rpms/selinux-policy-strict/devel policy-20050502.patch,1.4,1.5
fedora-cvs-commits at redhat.com
fedora-cvs-commits at redhat.com
Fri May 6 02:43:41 UTC 2005
Author: dwalsh
Update of /cvs/dist/rpms/selinux-policy-strict/devel
In directory cvs.devel.redhat.com:/tmp/cvs-serv31025
Modified Files:
policy-20050502.patch
Log Message:
* Thu May 5 2005 Dan Walsh <dwalsh at redhat.com> 1.23.14-3
- Add debugfs
- Add Russell fixes for restorecon, games
- Turn off user_canbe_sysadm
policy-20050502.patch:
Makefile | 2 +-
domains/misc/kernel.te | 2 ++
domains/program/ifconfig.te | 2 ++
domains/program/modutil.te | 2 +-
domains/program/restorecon.te | 2 +-
domains/program/unused/apmd.te | 2 +-
domains/program/unused/auditd.te | 1 +
domains/program/unused/automount.te | 9 +++++++--
domains/program/unused/consoletype.te | 1 +
domains/program/unused/cups.te | 8 ++++++--
domains/program/unused/hald.te | 7 ++++---
domains/program/unused/hotplug.te | 6 +++---
domains/program/unused/i18n_input.te | 2 ++
domains/program/unused/kudzu.te | 1 +
domains/program/unused/lvm.te | 2 +-
domains/program/unused/mysqld.te | 2 +-
domains/program/unused/pamconsole.te | 2 +-
domains/program/unused/postfix.te | 1 +
domains/program/unused/privoxy.te | 9 +++++----
domains/program/unused/udev.te | 4 ++--
domains/program/unused/updfstab.te | 6 ++++++
domains/program/unused/xdm.te | 1 +
domains/program/unused/xserver.te | 1 +
file_contexts/distros.fc | 3 ++-
file_contexts/program/cups.fc | 1 +
file_contexts/program/rhgb.fc | 1 -
file_contexts/types.fc | 2 ++
fs_use | 1 +
genfs_contexts | 3 +--
macros/core_macros.te | 1 -
macros/program/games_domain.te | 27 +++++++++++++++++++++------
macros/program/su_macros.te | 5 +++--
net_contexts | 2 ++
targeted/domains/unconfined.te | 5 +++++
tunables/distro.tun | 2 +-
tunables/tunable.tun | 4 ++--
types/file.te | 5 +++++
37 files changed, 98 insertions(+), 39 deletions(-)
Index: policy-20050502.patch
===================================================================
RCS file: /cvs/dist/rpms/selinux-policy-strict/devel/policy-20050502.patch,v
retrieving revision 1.4
retrieving revision 1.5
diff -u -r1.4 -r1.5
--- policy-20050502.patch 6 May 2005 02:42:05 -0000 1.4
+++ policy-20050502.patch 6 May 2005 02:43:38 -0000 1.5
@@ -247,16 +247,16 @@
dontaudit lvm_t file_t:dir search;
diff --exclude-from=exclude -N -u -r nsapolicy/domains/program/unused/mysqld.te policy-1.23.14/domains/program/unused/mysqld.te
--- nsapolicy/domains/program/unused/mysqld.te 2005-04-27 10:28:51.000000000 -0400
-+++ policy-1.23.14/domains/program/unused/mysqld.te 2005-05-05 22:39:47.000000000 -0400
-@@ -34,7 +34,7 @@
-
++++ policy-1.23.14/domains/program/unused/mysqld.te 2005-05-05 22:42:20.000000000 -0400
+@@ -35,7 +35,7 @@
allow initrc_t mysqld_log_t:file { write append setattr ioctl };
--allow mysqld_t self:capability { dac_override setgid setuid net_bind_service };
-+allow mysqld_t self:capability { setsched dac_override setgid setuid net_bind_service };
- allow mysqld_t self:process getsched;
+ allow mysqld_t self:capability { dac_override setgid setuid net_bind_service };
+-allow mysqld_t self:process getsched;
++allow mysqld_t self:process { setsched getsched };
allow mysqld_t proc_t:file { getattr read };
+
diff --exclude-from=exclude -N -u -r nsapolicy/domains/program/unused/pamconsole.te policy-1.23.14/domains/program/unused/pamconsole.te
--- nsapolicy/domains/program/unused/pamconsole.te 2005-04-27 10:28:52.000000000 -0400
+++ policy-1.23.14/domains/program/unused/pamconsole.te 2005-05-02 14:57:26.000000000 -0400
More information about the fedora-cvs-commits
mailing list