rpms/selinux-policy/devel .cvsignore, 1.12, 1.13 policy-20051114.patch, 1.21, 1.22 selinux-policy.spec, 1.30, 1.31 sources, 1.13, 1.14
fedora-cvs-commits at redhat.com
fedora-cvs-commits at redhat.com
Wed Dec 7 01:07:30 UTC 2005
Author: dwalsh
Update of /cvs/dist/rpms/selinux-policy/devel
In directory cvs.devel.redhat.com:/tmp/cvs-serv5350
Modified Files:
.cvsignore policy-20051114.patch selinux-policy.spec sources
Log Message:
* Tue Dec 6 2005 Dan Walsh <dwalsh at redhat.com> 2.0.11-1.
Update from upstream
Index: .cvsignore
===================================================================
RCS file: /cvs/dist/rpms/selinux-policy/devel/.cvsignore,v
retrieving revision 1.12
retrieving revision 1.13
diff -u -r1.12 -r1.13
--- .cvsignore 6 Dec 2005 17:44:30 -0000 1.12
+++ .cvsignore 7 Dec 2005 01:07:26 -0000 1.13
@@ -9,3 +9,8 @@
serefpolicy-2.0.8.tgz
serefpolicy-2.0.9.tgz
serefpolicy-2.0.10.tgz
+serefpolicy-2.0.11.tgz
+exclude
+noarch
+nsadiff
+nsaserefpolicy
policy-20051114.patch:
Makefile | 7 +------
Rules.modular | 7 +++++++
Rules.monolithic | 7 ++++++-
policy/modules/admin/su.if | 3 +++
policy/modules/services/canna.te | 1 -
policy/modules/services/cups.te | 1 +
policy/modules/services/dbus.te | 2 +-
policy/modules/services/ftp.te | 3 +++
policy/modules/services/hal.te | 6 +++++-
policy/modules/services/mta.te | 9 ---------
policy/modules/services/nis.if | 2 ++
policy/modules/services/sasl.te | 4 +++-
policy/modules/services/spamassassin.te | 1 +
policy/modules/system/hostname.te | 1 -
policy/modules/system/init.if | 31 -------------------------------
policy/modules/system/locallogin.te | 7 -------
policy/modules/system/mount.te | 5 +----
17 files changed, 34 insertions(+), 63 deletions(-)
Index: policy-20051114.patch
===================================================================
RCS file: /cvs/dist/rpms/selinux-policy/devel/policy-20051114.patch,v
retrieving revision 1.21
retrieving revision 1.22
diff -u -r1.21 -r1.22
--- policy-20051114.patch 6 Dec 2005 17:42:25 -0000 1.21
+++ policy-20051114.patch 7 Dec 2005 01:07:26 -0000 1.22
@@ -1,6 +1,6 @@
-diff --exclude-from=exclude -N -u -r nsaserefpolicy/Makefile serefpolicy-2.0.10/Makefile
+diff --exclude-from=exclude -N -u -r nsaserefpolicy/Makefile serefpolicy-2.0.11/Makefile
