rpms/selinux-policy-targeted/devel policy-20050606.patch, 1.6, 1.7 selinux-policy-targeted.spec, 1.320, 1.321

Thu Jun 16 20:23:19 UTC 2005

Author: dwalsh

Update of /cvs/dist/rpms/selinux-policy-targeted/devel
In directory cvs.devel.redhat.com:/tmp/cvs-serv22103

Modified Files:
	policy-20050606.patch selinux-policy-targeted.spec 
Log Message:
* Thu Jun 16 2005 Dan Walsh <dwalsh at redhat.com> 1.23.18-9
- Update Ivan trusted/untrusted patch
- add texrel_shlib_t to targeted


policy-20050606.patch:
 Makefile                              |   14 -
 attrib.te                             |    2 
 domains/misc/kernel.te                |    7 
 domains/misc/local.te                 |    5 
 domains/program/fsadm.te              |    5 
 domains/program/init.te               |    4 
 domains/program/initrc.te             |   10 +
 domains/program/klogd.te              |    2 
 domains/program/login.te              |    2 
 domains/program/modutil.te            |    2 
 domains/program/mount.te              |    4 
 domains/program/restorecon.te         |    5 
 domains/program/ssh.te                |    2 
 domains/program/syslogd.te            |    2 
 domains/program/unused/acct.te        |    2 
 domains/program/unused/alsa.te        |   17 ++
 domains/program/unused/apache.te      |    2 
 domains/program/unused/bonobo.te      |    9 +
 domains/program/unused/consoletype.te |    2 
 domains/program/unused/cups.te        |   30 ++++
 domains/program/unused/dhcpc.te       |    5 
 domains/program/unused/ethereal.te    |   48 ++++++
 domains/program/unused/evolution.te   |   13 +
 domains/program/unused/gconf.te       |   12 +
 domains/program/unused/gift.te        |    1 
 domains/program/unused/gnome.te       |    7 
 domains/program/unused/gnome_vfs.te   |    9 +
 domains/program/unused/gpg.te         |    3 
 domains/program/unused/i18n_input.te  |    1 
 domains/program/unused/iceauth.te     |   12 +
 domains/program/unused/mozilla.te     |    6 
 domains/program/unused/mysqld.te      |    3 
 domains/program/unused/orbit.te       |    7 
 domains/program/unused/pam.te         |    5 
 domains/program/unused/pamconsole.te  |    2 
 domains/program/unused/ping.te        |    2 
 domains/program/unused/rpcd.te        |    3 
 domains/program/unused/thunderbird.te |    9 +
 domains/program/unused/udev.te        |    2 
 domains/program/unused/utempter.te    |    5 
 domains/program/unused/xdm.te         |   22 ++-
 domains/program/unused/xserver.te     |    3 
 domains/user.te                       |   14 +
 file_contexts/distros.fc              |   18 --
 file_contexts/program/alsa.fc         |    3 
 file_contexts/program/apache.fc       |    2 
 file_contexts/program/bonobo.fc       |    1 
 file_contexts/program/cups.fc         |    3 
 file_contexts/program/ethereal.fc     |    3 
 file_contexts/program/evolution.fc    |    8 +
 file_contexts/program/fontconfig.fc   |    6 
 file_contexts/program/gconf.fc        |    5 
 file_contexts/program/gnome.fc        |    8 +
 file_contexts/program/gnome_vfs.fc    |    1 
 file_contexts/program/iceauth.fc      |    3 
 file_contexts/program/irc.fc          |    2 
 file_contexts/program/mozilla.fc      |    4 
 file_contexts/program/orbit.fc        |    3 
 file_contexts/program/thunderbird.fc  |    2 
 file_contexts/program/xauth.fc        |    1 
 file_contexts/program/xdm.fc          |    1 
 file_contexts/program/xserver.fc      |    2 
 file_contexts/types.fc                |    2 
 macros/admin_macros.te                |   12 +
 macros/base_user_macros.te            |   75 ++++++----
 macros/content_macros.te              |  185 ++++++++++++++++++++++++++
 macros/global_macros.te               |  121 +----------------
 macros/home_macros.te                 |  130 ++++++++++++++++++
 macros/program/bonobo_macros.te       |  119 ++++++++++++++++
 macros/program/dbusd_macros.te        |    3 
 macros/program/ethereal_macros.te     |   83 +++++++++++
 macros/program/evolution_macros.te    |  241 ++++++++++++++++++++++++++++++++++
 macros/program/fontconfig_macros.te   |   38 ++++-
 macros/program/games_domain.te        |   38 +----
 macros/program/gconf_macros.te        |   56 +++++++
 macros/program/gift_macros.te         |   60 ++------
 macros/program/gnome_macros.te        |  115 ++++++++++++++++
 macros/program/gnome_vfs_macros.te    |   49 ++++++
 macros/program/gpg_agent_macros.te    |    1 
 macros/program/gpg_macros.te          |   45 ------
 macros/program/ice_macros.te          |   38 +++++
 macros/program/iceauth_macros.te      |   40 +++++
 macros/program/irc_macros.te          |    1 
 macros/program/lpr_macros.te          |   24 ---
 macros/program/mail_client_macros.te  |   48 ++++++
 macros/program/mozilla_macros.te      |  131 ++++++------------
 macros/program/mplayer_macros.te      |   15 +-
 macros/program/orbit_macros.te        |   44 ++++++
 macros/program/pyzor_macros.te        |    1 
 macros/program/razor_macros.te        |    1 
 macros/program/spamassassin_macros.te |    9 -
 macros/program/ssh_agent_macros.te    |    3 
 macros/program/thunderbird_macros.te  |   57 ++++++++
 macros/program/tvtime_macros.te       |    1 
 macros/program/userhelper_macros.te   |    3 
 macros/program/x_client_macros.te     |   12 -
 macros/program/xauth_macros.te        |    1 
 macros/program/xdm_macros.te          |   11 +
 macros/program/xserver_macros.te      |   17 +-
 macros/user_macros.te                 |    8 -
 mls                                   |   41 ++---
 net_contexts                          |   29 ++--
 targeted/domains/program/crond.te     |    2 
 targeted/domains/unconfined.te        |   10 -
 tunables/distro.tun                   |    2 
 tunables/tunable.tun                  |    4 
 types/device.te                       |    7 
 types/devpts.te                       |    2 
 types/file.te                         |    8 +
 types/network.te                      |    8 -
 types/security.te                     |    2 
 111 files changed, 1816 insertions(+), 535 deletions(-)

Index: policy-20050606.patch
===================================================================
RCS file: /cvs/dist/rpms/selinux-policy-targeted/devel/policy-20050606.patch,v
retrieving revision 1.6
retrieving revision 1.7
diff -u -r1.6 -r1.7

--- policy-20050606.patch	15 Jun 2005 18:38:31 -0000	1.6
+++ policy-20050606.patch	16 Jun 2005 20:23:17 -0000	1.7
@@ -150,7 +150,7 @@
  role sysadm_r types insmod_t;
 diff --exclude-from=exclude -N -u -r nsapolicy/domains/program/mount.te policy-1.23.18/domains/program/mount.te
 --- nsapolicy/domains/program/mount.te	2005-05-25 11:28:09.000000000 -0400
-+++ policy-1.23.18/domains/program/mount.te	2005-06-08 09:04:15.000000000 -0400
++++ policy-1.23.18/domains/program/mount.te	2005-06-16 14:01:56.000000000 -0400
 @@ -11,7 +11,7 @@
  
  type mount_exec_t, file_type, sysadmfile, exec_type;
@@ -160,6 +160,15 @@
  mount_loopback_privs(sysadm, mount)
  role sysadm_r types mount_t;
  role system_r types mount_t;
+@@ -68,7 +68,7 @@
+ # for localization
+ allow mount_t lib_t:file { getattr read };
+ allow mount_t autofs_t:dir read;
+-allow mount_t fs_t:filesystem relabelfrom;
++allow mount_t fs_type:filesystem relabelfrom;
+ #
+ # This rule needs to be generalized.  Only admin, initrc should have it.
+ #
 diff --exclude-from=exclude -N -u -r nsapolicy/domains/program/restorecon.te policy-1.23.18/domains/program/restorecon.te
 --- nsapolicy/domains/program/restorecon.te	2005-05-25 11:28:09.000000000 -0400
 +++ policy-1.23.18/domains/program/restorecon.te	2005-06-10 14:11:36.000000000 -0400
@@ -468,6 +477,18 @@
 +type gnome_vfs_exec_t, file_type, exec_type, sysadmfile;
 +
 +# Everything else is in macros/gnome_vfs_macros.te
+diff --exclude-from=exclude -N -u -r nsapolicy/domains/program/unused/gpg.te policy-1.23.18/domains/program/unused/gpg.te
+--- nsapolicy/domains/program/unused/gpg.te	2005-05-25 11:28:10.000000000 -0400
++++ policy-1.23.18/domains/program/unused/gpg.te	2005-06-16 14:01:02.000000000 -0400
+@@ -11,8 +11,5 @@
+ allow sysadm_gpg_t { home_root_t user_home_dir_type }:dir search;
+ allow sysadm_gpg_t ptyfile:chr_file rw_file_perms;
+ 
+-# Allow gpg exec stack
+-bool allow_gpg_execstack false;
+-
+ # Everything else is in the gpg_domain macro in
+ # macros/program/gpg_macros.te.
 diff --exclude-from=exclude -N -u -r nsapolicy/domains/program/unused/i18n_input.te policy-1.23.18/domains/program/unused/i18n_input.te
 --- nsapolicy/domains/program/unused/i18n_input.te	2005-05-07 00:41:09.000000000 -0400
 +++ policy-1.23.18/domains/program/unused/i18n_input.te	2005-06-08 09:04:15.000000000 -0400
@@ -492,9 +513,25 @@
 +
 +# Everything else is in the iceauth_domain macro in
 +# macros/program/iceauth_macros.te.
+diff --exclude-from=exclude -N -u -r nsapolicy/domains/program/unused/mozilla.te policy-1.23.18/domains/program/unused/mozilla.te
+--- nsapolicy/domains/program/unused/mozilla.te	2005-04-27 10:28:51.000000000 -0400
++++ policy-1.23.18/domains/program/unused/mozilla.te	2005-06-16 14:02:17.000000000 -0400
+@@ -8,12 +8,6 @@
+ type mozilla_exec_t, file_type, sysadmfile, exec_type;
+ type mozilla_conf_t, file_type, sysadmfile;
+ 
+-# Allow mozilla to read files in the user home directory
+-bool mozilla_readhome false;
+-
+-# Allow mozilla to write files in the user home directory
+-bool mozilla_writehome false;
+-
+ # Run in user_t
+ bool disable_mozilla_trans false;
+ 
 diff --exclude-from=exclude -N -u -r nsapolicy/domains/program/unused/mysqld.te policy-1.23.18/domains/program/unused/mysqld.te
 --- nsapolicy/domains/program/unused/mysqld.te	2005-05-25 11:28:10.000000000 -0400
-+++ policy-1.23.18/domains/program/unused/mysqld.te	2005-06-15 10:44:50.000000000 -0400
++++ policy-1.23.18/domains/program/unused/mysqld.te	2005-06-15 16:29:50.000000000 -0400
 @@ -10,7 +10,7 @@
  #
  # mysqld_exec_t is the type of the mysqld executable.
@@ -504,6 +541,11 @@
  
  type mysqld_port_t, port_type;
  allow mysqld_t mysqld_port_t:tcp_socket name_bind;
+@@ -89,3 +89,4 @@
+ }
+ ')
+ 
++allow mysqld_t self:netlink_route_socket r_netlink_socket_perms;
 diff --exclude-from=exclude -N -u -r nsapolicy/domains/program/unused/orbit.te policy-1.23.18/domains/program/unused/orbit.te
 --- nsapolicy/domains/program/unused/orbit.te	1969-12-31 19:00:00.000000000 -0500
 +++ policy-1.23.18/domains/program/unused/orbit.te	2005-06-08 09:04:15.000000000 -0400
@@ -603,7 +645,7 @@
  
 diff --exclude-from=exclude -N -u -r nsapolicy/domains/program/unused/xdm.te policy-1.23.18/domains/program/unused/xdm.te
 --- nsapolicy/domains/program/unused/xdm.te	2005-05-25 11:28:10.000000000 -0400
-+++ policy-1.23.18/domains/program/unused/xdm.te	2005-06-10 14:11:54.000000000 -0400
++++ policy-1.23.18/domains/program/unused/xdm.te	2005-06-16 14:02:27.000000000 -0400
 @@ -269,7 +269,6 @@
  allow xdm_xserver_t self:capability mknod;
  allow xdm_xserver_t sysctl_modprobe_t:file { getattr read };
@@ -624,7 +666,7 @@
  # Search home directories.
  allow xdm_xserver_t user_home_type:dir search;
  allow xdm_xserver_t user_home_type:file { getattr read };
-@@ -319,7 +323,6 @@
+@@ -319,16 +323,20 @@
  # Should fix exec of pam_timestamp_check is not closing xdm file descriptor
  #
  ifdef(`pam.te', `
@@ -632,7 +674,10 @@
  allow xdm_t pam_var_run_t:dir create_dir_perms;
  allow xdm_t pam_var_run_t:file create_file_perms;
  allow pam_t xdm_t:fifo_file { getattr ioctl write };
-@@ -329,6 +332,11 @@
+-can_exec(xdm_t, pam_console_exec_t)
++domain_auto_trans(xdm_t, pam_console_exec_t, pam_console_t)
+ can_exec(xdm_t, pam_exec_t)
+ # For pam_console
  rw_dir_create_file(xdm_t, pam_var_console_t)
  ')
  
