rpms/selinux-policy-targeted/FC-3 policy-20050104.patch, 1.33, 1.34 selinux-policy-targeted.spec, 1.202, 1.203
fedora-cvs-commits at redhat.com
fedora-cvs-commits at redhat.com
Sat May 7 12:04:54 UTC 2005
- Previous message (by thread): rpms/evince/devel .cvsignore, 1.12, 1.13 evince.spec, 1.18, 1.19 sources, 1.12, 1.13
- Next message (by thread): rpms/util-linux/devel util-linux-2.12p-nfsmount-fsc.patch, NONE, 1.1.2.1 util-linux.spec, 1.72.2.1, 1.72.2.2
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
Author: dwalsh
Update of /cvs/dist/rpms/selinux-policy-targeted/FC-3
In directory cvs.devel.redhat.com:/tmp/cvs-serv19220
Modified Files:
policy-20050104.patch selinux-policy-targeted.spec
Log Message:
* Sat May 7 2005 Dan Walsh <dwalsh at redhat.com> 1.17.30-3.3
- Add file context for /usr/local/*.so files
policy-20050104.patch:
Makefile | 47 +++--
attrib.te | 18 ++
domains/program/crond.te | 7
domains/program/ldconfig.te | 21 ++
domains/program/login.te | 2
domains/program/logrotate.te | 24 +-
domains/program/mount.te | 2
domains/program/ssh.te | 7
domains/program/syslogd.te | 40 +++-
domains/program/unused/acct.te | 6
domains/program/unused/apache.te | 283 +++++++++++++++++++++++-----------
domains/program/unused/arpwatch.te | 26 +++
domains/program/unused/cups.te | 58 ++++++
domains/program/unused/dhcpc.te | 5
domains/program/unused/dhcpd.te | 18 +-
domains/program/unused/dovecot.te | 3
domains/program/unused/ftpd.te | 2
domains/program/unused/hald.te | 3
domains/program/unused/howl.te | 2
domains/program/unused/innd.te | 7
domains/program/unused/ipsec.te | 9 -
domains/program/unused/iptables.te | 3
domains/program/unused/mailman.te | 29 ++-
domains/program/unused/mdadm.te | 3
domains/program/unused/mta.te | 24 ++
domains/program/unused/mysqld.te | 24 +-
domains/program/unused/named.te | 39 +++-
domains/program/unused/nscd.te | 62 +++----
domains/program/unused/ntpd.te | 23 ++
domains/program/unused/portmap.te | 20 ++
domains/program/unused/postfix.te | 2
domains/program/unused/postgresql.te | 62 +++++--
domains/program/unused/procmail.te | 1
domains/program/unused/rpcd.te | 2
domains/program/unused/rpm.te | 5
domains/program/unused/rsync.te | 2
domains/program/unused/samba.te | 4
domains/program/unused/sendmail.te | 2
domains/program/unused/slrnpull.te | 1
domains/program/unused/snmpd.te | 24 +-
domains/program/unused/spamd.te | 2
domains/program/unused/squid.te | 21 +-
domains/program/unused/udev.te | 5
domains/program/unused/updfstab.te | 1
domains/program/unused/winbind.te | 35 ++++
domains/program/unused/xdm.te | 4
domains/program/unused/ypbind.te | 15 +
domains/program/unused/ypserv.te | 7
domains/user.te | 6
file_contexts/distros.fc | 76 ++++++---
file_contexts/program/apache.fc | 14 +
file_contexts/program/arpwatch.fc | 3
file_contexts/program/cups.fc | 5
file_contexts/program/dhcpd.fc | 2
file_contexts/program/ipsec.fc | 11 -
file_contexts/program/mailman.fc | 15 -
file_contexts/program/mta.fc | 5
file_contexts/program/mysqld.fc | 4
file_contexts/program/named.fc | 17 +-
file_contexts/program/nscd.fc | 3
file_contexts/program/ntpd.fc | 2
file_contexts/program/postgresql.fc | 23 +-
file_contexts/program/sendmail.fc | 1
file_contexts/program/snmpd.fc | 3
file_contexts/program/squid.fc | 2
file_contexts/program/winbind.fc | 10 +
file_contexts/types.fc | 162 ++++++-------------
flask/access_vectors | 31 +++
flask/security_classes | 6
genfs_contexts | 2
macros/base_user_macros.te | 9 -
macros/core_macros.te | 98 ++++++++---
macros/global_macros.te | 93 +++--------
macros/network_macros.te | 172 ++++++++++++++++++++
macros/program/apache_macros.te | 144 +++++++++--------
macros/program/kerberos_macros.te | 11 +
macros/program/mount_macros.te | 2
macros/program/mozilla_macros.te | 2
macros/program/mta_macros.te | 5
macros/program/newrole_macros.te | 2
macros/program/spamassassin_macros.te | 5
macros/program/ssh_agent_macros.te | 2
macros/program/ssh_macros.te | 2
macros/program/su_macros.te | 2
macros/program/userhelper_macros.te | 3
macros/program/xauth_macros.te | 2
macros/program/xserver_macros.te | 4