--- nsaserefpolicy/Makefile 2005-12-05 22:35:02.000000000 -0500
-+++ serefpolicy-2.0.10/Makefile 2005-12-06 11:40:43.000000000 -0500
++++ serefpolicy-2.0.11/Makefile 2005-12-06 20:02:53.000000000 -0500
@@ -92,7 +92,7 @@
# enable MLS if requested.
@@ -22,9 +22,9 @@
$(APPDIR)/default_type: $(APPCONF)/default_type
@mkdir -p $(APPDIR)
$(QUIET) install -m 644 $< $@
-diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/admin/su.if serefpolicy-2.0.10/policy/modules/admin/su.if
+diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/admin/su.if serefpolicy-2.0.11/policy/modules/admin/su.if
--- nsaserefpolicy/policy/modules/admin/su.if 2005-11-29 18:36:30.000000000 -0500
-+++ serefpolicy-2.0.10/policy/modules/admin/su.if 2005-12-06 11:40:43.000000000 -0500
++++ serefpolicy-2.0.11/policy/modules/admin/su.if 2005-12-06 20:02:53.000000000 -0500
@@ -50,6 +50,9 @@
selinux_compute_relabel_context($1_su_t)
selinux_compute_user_contexts($1_su_t)
@@ -35,9 +35,9 @@
auth_domtrans_chk_passwd($1_su_t)
auth_dontaudit_read_shadow($1_su_t)
auth_use_nsswitch($1_su_t)
-diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/canna.te serefpolicy-2.0.10/policy/modules/services/canna.te
---- nsaserefpolicy/policy/modules/services/canna.te 2005-12-02 17:53:26.000000000 -0500
-+++ serefpolicy-2.0.10/policy/modules/services/canna.te 2005-12-06 11:46:51.000000000 -0500
+diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/canna.te serefpolicy-2.0.11/policy/modules/services/canna.te
+--- nsaserefpolicy/policy/modules/services/canna.te 2005-12-06 19:49:49.000000000 -0500
++++ serefpolicy-2.0.11/policy/modules/services/canna.te 2005-12-06 20:02:53.000000000 -0500
@@ -47,7 +47,6 @@
kernel_read_kernel_sysctl(canna_t)
@@ -46,10 +46,10 @@
corenet_tcp_sendrecv_all_if(canna_t)
corenet_raw_sendrecv_all_if(canna_t)
-diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/cups.te serefpolicy-2.0.10/policy/modules/services/cups.te
---- nsaserefpolicy/policy/modules/services/cups.te 2005-12-02 17:53:53.000000000 -0500
-+++ serefpolicy-2.0.10/policy/modules/services/cups.te 2005-12-06 11:40:43.000000000 -0500
-@@ -468,6 +468,7 @@
+diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/cups.te serefpolicy-2.0.11/policy/modules/services/cups.te
+--- nsaserefpolicy/policy/modules/services/cups.te 2005-12-06 19:49:50.000000000 -0500
++++ serefpolicy-2.0.11/policy/modules/services/cups.te 2005-12-06 20:02:53.000000000 -0500
+@@ -471,6 +471,7 @@
# Cups configuration daemon local policy
#
@@ -57,9 +57,9 @@
allow cupsd_config_t self:capability { chown sys_tty_config };
dontaudit cupsd_config_t self:capability sys_tty_config;
allow cupsd_config_t self:process signal_perms;
-diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/dbus.te serefpolicy-2.0.10/policy/modules/services/dbus.te
---- nsaserefpolicy/policy/modules/services/dbus.te 2005-12-06 11:36:01.000000000 -0500
-+++ serefpolicy-2.0.10/policy/modules/services/dbus.te 2005-12-06 11:40:43.000000000 -0500
+diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/dbus.te serefpolicy-2.0.11/policy/modules/services/dbus.te
+--- nsaserefpolicy/policy/modules/services/dbus.te 2005-12-06 19:49:50.000000000 -0500
++++ serefpolicy-2.0.11/policy/modules/services/dbus.te 2005-12-06 20:02:53.000000000 -0500
@@ -32,7 +32,7 @@
# cjp: dac_override should probably go in a distro_debian
allow system_dbusd_t self:capability { dac_override setgid setpcap setuid };
@@ -69,10 +69,10 @@
allow system_dbusd_t self:fifo_file { read write };
allow system_dbusd_t self:dbus { send_msg acquire_svc };