@@ -652,8 +697,8 @@
 +# Allow gdm to run gdm-binary
 +can_exec(xdm_t, xdm_exec_t)
 +
-+# Supress getattr check on .ICE-unix
-+dontaudit xdm_t ice_tmp_t:dir getattr;
++# Supress permission check on .ICE-unix
++dontaudit xdm_t ice_tmp_t:dir { getattr setattr };
 +
 +#### Also see xdm_macros.te
 diff --exclude-from=exclude -N -u -r nsapolicy/domains/program/unused/xserver.te policy-1.23.18/domains/program/unused/xserver.te
@@ -669,9 +714,41 @@
  # Everything else is in the xserver_domain macro in
  # macros/program/xserver_macros.te.
  
+diff --exclude-from=exclude -N -u -r nsapolicy/domains/user.te policy-1.23.18/domains/user.te
+--- nsapolicy/domains/user.te	2005-06-01 06:11:22.000000000 -0400
++++ policy-1.23.18/domains/user.te	2005-06-16 14:02:34.000000000 -0400
+@@ -4,6 +4,16 @@
+ 
+ # Booleans for user domains.
+ 
++# Allow applications to read untrusted content
++# If this is disallowed, Internet content has
++# to be manually relabeled for read access to be granted
++bool read_untrusted_content false;
++
++# Allow applications to write untrusted content
++# If this is disallowed, no Internet content
++# will be stored.
++bool write_untrusted_content false;
++
+ # Allow users to read system messages.
+ bool user_dmesg false;
+ 
+@@ -79,9 +89,9 @@
+ dontaudit $1_su_t { sysadm_home_t staff_home_t }:file create_file_perms;
+ ') dnl ifdef su.te
+ ifdef(`xauth.te', `
+-file_type_auto_trans($1_xauth_t, sysadm_home_dir_t, sysadm_home_xauth_t,file)
++file_type_auto_trans($1_xauth_t, sysadm_home_dir_t, sysadm_xauth_home_t,file)
+ ifdef(`userhelper.te', `
+-file_type_auto_trans($1_userhelper_t, sysadm_home_dir_t, sysadm_home_xauth_t,file)
++file_type_auto_trans($1_userhelper_t, sysadm_home_dir_t, sysadm_xauth_home_t,file)
+ ') dnl userhelper.te 
+ ') dnl xauth.te 
+ ') dnl reach_sysadm
 diff --exclude-from=exclude -N -u -r nsapolicy/file_contexts/distros.fc policy-1.23.18/file_contexts/distros.fc
 --- nsapolicy/file_contexts/distros.fc	2005-05-25 11:28:10.000000000 -0400
-+++ policy-1.23.18/file_contexts/distros.fc	2005-06-10 14:11:54.000000000 -0400
++++ policy-1.23.18/file_contexts/distros.fc	2005-06-16 14:02:43.000000000 -0400
 @@ -1,7 +1,6 @@
  ifdef(`distro_redhat', `
  /usr/share/system-config-network(/netconfig)?/[^/]+\.py -- system_u:object_r:bin_t
@@ -680,7 +757,29 @@
  /etc/sysconfig/network-scripts/.*resolv\.conf -- system_u:object_r:net_conf_t
  /usr/share/rhn/rhn_applet/applet\.py -- system_u:object_r:bin_t
  /usr/share/rhn/rhn_applet/eggtrayiconmodule\.so -- system_u:object_r:shlib_t
-@@ -156,7 +155,7 @@
+@@ -89,18 +88,9 @@
+ /usr/X11R6/lib/modules/dri/.*\.so		-- system_u:object_r:texrel_shlib_t
+ /usr/X11R6/lib/libOSMesa\.so.*			-- system_u:object_r:texrel_shlib_t
+ /usr/lib/libHermes\.so.*			-- system_u:object_r:texrel_shlib_t
+-/usr/lib/valgrind/libpthread\.so		-- system_u:object_r:texrel_shlib_t
+-/usr/lib/valgrind/vgpreload_addrcheck\.so	-- system_u:object_r:texrel_shlib_t
+-/usr/lib/valgrind/vgpreload_memcheck\.so	-- system_u:object_r:texrel_shlib_t
+-/usr/lib/valgrind/vgskin_addrcheck\.so		-- system_u:object_r:texrel_shlib_t
+-/usr/lib/valgrind/vgskin_cachegrind\.so		-- system_u:object_r:texrel_shlib_t
+-/usr/lib/valgrind/vgskin_callgrind\.so		-- system_u:object_r:texrel_shlib_t
+-/usr/lib/valgrind/vgskin_corecheck\.so		-- system_u:object_r:texrel_shlib_t
+-/usr/lib/valgrind/vgskin_helgrind\.so		-- system_u:object_r:texrel_shlib_t
+-/usr/lib/valgrind/vgskin_lackey\.so		-- system_u:object_r:texrel_shlib_t
+-/usr/lib/valgrind/vgskin_massif\.so		-- system_u:object_r:texrel_shlib_t
+-/usr/lib/valgrind/vgskin_memcheck\.so		-- system_u:object_r:texrel_shlib_t
+-/usr/lib/valgrind/vgskin_none\.so		-- system_u:object_r:texrel_shlib_t
++/usr/lib/valgrind/hp2ps				-- system_u:object_r:texrel_shlib_t
++/usr/lib/valgrind/stage2			-- system_u:object_r:texrel_shlib_t
++/usr/lib/valgrind/vg.*\.so			-- system_u:object_r:texrel_shlib_t
+ /usr/lib/.*/program/libicudata\.so.*		-- system_u:object_r:texrel_shlib_t
+ /usr/lib/.*/program/libsts645li\.so		-- system_u:object_r:texrel_shlib_t
+ /usr/lib/.*/program/libvclplug_gen645li\.so	-- system_u:object_r:texrel_shlib_t
+@@ -156,7 +146,7 @@
  /usr(/.*)?/Reader/intellinux/plug_ins/.*\.api	-- system_u:object_r:shlib_t
  /usr(/.*)?/Reader/intellinux/plug_ins/AcroForm\.api	-- system_u:object_r:texrel_shlib_t
  /usr(/.*)?/Reader/intellinux/plug_ins/EScript\.api	-- system_u:object_r:texrel_shlib_t
@@ -787,19 +886,29 @@
 +# iceauth
 +/usr/X11R6/bin/iceauth	--      system_u:object_r:iceauth_exec_t
 +HOME_DIR/\.ICEauthority.* --      system_u:object_r:ROLE_iceauth_home_t
+diff --exclude-from=exclude -N -u -r nsapolicy/file_contexts/program/irc.fc policy-1.23.18/file_contexts/program/irc.fc
+--- nsapolicy/file_contexts/program/irc.fc	2005-02-24 14:51:09.000000000 -0500
++++ policy-1.23.18/file_contexts/program/irc.fc	2005-06-16 14:02:54.000000000 -0400
+@@ -2,4 +2,4 @@
+ /usr/bin/[st]irc	--	system_u:object_r:irc_exec_t
+ /usr/bin/ircII		--	system_u:object_r:irc_exec_t
+ /usr/bin/tinyirc	--	system_u:object_r:irc_exec_t
+-HOME_DIR/\.ircmotd	--	system_u:object_r:ROLE_home_irc_t
++HOME_DIR/\.ircmotd	--	system_u:object_r:ROLE_irc_home_t
 diff --exclude-from=exclude -N -u -r nsapolicy/file_contexts/program/mozilla.fc policy-1.23.18/file_contexts/program/mozilla.fc
 --- nsapolicy/file_contexts/program/mozilla.fc	2005-03-11 15:31:06.000000000 -0500
-+++ policy-1.23.18/file_contexts/program/mozilla.fc	2005-06-08 09:04:15.000000000 -0400
-@@ -3,9 +3,6 @@
++++ policy-1.23.18/file_contexts/program/mozilla.fc	2005-06-16 14:03:04.000000000 -0400
+@@ -3,10 +3,6 @@
  HOME_DIR/\.netscape(/.*)?	system_u:object_r:ROLE_mozilla_home_t
  HOME_DIR/\.mozilla(/.*)?	system_u:object_r:ROLE_mozilla_home_t
  HOME_DIR/\.phoenix(/.*)?	system_u:object_r:ROLE_mozilla_home_t
 -HOME_DIR/\.gconfd(/.*)?		system_u:object_r:ROLE_mozilla_home_t
 -HOME_DIR/\.gconf(/.*)?		system_u:object_r:ROLE_mozilla_home_t
 -HOME_DIR/\.gnome2/epiphany(/.*)? system_u:object_r:ROLE_mozilla_home_t
- HOME_DIR/My.Downloads(/.*)?	system_u:object_r:ROLE_mozilla_home_t
+-HOME_DIR/My.Downloads(/.*)?	system_u:object_r:ROLE_mozilla_home_t
  HOME_DIR/\.java(/.*)?		system_u:object_r:ROLE_mozilla_home_t
  /usr/bin/netscape	--	system_u:object_r:mozilla_exec_t
+ /usr/bin/mozilla	--	system_u:object_r:mozilla_exec_t
 diff --exclude-from=exclude -N -u -r nsapolicy/file_contexts/program/orbit.fc policy-1.23.18/file_contexts/program/orbit.fc
 --- nsapolicy/file_contexts/program/orbit.fc	1969-12-31 19:00:00.000000000 -0500
 +++ policy-1.23.18/file_contexts/program/orbit.fc	2005-06-10 14:12:06.000000000 -0400
@@ -863,16 +972,20 @@
  
 diff --exclude-from=exclude -N -u -r nsapolicy/macros/admin_macros.te policy-1.23.18/macros/admin_macros.te
 --- nsapolicy/macros/admin_macros.te	2005-05-25 11:28:10.000000000 -0400
-+++ policy-1.23.18/macros/admin_macros.te	2005-06-10 14:12:08.000000000 -0400
-@@ -23,6 +23,7 @@
++++ policy-1.23.18/macros/admin_macros.te	2005-06-16 14:03:14.000000000 -0400
+@@ -22,7 +22,10 @@
+ # Type and access for pty devices.
  can_create_pty($1, `, admin_tty_type')
  
- tmp_domain($1, `, $1_file_type', `{ file dir lnk_file sock_file fifo_file }')
+-tmp_domain($1, `, $1_file_type', `{ file dir lnk_file sock_file fifo_file }')
++# Transition manually for { lnk sock fifo }. The rest is in content macros.
++tmp_domain_notrans($1, `, $1_file_type')
++file_type_auto_trans($1_t, tmp_t, $1_tmp_t, { lnk_file sock_file fifo_file })
 +allow $1_t $1_tmp_t:{ dir file } { relabelto relabelfrom };
  
