13 +58,14 @@
domain_auto_trans(initrc_t, portmap_helper_exec_t, portmap_helper_t)
dontaudit portmap_helper_t self:capability { net_admin };
@@ -376,9 +396,20 @@
+dontaudit portmap_helper_t { userdomain privfd }:fd use;
allow portmap_helper_t reserved_port_t:{ tcp_socket udp_socket } name_bind;
dontaudit portmap_helper_t reserved_port_type:{ tcp_socket udp_socket } name_bind;
-diff --exclude-from=exclude -N -u -r nsapolicy/domains/program/unused/squid.te policy-1.23.12/domains/program/unused/squid.te
+diff --exclude-from=exclude -N -u -r nsapolicy/domains/program/unused/samba.te policy-1.23.13/domains/program/unused/samba.te
+--- nsapolicy/domains/program/unused/samba.te 2005-04-14 15:01:53.000000000 -0400
++++ policy-1.23.13/domains/program/unused/samba.te 2005-04-25 15:18:58.000000000 -0400
+@@ -133,6 +133,7 @@
+ # Access samba config
+ allow smbmount_t samba_etc_t:file r_file_perms;
+ allow smbmount_t samba_etc_t:dir r_dir_perms;
++allow initrc_t samba_etc_t:file rw_file_perms;
+
+ # Write samba log
+ allow smbmount_t samba_log_t:file create_file_perms;
+diff --exclude-from=exclude -N -u -r nsapolicy/domains/program/unused/squid.te policy-1.23.13/domains/program/unused/squid.te
--- nsapolicy/domains/program/unused/squid.te 2005-04-04 10:21:11.000000000 -0400
-+++ policy-1.23.12/domains/program/unused/squid.te 2005-04-22 06:58:24.000000000 -0400
++++ policy-1.23.13/domains/program/unused/squid.te 2005-04-25 15:18:00.000000000 -0400
@@ -55,9 +55,7 @@
can_network(squid_t)
if (squid_connect_any) {
@@ -390,9 +421,9 @@
can_ypbind(squid_t)
can_tcp_connect(web_client_domain, squid_t)
-diff --exclude-from=exclude -N -u -r nsapolicy/domains/program/unused/tinydns.te policy-1.23.12/domains/program/unused/tinydns.te
+diff --exclude-from=exclude -N -u -r nsapolicy/domains/program/unused/tinydns.te policy-1.23.13/domains/program/unused/tinydns.te
--- nsapolicy/domains/program/unused/tinydns.te 2005-02-24 14:51:08.000000000 -0500
-+++ policy-1.23.12/domains/program/unused/tinydns.te 2005-04-21 08:22:26.000000000 -0400
++++ policy-1.23.13/domains/program/unused/tinydns.te 2005-04-25 15:18:00.000000000 -0400
@@ -36,7 +36,7 @@
can_udp_send(domain, tinydns_t)
can_udp_send(tinydns_t, domain)
@@ -402,9 +433,9 @@
#read configuration files
r_dir_file(tinydns_t, tinydns_conf_t)
-diff --exclude-from=exclude -N -u -r nsapolicy/domains/program/unused/udev.te policy-1.23.12/domains/program/unused/udev.te
+diff --exclude-from=exclude -N -u -r nsapolicy/domains/program/unused/udev.te policy-1.23.13/domains/program/unused/udev.te
--- nsapolicy/domains/program/unused/udev.te 2005-04-25 14:48:59.000000000 -0400
-+++ policy-1.23.12/domains/program/unused/udev.te 2005-04-21 14:29:25.000000000 -0400
++++ policy-1.23.13/domains/program/unused/udev.te 2005-04-25 15:18:00.000000000 -0400
@@ -76,7 +76,6 @@
allow udev_t initrc_var_run_t:file r_file_perms;
dontaudit udev_t initrc_var_run_t:file write;