allow system_dbusd_t self:unix_stream_socket { connectto create_stream_socket_perms connectto };
-diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/ftp.te serefpolicy-2.0.10/policy/modules/services/ftp.te
---- nsaserefpolicy/policy/modules/services/ftp.te 2005-11-28 10:42:53.000000000 -0500
-+++ serefpolicy-2.0.10/policy/modules/services/ftp.te 2005-12-06 11:40:43.000000000 -0500
-@@ -104,6 +104,9 @@
+diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/ftp.te serefpolicy-2.0.11/policy/modules/services/ftp.te
+--- nsaserefpolicy/policy/modules/services/ftp.te 2005-12-06 19:49:50.000000000 -0500
++++ serefpolicy-2.0.11/policy/modules/services/ftp.te 2005-12-06 20:02:53.000000000 -0500
+@@ -105,6 +105,9 @@
domain_use_wide_inherit_fd(ftpd_t)
@@ -82,9 +82,32 @@
files_search_etc(ftpd_t)
files_read_etc_files(ftpd_t)
files_read_etc_runtime_files(ftpd_t)
-diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/mta.te serefpolicy-2.0.10/policy/modules/services/mta.te
---- nsaserefpolicy/policy/modules/services/mta.te 2005-12-05 22:35:03.000000000 -0500
-+++ serefpolicy-2.0.10/policy/modules/services/mta.te 2005-12-06 11:41:43.000000000 -0500
+diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/hal.te serefpolicy-2.0.11/policy/modules/services/hal.te
+--- nsaserefpolicy/policy/modules/services/hal.te 2005-12-06 19:49:50.000000000 -0500
++++ serefpolicy-2.0.11/policy/modules/services/hal.te 2005-12-06 20:03:15.000000000 -0500
+@@ -28,6 +28,7 @@
+ allow hald_t self:unix_stream_socket { create_stream_socket_perms connectto };
+ allow hald_t self:unix_dgram_socket create_socket_perms;
+ allow hald_t self:netlink_route_socket r_netlink_socket_perms;
++allow hald_t self:netlink_audit_socket { create_netlink_socket_perms nlmsg_relay };
+ allow hald_t self:netlink_kobject_uevent_socket create_socket_perms;
+ allow hald_t self:tcp_socket create_stream_socket_perms;
+ allow hald_t self:udp_socket create_socket_perms;
+@@ -59,7 +60,10 @@
+ corenet_tcp_bind_all_nodes(hald_t)
+ corenet_udp_bind_all_nodes(hald_t)
+
+-dev_read_sysfs(hald_t)
++# hal is now execing pm-suspend
++files_create_boot_flag(hald_t)
++dev_rw_sysfs(hald_t)
++
+ dev_rw_usbfs(hald_t)
+ dev_read_urand(hald_t)
+ dev_read_input(hald_t)
+diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/mta.te serefpolicy-2.0.11/policy/modules/services/mta.te
+--- nsaserefpolicy/policy/modules/services/mta.te 2005-12-06 19:49:50.000000000 -0500
++++ serefpolicy-2.0.11/policy/modules/services/mta.te 2005-12-06 20:02:53.000000000 -0500
@@ -57,15 +57,6 @@
userdom_use_sysadm_terms(system_mail_t)
@@ -101,10 +124,10 @@
ifdef(`targeted_policy',`
typealias system_mail_t alias sysadm_mail_t;
-diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/nis.if serefpolicy-2.0.10/policy/modules/services/nis.if
---- nsaserefpolicy/policy/modules/services/nis.if 2005-12-06 11:36:01.000000000 -0500
-+++ serefpolicy-2.0.10/policy/modules/services/nis.if 2005-12-06 12:25:49.000000000 -0500
-@@ -148,8 +148,10 @@
+diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/nis.if serefpolicy-2.0.11/policy/modules/services/nis.if
+--- nsaserefpolicy/policy/modules/services/nis.if 2005-12-06 19:49:50.000000000 -0500
++++ serefpolicy-2.0.11/policy/modules/services/nis.if 2005-12-06 20:02:53.000000000 -0500
+@@ -150,8 +150,10 @@
interface(`nis_signal_ypbind',`
gen_require(`
type ypbind_t;
@@ -115,9 +138,9 @@
allow $1 ypbind_t:process signal;
')
-diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/sasl.te serefpolicy-2.0.10/policy/modules/services/sasl.te
---- nsaserefpolicy/policy/modules/services/sasl.te 2005-11-29 18:36:31.000000000 -0500