  # Type for tty devices.
  type $1_tty_device_t, sysadmfile, ttyfile, dev_fs, admin_tty_type;
-@@ -131,7 +132,7 @@
+@@ -131,7 +134,7 @@
  allow xdm_t $1_home_t:lnk_file read;
  allow xdm_t $1_home_t:dir search;
  }
@@ -881,7 +994,7 @@
  ')dnl end ifdef xauth.te
  ')dnl end ifdef xdm.te
  
-@@ -213,5 +214,8 @@
+@@ -213,5 +216,8 @@
  # Set a context other than the default one for newly created files.
  can_setfscreate($1)
  
@@ -893,35 +1006,77 @@
  
 diff --exclude-from=exclude -N -u -r nsapolicy/macros/base_user_macros.te policy-1.23.18/macros/base_user_macros.te
 --- nsapolicy/macros/base_user_macros.te	2005-06-01 06:11:23.000000000 -0400
-+++ policy-1.23.18/macros/base_user_macros.te	2005-06-13 11:54:27.000000000 -0400
-@@ -22,6 +22,14 @@
++++ policy-1.23.18/macros/base_user_macros.te	2005-06-16 14:03:21.000000000 -0400
+@@ -2,12 +2,6 @@
+ # Macros for all user login domains.
+ #
+ 
+-define(`network_home_dir', `
+-create_dir_file($1, $2)
+-can_exec($1, $2)
+-allow $1 $2:{ sock_file fifo_file } create_file_perms;
+-')
+-
+ #
+ # base_user_domain(domain_prefix)
+ #
+@@ -22,6 +16,30 @@
  undefine(`base_user_domain')
  define(`base_user_domain', `
  
 +# Type for network-obtained content
-+type $1_untrusted_content_t, file_type, $1_file_type, sysadmfile, customizable;
-+bool $1_access_untrusted_content false;
-+if ($1_access_untrusted_content) {
-+rw_dir_file($1_t, $1_untrusted_content_t) 
-+}
-+#allow $1_t $1_untrusted_content_t:{ dir file } { relabelto relabelfrom };
++type $1_untrusted_content_t, file_type, $1_file_type, sysadmfile, customizable, polymember;
++type $1_untrusted_content_tmp_t, file_type, $1_file_type, sysadmfile, tmpfile, customizable, polymember;
++
++# Allow user to relabel untrusted content
++allow $1_t $1_untrusted_content_t:{ dir file } { getattr unlink relabelto relabelfrom };
++allow $1_t $1_untrusted_content_tmp_t:{ dir file } { getattr unlink relabelto relabelfrom };
++
++# Read content
++read_content($1_t, $1)
++
++# Write trusted content. This includes proper transition
++# for /home, and /tmp, so no other transition is necessary (or allowed)
++write_trusted($1_t, $1)
++
++# Maybe the home directory is networked
++network_home($1_t)
++
++# Transition for { lnk, fifo, sock }. The rest is covered by write_trusted.
++# Relabel files in the home directory 
++file_type_auto_trans($1_t, $1_home_dir_t, $1_home_t, { fifo_file sock_file lnk_file }); 
++allow $1_t $1_home_t:{ notdevfile_class_set dir } { relabelfrom relabelto };
++can_setfscreate($1_t)
 +
  allow $1_t self:capability { setgid chown fowner };
  dontaudit $1_t self:capability { sys_nice fsetid };
  
-@@ -85,6 +93,11 @@
- allow $1_t $1_home_t:{ notdevfile_class_set dir } { relabelfrom relabelto };
- can_setfscreate($1_t)
- 
+@@ -80,20 +98,10 @@
+ # allow ptrace
+ can_ptrace($1_t, $1_t)
+ 
+-# Create, access, and remove files in home directory.
+-file_type_auto_trans($1_t, $1_home_dir_t, $1_home_t)
+-allow $1_t $1_home_t:{ notdevfile_class_set dir } { relabelfrom relabelto };
+-can_setfscreate($1_t)
+-
+-allow $1_t autofs_t:dir { search getattr };
+-
+-if (use_nfs_home_dirs) {
+-network_home_dir($1_t, nfs_t)
+-}
+-
+-if (use_samba_home_dirs) {
+-network_home_dir($1_t, cifs_t)
+-}
 +# Allow user to run restorecon and relabel files
 +can_getsecurity($1_t)
 +r_dir_file($1_t, default_context_t)
 +r_dir_file($1_t, file_context_t)
-+
- allow $1_t autofs_t:dir { search getattr };
  
- if (use_nfs_home_dirs) {
-@@ -182,10 +195,11 @@
+ can_exec($1_t, { removable_t noexattrfile } )
+ if (user_rw_noexattrfile) {
+@@ -182,10 +190,11 @@
  ifdef(`screen.te', `screen_domain($1)')
  ifdef(`tvtime.te', `tvtime_domain($1)')
  ifdef(`mozilla.te', `mozilla_domain($1)')
@@ -934,7 +1089,7 @@
  ifdef(`startx.te', `xserver_domain($1)')
  ifdef(`lpr.te', `lpr_domain($1)')
  ifdef(`ssh.te', `ssh_domain($1)')
-@@ -196,10 +210,24 @@
+@@ -196,10 +205,24 @@
  ifdef(`uml.te', `uml_domain($1)')
  ifdef(`cdrecord.te', `cdrecord_domain($1)')
  ifdef(`mplayer.te', `mplayer_domains($1)')
@@ -960,7 +1115,7 @@
  # Instantiate a derived domain for user cron jobs.
  ifdef(`crond.te', `crond_domain($1)')
  
-@@ -294,8 +322,6 @@
+@@ -294,8 +317,6 @@
  x_client_domain($1, $1)
  
  ifdef(`xserver.te', `
@@ -969,7 +1124,18 @@
  allow $1_t xserver_misc_device_t:{ chr_file blk_file } rw_file_perms;
  ')
  
-@@ -375,8 +401,6 @@
+@@ -354,6 +375,10 @@
+ 
+ r_dir_file($1_t, src_t)
+ 
++# Allow user to read default_t files
++# This is different from reading default_t content, 
++# because it also includes sockets, fifos, and links
++
+ if (read_default_t) {
+ allow $1_t default_t:dir r_dir_perms;
+ allow $1_t default_t:notdevfile_class_set r_file_perms;
+@@ -375,8 +400,6 @@
  dontaudit $1_t self:socket create;
  dontaudit $1_t sysctl_net_t:dir search;
  
@@ -978,9 +1144,198 @@
  ifdef(`rpcd.te', `
  create_dir_file($1_t, nfsd_rw_t)
  ')
+diff --exclude-from=exclude -N -u -r nsapolicy/macros/content_macros.te policy-1.23.18/macros/content_macros.te
+--- nsapolicy/macros/content_macros.te	1969-12-31 19:00:00.000000000 -0500
++++ policy-1.23.18/macros/content_macros.te	2005-06-16 14:03:21.000000000 -0400
+@@ -0,0 +1,185 @@
++# Content access macros
++
++# FIXME: After nested booleans are supported, replace NFS/CIFS
++# w/ read_network_home, and write_network_home macros from global
++
++# FIXME: If true/false constant booleans are supported, replace
++# ugly $3 ifdefs with if(true), if(false)...
++
++# FIXME: Do we want write to imply read?
++
++############################################################
++# read_content(domain, role_prefix, bool_prefix)
++#
++# Allow the given domain to read content.
++# Content may be trusted or untrusted,
++# Reading anything is subject to a controlling boolean based on bool_prefix.
++# Reading untrusted content is additionally subject to read_untrusted_content
++# Reading default_t is additionally subject to read_default_t
++
++define(`read_content', `
++
++# Declare controlling boolean
++ifelse($3, `', `', `
++ifdef(`$3_read_content_defined', `', `
++define(`$3_read_content_defined')
++bool $3_read_content false;
++') dnl ifdef 
++') dnl ifelse
++
++# Handle nfs home dirs
++ifelse($3, `', 
++`if (use_nfs_home_dirs) { ', 
++`if ($3_read_content && use_nfs_home_dirs) {')
++allow $1 { autofs_t home_root_t }:dir { read search getattr };
++r_dir_file($1, nfs_t)
++} else {
++dontaudit $1 { autofs_t home_root_t }:dir { read search getattr };
++dontaudit $1 nfs_t:file r_file_perms;
++dontaudit $1 nfs_t:dir r_dir_perms;
++}
++
++# Handle samba home dirs
++ifelse($3, `',
++`if (use_samba_home_dirs) { ',
++`if ($3_read_content && use_samba_home_dirs) {')
++allow $1 { autofs_t home_root_t }:dir { read search getattr };
++r_dir_file($1, cifs_t)
++} else {
++dontaudit $1 { autofs_t home_root_t }:dir { read search getattr };
++dontaudit $1 cifs_t:file r_file_perms;
++dontaudit $1 cifs_t:dir r_dir_perms;
++}
++
++# Handle removable media, /tmp, and /home
++ifelse($3, `', `', 
++`if ($3_read_content) {')
++allow $1 { tmp_t home_root_t $2_home_dir_t }:dir { read getattr search };
++r_dir_file($1, { removable_t $2_tmp_t $2_home_t } )
++
++ifelse($3, `', `', 
++`} else {
++dontaudit $1 { tmp_t home_root_t $2_home_dir_t }:dir { read getattr search };
++dontaudit $1 { removable_t $2_tmp_t $2_home_t }:dir r_dir_perms;
++dontaudit $1 { removable_t $2_tmp_t $2_home_t }:file r_file_perms;
++}') 
++
++# Handle default_t content
++ifelse($3, `',
++`if (read_default_t) { ',
++`if ($3_read_content && read_default_t) {')
++r_dir_file($1, default_t)
++} else {
++dontaudit $1 default_t:file r_file_perms;
++dontaudit $1 default_t:dir r_dir_perms;
++} 
++
++# Handle untrusted content
++ifelse($3, `',
++`if (read_untrusted_content) { ',
++`if ($3_read_content && read_untrusted_content) {')
++allow $1 { tmp_t home_root_t $2_home_dir_t }:dir { read getattr search };
++r_dir_file($1, { $2_untrusted_content_t $2_untrusted_content_tmp_t })
++} else {
++dontaudit $1 { tmp_t home_root_t $2_home_dir_t }:dir { read getattr search };
++dontaudit $1 { $2_untrusted_content_t $2_untrusted_content_tmp_t }:dir r_dir_perms;
++dontaudit $1 { $2_untrusted_content_t $2_untrusted_content_tmp_t }:file r_file_perms;
++}
++') dnl read_content
++
++#################################################
++# write_trusted(domain, role_prefix, bool_prefix)
++#
++# Allow the given domain to write trusted content.
++# This is subject to a controlling boolean based
++# on bool_prefix.
++
++define(`write_trusted', `
++
++# Declare controlling boolean
++ifelse($3, `', `', `
++ifdef(`$3_write_content_defined', `', `
++define(`$3_write_content_defined')
++bool $3_write_content false;
++') dnl ifdef
++') dnl ifelse
++
++# Handle nfs homedirs
++ifelse($3, `',
++`if (use_nfs_home_dirs) { ',
++`if ($3_write_content && use_nfs_home_dirs) {')
++allow $1 { autofs_t home_root_t }:dir { read search getattr };
++create_dir_file($1, nfs_t)
++} else {
++dontaudit $1 { autofs_t home_root_t }:dir { read search getattr };
++dontaudit $1 nfs_t:file create_file_perms;
++dontaudit $1 nfs_t:dir create_dir_perms;
++}
++
++# Handle samba homedirs
++ifelse($3, `',
++`if (use_samba_home_dirs) { ',
++`if ($3_write_content && use_samba_home_dirs) {')
++allow $1 { autofs_t home_root_t }:dir { read search getattr };
++create_dir_file($1, cifs_t)
++} else {
++dontaudit $1 { autofs_t home_root_t }:dir { read search getattr };
++dontaudit $1 cifs_t:file create_file_perms;
++dontaudit $1 cifs_t:dir create_dir_perms;
++}
++
++# Handle /tmp and /home
++ifelse($3, `', `', 
++`if ($3_write_content) {') 
++allow $1 home_root_t:dir { read getattr search };
++file_type_auto_trans($1, tmp_t, $2_tmp_t, { dir file });
++file_type_auto_trans($1, $2_home_dir_t, $2_home_t, { dir file });
++ifelse($3, `', `', 
++`} else {
++dontaudit $1 { tmp_t home_root_t $2_home_dir_t }:dir { read getattr search };
++dontaudit $1 { $2_tmp_t $2_home_t }:file create_file_perms;
++dontaudit $1 { $2_tmp_t $2_home_t }:dir create_dir_perms;
++}')
++
++') dnl write_trusted
++
++#########################################
++# write_untrusted(domain, role_prefix)
++#
++# Allow the given domain to write untrusted content. 
++# This is subject to the global boolean write_untrusted.
++
++define(`write_untrusted', `
++
++# Handle nfs homedirs
++if (write_untrusted_content && use_nfs_home_dirs) {
++allow $1 { autofs_t home_root_t }:dir { read search getattr };
++create_dir_file($1, nfs_t)
++} else {
++dontaudit $1 { autofs_t home_root_t }:dir { read search getattr };
++dontaudit $1 nfs_t:file create_file_perms;
++dontaudit $1 nfs_t:dir create_dir_perms;
++}
++
++# Handle samba homedirs
++if (write_untrusted_content && use_samba_home_dirs) {
++allow $1 { autofs_t home_root_t }:dir { read search getattr };
++create_dir_file($1, cifs_t)
++} else {
++dontaudit $1 { autofs_t home_root_t }:dir { read search getattr };
++dontaudit $1 cifs_t:file create_file_perms;
++dontaudit $1 cifs_t:dir create_dir_perms;
++}
++
++# Handle /tmp and /home
++if (write_untrusted_content) {
++allow $1 home_root_t:dir { read getattr search };
++file_type_auto_trans($1, { tmp_t $2_tmp_t }, $2_untrusted_content_tmp_t, { dir file })
++file_type_auto_trans($1, { $2_home_dir_t $2_home_t }, $2_untrusted_content_t, { dir file })
++} else {
++dontaudit $1 { tmp_t home_root_t $2_home_dir_t }:dir { read getattr search };
++dontaudit $1 { $2_tmp_t $2_home_t }:file create_file_perms;
++dontaudit $1 { $2_tmp_t $2_home_t }:dir create_dir_perms;
++}
++
++') dnl write_untrusted
 diff --exclude-from=exclude -N -u -r nsapolicy/macros/global_macros.te policy-1.23.18/macros/global_macros.te
 --- nsapolicy/macros/global_macros.te	2005-05-25 11:28:10.000000000 -0400
-+++ policy-1.23.18/macros/global_macros.te	2005-06-10 14:12:09.000000000 -0400
++++ policy-1.23.18/macros/global_macros.te	2005-06-16 14:03:27.000000000 -0400
 @@ -60,7 +60,7 @@
  # read_sysctl(domain)
  #
@@ -999,69 +1354,138 @@
  # sysadmin should not transition to the domain when directly calling the executable
  #
  # Author:  Russell Coker <russell at coker.com.au>
-@@ -520,11 +520,13 @@
- ') dnl home_domain_ro_access
- 
- ####################################################################
--# home_domain_access(source, user, app)
-+# home_domain_access(source, user, app, trans_classes)
- #
- # Gives source full access to the home
- # domain of app for the given user type
- #
-+# You can also specify the transition classes
-+# By default the only trans. class in /home is dir
- 
- define(`home_domain_access', `
- 
-@@ -538,16 +540,24 @@
- }
- allow $1 autofs_t:dir { search getattr };
+@@ -442,6 +442,11 @@
+ `file_type_auto_trans($1_t, tmp_t, $1_tmp_t, `$3')')
+ ')
  
