rpms/selinux-policy-targeted/devel policy-20050706.patch, 1.5, 1.6 selinux-policy-targeted.spec, 1.342, 1.343
fedora-cvs-commits at redhat.com
fedora-cvs-commits at redhat.com
Thu Jul 7 19:37:54 UTC 2005
Author: dwalsh
Update of /cvs/dist/rpms/selinux-policy-targeted/devel
In directory cvs.devel.redhat.com:/tmp/cvs-serv26205
Modified Files:
policy-20050706.patch selinux-policy-targeted.spec
Log Message:
* Thu Jul 7 2005 Dan Walsh <dwalsh at redhat.com> 1.25.1-6
- Fixes for winbind
policy-20050706.patch:
domains/admin.te | 5 +++++
domains/program/getty.te | 7 +++++++
domains/program/login.te | 2 +-
domains/program/netutils.te | 2 ++
domains/program/passwd.te | 5 +++++
domains/program/ssh.te | 2 +-
domains/program/tmpreaper.te | 4 ++--
domains/program/unused/apache.te | 1 +
domains/program/unused/apmd.te | 7 +++++--
domains/program/unused/bluetooth.te | 3 ++-
domains/program/unused/ciped.te | 3 +--
domains/program/unused/cups.te | 8 ++++++--
domains/program/unused/cyrus.te | 5 +----
domains/program/unused/dhcpc.te | 1 +
domains/program/unused/dovecot.te | 1 +
domains/program/unused/ftpd.te | 2 +-
domains/program/unused/hald.te | 3 ++-
domains/program/unused/hotplug.te | 4 +++-
domains/program/unused/hwclock.te | 3 ---
domains/program/unused/iceauth.te | 2 +-
domains/program/unused/nscd.te | 1 +
domains/program/unused/pppd.te | 7 ++++---
domains/program/unused/prelink.te | 7 +------
domains/program/unused/procmail.te | 1 +
domains/program/unused/radvd.te | 3 ++-
domains/program/unused/rpcd.te | 6 +++++-
domains/program/unused/rpm.te | 3 +++
domains/program/unused/samba.te | 35 +++++++++++++++++++++++++++++++++--
domains/program/unused/squid.te | 3 +++
domains/program/unused/winbind.te | 14 +++++++++++++-
domains/program/unused/xdm.te | 2 +-
file_contexts/program/cups.fc | 2 ++
file_contexts/program/rpcd.fc | 3 ++-
file_contexts/program/samba.fc | 1 +
file_contexts/program/winbind.fc | 1 +
file_contexts/types.fc | 14 +++++++-------
macros/admin_macros.te | 3 ---
macros/base_user_macros.te | 5 ++---
macros/global_macros.te | 1 +
macros/network_macros.te | 7 +++++++
macros/program/apache_macros.te | 5 ++---
macros/program/chkpwd_macros.te | 7 +++++++
macros/program/dbusd_macros.te | 2 +-
macros/program/evolution_macros.te | 6 ------
macros/program/games_domain.te | 3 ---
macros/program/java_macros.te | 2 --
macros/program/mail_client_macros.te | 10 ++++++++--
macros/program/mozilla_macros.te | 2 --
macros/program/mplayer_macros.te | 2 +-
macros/program/xserver_macros.te | 4 ----
net_contexts | 2 ++
targeted/domains/unconfined.te | 5 +++++
tunables/distro.tun | 2 +-
tunables/tunable.tun | 4 ++--
types/network.te | 1 -
55 files changed, 167 insertions(+), 79 deletions(-)
Index: policy-20050706.patch
===================================================================
RCS file: /cvs/dist/rpms/selinux-policy-targeted/devel/policy-20050706.patch,v
retrieving revision 1.5
retrieving revision 1.6
diff -u -r1.5 -r1.6
--- policy-20050706.patch 7 Jul 2005 12:44:39 -0000 1.5
+++ policy-20050706.patch 7 Jul 2005 19:37:48 -0000 1.6
@@ -24,6 +24,18 @@
+ifdef(`pppd.te', `
+domain_auto_trans(getty_t, pppd_exec_t, pppd_t)
+')