@@ -429,9 +460,9 @@
+ifdef(`unlimitedUtils', `
+unconfined_domain(udev_t)
+')
-diff --exclude-from=exclude -N -u -r nsapolicy/domains/program/unused/webalizer.te policy-1.23.12/domains/program/unused/webalizer.te
+diff --exclude-from=exclude -N -u -r nsapolicy/domains/program/unused/webalizer.te policy-1.23.13/domains/program/unused/webalizer.te
--- nsapolicy/domains/program/unused/webalizer.te 2005-02-24 14:51:07.000000000 -0500
-+++ policy-1.23.12/domains/program/unused/webalizer.te 2005-04-25 13:15:57.000000000 -0400
++++ policy-1.23.13/domains/program/unused/webalizer.te 2005-04-25 15:18:00.000000000 -0400
@@ -4,7 +4,7 @@
#
# Depends: apache.te
@@ -441,9 +472,9 @@
# to use from cron
system_crond_entry(webalizer_exec_t,webalizer_t)
role system_r types webalizer_t;
-diff --exclude-from=exclude -N -u -r nsapolicy/domains/user.te policy-1.23.12/domains/user.te
+diff --exclude-from=exclude -N -u -r nsapolicy/domains/user.te policy-1.23.13/domains/user.te
--- nsapolicy/domains/user.te 2005-04-14 15:01:53.000000000 -0400
-+++ policy-1.23.12/domains/user.te 2005-04-22 09:41:28.000000000 -0400
++++ policy-1.23.13/domains/user.te 2005-04-25 15:18:00.000000000 -0400
@@ -132,3 +132,10 @@
# "ps aux" and "ls -l /dev/pts" make too much noise without this
dontaudit unpriv_userdomain ptyfile:chr_file getattr;
@@ -455,9 +486,9 @@
+allow userdomain ttyfile:chr_file getattr;
+}
+
-diff --exclude-from=exclude -N -u -r nsapolicy/file_contexts/distros.fc policy-1.23.12/file_contexts/distros.fc
+diff --exclude-from=exclude -N -u -r nsapolicy/file_contexts/distros.fc policy-1.23.13/file_contexts/distros.fc
--- nsapolicy/file_contexts/distros.fc 2005-04-20 15:40:35.000000000 -0400
-+++ policy-1.23.12/file_contexts/distros.fc 2005-04-24 08:35:47.000000000 -0400
++++ policy-1.23.13/file_contexts/distros.fc 2005-04-25 15:18:00.000000000 -0400
@@ -37,6 +37,7 @@
/usr/share/texmf/web2c/mktexupd -- system_u:object_r:bin_t
/usr/share/ssl/certs(/.*)? system_u:object_r:cert_t
@@ -466,9 +497,9 @@
/usr/share/ssl/misc(/.*)? system_u:object_r:bin_t
#
# /emul/ia32-linux/usr
-diff --exclude-from=exclude -N -u -r nsapolicy/file_contexts/program/compat.fc policy-1.23.12/file_contexts/program/compat.fc
+diff --exclude-from=exclude -N -u -r nsapolicy/file_contexts/program/compat.fc policy-1.23.13/file_contexts/program/compat.fc
--- nsapolicy/file_contexts/program/compat.fc 2005-04-20 08:58:41.000000000 -0400
-+++ policy-1.23.12/file_contexts/program/compat.fc 2005-04-24 08:15:01.000000000 -0400
++++ policy-1.23.13/file_contexts/program/compat.fc 2005-04-25 15:18:00.000000000 -0400
@@ -1,19 +1,23 @@
+ifdef(`setfiles.te', `', `
# setfiles
@@ -508,26 +539,37 @@
/usr/sbin/kudzu -- system_u:object_r:kudzu_exec_t
/sbin/kmodule -- system_u:object_r:kudzu_exec_t
+')
-diff --exclude-from=exclude -N -u -r nsapolicy/file_contexts/program/getty.fc policy-1.23.12/file_contexts/program/getty.fc