--file_type_auto_trans($1, $2_home_dir_t, $2_$3_home_t)
-+create_dir_file($1, $2_$3_home_t)
-+
-+ifelse($4, `', `
-+file_type_auto_trans($1, $2_home_dir_t, $2_$3_home_t, dir)
-+', `
-+file_type_auto_trans($1, $2_home_dir_t, $2_$3_home_t, $4)
++# grant access to /tmp. Do not perform an automatic transition.
++define(`tmp_domain_notrans', `
++type $1_tmp_t, file_type, sysadmfile, polymember, tmpfile $2;
 +')
++
+ define(`tmpfs_domain', `
+ ifdef(`$1_tmpfs_t_defined',`', `
+ define(`$1_tmpfs_t_defined')
+@@ -496,105 +501,6 @@
+ file_type_auto_trans($1_t, var_lock_t, $1_lock_t, file)
+ ')
  
- ') dnl home_domain_access
- 
- ####################################################################
+-####################################################################
+-# home_domain_ro_access(source, user, app) 
+-# 
+-# Gives source access to the read-only home
+-# domain of app for the given user type
+-#
+-
+-define(`home_domain_ro_access', `
+-
+-allow $1 home_root_t:dir search;
+-
+-if (use_nfs_home_dirs) {
+-r_dir_file($1, nfs_t)
+-}
+-if (use_samba_home_dirs) {
+-r_dir_file($1, cifs_t)
+-}
+-allow $1 autofs_t:dir { search getattr };
+-
+-r_dir_file($1, $2_$3_ro_home_t)
+-
+-') dnl home_domain_ro_access
+-
+-####################################################################
+-# home_domain_access(source, user, app)
+-#
+-# Gives source full access to the home
+-# domain of app for the given user type
+-#
+-
+-define(`home_domain_access', `
+-
+-allow $1 home_root_t:dir search;
+-
+-if (use_nfs_home_dirs) {
+-create_dir_file($1, nfs_t)
+-}
+-if (use_samba_home_dirs) {
+-create_dir_file($1, cifs_t)
+-}
+-allow $1 autofs_t:dir { search getattr };
+-
+-file_type_auto_trans($1, $2_home_dir_t, $2_$3_home_t)
+-
+-') dnl home_domain_access
+-
+-####################################################################
 -# home_domain (prefix, app)
-+# home_domain (prefix, app, trans_classes)
- #
- # Creates a domain in the prefix home where an application can
+-#
+-# Creates a domain in the prefix home where an application can
 -# store its settings. It's accessible by the prefix domain.
-+# store its settings. It is accessible by the prefix domain.
- #
-+# You can also specify the transition classes
-+# By default the only trans. class in /home is dir
- 
- define(`home_domain', `
- 
-@@ -565,15 +575,15 @@
- allow $1_t $1_$2_home_t:{ dir file lnk_file } { relabelfrom relabelto };
- 
- # App side access
+-#
+-
+-define(`home_domain', `
+-
+-# Declare home domain
+-# FIXME: the second alias is problematic because
+-# home_domain and home_domain_ro cannot be used in parallel
+-# Remove the second alias when compatibility is no longer an issue
+-
+-type $1_$2_home_t, file_type, $1_file_type, sysadmfile;
+-typealias $1_$2_home_t alias $1_$2_rw_t;
+-typealias $1_$2_home_t alias $1_home_$2_t;
+-
+-# User side access
+-create_dir_file($1_t, $1_$2_home_t)
+-allow $1_t $1_$2_home_t:{ dir file lnk_file } { relabelfrom relabelto };
+-
+-# App side access
 -home_domain_access($1_$2_t, $1, $2)
-+home_domain_access($1_$2_t, $1, $2, $3)
- ')
- 
- ####################################################################
- # home_domain_ro (user, app)
- #
- # Creates a read-only domain in the user home where an application can
+-')
+-
+-####################################################################
+-# home_domain_ro (user, app)
+-#
+-# Creates a read-only domain in the user home where an application can
 -# store its settings. It's fully accessible by the user, but
 -# it's read-only for the application.
-+# store its settings. It is fully accessible by the user, but
-+# it is read-only for the application.
+-#
+-
+-define(`home_domain_ro', `
+-
+-# Declare home domain
+-# FIXME: the second alias is problematic because
+-# home_domain and home_domain_ro cannot be used in parallel
+-# Remove the second alias when compatibility is no longer an issue
+-
+-type $1_$2_ro_home_t, file_type, $1_file_type, sysadmfile;
+-typealias $1_$2_ro_home_t alias $1_$2_ro_t;
+-typealias $1_$2_ro_home_t alias $1_home_$2_t;
+-
+-# User side access
+-create_dir_file($1_t, $1_$2_ro_home_t)
+-allow $1_t $1_$2_ro_home_t:{ dir file lnk_file } { relabelfrom relabelto };
+-
+-# App side access
+-home_domain_ro_access($1_$2_t, $1, $2)
+-')
+-
+ #######################
+ # application_domain(domain_prefix)
  #
+@@ -763,8 +669,12 @@
+ 
+ if (allow_execmod) {
+ # Allow text relocations on system shared libraries, e.g. libGL.
++ifdef(`targeted_policy', `
++allow $1 file_type:file execmod;
++', `
+ allow $1 texrel_shlib_t:file execmod;
+ allow $1 home_type:file execmod;
++')
+ }
  
- define(`home_domain_ro', `
-@@ -797,12 +807,3 @@
+ # Create/access any System V IPC objects.
+@@ -797,12 +707,3 @@
  ')
  