+diff --exclude-from=exclude -N -u -r nsapolicy/domains/program/login.te policy-1.25.1/domains/program/login.te
+--- nsapolicy/domains/program/login.te 2005-07-06 17:15:06.000000000 -0400
++++ policy-1.25.1/domains/program/login.te 2005-07-07 15:31:05.000000000 -0400
+@@ -65,7 +65,7 @@
+ ')
+
+ # Use capabilities
+-allow $1_login_t self:capability { audit_control dac_override chown fowner fsetid kill setgid setuid net_bind_service sys_nice sys_resource sys_tty_config };
++allow $1_login_t self:capability { dac_override chown fowner fsetid kill setgid setuid net_bind_service sys_nice sys_resource sys_tty_config };
+ allow $1_login_t self:process setrlimit;
+ dontaudit $1_login_t sysfs_t:dir search;
+
diff --exclude-from=exclude -N -u -r nsapolicy/domains/program/netutils.te policy-1.25.1/domains/program/netutils.te
--- nsapolicy/domains/program/netutils.te 2005-04-27 10:28:49.000000000 -0400
+++ policy-1.25.1/domains/program/netutils.te 2005-07-06 17:29:15.000000000 -0400
@@ -49,6 +61,32 @@
+role system_r types sysadm_passwd_t;
+allow sysadm_passwd_t devpts_t:chr_file { read write };
+')
+diff --exclude-from=exclude -N -u -r nsapolicy/domains/program/ssh.te policy-1.25.1/domains/program/ssh.te
+--- nsapolicy/domains/program/ssh.te 2005-07-06 17:15:06.000000000 -0400
++++ policy-1.25.1/domains/program/ssh.te 2005-07-07 15:30:50.000000000 -0400
+@@ -73,7 +73,7 @@
+ allow $1_t port_type:tcp_socket name_connect;
+ can_kerberos($1_t)
+
+-allow $1_t self:capability { audit_control kill sys_chroot sys_resource chown dac_override fowner fsetid setgid setuid sys_tty_config };
++allow $1_t self:capability { kill sys_chroot sys_resource chown dac_override fowner fsetid setgid setuid sys_tty_config };
+ allow $1_t { home_root_t home_dir_type }:dir { search getattr };
+ if (use_nfs_home_dirs) {
+ allow $1_t autofs_t:dir { search getattr };
+diff --exclude-from=exclude -N -u -r nsapolicy/domains/program/tmpreaper.te policy-1.25.1/domains/program/tmpreaper.te
+--- nsapolicy/domains/program/tmpreaper.te 2005-04-27 10:28:49.000000000 -0400
++++ policy-1.25.1/domains/program/tmpreaper.te 2005-07-07 11:54:03.000000000 -0400
+@@ -16,8 +16,8 @@
+ system_crond_entry(tmpreaper_exec_t, tmpreaper_t)
+ uses_shlib(tmpreaper_t)
+ # why does it need setattr?
+-allow tmpreaper_t tmpfile:dir { setattr rw_dir_perms rmdir };
+-allow tmpreaper_t tmpfile:notdevfile_class_set { getattr unlink };
++allow tmpreaper_t { man_t tmpfile }:dir { setattr rw_dir_perms rmdir };
++allow tmpreaper_t { man_t tmpfile }:notdevfile_class_set { getattr unlink };
+ allow tmpreaper_t { home_type file_t }:notdevfile_class_set { getattr unlink };
+ allow tmpreaper_t self:process { fork sigchld };
+ allow tmpreaper_t self:capability { dac_override dac_read_search fowner };
diff --exclude-from=exclude -N -u -r nsapolicy/domains/program/unused/apache.te policy-1.25.1/domains/program/unused/apache.te
--- nsapolicy/domains/program/unused/apache.te 2005-07-06 17:15:06.000000000 -0400
+++ policy-1.25.1/domains/program/unused/apache.te 2005-07-06 17:29:15.000000000 -0400
@@ -120,7 +158,7 @@
can_ypbind(ciped_t)
diff --exclude-from=exclude -N -u -r nsapolicy/domains/program/unused/cups.te policy-1.25.1/domains/program/unused/cups.te
