rpms/selinux-policy/devel policy-20051208.patch, 1.11, 1.12 selinux-policy.spec, 1.49, 1.50
fedora-cvs-commits at redhat.com
fedora-cvs-commits at redhat.com
Wed Dec 14 22:47:15 UTC 2005
- Previous message (by thread): rpms/gcc/devel gcc41.spec, 1.8, 1.9 gcc41-libgfortran-host_subdir.patch, 1.1, NONE
- Next message (by thread): rpms/grub/devel grub-0.97-datadir.patch, NONE, 1.1 grub-0.97-gcc4.patch, NONE, 1.1 grub-0.97-install.in.patch, NONE, 1.1 grub-0.97-mdadm-path.patch, NONE, 1.1 grub-0.97-nxstack.patch, NONE, 1.1 grub-0.97-once.patch, NONE, 1.1 grub-0.97-prototypes.patch, NONE, 1.1 .cvsignore, 1.6, 1.7 grub.spec, 1.31, 1.32 sources, 1.7, 1.8
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
Author: dwalsh
Update of /cvs/dist/rpms/selinux-policy/devel
In directory cvs.devel.redhat.com:/tmp/cvs-serv3809
Modified Files:
policy-20051208.patch selinux-policy.spec
Log Message:
* Wed Dec 14 2005 Dan Walsh <dwalsh at redhat.com> 2.1.5-2
- Add file context for /var/cvs
- Dontaudit webalizer search of homedir
policy-20051208.patch:
Makefile | 2 +-
config/appconfig-strict-mcs/default_type | 6 +++---
config/appconfig-strict-mls/default_type | 6 +++---
config/appconfig-targeted-mcs/default_type | 2 +-
config/appconfig-targeted-mls/default_type | 2 +-
policy/global_tunables | 3 +++
policy/modules/apps/webalizer.te | 1 +
policy/modules/kernel/mls.te | 1 +
policy/modules/services/cvs.fc | 2 ++
policy/modules/services/cvs.te | 6 ++++++
policy/modules/services/sasl.te | 8 +++++---
policy/modules/system/authlogin.if | 12 +++++++++++-
policy/modules/system/libraries.fc | 17 ++++++++++++++++-
policy/modules/system/udev.fc | 1 +
policy/modules/system/udev.te | 3 ++-
policy/modules/system/unconfined.te | 1 -
policy/users | 2 ++
17 files changed, 59 insertions(+), 16 deletions(-)
Index: policy-20051208.patch
===================================================================
RCS file: /cvs/dist/rpms/selinux-policy/devel/policy-20051208.patch,v
retrieving revision 1.11
retrieving revision 1.12
diff -u -r1.11 -r1.12
--- policy-20051208.patch 14 Dec 2005 22:25:29 -0000 1.11
+++ policy-20051208.patch 14 Dec 2005 22:47:12 -0000 1.12
@@ -151,8 +151,29 @@
########################################
diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/libraries.fc serefpolicy-2.1.6/policy/modules/system/libraries.fc
--- nsaserefpolicy/policy/modules/system/libraries.fc 2005-12-14 10:38:50.000000000 -0500
-+++ serefpolicy-2.1.6/policy/modules/system/libraries.fc 2005-12-14 15:54:33.000000000 -0500
-@@ -113,7 +113,7 @@
++++ serefpolicy-2.1.6/policy/modules/system/libraries.fc 2005-12-14 17:46:06.000000000 -0500
+@@ -11,6 +11,20 @@
+ /emul/ia32-linux/lib(/.*)? gen_context(system_u:object_r:lib_t,s0)
+ /emul/ia32-linux/lib/.*\.so(\.[^/]*)* -- gen_context(system_u:object_r:shlib_t,s0)
+ /emul/ia32-linux/lib(/.*)?/ld-[^/]*\.so(\.[^/]*)* -- gen_context(system_u:object_r:ld_so_t,s0)
++
++/usr/bin/fedora-buildrpmtree -- gen_context(system_u:object_r:rpm_exec_t,s0)
++/usr/bin/fedora-diffarchive -- gen_context(system_u:object_r:rpm_exec_t,s0)
++/usr/bin/fedora-extract -- gen_context(system_u:object_r:rpm_exec_t,s0)
++/usr/bin/fedora-installdevkeys -- gen_context(system_u:object_r:rpm_exec_t,s0)
++/usr/bin/fedora-kmodhelper -- gen_context(system_u:object_r:rpm_exec_t,s0)
++/usr/bin/fedora-md5 -- gen_context(system_u:object_r:rpm_exec_t,s0)
++/usr/bin/fedora-newrpmspec -- gen_context(system_u:object_r:rpm_exec_t,s0)
++/usr/bin/fedora-rmdevelrpms -- gen_context(system_u:object_r:rpm_exec_t,s0)