  ')dnl end unconfined_domain
@@ -1074,6 +1498,140 @@
 -r_dir_file($1, fonts_t)
 -')
 -
+diff --exclude-from=exclude -N -u -r nsapolicy/macros/home_macros.te policy-1.23.18/macros/home_macros.te
+--- nsapolicy/macros/home_macros.te	1969-12-31 19:00:00.000000000 -0500
++++ policy-1.23.18/macros/home_macros.te	2005-06-16 14:03:27.000000000 -0400
+@@ -0,0 +1,130 @@
++# Home macros
++
++################################################
++# network_home(source)
++#
++# Allows source domain to use a network home
++# This includes privileges of create and execute
++# as well as the ability to create sockets and fifo
++
++define(`network_home', `
++allow $1 autofs_t:dir { search getattr };
++
++if (use_nfs_home_dirs) {
++create_dir_file($1, nfs_t)
++can_exec($1, nfs_t)
++allow $1 nfs_t:{ sock_file fifo_file } create_file_perms;
++}
++
++if (use_samba_home_dirs) {
++create_dir_file($1, cifs_t)
++can_exec($1, cifs_t)
++allow $1 cifs_t:{ sock_file fifo_file } create_file_perms;
++}
++') dnl network_home
++
++################################################
++# write_network_home(source)
++#
++# Allows source domain to create directories and
++# files on network file system
++
++define(`write_network_home', `
++allow $1 home_root_t:dir search;
++
++if (use_nfs_home_dirs) {
++create_dir_file($1, nfs_t)
++}
++if (use_samba_home_dirs) {
++create_dir_file($1, cifs_t)
++}
++allow $1 autofs_t:dir { search getattr };
++') dnl write_network_home
++
++################################################
++# read_network_home(source)
++#
++# Allows source domain to read directories and
++# files on network file system
++
++define(`read_network_home', `
++allow $1 home_root_t:dir search;
++
++if (use_nfs_home_dirs) {
++r_dir_file($1, nfs_t)
++}
++if (use_samba_home_dirs) {
++r_dir_file($1, cifs_t)
++}
++allow $1 autofs_t:dir { search getattr };
++') dnl read_network_home
++
++##################################################
++# home_domain_ro_access(source, user, app)
++#
++# Gives source access to the read-only home
++# domain of app for the given user type
++
++define(`home_domain_ro_access', `
++allow $1 { home_root_t $2_home_dir_t }:dir { search getattr };
++read_network_home($1)
++r_dir_file($1, $2_$3_ro_home_t)
++') dnl home_domain_ro_access
++
++#################################################
++# home_domain_access(source, user, app)
++#
++# Gives source full access to the home
++# domain of app for the given user type
++#
++# Requires transition in caller
++
++define(`home_domain_access', `
++allow $1 { home_root_t $2_home_dir_t }:dir { search getattr };
++write_network_home($1)
++create_dir_file($1, $2_$3_home_t)
++') dnl home_domain_access
++
++####################################################################
++# home_domain (prefix, app)
++#
++# Creates a domain in the prefix home where an application can
++# store its settings. It is accessible by the prefix domain.
++#
++# Requires transition in caller
++
++define(`home_domain', `
++
++# Declare home domain
++type $1_$2_home_t, file_type, $1_file_type, sysadmfile, polymember;
++typealias $1_$2_home_t alias $1_$2_rw_t;
++
++# User side access
++create_dir_file($1_t, $1_$2_home_t)
++allow $1_t $1_$2_home_t:{ dir file lnk_file } { relabelfrom relabelto };
++
++# App side access
++home_domain_access($1_$2_t, $1, $2)
++')
++
++####################################################################
++# home_domain_ro (user, app)
++#
++# Creates a read-only domain in the user home where an application can
++# store its settings. It is fully accessible by the user, but
++# it is read-only for the application.
++#
++
++define(`home_domain_ro', `
++
++# Declare home domain
++type $1_$2_ro_home_t, file_type, $1_file_type, sysadmfile;
++typealias $1_$2_ro_home_t alias $1_$2_ro_t;
++
++# User side access
++create_dir_file($1_t, $1_$2_ro_home_t)
++allow $1_t $1_$2_ro_home_t:{ dir file lnk_file } { relabelfrom relabelto };
++
++# App side access
++home_domain_ro_access($1_$2_t, $1, $2)
++')
 diff --exclude-from=exclude -N -u -r nsapolicy/macros/program/bonobo_macros.te policy-1.23.18/macros/program/bonobo_macros.te
 --- nsapolicy/macros/program/bonobo_macros.te	1969-12-31 19:00:00.000000000 -0500
 +++ policy-1.23.18/macros/program/bonobo_macros.te	2005-06-10 14:12:09.000000000 -0400
@@ -1212,8 +1770,8 @@
  allow $1_dbusd_t self:unix_stream_socket create_stream_socket_perms;
 diff --exclude-from=exclude -N -u -r nsapolicy/macros/program/ethereal_macros.te policy-1.23.18/macros/program/ethereal_macros.te
 --- nsapolicy/macros/program/ethereal_macros.te	1969-12-31 19:00:00.000000000 -0500
-+++ policy-1.23.18/macros/program/ethereal_macros.te	2005-06-13 11:53:36.000000000 -0400
-@@ -0,0 +1,82 @@
++++ policy-1.23.18/macros/program/ethereal_macros.te	2005-06-16 14:03:35.000000000 -0400
+@@ -0,0 +1,83 @@
 +# DESC - Ethereal  
 +#
 +# Author: Ivan Gyurdiev <ivg2 at cornell.edu>
@@ -1254,11 +1812,12 @@
 +role $1_r types $1_ethereal_t;
 +
 +# Manual transition from userhelper 
++# FIXME: Need to handle the fallback case, which requires userhelper support
 +ifdef(`userhelper.te', `
-+allow $1_userhelper_t { sysadm_ethereal_t $1_ethereal_t }:process { transition siginh rlimitinh noatsecure };
-+allow sysadm_ethereal_t $1_userhelper_t:fd use;
-+allow sysadm_ethereal_t $1_userhelper_t:process sigchld;
-+')
++allow userhelperdomain sysadm_ethereal_t:process { transition siginh rlimitinh noatsecure };
++allow sysadm_ethereal_t userhelperdomain:fd use;
++allow sysadm_ethereal_t userhelperdomain:process sigchld;
++') dnl userhelper
 +
 +# X, GNOME
 +x_client_domain($1_ethereal, $1)
@@ -1298,8 +1857,8 @@
 +') dnl ethereal_domain 
 diff --exclude-from=exclude -N -u -r nsapolicy/macros/program/evolution_macros.te policy-1.23.18/macros/program/evolution_macros.te
 --- nsapolicy/macros/program/evolution_macros.te	1969-12-31 19:00:00.000000000 -0500
-+++ policy-1.23.18/macros/program/evolution_macros.te	2005-06-10 14:12:11.000000000 -0400
-@@ -0,0 +1,238 @@
++++ policy-1.23.18/macros/program/evolution_macros.te	2005-06-16 14:03:45.000000000 -0400
+@@ -0,0 +1,241 @@
 +#
 +# Evolution   
 +#
@@ -1363,6 +1922,9 @@
 +can_network_client_tcp($1_evolution_server_t, ldap_port_t)
 +allow $1_evolution_server_t ldap_port_t:tcp_socket name_connect;
 +
++# Look in /etc/pki
++allow $1_evolution_server_t cert_t:dir r_dir_perms;
++
 +') dnl evolution_data_server
 +
 +#######################################
@@ -1439,7 +2001,7 @@
 +
 +# /tmp/.exchange-$USER
 +tmp_domain($1_evolution_exchange)
-+  
++ 
 +# Allow netstat
 +allow $1_evolution_exchange_t bin_t:dir search; 
 +can_exec($1_evolution_exchange_t, bin_t)
@@ -1447,6 +2009,9 @@
 +allow $1_evolution_exchange_t sysctl_net_t:dir search;
 +allow $1_evolution_exchange_t self:{ udp_socket tcp_socket } create_socket_perms;
 +
++# Clock applet talks to exchange (FIXME: Needs policy)
++bonobo_connect($1, $1_evolution_exchange)
++
 +# FIXME: policy incomplete
 +
 +') dnl evolution_exchange
@@ -1481,9 +2046,6 @@
 +# Access .evolution
 +home_domain($1, evolution)
 +
-+# Store documents in /tmp (to print, etc..)
-+tmp_domain($1_evolution)
-+
 +# Store passwords in .gnome2_private
 +gnome_private_store($1_evolution, $1) 
 +
@@ -1683,8 +2245,8 @@
  
 diff --exclude-from=exclude -N -u -r nsapolicy/macros/program/gconf_macros.te policy-1.23.18/macros/program/gconf_macros.te
 --- nsapolicy/macros/program/gconf_macros.te	1969-12-31 19:00:00.000000000 -0500
-+++ policy-1.23.18/macros/program/gconf_macros.te	2005-06-10 14:12:12.000000000 -0400
-@@ -0,0 +1,55 @@
++++ policy-1.23.18/macros/program/gconf_macros.te	2005-06-16 14:03:50.000000000 -0400
+@@ -0,0 +1,56 @@
 +#
 +# GConfd daemon  
 +#
@@ -1710,6 +2272,7 @@
 +
 +# Access .gconfd and .gconf
 +home_domain($1, gconfd)
++file_type_auto_trans($1_gconfd_t, $1_home_dir_t, $1_gconfd_home_t, dir)
 +
 +# Access /etc/gconf
 +r_dir_file($1_gconfd_t, gconf_etc_t)
@@ -1742,7 +2305,7 @@
 +') dnl gconf_client 
 diff --exclude-from=exclude -N -u -r nsapolicy/macros/program/gift_macros.te policy-1.23.18/macros/program/gift_macros.te
 --- nsapolicy/macros/program/gift_macros.te	2005-05-25 11:28:10.000000000 -0400
-+++ policy-1.23.18/macros/program/gift_macros.te	2005-06-10 14:12:12.000000000 -0400
++++ policy-1.23.18/macros/program/gift_macros.te	2005-06-16 14:03:56.000000000 -0400
 @@ -17,59 +17,31 @@
  domain_auto_trans($1_t, gift_exec_t, $1_gift_t)
  role $1_r types $1_gift_t;
@@ -1752,13 +2315,14 @@
  x_client_domain($1_gift, $1)
 +gnome_application($1_gift, $1)
  home_domain($1, gift)
- tmp_domain($1_gift)
- 
+-tmp_domain($1_gift)
+-
 -uses_shlib($1_gift_t)
 -read_locale($1_gift_t)
 -read_sysctl($1_gift_t)
 -access_terminal($1_gift_t, $1)
--
++file_type_auto_trans($1_gift_t, $1_home_dir_t, $1_gift_home_t, dir)
+ 
  # Allow the user domain to signal/ps.
  can_ps($1_t, $1_gift_t)
  allow $1_t $1_gift_t:process signal_perms;
@@ -1809,7 +2373,7 @@
  
  ') dnl gift_domain
  
-@@ -103,23 +75,22 @@
+@@ -103,23 +75,23 @@
  
  # Access home domain
  home_domain_access($1_giftd_t, $1, gift)
@@ -1817,6 +2381,7 @@
 -# Allow networking
 -allow $1_giftd_t port_t:tcp_socket { name_bind name_connect };
 -allow $1_giftd_t port_t:udp_socket name_bind;
++file_type_auto_trans($1_gift_t, $1_home_dir_t, $1_gift_home_t, dir)
 +
 +# Serve content on various p2p networks. Ports can be random.
  can_network_server($1_giftd_t)
@@ -2026,8 +2591,81 @@
  read_fonts($1_gpg_pinentry_t, $1)
 diff --exclude-from=exclude -N -u -r nsapolicy/macros/program/gpg_macros.te policy-1.23.18/macros/program/gpg_macros.te
 --- nsapolicy/macros/program/gpg_macros.te	2005-04-27 10:28:55.000000000 -0400
-+++ policy-1.23.18/macros/program/gpg_macros.te	2005-06-10 14:12:14.000000000 -0400
-@@ -139,8 +139,7 @@
++++ policy-1.23.18/macros/program/gpg_macros.te	2005-06-16 14:04:02.000000000 -0400
+@@ -23,6 +23,7 @@
+ 
+ # Transition from the user domain to the derived domain.
+ domain_auto_trans($1_t, gpg_exec_t, $1_gpg_t)
++role $1_r types $1_gpg_t;
+ 
+ can_network($1_gpg_t)
+ allow $1_gpg_t port_type:tcp_socket name_connect;
+@@ -31,20 +32,6 @@
+ # for a bug in kmail
+ dontaudit $1_gpg_t $1_t:unix_stream_socket { getattr read write };
+ 
+-# The user role is authorized for this domain.
+-role $1_r types $1_gpg_t;
+-
+-# Legacy
+-if (allow_gpg_execstack) {
+-legacy_domain($1_gpg)
+-allow $1_gpg_t locale_t:file execute;
+-
+-# Not quite sure why this is needed... 
+-allow $1_gpg_t gpg_exec_t:file execmod;
+-}
+-
+-allow $1_t $1_gpg_secret_t:file getattr;
+-
+ allow $1_gpg_t device_t:dir r_dir_perms;
+ allow $1_gpg_t { random_device_t urandom_device_t }:chr_file r_file_perms;
+ 
+@@ -68,38 +55,21 @@
+ 
+ uses_shlib($1_gpg_t)
+ 
+-# should not need read access...
+-allow $1_gpg_t home_root_t:dir { read search };
+-
+-# use $1_gpg_secret_t for files it creates
+-# NB we are doing the type transition for directory creation only!
+-# so ~/.gnupg will be of $1_gpg_secret_t, then files created under it such as
+-# secring.gpg will be of $1_gpg_secret_t too.  But when you use gpg to decrypt
+-# a file and write output to your home directory it will use user_home_t.
+-file_type_auto_trans($1_gpg_t, $1_home_dir_t, $1_gpg_secret_t, dir)
++# Access .gnupg
+ rw_dir_create_file($1_gpg_t, $1_gpg_secret_t)
+ 
+-file_type_auto_trans($1_gpg_t, $1_home_dir_t, $1_home_t, file)
+-create_dir_file($1_gpg_t, $1_home_t)
+-
+-# allow the usual access to /tmp
+-file_type_auto_trans($1_gpg_t, tmp_t, $1_tmp_t)
++# Read content to encrypt/decrypt/sign
++read_content($1_gpg_t, $1)
+ 
+-if (use_nfs_home_dirs) {
+-create_dir_file($1_gpg_t, nfs_t)
+-}
+-if (use_samba_home_dirs) {
+-create_dir_file($1_gpg_t, cifs_t)
+-}
++# Write content to encrypt/decrypt/sign
++write_trusted($1_gpg_t, $1)
+ 
+ allow $1_gpg_t self:capability { ipc_lock setuid };
+-rw_dir_create_file($1_gpg_t, $1_file_type)
+ 
+ allow $1_gpg_t { etc_t usr_t }:dir r_dir_perms;
+ allow $1_gpg_t fs_t:filesystem getattr;
+ allow $1_gpg_t usr_t:file r_file_perms;
+ read_locale($1_gpg_t)
+-allow $1_t $1_gpg_secret_t:dir rw_dir_perms;
+ 
+ dontaudit $1_gpg_t var_t:dir search;
+ 
+@@ -139,8 +109,7 @@
  dontaudit $1_gpg_helper_t var_t:dir search;
  