--- nsapolicy/domains/program/unused/cups.te 2005-07-06 17:15:06.000000000 -0400
-+++ policy-1.25.1/domains/program/unused/cups.te 2005-07-06 17:48:40.000000000 -0400
++++ policy-1.25.1/domains/program/unused/cups.te 2005-07-07 13:58:28.000000000 -0400
@@ -77,7 +77,7 @@
allow cupsd_t self:fifo_file rw_file_perms;
@@ -149,6 +187,12 @@
allow hplip_t printer_device_t:chr_file rw_file_perms;
allow cupsd_t hplip_var_run_t:file { read getattr };
allow hplip_t cupsd_etc_t:dir search;
+@@ -305,4 +308,5 @@
+ inetd_child_domain(cupsd_lpd)
+ allow inetd_t printer_port_t:tcp_socket name_bind;
+ r_dir_file(cupsd_lpd_t, cupsd_etc_t)
++r_dir_file(cupsd_lpd_t, cupsd_rw_etc_t)
+ allow cupsd_lpd_t ipp_port_t:tcp_socket name_connect;
diff --exclude-from=exclude -N -u -r nsapolicy/domains/program/unused/cyrus.te policy-1.25.1/domains/program/unused/cyrus.te
--- nsapolicy/domains/program/unused/cyrus.te 2005-07-06 17:15:06.000000000 -0400
+++ policy-1.25.1/domains/program/unused/cyrus.te 2005-07-06 17:29:15.000000000 -0400
@@ -192,6 +236,18 @@
allow dovecot_t { self proc_t }:file { getattr read };
allow dovecot_t self:fifo_file rw_file_perms;
+diff --exclude-from=exclude -N -u -r nsapolicy/domains/program/unused/ftpd.te policy-1.25.1/domains/program/unused/ftpd.te
+--- nsapolicy/domains/program/unused/ftpd.te 2005-05-25 11:28:09.000000000 -0400
++++ policy-1.25.1/domains/program/unused/ftpd.te 2005-07-07 15:30:28.000000000 -0400
+@@ -69,7 +69,7 @@
+ tmpfs_domain(ftpd)
+
+ # Use capabilities.
+-allow ftpd_t self:capability { chown fowner fsetid setgid setuid net_bind_service sys_chroot sys_nice sys_resource audit_control };
++allow ftpd_t self:capability { chown fowner fsetid setgid setuid net_bind_service sys_chroot sys_nice sys_resource };
+
+ # Append to /var/log/wtmp.
+ allow ftpd_t wtmp_t:file { getattr append };
diff --exclude-from=exclude -N -u -r nsapolicy/domains/program/unused/hald.te policy-1.25.1/domains/program/unused/hald.te
--- nsapolicy/domains/program/unused/hald.te 2005-05-25 11:28:10.000000000 -0400
+++ policy-1.25.1/domains/program/unused/hald.te 2005-07-06 17:29:15.000000000 -0400
@@ -236,6 +292,18 @@
allow hwclock_t fs_t:filesystem getattr;
+diff --exclude-from=exclude -N -u -r nsapolicy/domains/program/unused/iceauth.te policy-1.25.1/domains/program/unused/iceauth.te
+--- nsapolicy/domains/program/unused/iceauth.te 2005-07-05 15:25:46.000000000 -0400
++++ policy-1.25.1/domains/program/unused/iceauth.te 2005-07-07 11:52:45.000000000 -0400
+@@ -6,7 +6,7 @@
+ #
+ # iceauth_exec_t is the type of the xauth executable.
+ #
+-type iceauth_exec_t, file_type, sysadmfile;
++type iceauth_exec_t, file_type, exec_type, sysadmfile;
+
+ # Everything else is in the iceauth_domain macro in
+ # macros/program/iceauth_macros.te.
diff --exclude-from=exclude -N -u -r nsapolicy/domains/program/unused/nscd.te policy-1.25.1/domains/program/unused/nscd.te
--- nsapolicy/domains/program/unused/nscd.te 2005-07-06 17:15:07.000000000 -0400
+++ policy-1.25.1/domains/program/unused/nscd.te 2005-07-06 17:29:15.000000000 -0400
@@ -274,18 +342,33 @@
+dontaudit pppd_t initrc_var_run_t:file { lock write };