+diff --exclude-from=exclude -N -u -r nsapolicy/file_contexts/program/getty.fc policy-1.23.13/file_contexts/program/getty.fc
--- nsapolicy/file_contexts/program/getty.fc 2005-02-24 14:51:09.000000000 -0500
-+++ policy-1.23.12/file_contexts/program/getty.fc 2005-04-22 16:17:17.000000000 -0400
++++ policy-1.23.13/file_contexts/program/getty.fc 2005-04-25 15:18:00.000000000 -0400
@@ -1,3 +1,5 @@
# getty
/sbin/.*getty -- system_u:object_r:getty_exec_t
/etc/mgetty(/.*)? system_u:object_r:getty_etc_t
+/var/run/mgetty\.pid.* -- system_u:object_r:getty_var_run_t
+/var/log/mgetty\.log.* -- system_u:object_r:getty_log_t
-diff --exclude-from=exclude -N -u -r nsapolicy/file_contexts/program/portmap.fc policy-1.23.12/file_contexts/program/portmap.fc
+diff --exclude-from=exclude -N -u -r nsapolicy/file_contexts/program/lvm.fc policy-1.23.13/file_contexts/program/lvm.fc
+--- nsapolicy/file_contexts/program/lvm.fc 2005-04-20 15:40:35.000000000 -0400
++++ policy-1.23.13/file_contexts/program/lvm.fc 2005-04-25 15:41:19.000000000 -0400
+@@ -12,7 +12,6 @@
+ /etc/lvm/lock(/.*)? system_u:object_r:lvm_lock_t
+ /var/lock/lvm(/.*)? system_u:object_r:lvm_lock_t
+ /dev/lvm -c system_u:object_r:fixed_disk_device_t
+-/dev/mapper/.* -b system_u:object_r:fixed_disk_device_t
+ /dev/mapper/control -c system_u:object_r:lvm_control_t
+ /lib/lvm-10/.* -- system_u:object_r:lvm_exec_t
+ /lib/lvm-200/.* -- system_u:object_r:lvm_exec_t
+diff --exclude-from=exclude -N -u -r nsapolicy/file_contexts/program/portmap.fc policy-1.23.13/file_contexts/program/portmap.fc
--- nsapolicy/file_contexts/program/portmap.fc 2005-02-24 14:51:09.000000000 -0500
-+++ policy-1.23.12/file_contexts/program/portmap.fc 2005-04-25 10:03:52.000000000 -0400
++++ policy-1.23.13/file_contexts/program/portmap.fc 2005-04-25 15:18:00.000000000 -0400
@@ -7,3 +7,4 @@
/usr/sbin/pmap_dump -- system_u:object_r:portmap_helper_exec_t
/usr/sbin/pmap_set -- system_u:object_r:portmap_helper_exec_t
')
+/var/run/portmap.upgrade-state -- system_u:object_r:portmap_var_run_t
-diff --exclude-from=exclude -N -u -r nsapolicy/file_contexts/program/traceroute.fc policy-1.23.12/file_contexts/program/traceroute.fc
+diff --exclude-from=exclude -N -u -r nsapolicy/file_contexts/program/traceroute.fc policy-1.23.13/file_contexts/program/traceroute.fc
--- nsapolicy/file_contexts/program/traceroute.fc 2005-04-25 14:48:59.000000000 -0400
-+++ policy-1.23.12/file_contexts/program/traceroute.fc 2005-04-21 09:45:13.000000000 -0400
++++ policy-1.23.13/file_contexts/program/traceroute.fc 2005-04-25 15:18:00.000000000 -0400
@@ -2,7 +2,6 @@
/bin/traceroute.* -- system_u:object_r:traceroute_exec_t
/bin/tracepath.* -- system_u:object_r:traceroute_exec_t
@@ -536,16 +578,16 @@
/usr/(s)?bin/traceroute.* -- system_u:object_r:traceroute_exec_t
/usr/bin/lft -- system_u:object_r:traceroute_exec_t
/usr/bin/nmap -- system_u:object_r:traceroute_exec_t