  ifdef(`xdm.te', `
@@ -2039,8 +2677,8 @@
  ')dnl end gpg_domain definition
 diff --exclude-from=exclude -N -u -r nsapolicy/macros/program/iceauth_macros.te policy-1.23.18/macros/program/iceauth_macros.te
 --- nsapolicy/macros/program/iceauth_macros.te	1969-12-31 19:00:00.000000000 -0500
-+++ policy-1.23.18/macros/program/iceauth_macros.te	2005-06-10 14:12:14.000000000 -0400
-@@ -0,0 +1,39 @@
++++ policy-1.23.18/macros/program/iceauth_macros.te	2005-06-16 14:04:08.000000000 -0400
+@@ -0,0 +1,40 @@
 +#
 +# Macros for iceauth domains.
 +#
@@ -2058,7 +2696,8 @@
 +role $1_r types $1_iceauth_t;
 +
 +# Store .ICEauthority files
-+home_domain($1, iceauth, file)
++home_domain($1, iceauth)
++file_type_auto_trans($1_iceauth_t, $1_home_dir_t, $1_iceauth_home_t, file)
 +
 +# Supress xdm trying to restore .ICEauthority permissions
 +ifdef(`xdm.te', `
@@ -2122,10 +2761,50 @@
 +allow $1_t $2_ice_tmp_t:sock_file { read write };
 +allow $1_t $2_t:unix_stream_socket { read write };
 +')
+diff --exclude-from=exclude -N -u -r nsapolicy/macros/program/irc_macros.te policy-1.23.18/macros/program/irc_macros.te
+--- nsapolicy/macros/program/irc_macros.te	2005-05-25 11:28:10.000000000 -0400
++++ policy-1.23.18/macros/program/irc_macros.te	2005-06-16 14:04:14.000000000 -0400
+@@ -21,6 +21,7 @@
+ 
+ # Home domain
+ home_domain($1, irc)
++file_type_auto_trans($1_irc_t, $1_home_dir_t, $1_irc_home_t, dir)
+ 
+ # Derived domain based on the calling user domain and the program.
+ type $1_irc_t, domain;
 diff --exclude-from=exclude -N -u -r nsapolicy/macros/program/lpr_macros.te policy-1.23.18/macros/program/lpr_macros.te
 --- nsapolicy/macros/program/lpr_macros.te	2005-04-27 10:28:55.000000000 -0400
-+++ policy-1.23.18/macros/program/lpr_macros.te	2005-06-10 14:12:15.000000000 -0400
-@@ -115,8 +115,7 @@
++++ policy-1.23.18/macros/program/lpr_macros.te	2005-06-16 14:04:23.000000000 -0400
+@@ -53,7 +53,6 @@
+ ')
+ 
+ tmp_domain($1_lpr)
+-r_dir_file($1_lpr_t, $1_tmp_t)
+ 
+ # Type for spool files.
+ type $1_print_spool_t, file_type, sysadmfile;
+@@ -72,18 +71,8 @@
+ allow $1_lpr_t privfd:fd use;
+ 
+ # Read user files. 
+-allow sysadm_lpr_t { home_root_t $1_home_t $1_home_dir_t }:dir search;  
+-allow sysadm_lpr_t $1_home_t:{ file lnk_file } r_file_perms;  
+-allow $1_lpr_t { home_root_t $1_home_t $1_home_dir_t }:dir search;  
+-allow $1_lpr_t $1_home_t:{ file lnk_file } r_file_perms;  
+-
+-if (use_nfs_home_dirs) {
+-r_dir_file($1_lpr_t, nfs_t)
+-}
+-
+-if (use_samba_home_dirs) {
+-r_dir_file($1_lpr_t, cifs_t)
+-}
++read_content(sysadm_lpr_t, $1) 
++read_content($1_lpr_t, $1)
+ 
+ # Read and write shared files in the spool directory.
+ allow $1_lpr_t print_spool_t:file rw_file_perms;
+@@ -115,8 +104,7 @@
  ')dnl end if lpd.te
  
  ifdef(`xdm.te', `
@@ -2135,20 +2814,28 @@
  ')
  
  ifdef(`cups.te', `
+@@ -125,11 +113,5 @@
+ can_tcp_connect({ $1_lpr_t $1_t }, cupsd_t)
+ ')dnl end ifdef cups.te
+ 
+-ifdef(`hide_broken_symptoms', `
+-# thunderbird causes these
+-dontaudit $1_lpr_t $1_t:tcp_socket { read write };
+-dontaudit $1_lpr_t { $1_home_t $1_tmp_t }:file write;
+-')
+-
+ ')dnl end macro definition
+ 
 diff --exclude-from=exclude -N -u -r nsapolicy/macros/program/mail_client_macros.te policy-1.23.18/macros/program/mail_client_macros.te
 --- nsapolicy/macros/program/mail_client_macros.te	1969-12-31 19:00:00.000000000 -0500
-+++ policy-1.23.18/macros/program/mail_client_macros.te	2005-06-08 09:04:15.000000000 -0400
-@@ -0,0 +1,60 @@
++++ policy-1.23.18/macros/program/mail_client_macros.te	2005-06-16 14:04:31.000000000 -0400
+@@ -0,0 +1,48 @@
 +#
 +# Shared macro for mail clients
 +#
 +# Author: Ivan Gyurdiev <ivg2 at cornell.edu>
 +#
 +
-+# Home access
-+bool mail_writehome false;
-+bool mail_readhome false;
-+
 +########################################
 +# mail_client_domain(client, role_prefix)
 +#
@@ -2177,31 +2864,23 @@
 +ifdef(`lpr.te', `
 +domain_auto_trans($1_t, lpr_exec_t, $2_lpr_t)
 +')
-+# FIXME - common type needed for internet content
-+allow $2_lpr_t $1_tmp_t:file r_file_perms;
 +
-+# Save mail in the home directory
-+# FIXME - common type needed for internet content
-+if (mail_writehome) {
-+file_type_auto_trans($1_t, { $2_home_t $2_home_dir_t }, $1_home_t, file)
-+}
++# Attachments
++read_content($1_t, $2, mail)
 +
-+# Read home (for attachments) 
-+if (mail_readhome || mail_writehome) {
-+r_dir_file($1_t, $2_home_t)
-+}
++# Save mail
++write_untrusted($1_t, $2)
 +
 +# Encrypt mail
 +ifdef(`gpg.te', `
 +domain_auto_trans($1_t, gpg_exec_t, $2_gpg_t)
-+# FIXME - common type needed for internet content
-+allow $2_gpg_t $1_tmp_t:file r_file_perms;
++allow $1_t $2_gpg_t:process signal;
 +')
 +
 +')
 diff --exclude-from=exclude -N -u -r nsapolicy/macros/program/mozilla_macros.te policy-1.23.18/macros/program/mozilla_macros.te
 --- nsapolicy/macros/program/mozilla_macros.te	2005-05-25 11:28:10.000000000 -0400
-+++ policy-1.23.18/macros/program/mozilla_macros.te	2005-06-08 22:57:41.000000000 -0400
++++ policy-1.23.18/macros/program/mozilla_macros.te	2005-06-16 14:04:39.000000000 -0400
 @@ -15,6 +15,11 @@
  # The type declaration for the executable type for this program is
  # provided separately in domains/program/mozilla.te. 
@@ -2214,7 +2893,7 @@
  define(`mozilla_domain',`
  
  type $1_mozilla_t, domain, web_client_domain, nscd_client_domain, privlog;
-@@ -29,21 +34,18 @@
+@@ -29,23 +34,25 @@
  home_domain($1, mozilla)
  x_client_domain($1_mozilla, $1)
  
@@ -2238,13 +2917,20 @@
 -read_locale($1_mozilla_t)
 -read_sysctl($1_mozilla_t)
 -access_terminal($1_mozilla_t, $1)
++# Browse the web, connect to printer
 +can_resolve($1_mozilla_t)
-+can_network_client_tcp($1_mozilla_t, { http_port_t http_cache_port_t ftp_port_t } )
-+allow $1_mozilla_t { http_port_t http_cache_port_t ftp_port_t }:tcp_socket name_connect;
++can_network_client_tcp($1_mozilla_t, { http_port_t http_cache_port_t ftp_port_t ipp_port_t } )
++allow $1_mozilla_t { http_port_t http_cache_port_t ftp_port_t ipp_port_t }:tcp_socket name_connect;
++
++# Should not need other ports
++dontaudit $1_mozilla_t port_t:tcp_socket { name_connect name_bind };
  
  allow $1_mozilla_t sound_device_t:chr_file rw_file_perms;
++dontaudit $1_mozilla_t dri_device_t:chr_file rw_file_perms;
  
-@@ -55,21 +57,14 @@
+ # Unrestricted inheritance from the caller.
+ allow $1_t $1_mozilla_t:process { noatsecure siginh rlimitinh };
+@@ -55,21 +62,21 @@
  can_ps($1_t, $1_mozilla_t)
  allow $1_t $1_mozilla_t:process signal_perms;
  
@@ -2253,23 +2939,33 @@
 -
 -allow $1_mozilla_t usr_t:{ lnk_file file } { getattr read };
 -
- # Access /proc
+-# Access /proc
++# Access /proc, sysctl
  allow $1_mozilla_t proc_t:dir search;
  allow $1_mozilla_t proc_t:file { getattr read };
  allow $1_mozilla_t proc_t:lnk_file read;
++allow $1_mozilla_t sysctl_net_t:dir search;
++allow $1_mozilla_t sysctl_t:dir search;
  
++# /var/lib
++allow $1_mozilla_t var_lib_t:dir search;
  allow $1_mozilla_t var_lib_t:file { getattr read };
 -allow $1_mozilla_t { random_device_t urandom_device_t }:chr_file { getattr ioctl read };
++
++# Self permissions
  allow $1_mozilla_t self:socket create_socket_perms;
  allow $1_mozilla_t self:file { getattr read };
 -allow $1_mozilla_t self:fifo_file rw_file_perms;
++allow $1_mozilla_t self:sem create_sem_perms;
  
  # for bash - old mozilla binary
  can_exec($1_mozilla_t, mozilla_exec_t)
-@@ -83,10 +78,6 @@
- 
- allow $1_mozilla_t { var_t var_lib_t }:dir search;
+@@ -81,92 +88,46 @@
+ allow $1_mozilla_t self:lnk_file read;
+ r_dir_file($1_mozilla_t, proc_net_t)
  
+-allow $1_mozilla_t { var_t var_lib_t }:dir search;
+-
 -# Allow mozilla to read /etc/mtab, /etc/nsswitch.conf
 -allow $1_mozilla_t etc_t:file { getattr read };
 -allow $1_mozilla_t etc_runtime_t:file { getattr read };
@@ -2277,9 +2973,15 @@
  # interacting with gstreamer
  r_dir_file($1_mozilla_t, var_t)
  
-@@ -96,14 +87,6 @@
- # Execute downloaded programs.
- can_exec($1_mozilla_t, $1_mozilla_tmp_t)
+-# Write files to tmp
+-tmp_domain($1_mozilla)
++# Uploads, local html
++read_content($1_mozilla_t, $1, mozilla) 
+ 
+-# Execute downloaded programs.
+-can_exec($1_mozilla_t, $1_mozilla_tmp_t)
++# Save web pages
++write_untrusted($1_mozilla_t, $1)
  