-+++ serefpolicy-2.0.10/policy/modules/services/sasl.te 2005-12-06 11:40:43.000000000 -0500
+diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/sasl.te serefpolicy-2.0.11/policy/modules/services/sasl.te
+--- nsaserefpolicy/policy/modules/services/sasl.te 2005-12-06 19:49:51.000000000 -0500
++++ serefpolicy-2.0.11/policy/modules/services/sasl.te 2005-12-06 20:02:53.000000000 -0500
@@ -18,6 +18,7 @@
# Local policy
#
@@ -126,7 +149,7 @@
dontaudit saslauthd_t self:capability sys_tty_config;
allow saslauthd_t self:process signal_perms;
allow saslauthd_t self:fifo_file { read write };
-@@ -55,9 +56,10 @@
+@@ -56,9 +57,10 @@
domain_use_wide_inherit_fd(saslauthd_t)
files_read_etc_files(saslauthd_t)
@@ -138,10 +161,10 @@
init_use_fd(saslauthd_t)
init_use_script_pty(saslauthd_t)
-diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/spamassassin.te serefpolicy-2.0.10/policy/modules/services/spamassassin.te
---- nsaserefpolicy/policy/modules/services/spamassassin.te 2005-12-02 17:53:26.000000000 -0500
-+++ serefpolicy-2.0.10/policy/modules/services/spamassassin.te 2005-12-06 11:40:43.000000000 -0500
-@@ -72,6 +72,7 @@
+diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/spamassassin.te serefpolicy-2.0.11/policy/modules/services/spamassassin.te
+--- nsaserefpolicy/policy/modules/services/spamassassin.te 2005-12-06 19:49:51.000000000 -0500
++++ serefpolicy-2.0.11/policy/modules/services/spamassassin.te 2005-12-06 20:02:53.000000000 -0500
+@@ -73,6 +73,7 @@
corenet_tcp_bind_all_nodes(spamd_t)
corenet_udp_bind_all_nodes(spamd_t)
corenet_tcp_bind_spamd_port(spamd_t)
@@ -149,9 +172,9 @@
dev_read_sysfs(spamd_t)
dev_read_urand(spamd_t)
-diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/hostname.te serefpolicy-2.0.10/policy/modules/system/hostname.te
+diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/hostname.te serefpolicy-2.0.11/policy/modules/system/hostname.te
--- nsaserefpolicy/policy/modules/system/hostname.te 2005-11-25 08:11:12.000000000 -0500
-+++ serefpolicy-2.0.10/policy/modules/system/hostname.te 2005-12-06 11:48:09.000000000 -0500
++++ serefpolicy-2.0.11/policy/modules/system/hostname.te 2005-12-06 20:02:53.000000000 -0500
@@ -22,7 +22,6 @@
allow hostname_t self:unix_stream_socket create_stream_socket_perms;
dontaudit hostname_t self:capability sys_tty_config;
@@ -160,9 +183,9 @@
kernel_list_proc(hostname_t)
kernel_read_proc_symlinks(hostname_t)
-diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/init.if serefpolicy-2.0.10/policy/modules/system/init.if
+diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/init.if serefpolicy-2.0.11/policy/modules/system/init.if
--- nsaserefpolicy/policy/modules/system/init.if 2005-12-05 22:35:03.000000000 -0500
-+++ serefpolicy-2.0.10/policy/modules/system/init.if 2005-12-06 11:43:22.000000000 -0500
++++ serefpolicy-2.0.11/policy/modules/system/init.if 2005-12-06 20:02:53.000000000 -0500
@@ -31,18 +31,6 @@
allow init_t $1:fd use;
allow $1 init_t:fifo_file rw_file_perms;
@@ -215,9 +238,9 @@
')
########################################
-diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/locallogin.te serefpolicy-2.0.10/policy/modules/system/locallogin.te
+diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/locallogin.te serefpolicy-2.0.11/policy/modules/system/locallogin.te
--- nsaserefpolicy/policy/modules/system/locallogin.te 2005-11-25 08:11:12.000000000 -0500
-+++ serefpolicy-2.0.10/policy/modules/system/locallogin.te 2005-12-06 11:47:34.000000000 -0500
++++ serefpolicy-2.0.11/policy/modules/system/locallogin.te 2005-12-06 20:02:53.000000000 -0500