diff --exclude-from=exclude -N -u -r nsapolicy/domains/program/unused/prelink.te policy-1.25.1/domains/program/unused/prelink.te
--- nsapolicy/domains/program/unused/prelink.te 2005-04-27 10:28:52.000000000 -0400
-+++ policy-1.25.1/domains/program/unused/prelink.te 2005-07-06 17:34:19.000000000 -0400
-@@ -14,10 +14,7 @@
- if (allow_execmem) {
- allow prelink_t self:process execmem;
- }
++++ policy-1.25.1/domains/program/unused/prelink.te 2005-07-07 11:52:57.000000000 -0400
+@@ -11,13 +11,8 @@
+ #
+ daemon_base_domain(prelink, `, admin, privowner')
+
+-if (allow_execmem) {
+-allow prelink_t self:process execmem;
+-}
-if (allow_execmod) {
++allow prelink_t self:process { execheap execmem execstack };
allow prelink_t texrel_shlib_t:file execmod;
-}
-
allow prelink_t fs_t:filesystem getattr;
ifdef(`crond.te', `
+diff --exclude-from=exclude -N -u -r nsapolicy/domains/program/unused/procmail.te policy-1.25.1/domains/program/unused/procmail.te
+--- nsapolicy/domains/program/unused/procmail.te 2005-05-25 11:28:10.000000000 -0400
++++ policy-1.25.1/domains/program/unused/procmail.te 2005-07-07 15:34:31.000000000 -0400
+@@ -20,6 +20,7 @@
+ allow procmail_t device_t:dir search;
+ can_network_server(procmail_t)
+ can_ypbind(procmail_t)
++can_winbind(procmail_t)
+
+ allow procmail_t self:capability { sys_nice chown setuid setgid dac_override };
+
diff --exclude-from=exclude -N -u -r nsapolicy/domains/program/unused/radvd.te policy-1.25.1/domains/program/unused/radvd.te
--- nsapolicy/domains/program/unused/radvd.te 2005-04-27 10:28:52.000000000 -0400
+++ policy-1.25.1/domains/program/unused/radvd.te 2005-07-06 17:29:15.000000000 -0400
@@ -327,19 +410,31 @@
can_udp_send(nfsd_t, portmap_t)
can_udp_send(portmap_t, nfsd_t)
+diff --exclude-from=exclude -N -u -r nsapolicy/domains/program/unused/rpm.te policy-1.25.1/domains/program/unused/rpm.te
+--- nsapolicy/domains/program/unused/rpm.te 2005-04-27 10:28:52.000000000 -0400
++++ policy-1.25.1/domains/program/unused/rpm.te 2005-07-07 11:53:36.000000000 -0400
+@@ -253,4 +253,7 @@
+ typeattribute rpm_script_t auth_write;
+ unconfined_domain(rpm_script_t)
+ ')
++if (allow_execmem) {
++allow rpm_script_t self:process execmem;
++}
+
diff --exclude-from=exclude -N -u -r nsapolicy/domains/program/unused/samba.te policy-1.25.1/domains/program/unused/samba.te
--- nsapolicy/domains/program/unused/samba.te 2005-07-06 17:15:07.000000000 -0400
-+++ policy-1.25.1/domains/program/unused/samba.te 2005-07-07 08:42:23.000000000 -0400
-@@ -47,6 +47,8 @@
++++ policy-1.25.1/domains/program/unused/samba.te 2005-07-07 15:30:06.000000000 -0400
+@@ -47,6 +47,9 @@
# Use the network.
can_network(smbd_t)
+can_ldap(smbd_t)
+can_kerberos(smbd_t)
++can_winbind(smbd_t)
allow smbd_t ipp_port_t:tcp_socket name_connect;
allow smbd_t urandom_device_t:chr_file { getattr read };
-@@ -61,8 +63,10 @@
+@@ -61,8 +64,10 @@
# Permissions for Samba cache files in /var/cache/samba and /var/lib/samba
allow smbd_t var_lib_t:dir search;
@@ -352,12 +447,12 @@
# Permissions to write log files.
allow smbd_t samba_log_t:file { create ra_file_perms };
-@@ -182,3 +186,27 @@
+@@ -182,3 +187,29 @@
allow smbmount_t userdomain:fd use;
allow smbmount_t local_login_t:fd use;
')
+# Derive from app. domain. Transition from mount.