 -# ORBit sockets
 -file_type_auto_trans($1_mozilla_t, $1_tmp_t, $1_mozilla_tmp_t)
@@ -2289,71 +2991,138 @@
 -allow $1_mozilla_t $1_tmp_t:sock_file { read write };
 -dontaudit $1_mozilla_t $1_tmp_t:dir setattr;
 -
- # Allow mozilla to read user home content
- if (mozilla_readhome || mozilla_writehome) {
- r_dir_file($1_mozilla_t, $1_home_t)
-@@ -113,10 +96,11 @@
- }
+-# Allow mozilla to read user home content
+-if (mozilla_readhome || mozilla_writehome) {
+-r_dir_file($1_mozilla_t, $1_home_t)
+-} else {
+-dontaudit $1_mozilla_t $1_home_t:dir setattr;
+-dontaudit $1_mozilla_t $1_home_t:file setattr;
+-}
++# Mozpluggerrc
++allow $1_mozilla_t mozilla_conf_t:file r_file_perms;
  
- if (mozilla_writehome) {
+-if (mozilla_writehome) {
 -file_type_auto_trans($1_mozilla_t, $1_home_t, $1_mozilla_home_t)
 -allow $1_mozilla_t $1_home_t:dir setattr;
 -allow $1_mozilla_t $1_home_t:{ file lnk_file } rw_file_perms;
 -} dnl end if writehome
-+# FIXME: Common internet downloads type is needed here.
-+# FIXME: additionally, dir transition to such a type conflicts with ~/.mozilla
-+file_type_auto_trans($1_mozilla_t, $1_home_dir_t, $1_mozilla_home_t, file )
-+file_type_auto_trans($1_mozilla_t, $1_home_t, $1_mozilla_home_t, { dir file } )
-+}
- 
- allow $1_mozilla_t $1_t:unix_stream_socket connectto;
- allow $1_mozilla_t sysctl_net_t:dir search;
-@@ -130,8 +114,6 @@
- allow $1_mozilla_t mozilla_conf_t:file r_file_perms;
- dontaudit $1_mozilla_t port_type:tcp_socket name_bind;
- dontaudit $1_mozilla_t dri_device_t:chr_file rw_file_perms;
++######### Java plugin
++ifdef(`java.te', `
++javaplugin_domain($1_mozilla, $1)
++') dnl java.te
+ 
+-allow $1_mozilla_t $1_t:unix_stream_socket connectto;
+-allow $1_mozilla_t sysctl_net_t:dir search;
+-allow $1_mozilla_t sysctl_t:dir search;
++######### Print web content
+ ifdef(`cups.te', `
+ allow $1_mozilla_t cupsd_etc_t:dir search;
+ allow $1_mozilla_t cupsd_rw_etc_t:file { getattr read };
+ ')
+-allow $1_mozilla_t $1_t:tcp_socket { read write };
+-
+-allow $1_mozilla_t mozilla_conf_t:file r_file_perms;
+-dontaudit $1_mozilla_t port_type:tcp_socket name_bind;
+-dontaudit $1_mozilla_t dri_device_t:chr_file rw_file_perms;
 -# Mozilla tries to delete .fonts.cache-1
 -dontaudit $1_mozilla_t $1_home_t:file unlink;
- allow $1_mozilla_t self:sem create_sem_perms;
- 
- # Java plugin
-@@ -139,7 +121,6 @@
- javaplugin_domain($1_mozilla, $1)
- ')
- 
+-allow $1_mozilla_t self:sem create_sem_perms;
 -
- # Use printer
+-# Java plugin
+-ifdef(`java.te', `
+-javaplugin_domain($1_mozilla, $1)
+-')
+-
+-
+-# Use printer
  ifdef(`lpr.te', `
  domain_auto_trans($1_mozilla_t, lpr_exec_t, $1_lpr_t)
-@@ -148,6 +129,7 @@
- allow $1_lpr_t $1_mozilla_tmp_t:file rw_file_perms;
- 
- # Suppress history.fop denial
-+# FIXME: common type is needed for internet content
+-
+-# Print document
+-allow $1_lpr_t $1_mozilla_tmp_t:file rw_file_perms;
+-
+-# Suppress history.fop denial
  dontaudit $1_lpr_t $1_mozilla_home_t:file { read write };
- 
+-
  dontaudit $1_lpr_t $1_mozilla_t:tcp_socket { read write };
-@@ -159,6 +141,7 @@
- domain_auto_trans($1_mozilla_t, mplayer_exec_t, $1_mplayer_t)
+-dontaudit $1_lpr_t $1_mozilla_t:unix_stream_socket { read write };
+-')
++') dnl if lpr.te
  
- # Read mozilla content in /tmp
-+# FIXME: common type is needed for internet content
- r_dir_file($1_mplayer_t, $1_mozilla_tmp_t);
- 
- # Suppress history.fop denial
-@@ -167,6 +150,12 @@
- dontaudit $1_mplayer_t $1_mozilla_t:unix_stream_socket { read write };
+-# Mplayer plugin
++######### Launch mplayer
+ ifdef(`mplayer.te', `
+ domain_auto_trans($1_mozilla_t, mplayer_exec_t, $1_mplayer_t)
+-
+-# Read mozilla content in /tmp
+-r_dir_file($1_mplayer_t, $1_mozilla_tmp_t);
+-
+-# Suppress history.fop denial
+-dontaudit $1_mplayer_t $1_mozilla_home_t:file write;
+-
+-dontaudit $1_mplayer_t $1_mozilla_t:unix_stream_socket { read write };
++dontaudit $1_mplayer_t $1_mozilla_home_t:file { read write };
  ')dnl end if mplayer.te  
  
-+# Launch email client, and make webcal links work
++######### Launch email client, and make webcal links work
 +ifdef(`evolution.te', `
 +domain_auto_trans($1_mozilla_t, evolution_exec_t, $1_evolution_t)
 +domain_auto_trans($1_mozilla_t, evolution_webcal_exec_t, $1_evolution_webcal_t)
-+')
++') dnl if evolution.te
 +
  if (allow_execmem) {
  allow $1_mozilla_t self:process execmem;
  }
+diff --exclude-from=exclude -N -u -r nsapolicy/macros/program/mplayer_macros.te policy-1.23.18/macros/program/mplayer_macros.te
+--- nsapolicy/macros/program/mplayer_macros.te	2005-05-25 11:28:10.000000000 -0400
++++ policy-1.23.18/macros/program/mplayer_macros.te	2005-06-16 14:04:48.000000000 -0400
+@@ -88,14 +88,11 @@
+ # Audio, alsa.conf
+ allow $1_mplayer_t sound_device_t:chr_file rw_file_perms;
+ allow $1_mplayer_t etc_t:file { getattr read };
++r_dir_file($1_mplayer_t, alsa_etc_rw_t);
+ 
+ # RTC clock 
+ allow $1_mplayer_t clock_device_t:chr_file { ioctl read };
+ 
+-# Play content from /home, and from CDs
+-r_dir_file($1_mplayer_t, $1_home_t);
+-r_dir_file($1_mplayer_t, removable_t);
+-
+ # Legacy domain issues
+ if (allow_mplayer_execstack) {
+ allow $1_mplayer_t $1_mplayer_tmpfs_t:file execute;
+@@ -120,6 +117,9 @@
+ can_exec($1_mplayer_t, shell_exec_t)
+ #============================#
+ 
++# Read songs
++read_content($1_mplayer_t, $1)
++
+ ') dnl end mplayer_domain
+ 
+ ###################################
+@@ -128,7 +128,6 @@
+ 
+ define(`mencoder_domain',`
+ 
+-# FIXME: privhome temporarily removed...
+ type $1_mencoder_t, domain;
+ 
+ # Type transition
+@@ -141,6 +140,12 @@
+ # Mplayer common stuff
+ mplayer_common($1, mencoder)
+ 
++# Read content to encode
++read_content($1_mencoder_t, $1)
++
++# Save encoded files
++write_trusted($1_mencoder_t, $1)
++
+ ') dnl end mencoder_domain
+ 
+ #############################
 diff --exclude-from=exclude -N -u -r nsapolicy/macros/program/orbit_macros.te policy-1.23.18/macros/program/orbit_macros.te
 --- nsapolicy/macros/program/orbit_macros.te	1969-12-31 19:00:00.000000000 -0500
 +++ policy-1.23.18/macros/program/orbit_macros.te	2005-06-13 11:53:36.000000000 -0400
@@ -2402,9 +3171,31 @@
 +allow $1_t $2_orbit_tmp_t:sock_file write;
 +
 +') dnl orbit_connect
+diff --exclude-from=exclude -N -u -r nsapolicy/macros/program/pyzor_macros.te policy-1.23.18/macros/program/pyzor_macros.te
+--- nsapolicy/macros/program/pyzor_macros.te	2005-04-27 10:28:55.000000000 -0400
++++ policy-1.23.18/macros/program/pyzor_macros.te	2005-06-16 14:04:54.000000000 -0400
+@@ -52,6 +52,7 @@
+ 
+ # Per-user config/data files
+ home_domain($1, pyzor)
++file_type_auto_trans($1_pyzor_t, $1_home_dir_t, $1_pyzor_home_t, dir)
+ 
+ # System config files
+ r_dir_file($1_pyzor_t, pyzor_etc_t)
+diff --exclude-from=exclude -N -u -r nsapolicy/macros/program/razor_macros.te policy-1.23.18/macros/program/razor_macros.te
+--- nsapolicy/macros/program/razor_macros.te	2005-04-27 10:28:55.000000000 -0400
++++ policy-1.23.18/macros/program/razor_macros.te	2005-06-16 14:05:00.000000000 -0400
+@@ -62,6 +62,7 @@
+ 
+ # Per-user config/data files
+ home_domain($1, razor)
++file_type_auto_trans($1_razor_t, $1_home_dir_t, $1_razor_home_t, dir)
+ 
+ tmp_domain($1_razor)
+ 
 diff --exclude-from=exclude -N -u -r nsapolicy/macros/program/spamassassin_macros.te policy-1.23.18/macros/program/spamassassin_macros.te
 --- nsapolicy/macros/program/spamassassin_macros.te	2005-04-27 10:28:55.000000000 -0400
-+++ policy-1.23.18/macros/program/spamassassin_macros.te	2005-06-08 09:04:15.000000000 -0400
++++ policy-1.23.18/macros/program/spamassassin_macros.te	2005-06-16 14:05:05.000000000 -0400
 @@ -29,7 +29,7 @@
  # Note: most of this should really be in a generic macro like
  # base_user_program($1, foo)
@@ -2414,7 +3205,15 @@
  domain_auto_trans($1_t, $2_exec_t, $1_$2_t)
  
  role $1_r types $1_$2_t;
-@@ -76,6 +76,7 @@
+@@ -44,7 +44,6 @@
+ uses_shlib($1_$2_t)
+ read_locale($1_$2_t)
+ dontaudit $1_$2_t var_t:dir search;
+-allow $1_$2_t $1_home_dir_t:dir r_dir_perms;
+ tmp_domain($1_$2)
+ allow $1_$2_t privfd:fd use;
+ allow $1_$2_t userpty_type:chr_file rw_file_perms;
+@@ -76,10 +75,12 @@
  allow $1_spamassassin_t lib_t:file rx_file_perms;
  # Ignore perl digging in /proc and /var.
  dontaudit $1_spamassassin_t proc_t:dir search;
@@ -2422,6 +3221,11 @@
  dontaudit $1_spamassassin_t { sysctl_t sysctl_kernel_t }:dir search;
  