-diff --exclude-from=exclude -N -u -r nsapolicy/file_contexts/program/webalizer.fc policy-1.23.12/file_contexts/program/webalizer.fc
+diff --exclude-from=exclude -N -u -r nsapolicy/file_contexts/program/webalizer.fc policy-1.23.13/file_contexts/program/webalizer.fc
--- nsapolicy/file_contexts/program/webalizer.fc 2005-02-24 14:51:08.000000000 -0500
-+++ policy-1.23.12/file_contexts/program/webalizer.fc 2005-04-25 13:16:17.000000000 -0400
++++ policy-1.23.13/file_contexts/program/webalizer.fc 2005-04-25 15:18:00.000000000 -0400
@@ -1 +1,3 @@
#
+/usr/bin/webalizer -- system_u:object_r:webalizer_exec_t
+/var/lib/webalizer(/.*) system_u:object_r:webalizer_var_lib_t
-diff --exclude-from=exclude -N -u -r nsapolicy/file_contexts/types.fc policy-1.23.12/file_contexts/types.fc
+diff --exclude-from=exclude -N -u -r nsapolicy/file_contexts/types.fc policy-1.23.13/file_contexts/types.fc
--- nsapolicy/file_contexts/types.fc 2005-04-20 15:40:35.000000000 -0400
-+++ policy-1.23.12/file_contexts/types.fc 2005-04-21 08:22:16.000000000 -0400
++++ policy-1.23.13/file_contexts/types.fc 2005-04-25 15:41:29.000000000 -0400
@@ -58,7 +58,7 @@
#
@@ -555,9 +597,17 @@
/mnt(/[^/]*)? -d system_u:object_r:mnt_t
/mnt/[^/]*/.* <<none>>
/media(/[^/]*)? -d system_u:object_r:mnt_t
-diff --exclude-from=exclude -N -u -r nsapolicy/macros/base_user_macros.te policy-1.23.12/macros/base_user_macros.te
+@@ -157,6 +157,7 @@
+ /dev/i2o/hd[^/]* -b system_u:object_r:fixed_disk_device_t
+ /dev/ubd[^/]* -b system_u:object_r:fixed_disk_device_t
+ /dev/cciss/[^/]* -b system_u:object_r:fixed_disk_device_t
++/dev/mapper/.* -b system_u:object_r:fixed_disk_device_t
+ /dev/ida/[^/]* -b system_u:object_r:fixed_disk_device_t
+ /dev/dasd[^/]* -b system_u:object_r:fixed_disk_device_t
+ /dev/flash[^/]* -b system_u:object_r:fixed_disk_device_t
+diff --exclude-from=exclude -N -u -r nsapolicy/macros/base_user_macros.te policy-1.23.13/macros/base_user_macros.te
--- nsapolicy/macros/base_user_macros.te 2005-04-14 15:01:54.000000000 -0400
-+++ policy-1.23.12/macros/base_user_macros.te 2005-04-25 14:48:28.000000000 -0400
++++ policy-1.23.13/macros/base_user_macros.te 2005-04-25 15:18:00.000000000 -0400
@@ -317,7 +317,7 @@
allow $1_t devtty_t:chr_file rw_file_perms;
allow $1_t null_device_t:chr_file rw_file_perms;
@@ -567,9 +617,9 @@
#
# Added to allow reading of cdrom
#
-diff --exclude-from=exclude -N -u -r nsapolicy/macros/core_macros.te policy-1.23.12/macros/core_macros.te
+diff --exclude-from=exclude -N -u -r nsapolicy/macros/core_macros.te policy-1.23.13/macros/core_macros.te
--- nsapolicy/macros/core_macros.te 2005-04-06 06:57:44.000000000 -0400
-+++ policy-1.23.12/macros/core_macros.te 2005-04-21 08:36:01.000000000 -0400
++++ policy-1.23.13/macros/core_macros.te 2005-04-25 15:18:00.000000000 -0400
@@ -361,6 +361,7 @@
# Get the selinuxfs mount point via /proc/self/mounts.
allow $1 proc_t:dir search;
@@ -578,9 +628,9 @@
allow $1 self:dir search;
allow $1 self:file { getattr read };