-+application_domain(samba_net, `, nscd_client_domain, privfd')
++application_domain(samba_net, `, nscd_client_domain')
+file_type_auto_trans(samba_net_t, samba_etc_t, samba_secrets_t, file)
+read_locale(samba_net_t)
+allow samba_net_t samba_etc_t:file r_file_perms;
@@ -371,6 +466,7 @@
+can_network_client(samba_net_t)
+allow samba_net_t smbd_port_t:tcp_socket name_connect;
+can_ldap(samba_net_t)
++allow samba_net_t newrole_t:fd use;
+can_kerberos(samba_net_t)
+allow samba_net_t urandom_device_t:chr_file r_file_perms;
+allow samba_net_t proc_t:dir search;
@@ -380,6 +476,7 @@
+allow samba_net_t self:process signal;
+tmp_domain(samba_net)
+dontaudit samba_net_t sysadm_home_dir_t:dir search;
++allow samba_net_t privfd:fd use;
diff --exclude-from=exclude -N -u -r nsapolicy/domains/program/unused/squid.te policy-1.25.1/domains/program/unused/squid.te
--- nsapolicy/domains/program/unused/squid.te 2005-07-06 17:15:07.000000000 -0400
+++ policy-1.25.1/domains/program/unused/squid.te 2005-07-06 17:29:15.000000000 -0400
@@ -392,31 +489,44 @@
+')
diff --exclude-from=exclude -N -u -r nsapolicy/domains/program/unused/winbind.te policy-1.25.1/domains/program/unused/winbind.te
--- nsapolicy/domains/program/unused/winbind.te 2005-05-25 11:28:10.000000000 -0400
-+++ policy-1.25.1/domains/program/unused/winbind.te 2005-07-06 19:23:53.000000000 -0400
-@@ -21,8 +21,11 @@
- type samba_log_t, file_type, sysadmfile, logfile;
++++ policy-1.25.1/domains/program/unused/winbind.te 2005-07-07 15:29:38.000000000 -0400
+@@ -22,7 +22,7 @@
type samba_var_t, file_type, sysadmfile;
type samba_secrets_t, file_type, sysadmfile;
-+allow smbd_t winbind_t:unix_stream_socket connectto;
-+allow smbd_t winbind_var_run_t:dir r_dir_perms;
-+allow smbd_t winbind_var_run_t:sock_file getattr;
')
-rw_dir_file(winbind_t, samba_etc_t)
+file_type_auto_trans(winbind_t, samba_etc_t, samba_secrets_t, file)
rw_dir_create_file(winbind_t, samba_log_t)
allow winbind_t samba_secrets_t:file rw_file_perms;
allow winbind_t self:unix_dgram_socket create_socket_perms;
-@@ -33,3 +36,10 @@
+@@ -33,3 +33,15 @@
can_kerberos(winbind_t)
allow winbind_t self:netlink_route_socket r_netlink_socket_perms;
allow winbind_t winbind_var_run_t:sock_file create_file_perms;
++allow initrc_t winbind_var_run_t:file r_file_perms;
+
+application_domain(winbind_helper, `, nscd_client_domain')
+access_terminal(winbind_helper_t, sysadm)
+read_locale(winbind_helper_t)
+r_dir_file(winbind_helper_t, samba_etc_t)
++r_dir_file(winbind_t, samba_etc_t)
+allow winbind_helper_t self:unix_dgram_socket create_socket_perms;
++allow winbind_helper_t self:unix_stream_socket create_stream_socket_perms;
+allow winbind_helper_t winbind_var_run_t:dir r_dir_perms;
++can_winbind(winbind_helper_t)
++allow winbind_helper_t privfd:fd use;
+diff --exclude-from=exclude -N -u -r nsapolicy/domains/program/unused/xdm.te policy-1.25.1/domains/program/unused/xdm.te
+--- nsapolicy/domains/program/unused/xdm.te 2005-07-06 17:15:07.000000000 -0400
++++ policy-1.25.1/domains/program/unused/xdm.te 2005-07-07 15:29:37.000000000 -0400
+@@ -69,7 +69,7 @@
+
+ #
+ # Use capabilities.
+-allow xdm_t self:capability { audit_control setgid setuid sys_resource kill sys_tty_config mknod chown dac_override dac_read_search fowner fsetid ipc_owner };
++allow xdm_t self:capability { setgid setuid sys_resource kill sys_tty_config mknod chown dac_override dac_read_search fowner fsetid ipc_owner };
+
+ allow xdm_t { urandom_device_t random_device_t }:chr_file { getattr read ioctl };
+
diff --exclude-from=exclude -N -u -r nsapolicy/file_contexts/program/cups.fc policy-1.25.1/file_contexts/program/cups.fc
--- nsapolicy/file_contexts/program/cups.fc 2005-07-06 17:15:07.000000000 -0400
+++ policy-1.25.1/file_contexts/program/cups.fc 2005-07-06 17:29:15.000000000 -0400