++/usr/bin/fedora-rpmchecksig -- gen_context(system_u:object_r:rpm_exec_t,s0)
++/usr/bin/fedora-rpminfo -- gen_context(system_u:object_r:rpm_exec_t,s0)
++/usr/bin/fedora-rpmvercmp -- gen_context(system_u:object_r:rpm_exec_t,s0)
++/usr/bin/fedora-wipebuildtree -- gen_context(system_u:object_r:rpm_exec_t,s0)
++
+ ')
+
+ #
+@@ -113,7 +127,7 @@
/usr/lib(64)?/.*/program/libsvx680li\.so -- gen_context(system_u:object_r:textrel_shlib_t,s0)
/usr/lib(64)?/.*/program/libcomphelp4gcc3\.so -- gen_context(system_u:object_r:textrel_shlib_t,s0)
/usr/lib(64)?/.*/program/libsoffice\.so -- gen_context(system_u:object_r:textrel_shlib_t,s0)
@@ -161,6 +182,11 @@
/usr/lib(64)?/firefox.*\.so -- gen_context(system_u:object_r:textrel_shlib_t,s0)
/usr/lib(64)?/mozilla.*\.so -- gen_context(system_u:object_r:textrel_shlib_t,s0)
/usr/lib(64)?/sunbird.*\.so -- gen_context(system_u:object_r:textrel_shlib_t,s0)
+@@ -187,3 +201,4 @@
+ ifdef(`distro_suse',`
+ /var/lib/samba/bin/.*\.so(\.[^/]*)* -l gen_context(system_u:object_r:lib_t,s0)
+ ')
++
diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/udev.fc serefpolicy-2.1.6/policy/modules/system/udev.fc
--- nsaserefpolicy/policy/modules/system/udev.fc 2005-11-14 18:24:06.000000000 -0500
+++ serefpolicy-2.1.6/policy/modules/system/udev.fc 2005-12-14 15:54:33.000000000 -0500
@@ -189,6 +215,17 @@
kernel_rw_unix_dgram_socket(udev_t)
kernel_sendto_unix_dgram_socket(udev_t)
kernel_signal(udev_t)
+diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/unconfined.te serefpolicy-2.1.6/policy/modules/system/unconfined.te
+--- nsaserefpolicy/policy/modules/system/unconfined.te 2005-12-14 10:38:50.000000000 -0500
++++ serefpolicy-2.1.6/policy/modules/system/unconfined.te 2005-12-14 17:43:53.000000000 -0500
+@@ -118,7 +118,6 @@
+
+ optional_policy(`rpm',`
+ rpm_domtrans(unconfined_t)
+- rpm_script_domtrans(unconfined_t)
+ ')
+
+ optional_policy(`samba',`
diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/users serefpolicy-2.1.6/policy/users
--- nsaserefpolicy/policy/users 2005-12-05 22:35:02.000000000 -0500
+++ serefpolicy-2.1.6/policy/users 2005-12-14 15:54:33.000000000 -0500
Index: selinux-policy.spec
===================================================================
RCS file: /cvs/dist/rpms/selinux-policy/devel/selinux-policy.spec,v
retrieving revision 1.49
retrieving revision 1.50
diff -u -r1.49 -r1.50
--- selinux-policy.spec 14 Dec 2005 22:06:38 -0000 1.49
+++ selinux-policy.spec 14 Dec 2005 22:47:12 -0000 1.50
@@ -7,7 +7,7 @@
Summary: SELinux policy configuration
Name: selinux-policy
Version: 2.1.6
-Release: 1
+Release: 2
License: GPL
Group: System Environment/Base
Source: serefpolicy-%{version}.tgz
@@ -248,7 +248,6 @@
* Tue Dec 13 2005 Dan Walsh <dwalsh at redhat.com> 2.1.5-1
- Update from upstream
-- Allow unconfined_t to transition to rpm_script_t
* Tue Dec 13 2005 Dan Walsh <dwalsh at redhat.com> 2.1.4-2
- Clean up spec
- Previous message (by thread): rpms/gcc/devel gcc41.spec, 1.8, 1.9 gcc41-libgfortran-host_subdir.patch, 1.1, NONE
- Next message (by thread): rpms/grub/devel grub-0.97-datadir.patch, NONE, 1.1 grub-0.97-gcc4.patch, NONE, 1.1 grub-0.97-install.in.patch, NONE, 1.1 grub-0.97-mdadm-path.patch, NONE, 1.1 grub-0.97-nxstack.patch, NONE, 1.1 grub-0.97-once.patch, NONE, 1.1 grub-0.97-prototypes.patch, NONE, 1.1 .cvsignore, 1.6, 1.7 grub.spec, 1.31, 1.32 sources, 1.7, 1.8
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
More information about the fedora-cvs-commits
mailing list