macros/program/ypbind_macros.te | 24 --
man/man8/httpd_selinux.8 | 108 ++++++++++++
man/man8/named_selinux.8 | 29 +++
net_contexts | 83 +++++++--
targeted/assert.te | 4
targeted/domains/program/hotplug.te | 4
targeted/domains/program/initrc.te | 2
targeted/domains/program/sendmail.te | 17 ++
targeted/domains/unconfined.te | 38 ++++
tunables/distro.tun | 2
tunables/tunable.tun | 21 +-
types/device.te | 6
types/file.te | 85 ++++++----
types/network.te | 55 ++++--
types/procfs.te | 4
102 files changed, 1700 insertions(+), 755 deletions(-)
Index: policy-20050104.patch
===================================================================
RCS file: /cvs/dist/rpms/selinux-policy-targeted/FC-3/policy-20050104.patch,v
retrieving revision 1.33
retrieving revision 1.34
diff -u -r1.33 -r1.34
--- policy-20050104.patch 5 May 2005 18:00:50 -0000 1.33
+++ policy-20050104.patch 7 May 2005 12:04:52 -0000 1.34
@@ -2516,7 +2516,7 @@
+/var/cache/samba/winbindd_privileged(/.*)? system_u:object_r:winbind_var_run_t
diff --exclude-from=exclude -N -u -r nsapolicy/file_contexts/types.fc policy-1.17.30/file_contexts/types.fc
--- nsapolicy/file_contexts/types.fc 2004-10-09 21:07:28.000000000 -0400
-+++ policy-1.17.30/file_contexts/types.fc 2005-03-23 08:40:43.000000000 -0500
++++ policy-1.17.30/file_contexts/types.fc 2005-05-07 07:55:52.000000000 -0400
@@ -54,7 +54,7 @@
HOME_DIR -d system_u:object_r:ROLE_home_dir_t
HOME_DIR/.+ system_u:object_r:ROLE_home_t
@@ -2643,7 +2643,7 @@
#
# /sbin
-@@ -330,114 +335,52 @@
+@@ -330,99 +335,46 @@
# /usr
#
/usr(/.*)? system_u:object_r:usr_t
@@ -2729,8 +2729,8 @@
/usr/local/src(/.*)? system_u:object_r:src_t
-/usr/local/sbin(/.*)? system_u:object_r:sbin_t
/usr/local/man(/.*)? system_u:object_r:man_t
-
- #
+-
+-#
-# /usr/local/bin
-#
-/usr/local/bin(/.*)? system_u:object_r:bin_t
@@ -2756,10 +2756,11 @@
-#
-/usr/X11R6/(.*/)?lib(64)?(/.*)? system_u:object_r:lib_t
-/usr/X11R6/(.*/)?lib(64)?(/.*)+\.so(\.[^/]*)* -- system_u:object_r:shlib_t
--
--#
- # /usr/X11R6/man
++/usr/local/.*\.so(\.[^/]*)* -- system_u:object_r:shlib_t
+
#
+ # /usr/X11R6/man
+@@ -430,14 +382,6 @@
/usr/X11R6/man(/.*)? system_u:object_r:man_t
#
@@ -2774,7 +2775,7 @@
# Fonts dir
#
/usr/X11R6/lib/X11/fonts(/.*)? system_u:object_r:fonts_t
-@@ -445,6 +388,7 @@
+@@ -445,6 +389,7 @@
/var/lib/msttcorefonts(/.*)? system_u:object_r:fonts_t
')
/usr/share/fonts(/.*)? system_u:object_r:fonts_t
@@ -2782,7 +2783,7 @@
/usr/local/share/fonts(/.*)? system_u:object_r:fonts_t
#
-@@ -458,6 +402,7 @@
+@@ -458,6 +403,7 @@
#
/var/spool(/.*)? system_u:object_r:var_spool_t
/var/spool/texmf(/.*)? system_u:object_r:tetex_data_t
@@ -2790,7 +2791,7 @@
#
# /var/log
-@@ -515,15 +460,15 @@
+@@ -515,15 +461,15 @@
/initrd -d system_u:object_r:root_t
#
Index: selinux-policy-targeted.spec
===================================================================
RCS file: /cvs/dist/rpms/selinux-policy-targeted/FC-3/selinux-policy-targeted.spec,v
retrieving revision 1.202
retrieving revision 1.203
diff -u -r1.202 -r1.203
--- selinux-policy-targeted.spec 5 May 2005 17:48:38 -0000 1.202
+++ selinux-policy-targeted.spec 7 May 2005 12:04:52 -0000 1.203
@@ -8,7 +8,7 @@
Summary: SELinux %{type} policy configuration
Name: selinux-policy-%{type}
Version: 1.17.30
-Release: 3.2
+Release: 3.3
License: GPL
Group: System Environment/Base
Source: http://www.nsa.gov/selinux/archives/policy-%{version}.tgz
@@ -214,7 +214,10 @@
exit 0
%changelog
-* Thu Apr 7 2005 Dan Walsh <dwalsh at redhat.com> 1.17.30-3.2
+* Sat May 7 2005 Dan Walsh <dwalsh at redhat.com> 1.17.30-3.3
+- Add file context for /usr/local/*.so files
+
+* Thu May 5 2005 Dan Walsh <dwalsh at redhat.com> 1.17.30-3.2
- Update unconfined_t to use proc_net
* Thu Apr 7 2005 Dan Walsh <dwalsh at redhat.com> 1.17.30-2.98
- Previous message (by thread): rpms/evince/devel .cvsignore, 1.12, 1.13 evince.spec, 1.18, 1.19 sources, 1.12, 1.13
- Next message (by thread): rpms/util-linux/devel util-linux-2.12p-nfsmount-fsc.patch, NONE, 1.1.2.1 util-linux.spec, 1.72.2.1, 1.72.2.2
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
More information about the fedora-cvs-commits
mailing list