# Access selinuxfs.
-diff --exclude-from=exclude -N -u -r nsapolicy/macros/global_macros.te policy-1.23.12/macros/global_macros.te
+diff --exclude-from=exclude -N -u -r nsapolicy/macros/global_macros.te policy-1.23.13/macros/global_macros.te
--- nsapolicy/macros/global_macros.te 2005-04-14 15:01:54.000000000 -0400
-+++ policy-1.23.12/macros/global_macros.te 2005-04-25 13:38:39.000000000 -0400
++++ policy-1.23.13/macros/global_macros.te 2005-04-25 15:18:00.000000000 -0400
@@ -406,8 +406,19 @@
role system_r types $2_t;
@@ -609,9 +659,9 @@
}
# Create/access any System V IPC objects.
-diff --exclude-from=exclude -N -u -r nsapolicy/macros/program/cdrecord_macros.te policy-1.23.12/macros/program/cdrecord_macros.te
+diff --exclude-from=exclude -N -u -r nsapolicy/macros/program/cdrecord_macros.te policy-1.23.13/macros/program/cdrecord_macros.te
--- nsapolicy/macros/program/cdrecord_macros.te 2005-02-24 14:51:09.000000000 -0500
-+++ policy-1.23.12/macros/program/cdrecord_macros.te 2005-04-25 10:07:49.000000000 -0400
++++ policy-1.23.13/macros/program/cdrecord_macros.te 2005-04-25 15:18:00.000000000 -0400
@@ -40,7 +40,7 @@
allow $1_cdrecord_t etc_t:file { getattr read };
@@ -621,9 +671,9 @@
allow $1_cdrecord_t device_t:lnk_file { getattr read };
# allow cdrecord to write the CD
-diff --exclude-from=exclude -N -u -r nsapolicy/macros/program/mozilla_macros.te policy-1.23.12/macros/program/mozilla_macros.te
+diff --exclude-from=exclude -N -u -r nsapolicy/macros/program/mozilla_macros.te policy-1.23.13/macros/program/mozilla_macros.te
--- nsapolicy/macros/program/mozilla_macros.te 2005-04-20 15:40:35.000000000 -0400
-+++ policy-1.23.12/macros/program/mozilla_macros.te 2005-04-22 06:57:46.000000000 -0400
++++ policy-1.23.13/macros/program/mozilla_macros.te 2005-04-25 15:18:00.000000000 -0400
@@ -32,7 +32,7 @@
file_browse_domain($1_mozilla_t)
@@ -633,9 +683,9 @@
#allow $1_mozilla_t port_type:tcp_socket name_connect;
uses_shlib($1_mozilla_t)
-diff --exclude-from=exclude -N -u -r nsapolicy/man/man8/httpd_selinux.8 policy-1.23.12/man/man8/httpd_selinux.8
+diff --exclude-from=exclude -N -u -r nsapolicy/man/man8/httpd_selinux.8 policy-1.23.13/man/man8/httpd_selinux.8
--- nsapolicy/man/man8/httpd_selinux.8 2005-04-07 22:22:56.000000000 -0400
-+++ policy-1.23.12/man/man8/httpd_selinux.8 2005-04-25 13:37:04.000000000 -0400
++++ policy-1.23.13/man/man8/httpd_selinux.8 2005-04-25 15:18:00.000000000 -0400
@@ -90,6 +90,12 @@
setsebool -P httpd_can_network_connect 1
@@ -649,9 +699,9 @@
You can disable SELinux protection for the httpd daemon by executing:
.br
-diff --exclude-from=exclude -N -u -r nsapolicy/targeted/appconfig/default_contexts policy-1.23.12/targeted/appconfig/default_contexts