@@ -500,7 +610,7 @@
diff --exclude-from=exclude -N -u -r nsapolicy/macros/base_user_macros.te policy-1.25.1/macros/base_user_macros.te
--- nsapolicy/macros/base_user_macros.te 2005-07-06 17:15:07.000000000 -0400
-+++ policy-1.25.1/macros/base_user_macros.te 2005-07-06 17:35:02.000000000 -0400
++++ policy-1.25.1/macros/base_user_macros.te 2005-07-07 15:34:59.000000000 -0400
@@ -63,10 +63,8 @@
allow $1_t self:process execstack;
}
@@ -512,7 +622,15 @@
#
# kdeinit wants this access
-@@ -349,7 +347,7 @@
+@@ -244,6 +242,7 @@
+ can_network($1_t)
+ allow $1_t port_type:tcp_socket name_connect;
+ can_ypbind($1_t)
++can_winbind($1_t)
+
+ ifdef(`pamconsole.te', `
+ allow $1_t pam_var_console_t:dir search;
+@@ -349,7 +348,7 @@
allow $1_t devtty_t:chr_file rw_file_perms;
allow $1_t null_device_t:chr_file rw_file_perms;
allow $1_t zero_device_t:chr_file { rw_file_perms execute };
@@ -532,6 +650,20 @@
allow $1 ld_so_cache_t:file r_file_perms;
allow $1 device_t:dir search;
allow $1 null_device_t:chr_file rw_file_perms;
+diff --exclude-from=exclude -N -u -r nsapolicy/macros/network_macros.te policy-1.25.1/macros/network_macros.te
+--- nsapolicy/macros/network_macros.te 2005-07-06 17:15:07.000000000 -0400
++++ policy-1.25.1/macros/network_macros.te 2005-07-07 15:33:57.000000000 -0400
+@@ -168,3 +168,10 @@
+ allow $1 ldap_port_t:tcp_socket name_connect;
+ ')
+
++define(`can_winbind',`
++ifdef(`winbind.te', `
++allow $1 winbind_var_run_t:dir { getattr search };
++allow $1 winbind_t:unix_stream_socket connectto;
++allow $1 winbind_var_run_t:sock_file { getattr read write };
++')
++')
diff --exclude-from=exclude -N -u -r nsapolicy/macros/program/apache_macros.te policy-1.25.1/macros/program/apache_macros.te
--- nsapolicy/macros/program/apache_macros.te 2005-07-06 17:15:07.000000000 -0400
+++ policy-1.25.1/macros/program/apache_macros.te 2005-07-07 06:44:49.000000000 -0400
@@ -563,12 +695,12 @@
# apache should set close-on-exec
diff --exclude-from=exclude -N -u -r nsapolicy/macros/program/chkpwd_macros.te policy-1.25.1/macros/program/chkpwd_macros.te
--- nsapolicy/macros/program/chkpwd_macros.te 2005-06-01 06:11:23.000000000 -0400
-+++ policy-1.25.1/macros/program/chkpwd_macros.te 2005-07-06 19:35:03.000000000 -0400
++++ policy-1.25.1/macros/program/chkpwd_macros.te 2005-07-07 15:32:40.000000000 -0400
@@ -32,9 +32,16 @@
domain_auto_trans(auth_chkpwd, chkpwd_exec_t, system_chkpwd_t)
allow auth_chkpwd sbin_t:dir search;
allow auth_chkpwd self:netlink_audit_socket { create_netlink_socket_perms nlmsg_relay };
-+allow auth_chkpwd self:capability audit_write;
++allow auth_chkpwd self:capability { audit_write audit_control };
+
dontaudit system_chkpwd_t { user_tty_type tty_device_t }:chr_file rw_file_perms;
dontaudit auth_chkpwd shadow_t:file { getattr read };
Index: selinux-policy-targeted.spec
===================================================================
RCS file: /cvs/dist/rpms/selinux-policy-targeted/devel/selinux-policy-targeted.spec,v
retrieving revision 1.342
retrieving revision 1.343
diff -u -r1.342 -r1.343
--- selinux-policy-targeted.spec 7 Jul 2005 12:38:35 -0000 1.342
+++ selinux-policy-targeted.spec 7 Jul 2005 19:37:48 -0000 1.343
@@ -11,7 +11,7 @@
Summary: SELinux %{type} policy configuration
Name: selinux-policy-%{type}
Version: 1.25.1
-Release: 5
+Release: 6
License: GPL
Group: System Environment/Base
Source: http://www.nsa.gov/selinux/archives/policy-%{version}.tgz
@@ -237,6 +237,9 @@
exit 0
%changelog
+* Thu Jul 7 2005 Dan Walsh <dwalsh at redhat.com> 1.25.1-6
+- Fixes for winbind
+
* Thu Jul 7 2005 Dan Walsh <dwalsh at redhat.com> 1.25.1-5
- Allow cgi script to append to httpd_log_t
- More fixes for samba net command
More information about the fedora-cvs-commits
mailing list