  # For ~/.spamassassin
+ home_domain($1, spamassassin)
++file_type_auto_trans($1_spamassassin_t, $1_home_dir_t, $1_spamassassin_home_t, dir)
+ 
+ spamassassin_agent_privs($1_spamassassin_t, $1)
+ 
 @@ -95,7 +96,7 @@
  # Define the domain for /usr/bin/spamc
  #
@@ -2455,8 +3259,8 @@
  allow $1_ssh_agent_t xdm_t:process sigchld;
 diff --exclude-from=exclude -N -u -r nsapolicy/macros/program/thunderbird_macros.te policy-1.23.18/macros/program/thunderbird_macros.te
 --- nsapolicy/macros/program/thunderbird_macros.te	1969-12-31 19:00:00.000000000 -0500
-+++ policy-1.23.18/macros/program/thunderbird_macros.te	2005-06-08 09:04:15.000000000 -0400
-@@ -0,0 +1,59 @@
++++ policy-1.23.18/macros/program/thunderbird_macros.te	2005-06-16 14:05:10.000000000 -0400
+@@ -0,0 +1,57 @@
 +#
 +# Thunderbird
 +#
@@ -2510,12 +3314,21 @@
 +# Access ~/.thunderbird
 +home_domain($1, thunderbird)
 +
-+tmp_domain($1_thunderbird)
-+
 +# RSS feeds
 +can_network_client_tcp($1_thunderbird_t, http_port_t) 
 +allow $1_thunderbird_t http_port_t:tcp_socket name_connect;
 +')
+diff --exclude-from=exclude -N -u -r nsapolicy/macros/program/tvtime_macros.te policy-1.23.18/macros/program/tvtime_macros.te
+--- nsapolicy/macros/program/tvtime_macros.te	2005-04-27 10:28:55.000000000 -0400
++++ policy-1.23.18/macros/program/tvtime_macros.te	2005-06-16 14:05:16.000000000 -0400
+@@ -26,6 +26,7 @@
+ 
+ # X access, Home files
+ home_domain($1, tvtime)
++file_type_auto_trans($1_tvtime_t, $1_home_dir_t, $1_tvtime_home_t, dir)
+ x_client_domain($1_tvtime, $1)
+ 
+ uses_shlib($1_tvtime_t)
 diff --exclude-from=exclude -N -u -r nsapolicy/macros/program/userhelper_macros.te policy-1.23.18/macros/program/userhelper_macros.te
 --- nsapolicy/macros/program/userhelper_macros.te	2005-05-25 11:28:11.000000000 -0400
 +++ policy-1.23.18/macros/program/userhelper_macros.te	2005-06-10 14:12:16.000000000 -0400
@@ -2531,13 +3344,12 @@
  
 diff --exclude-from=exclude -N -u -r nsapolicy/macros/program/xauth_macros.te policy-1.23.18/macros/program/xauth_macros.te
 --- nsapolicy/macros/program/xauth_macros.te	2005-04-27 10:28:55.000000000 -0400
-+++ policy-1.23.18/macros/program/xauth_macros.te	2005-06-08 09:04:15.000000000 -0400
-@@ -23,7 +23,7 @@
- 
++++ policy-1.23.18/macros/program/xauth_macros.te	2005-06-16 14:05:20.000000000 -0400
+@@ -24,6 +24,7 @@
  allow $1_xauth_t self:process signal;
  
--home_domain($1, xauth)
-+home_domain($1, xauth, file)
+ home_domain($1, xauth)
++file_type_auto_trans($1_xauth_t, $1_home_dir_t, $1_xauth_home_t, file)
  
  # Transition from the user domain to this domain.
  domain_auto_trans($1_t, xauth_exec_t, $1_xauth_t)
@@ -2581,7 +3393,7 @@
  
 diff --exclude-from=exclude -N -u -r nsapolicy/macros/program/xdm_macros.te policy-1.23.18/macros/program/xdm_macros.te
 --- nsapolicy/macros/program/xdm_macros.te	1969-12-31 19:00:00.000000000 -0500
-+++ policy-1.23.18/macros/program/xdm_macros.te	2005-06-10 14:12:16.000000000 -0400
++++ policy-1.23.18/macros/program/xdm_macros.te	2005-06-16 14:05:26.000000000 -0400
 @@ -0,0 +1,11 @@
 +########################################
 +#
@@ -2592,7 +3404,7 @@
 +
 +define(`can_pipe_xdm', `
 +allow $1 xdm_t:fd use;
-+allow $1 xdm_t:fifo_file { getattr read write };
++allow $1 xdm_t:fifo_file { getattr read write ioctl };
 +') dnl can_pipe_xdm
 diff --exclude-from=exclude -N -u -r nsapolicy/macros/program/xserver_macros.te policy-1.23.18/macros/program/xserver_macros.te
 --- nsapolicy/macros/program/xserver_macros.te	2005-05-02 14:06:57.000000000 -0400
@@ -2647,16 +3459,20 @@
  ', `
 diff --exclude-from=exclude -N -u -r nsapolicy/macros/user_macros.te policy-1.23.18/macros/user_macros.te
 --- nsapolicy/macros/user_macros.te	2005-06-01 06:11:23.000000000 -0400
-+++ policy-1.23.18/macros/user_macros.te	2005-06-10 14:12:18.000000000 -0400
-@@ -22,6 +22,7 @@
++++ policy-1.23.18/macros/user_macros.te	2005-06-16 14:05:32.000000000 -0400
+@@ -21,7 +21,10 @@
+ type $1_home_dir_t, file_type, sysadmfile, home_dir_type, home_type, user_home_dir_type, polydir;
  type $1_home_t, file_type, sysadmfile, home_type, user_home_type, $1_file_type, polymember;
  
- tmp_domain($1, `, user_tmpfile, $1_file_type', `{ file lnk_file dir sock_file fifo_file }')
+-tmp_domain($1, `, user_tmpfile, $1_file_type', `{ file lnk_file dir sock_file fifo_file }')
++# Transition manually for { lnk sock fifo }. The rest is in content macros.
++tmp_domain_notrans($1, `, user_tmpfile, $1_file_type')
++file_type_auto_trans($1_t, tmp_t, $1_tmp_t, { lnk_file sock_file fifo_file })
 +allow $1_t $1_tmp_t:{ dir file } { relabelto relabelfrom };
  
  ifdef(`support_polyinstantiation', `
  type_member $1_t tmp_t:dir $1_tmp_t;
-@@ -243,8 +244,7 @@
+@@ -243,8 +246,7 @@
  allow $1_mount_t removable_t:filesystem { mount relabelto };
  allow $1_mount_t removable_t:dir mounton;
  ifdef(`xdm.te', `
@@ -2668,8 +3484,18 @@
  
 diff --exclude-from=exclude -N -u -r nsapolicy/Makefile policy-1.23.18/Makefile
 --- nsapolicy/Makefile	2005-05-25 11:28:09.000000000 -0400
-+++ policy-1.23.18/Makefile	2005-06-10 14:12:18.000000000 -0400
-@@ -155,11 +155,6 @@
++++ policy-1.23.18/Makefile	2005-06-16 14:05:37.000000000 -0400
+@@ -144,9 +144,6 @@
+ 	@mkdir -p $(POLICYPATH)
+ 	$(CHECKPOLICY) $(CHECKPOLMLS) -o $@ policy.conf
+ ifneq ($(MLS),y)
+-ifneq ($(VERS),18)
+-	$(CHECKPOLICY) -c 18 -o $(POLICYPATH)/policy.18 policy.conf
+-endif
+ endif
+ # Note: Can't use install, so not sure how to deal with mode, user, and group
+ #	other than by default.
+@@ -155,21 +152,12 @@
  
  $(POLICYVER):  policy.conf $(FC) $(CHECKPOLICY)
  	$(CHECKPOLICY) $(CHECKPOLMLS) -o $@ policy.conf
@@ -2681,6 +3507,25 @@
  	@echo "Validating file contexts files ..."
  	$(SETFILES) -q -c $(POLICYVER) $(FC)
  
+ reload tmp/load: $(LOADPATH) 
+ 	@echo "Loading Policy ..."
+-ifeq ($(VERS), $(KERNVERS))
+ 	$(LOADPOLICY) $(LOADPATH)
+-else
+-	$(LOADPOLICY) $(POLICYPATH)/policy.18
+-endif
+ 	touch tmp/load
+ 
+ load: tmp/load $(FCPATH) 
+@@ -242,7 +230,7 @@
+ 	  --regex-te='/^[ \t]*bool[ \t]+(\w+)/\1/b,bool/' $^
+  
+ clean:
+-	rm -f policy.conf $(POLICYVER) policy.18
++	rm -f policy.conf $(POLICYVER)
+ 	rm -f tags
+ 	rm -f tmp/*
+ 	rm -f $(FC)
 diff --exclude-from=exclude -N -u -r nsapolicy/mls policy-1.23.18/mls
 --- nsapolicy/mls	2005-04-14 15:01:53.000000000 -0400
 +++ policy-1.23.18/mls	2005-06-08 09:04:15.000000000 -0400
@@ -2862,17 +3707,28 @@
  allow crond_t initrc_t:dbus send_msg;
 diff --exclude-from=exclude -N -u -r nsapolicy/targeted/domains/unconfined.te policy-1.23.18/targeted/domains/unconfined.te
 --- nsapolicy/targeted/domains/unconfined.te	2005-05-25 11:28:11.000000000 -0400
-+++ policy-1.23.18/targeted/domains/unconfined.te	2005-06-08 09:22:54.000000000 -0400
-@@ -63,8 +63,7 @@
++++ policy-1.23.18/targeted/domains/unconfined.te	2005-06-16 13:48:06.000000000 -0400
+@@ -62,11 +62,6 @@
+ # Support SAMBA home directories
  bool use_samba_home_dirs false;
  
- if (allow_execmod) {
+-if (allow_execmod) {
 -allow unconfined_t { ld_so_t shlib_t }:file execmod;
 -allow unconfined_t { bin_t sbin_t exec_type }:file execmod;
-+allow unconfined_t file_type:file execmod;
- }
- 
+-}
+-
  ifdef(`samba.te', `samba_domain(user)')
+ 
+ # Allow system to run with NIS
+@@ -77,8 +72,3 @@
+ 
+ # allow reading of default file context
+ bool read_default_t true;
+-
+-if (allow_execmem) {
+-allow domain self:process execmem;
+-}
+-
 diff --exclude-from=exclude -N -u -r nsapolicy/tunables/distro.tun policy-1.23.18/tunables/distro.tun
 --- nsapolicy/tunables/distro.tun	2005-02-24 14:51:09.000000000 -0500
 +++ policy-1.23.18/tunables/distro.tun	2005-06-08 09:04:15.000000000 -0400
@@ -2934,8 +3790,20 @@
  # devpts_t is the type of the devpts file system and 
 diff --exclude-from=exclude -N -u -r nsapolicy/types/file.te policy-1.23.18/types/file.te
 --- nsapolicy/types/file.te	2005-05-25 11:28:11.000000000 -0400
-+++ policy-1.23.18/types/file.te	2005-06-08 23:14:54.000000000 -0400
-@@ -325,4 +325,8 @@
++++ policy-1.23.18/types/file.te	2005-06-16 14:56:25.000000000 -0400
+@@ -137,7 +137,11 @@
+ # texrel_shlib_t is the type of shared objects in the system lib
+ # directories, which require text relocation.
+ #
++ifdef(`targeted_policy', `
++typealias lib_t alias texrel_shlib_t;
++', `
+ type texrel_shlib_t, file_type, sysadmfile;
++')
+ 
+ # ld_so_t is the type of the system dynamic loaders.
+ #
+@@ -325,4 +329,8 @@
  # Type for anonymous FTP data, used by ftp and rsync
  type ftpd_anon_t, file_type, sysadmfile, customizable;
  


Index: selinux-policy-targeted.spec
===================================================================
RCS file: /cvs/dist/rpms/selinux-policy-targeted/devel/selinux-policy-targeted.spec,v
retrieving revision 1.320
retrieving revision 1.321
diff -u -r1.320 -r1.321
--- selinux-policy-targeted.spec	16 Jun 2005 18:49:32 -0000	1.320
+++ selinux-policy-targeted.spec	16 Jun 2005 20:23:17 -0000	1.321
@@ -11,7 +11,7 @@
 Summary: SELinux %{type} policy configuration
 Name: selinux-policy-%{type}
 Version: 1.23.18
-Release: 8
+Release: 9
 License: GPL
 Group: System Environment/Base
 Source: http://www.nsa.gov/selinux/archives/policy-%{version}.tgz
@@ -234,8 +234,9 @@
 exit 0
 
 %changelog
-* Thu Jun 16 2005 Dan Walsh <dwalsh at redhat.com> 1.23.18-8
+* Thu Jun 16 2005 Dan Walsh <dwalsh at redhat.com> 1.23.18-9
 - Update Ivan trusted/untrusted patch
+- add texrel_shlib_t to targeted
 
 * Wed Jun 15 2005 Dan Walsh <dwalsh at redhat.com> 1.23.18-7
 - Fixed for new cups domain hplip