@@ -168,13 +168,6 @@
# Search for mail spool file.
mta_getattr_spool(local_login_t)
@@ -232,9 +255,9 @@
ifdef(`targeted_policy',`
unconfined_domain_template(local_login_t)
unconfined_shell_domtrans(local_login_t)
-diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/mount.te serefpolicy-2.0.10/policy/modules/system/mount.te
---- nsaserefpolicy/policy/modules/system/mount.te 2005-11-28 10:42:54.000000000 -0500
-+++ serefpolicy-2.0.10/policy/modules/system/mount.te 2005-12-06 11:47:52.000000000 -0500
+diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/mount.te serefpolicy-2.0.11/policy/modules/system/mount.te
+--- nsaserefpolicy/policy/modules/system/mount.te 2005-12-06 19:49:51.000000000 -0500
++++ serefpolicy-2.0.11/policy/modules/system/mount.te 2005-12-06 20:02:53.000000000 -0500
@@ -26,7 +26,6 @@
files_create_tmp_files(mount_t,mount_tmp_t,{ file dir })
@@ -254,9 +277,9 @@
corenet_tcp_sendrecv_all_if(mount_t)
corenet_raw_sendrecv_all_if(mount_t)
corenet_udp_sendrecv_all_if(mount_t)
-diff --exclude-from=exclude -N -u -r nsaserefpolicy/Rules.modular serefpolicy-2.0.10/Rules.modular
+diff --exclude-from=exclude -N -u -r nsaserefpolicy/Rules.modular serefpolicy-2.0.11/Rules.modular
--- nsaserefpolicy/Rules.modular 2005-11-23 10:06:37.000000000 -0500
-+++ serefpolicy-2.0.10/Rules.modular 2005-12-06 11:40:43.000000000 -0500
++++ serefpolicy-2.0.11/Rules.modular 2005-12-06 20:02:53.000000000 -0500
@@ -41,6 +41,8 @@
install: $(INSTPKG) $(APPFILES)
@@ -278,9 +301,9 @@
tmp/base.mod: base.conf
@echo "Compiling $(NAME) base module"
$(QUIET) $(CHECKMODULE) $^ -o $@
-diff --exclude-from=exclude -N -u -r nsaserefpolicy/Rules.monolithic serefpolicy-2.0.10/Rules.monolithic
---- nsaserefpolicy/Rules.monolithic 2005-12-06 11:36:00.000000000 -0500
-+++ serefpolicy-2.0.10/Rules.monolithic 2005-12-06 11:40:43.000000000 -0500
+diff --exclude-from=exclude -N -u -r nsaserefpolicy/Rules.monolithic serefpolicy-2.0.11/Rules.monolithic
+--- nsaserefpolicy/Rules.monolithic 2005-12-06 19:49:49.000000000 -0500
++++ serefpolicy-2.0.11/Rules.monolithic 2005-12-06 20:02:53.000000000 -0500
@@ -14,6 +14,11 @@
APPFILES += $(APPDIR)/customizable_types $(INSTALLDIR)/booleans
Index: selinux-policy.spec
===================================================================
RCS file: /cvs/dist/rpms/selinux-policy/devel/selinux-policy.spec,v
retrieving revision 1.30
retrieving revision 1.31
diff -u -r1.30 -r1.31
--- selinux-policy.spec 6 Dec 2005 17:42:25 -0000 1.30
+++ selinux-policy.spec 7 Dec 2005 01:07:26 -0000 1.31
@@ -4,11 +4,11 @@
%define polname1 targeted
%define polname2 mls
%define polname3 strict
-%define POLICYCOREUTILSVER 1.27.29-1
+%define POLICYCOREUTILSVER 1.27.36-2
%define CHECKPOLICYVER 1.27.17-7
Summary: SELinux policy configuration
Name: selinux-policy
-Version: 2.0.10
+Version: 2.0.11
Release: 1
License: GPL
Group: System Environment/Base
@@ -236,6 +236,9 @@
%changelog
+* Tue Dec 6 2005 Dan Walsh <dwalsh at redhat.com> 2.0.11-1.
+Update from upstream
+
* Fri Dec 2 2005 Dan Walsh <dwalsh at redhat.com> 2.0.9-1.
Update from upstream
Index: sources
===================================================================
RCS file: /cvs/dist/rpms/selinux-policy/devel/sources,v
retrieving revision 1.13
retrieving revision 1.14
diff -u -r1.13 -r1.14
--- sources 6 Dec 2005 17:44:30 -0000 1.13
+++ sources 7 Dec 2005 01:07:26 -0000 1.14
@@ -1 +1 @@
-abe1d80fe8184e1f48c3d1fb29155b63 serefpolicy-2.0.10.tgz
+2d9d732de1a1cf46895500fac0328530 serefpolicy-2.0.11.tgz
More information about the fedora-cvs-commits
mailing list