+diff --exclude-from=exclude -N -u -r nsapolicy/targeted/appconfig/default_contexts policy-1.23.13/targeted/appconfig/default_contexts
--- nsapolicy/targeted/appconfig/default_contexts 2005-02-24 14:51:10.000000000 -0500
-+++ policy-1.23.12/targeted/appconfig/default_contexts 2005-04-22 14:41:39.000000000 -0400
++++ policy-1.23.13/targeted/appconfig/default_contexts 2005-04-25 15:18:00.000000000 -0400
@@ -1,5 +1,6 @@
system_r:unconfined_t system_r:unconfined_t
system_r:initrc_t system_r:unconfined_t
@@ -659,9 +709,9 @@
system_r:remote_login_t system_r:unconfined_t
system_r:rshd_t system_r:unconfined_t
system_r:crond_t system_r:unconfined_t
-diff --exclude-from=exclude -N -u -r nsapolicy/targeted/domains/program/compat.te policy-1.23.12/targeted/domains/program/compat.te
+diff --exclude-from=exclude -N -u -r nsapolicy/targeted/domains/program/compat.te policy-1.23.13/targeted/domains/program/compat.te
--- nsapolicy/targeted/domains/program/compat.te 2005-04-25 14:48:59.000000000 -0400
-+++ policy-1.23.12/targeted/domains/program/compat.te 2005-04-21 14:12:14.000000000 -0400
++++ policy-1.23.13/targeted/domains/program/compat.te 2005-04-25 15:18:00.000000000 -0400
@@ -1,7 +1,5 @@
typealias sbin_t alias setfiles_exec_t;
typealias bin_t alias mount_exec_t;
@@ -670,9 +720,25 @@
typealias bin_t alias loadkeys_exec_t;
typealias bin_t alias dmesg_exec_t;
typealias sbin_t alias fsadm_exec_t;
-diff --exclude-from=exclude -N -u -r nsapolicy/targeted/domains/program/hotplug.te policy-1.23.12/targeted/domains/program/hotplug.te
+diff --exclude-from=exclude -N -u -r nsapolicy/targeted/domains/program/crond.te policy-1.23.13/targeted/domains/program/crond.te
+--- nsapolicy/targeted/domains/program/crond.te 2005-03-11 15:31:07.000000000 -0500
++++ policy-1.23.13/targeted/domains/program/crond.te 2005-04-25 16:05:04.000000000 -0400
+@@ -18,7 +18,6 @@
+ type system_cron_spool_t, file_type, sysadmfile;
+ type sysadm_cron_spool_t, file_type, sysadmfile;
+ type crond_log_t, file_type, sysadmfile;
+-type crond_var_run_t, file_type, sysadmfile;
+ role system_r types crond_t;
+ domain_auto_trans(initrc_t, crond_exec_t, crond_t)
+ domain_auto_trans(initrc_t, anacron_exec_t, crond_t)
+@@ -30,3 +29,4 @@
+ allow crond_t initrc_t:dbus send_msg;
+ allow crond_t unconfined_t:dbus send_msg;
+ allow crond_t unconfined_t:process transition;
++var_run_domain(crond_t)
+diff --exclude-from=exclude -N -u -r nsapolicy/targeted/domains/program/hotplug.te policy-1.23.13/targeted/domains/program/hotplug.te
--- nsapolicy/targeted/domains/program/hotplug.te 2005-03-11 15:31:07.000000000 -0500
-+++ policy-1.23.12/targeted/domains/program/hotplug.te 1969-12-31 19:00:00.000000000 -0500
++++ policy-1.23.13/targeted/domains/program/hotplug.te 1969-12-31 19:00:00.000000000 -0500
@@ -1,17 +0,0 @@
-#DESC Hotplug - Hardware event manager
