rpms/selinux-policy-strict/devel policy-20050712.patch,1.3,1.4
fedora-cvs-commits at redhat.com
fedora-cvs-commits at redhat.com
Thu Jul 14 20:13:08 UTC 2005
Author: dwalsh
Update of /cvs/dist/rpms/selinux-policy-strict/devel
In directory cvs.devel.redhat.com:/tmp/cvs-serv29103
Modified Files:
policy-20050712.patch
Log Message:
* Thu Jul 14 2005 Dan Walsh <dwalsh at redhat.com> 1.25.2-3
- Fixup cyrus to read mail spool
- Fix vpnc.te, NetworkManager and others for strict policy
- Add isakmp port
policy-20050712.patch:
assert.te | 2 +-
attrib.te | 4 ++++
domains/program/ifconfig.te | 1 +
domains/program/initrc.te | 2 +-
domains/program/modutil.te | 2 +-
domains/program/unused/NetworkManager.te | 8 ++++++++
domains/program/unused/cvs.te | 10 ++++++++++
domains/program/unused/cyrus.te | 1 +
domains/program/unused/lvm.te | 2 +-
domains/program/unused/pamconsole.te | 2 +-
domains/program/unused/ping.te | 2 ++
domains/program/unused/pppd.te | 19 +++++++++++++++++++
domains/program/unused/radvd.te | 6 +++---
domains/program/unused/rlogind.te | 1 +
domains/program/unused/rpcd.te | 7 ++++---
domains/program/unused/saslauthd.te | 10 +++++++++-
domains/program/unused/squid.te | 1 +
domains/program/unused/udev.te | 4 ++--
domains/program/unused/vpnc.te | 15 +++++++++++++--
domains/program/unused/winbind.te | 2 ++
file_contexts/program/apache.fc | 2 ++
file_contexts/program/i18n_input.fc | 2 +-
file_contexts/program/pppd.fc | 1 +
file_contexts/program/vpnc.fc | 1 +
genfs_contexts | 1 +
macros/program/chkpwd_macros.te | 3 +++
net_contexts | 1 +
targeted/domains/program/crond.te | 9 ++++++---
tunables/distro.tun | 2 +-
tunables/tunable.tun | 4 ++--
types/file.te | 3 +++
types/network.te | 1 +
32 files changed, 108 insertions(+), 23 deletions(-)
Index: policy-20050712.patch
===================================================================
RCS file: /cvs/dist/rpms/selinux-policy-strict/devel/policy-20050712.patch,v
retrieving revision 1.3
retrieving revision 1.4
diff -u -r1.3 -r1.4
--- policy-20050712.patch 14 Jul 2005 20:11:36 -0000 1.3
+++ policy-20050712.patch 14 Jul 2005 20:13:04 -0000 1.4
@@ -154,7 +154,7 @@
domain_auto_trans(sysadm_t, ping_exec_t, ping_t)
diff --exclude-from=exclude -N -u -r nsapolicy/domains/program/unused/pppd.te policy-1.25.2/domains/program/unused/pppd.te
--- nsapolicy/domains/program/unused/pppd.te 2005-07-12 08:50:43.000000000 -0400
-+++ policy-1.25.2/domains/program/unused/pppd.te 2005-07-14 11:16:23.000000000 -0400
++++ policy-1.25.2/domains/program/unused/pppd.te 2005-07-14 11:19:52.000000000 -0400
@@ -102,3 +102,22 @@
allow pppd_t self:netlink_route_socket r_netlink_socket_perms;
allow pppd_t initrc_var_run_t:file r_file_perms;
@@ -167,9 +167,9 @@
+domain_auto_trans(pppd_t, insmod_exec_t, insmod_t)
+')
+}
-+daemon_domain(pppd)
++daemon_domain(pptp)
+can_network_client_tcp(pptp_t)
-+allow pptp_t { reserve_port_type port_t }:tcp_socket name_connect;
++allow pptp_t { reserved_port_type port_t }:tcp_socket name_connect;
+can_exec(pptp_t, hostname_exec_t)
+domain_auto_trans(pppd_t, pptp_exec_t, pptp_t)
+allow pptp_t self:rawip_socket create_socket_perms;
More information about the fedora-cvs-commits
mailing list