-#
@@ -691,9 +757,21 @@
-type hotplug_exec_t, file_type, sysadmfile, exec_type;
-typealias var_run_t alias hotplug_var_run_t;
-typealias etc_t alias hotplug_etc_t;
-diff --exclude-from=exclude -N -u -r nsapolicy/targeted/domains/program/udev.te policy-1.23.12/targeted/domains/program/udev.te
+diff --exclude-from=exclude -N -u -r nsapolicy/targeted/domains/program/sendmail.te policy-1.23.13/targeted/domains/program/sendmail.te
+--- nsapolicy/targeted/domains/program/sendmail.te 2005-02-24 14:51:10.000000000 -0500
++++ policy-1.23.13/targeted/domains/program/sendmail.te 2005-04-25 16:05:32.000000000 -0400
+@@ -12,6 +12,7 @@
+ #
+ type sendmail_exec_t, file_type, sysadmfile, exec_type;
+ type sendmail_log_t, file_type, sysadmfile;
+-type sendmail_var_run_t, file_type, sysadmfile;
+ type etc_mail_t, file_type, sysadmfile;
+ domain_auto_trans(initrc_t, sendmail_exec_t, sendmail_t)
++var_run_domain(sendmail)
++
+diff --exclude-from=exclude -N -u -r nsapolicy/targeted/domains/program/udev.te policy-1.23.13/targeted/domains/program/udev.te
--- nsapolicy/targeted/domains/program/udev.te 2005-02-24 14:51:10.000000000 -0500
-+++ policy-1.23.12/targeted/domains/program/udev.te 1969-12-31 19:00:00.000000000 -0500
++++ policy-1.23.13/targeted/domains/program/udev.te 1969-12-31 19:00:00.000000000 -0500
@@ -1,17 +0,0 @@
-#DESC udev - Linux configurable dynamic device naming support
-#
@@ -712,17 +790,17 @@
-type udev_helper_exec_t, file_type, sysadmfile, exec_type;
-type udev_tdb_t, file_type, sysadmfile, dev_fs;
-typealias udev_tdb_t alias udev_tbl_t;
-diff --exclude-from=exclude -N -u -r nsapolicy/targeted/domains/program/xdm.te policy-1.23.12/targeted/domains/program/xdm.te
+diff --exclude-from=exclude -N -u -r nsapolicy/targeted/domains/program/xdm.te policy-1.23.13/targeted/domains/program/xdm.te
--- nsapolicy/targeted/domains/program/xdm.te 2005-03-15 08:02:24.000000000 -0500
-+++ policy-1.23.12/targeted/domains/program/xdm.te 2005-04-22 09:43:08.000000000 -0400
++++ policy-1.23.13/targeted/domains/program/xdm.te 2005-04-25 15:18:00.000000000 -0400
@@ -20,3 +20,4 @@
type xdm_var_lib_t, file_type, sysadmfile;
type xdm_tmp_t, file_type, sysadmfile;
domain_auto_trans(initrc_t, xdm_exec_t, xdm_t)
+domain_auto_trans(init_t, xdm_exec_t, xdm_t)
-diff --exclude-from=exclude -N -u -r nsapolicy/targeted/domains/unconfined.te policy-1.23.12/targeted/domains/unconfined.te
+diff --exclude-from=exclude -N -u -r nsapolicy/targeted/domains/unconfined.te policy-1.23.13/targeted/domains/unconfined.te
--- nsapolicy/targeted/domains/unconfined.te 2005-04-20 15:40:35.000000000 -0400
-+++ policy-1.23.12/targeted/domains/unconfined.te 2005-04-22 14:08:54.000000000 -0400
++++ policy-1.23.13/targeted/domains/unconfined.te 2005-04-25 15:18:00.000000000 -0400
@@ -15,7 +15,7 @@
# Define some type aliases to help with compatibility with
# macros and domains from the "strict" policy.
@@ -740,9 +818,9 @@
allow unlabeled_t self:filesystem associate;
# Support NFS home directories
-diff --exclude-from=exclude -N -u -r nsapolicy/targeted/initial_sid_contexts policy-1.23.12/targeted/initial_sid_contexts
+diff --exclude-from=exclude -N -u -r nsapolicy/targeted/initial_sid_contexts policy-1.23.13/targeted/initial_sid_contexts
--- nsapolicy/targeted/initial_sid_contexts 2005-02-24 14:51:10.000000000 -0500
-+++ policy-1.23.12/targeted/initial_sid_contexts 1969-12-31 19:00:00.000000000 -0500
++++ policy-1.23.13/targeted/initial_sid_contexts 1969-12-31 19:00:00.000000000 -0500
@@ -1,47 +0,0 @@
-# FLASK
-
@@ -791,9 +869,9 @@
-sid devnull system_u:object_r:null_device_t
-
-# FLASK
-diff --exclude-from=exclude -N -u -r nsapolicy/tunables/distro.tun policy-1.23.12/tunables/distro.tun
+diff --exclude-from=exclude -N -u -r nsapolicy/tunables/distro.tun policy-1.23.13/tunables/distro.tun
--- nsapolicy/tunables/distro.tun 2005-02-24 14:51:09.000000000 -0500
-+++ policy-1.23.12/tunables/distro.tun 2005-04-21 08:05:17.000000000 -0400
++++ policy-1.23.13/tunables/distro.tun 2005-04-25 15:18:00.000000000 -0400
@@ -5,7 +5,7 @@
# appropriate ifdefs.
@@ -803,9 +881,9 @@
dnl define(`distro_suse')
-diff --exclude-from=exclude -N -u -r nsapolicy/tunables/tunable.tun policy-1.23.12/tunables/tunable.tun
+diff --exclude-from=exclude -N -u -r nsapolicy/tunables/tunable.tun policy-1.23.13/tunables/tunable.tun
--- nsapolicy/tunables/tunable.tun 2005-04-14 15:01:54.000000000 -0400
-+++ policy-1.23.12/tunables/tunable.tun 2005-04-21 08:05:17.000000000 -0400
++++ policy-1.23.13/tunables/tunable.tun 2005-04-25 15:18:00.000000000 -0400
@@ -2,7 +2,7 @@
dnl define(`user_can_mount')
@@ -829,9 +907,9 @@
# Allow xinetd to run unconfined, including any services it starts
# that do not have a domain transition explicitly defined.
-diff --exclude-from=exclude -N -u -r nsapolicy/types/network.te policy-1.23.12/types/network.te
+diff --exclude-from=exclude -N -u -r nsapolicy/types/network.te policy-1.23.13/types/network.te
--- nsapolicy/types/network.te 2005-04-20 15:40:35.000000000 -0400
-+++ policy-1.23.12/types/network.te 2005-04-22 06:57:20.000000000 -0400
++++ policy-1.23.13/types/network.te 2005-04-25 15:18:00.000000000 -0400
@@ -31,6 +31,7 @@
type http_cache_port_t, port_type, reserved_port_type;
type http_port_t, port_type, reserved_port_type;
Index: selinux-policy-strict.spec
===================================================================
RCS file: /cvs/dist/rpms/selinux-policy-strict/devel/selinux-policy-strict.spec,v
retrieving revision 1.289
retrieving revision 1.290
diff -u -r1.289 -r1.290
--- selinux-policy-strict.spec 25 Apr 2005 19:19:20 -0000 1.289
+++ selinux-policy-strict.spec 26 Apr 2005 01:40:45 -0000 1.290
@@ -11,7 +11,7 @@
Summary: SELinux %{type} policy configuration
Name: selinux-policy-%{type}
Version: 1.23.13
-Release: 1
+Release: 2
License: GPL
Group: System Environment/Base
Source: http://www.nsa.gov/selinux/archives/policy-%{version}.tgz
@@ -220,6 +220,10 @@
exit 0
%changelog
+* Mon Apr 25 2005 Dan Walsh <dwalsh at redhat.com> 1.23.13-2
+- Small fixes for targeted policy
+- Add updfstab
+
* Mon Apr 25 2005 Dan Walsh <dwalsh at redhat.com> 1.23.13-1
- Update to latest from NSA
* Merged more changes from Dan Walsh to initrc_t for removal of
- Previous message (by thread): rpms/dbus/devel .cvsignore, 1.9, 1.10 dbus.spec, 1.44, 1.45 sources, 1.9, 1.10
- Next message (by thread): rpms/selinux-policy-targeted/devel policy-20050425.patch, 1.1, 1.2 selinux-policy-targeted.spec, 1.285, 1.286
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
More information about the fedora-cvs-commits
mailing list