[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

rpms/selinux-policy/devel policy-20060802.patch, 1.13, 1.14 selinux-policy.spec, 1.253, 1.254



Author: dwalsh

Update of /cvs/dist/rpms/selinux-policy/devel
In directory cvs.devel.redhat.com:/tmp/cvs-serv14080

Modified Files:
	policy-20060802.patch selinux-policy.spec 
Log Message:
* Sun Aug 20 2006 Dan Walsh <dwalsh redhat com> 2.3.8-2
- Fixes for stunnel and postgresql


policy-20060802.patch:
 mls                                  |    9 
 modules/admin/amanda.fc              |   51 ----
 modules/admin/anaconda.te            |   20 +
 modules/admin/bootloader.te          |    4 
 modules/admin/consoletype.te         |   11 -
 modules/admin/firstboot.te           |    2 
 modules/admin/rpm.fc                 |    2 
 modules/admin/rpm.if                 |   13 -
 modules/admin/usermanage.te          |    5 
 modules/apps/java.fc                 |    9 
 modules/apps/mozilla.if              |    2 
 modules/apps/wine.te                 |    2 
 modules/kernel/corecommands.fc       |    1 
 modules/kernel/corecommands.if       |    1 
 modules/kernel/corenetwork.te.in     |    7 
 modules/kernel/devices.fc            |    2 
 modules/kernel/devices.if            |   37 +++
 modules/kernel/devices.te            |    8 
 modules/kernel/files.if              |   18 +
 modules/kernel/filesystem.te         |    2 
 modules/kernel/kernel.if             |   75 +++++++
 modules/kernel/terminal.if           |   19 +
 modules/services/amavis.te           |    7 
 modules/services/apache.te           |    1 
 modules/services/avahi.te            |    2 
 modules/services/bind.te             |    1 
 modules/services/ccs.fc              |    8 
 modules/services/ccs.if              |   45 ++++
 modules/services/ccs.te              |   84 +++++++
 modules/services/cpucontrol.te       |    2 
 modules/services/cron.if             |   17 +
 modules/services/cron.te             |    7 
 modules/services/cups.te             |   19 +
 modules/services/cyrus.te            |    5 
 modules/services/dbus.if             |    6 
 modules/services/dovecot.te          |    2 
 modules/services/inn.te              |    1 
 modules/services/ldap.te             |    2 
 modules/services/mta.fc              |    2 
 modules/services/ntp.te              |    2 
 modules/services/oddjob.fc           |    8 
 modules/services/oddjob.if           |   76 +++++++
 modules/services/oddjob.te           |   70 ++++++
 modules/services/oddjob_mkhomedir.fc |    6 
 modules/services/oddjob_mkhomedir.if |   24 ++
 modules/services/oddjob_mkhomedir.te |   26 ++
 modules/services/openvpn.te          |    2 
 modules/services/pegasus.if          |   31 ++
 modules/services/pegasus.te          |    5 
 modules/services/postfix.te          |    7 
 modules/services/postgresql.te       |    1 
 modules/services/procmail.te         |    1 
 modules/services/radius.te           |    2 
 modules/services/ricci.fc            |   20 +
 modules/services/ricci.if            |  184 +++++++++++++++++
 modules/services/ricci.te            |  373 +++++++++++++++++++++++++++++++++++
 modules/services/rpc.if              |    2 
 modules/services/rpc.te              |    5 
 modules/services/samba.te            |    8 
 modules/services/setroubleshoot.fc   |    9 
 modules/services/setroubleshoot.if   |    3 
 modules/services/setroubleshoot.te   |  110 ++++++++++
 modules/services/spamassassin.te     |    4 
 modules/services/squid.te            |    4 
 modules/services/ssh.if              |   24 ++
 modules/services/stunnel.te          |    2 
 modules/services/sysstat.te          |    3 
 modules/services/xserver.if          |   69 ++++++
 modules/services/xserver.te          |   19 +
 modules/system/authlogin.if          |   42 ++-
 modules/system/authlogin.te          |   19 +
 modules/system/fstools.te            |    1 
 modules/system/hostname.te           |   10 
 modules/system/init.if               |    7 
 modules/system/init.te               |    2 
 modules/system/libraries.fc          |    7 
 modules/system/locallogin.te         |    4 
 modules/system/logging.fc            |    3 
 modules/system/logging.if            |   21 +
 modules/system/logging.te            |    3 
 modules/system/lvm.fc                |    2 
 modules/system/lvm.te                |    6 
 modules/system/miscfiles.fc          |    1 
 modules/system/miscfiles.if          |   18 +
 modules/system/modutils.te           |    1 
 modules/system/mount.te              |    3 
 modules/system/selinuxutil.te        |   15 +
 modules/system/udev.fc               |    1 
 modules/system/udev.te               |    1 
 modules/system/unconfined.if         |    2 
 modules/system/unconfined.te         |    5 
 modules/system/userdomain.if         |  236 +++++++++++++++-------
 modules/system/userdomain.te         |   48 ++--
 modules/system/xen.if                |   38 +++
 modules/system/xen.te                |   26 +-
 95 files changed, 1872 insertions(+), 261 deletions(-)

Index: policy-20060802.patch
===================================================================
RCS file: /cvs/dist/rpms/selinux-policy/devel/policy-20060802.patch,v
retrieving revision 1.13
retrieving revision 1.14
diff -u -r1.13 -r1.14
--- policy-20060802.patch	19 Aug 2006 13:09:31 -0000	1.13
+++ policy-20060802.patch	20 Aug 2006 14:54:47 -0000	1.14
@@ -1447,6 +1447,17 @@
  
  optional_policy(`
  	postgrey_stream_connect(postfix_smtpd_t)
+diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/postgresql.te serefpolicy-2.3.8/policy/modules/services/postgresql.te
+--- nsaserefpolicy/policy/modules/services/postgresql.te	2006-08-16 08:46:30.000000000 -0400
++++ serefpolicy-2.3.8/policy/modules/services/postgresql.te	2006-08-20 10:40:06.000000000 -0400
+@@ -134,6 +134,7 @@
+ seutil_dontaudit_search_config(postgresql_t)
+ 
+ sysnet_read_config(postgresql_t)
++sysnet_use_ldap(postgresql_t)
+ 
+ userdom_dontaudit_search_sysadm_home_dirs(postgresql_t)
+ userdom_dontaudit_use_sysadm_ttys(postgresql_t)
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/procmail.te serefpolicy-2.3.8/policy/modules/services/procmail.te
 --- nsaserefpolicy/policy/modules/services/procmail.te	2006-08-02 10:34:07.000000000 -0400
 +++ serefpolicy-2.3.8/policy/modules/services/procmail.te	2006-08-18 23:12:03.000000000 -0400
@@ -2323,6 +2334,25 @@
 +	allow ssh_keygen_t $1:fifo_file rw_file_perms;
 +	allow ssh_keygen_t $1:process sigchld;
 +')
+diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/stunnel.te serefpolicy-2.3.8/policy/modules/services/stunnel.te
+--- nsaserefpolicy/policy/modules/services/stunnel.te	2006-08-02 10:34:07.000000000 -0400
++++ serefpolicy-2.3.8/policy/modules/services/stunnel.te	2006-08-20 10:45:16.000000000 -0400
+@@ -38,6 +38,7 @@
+ allow stunnel_t self:fifo_file rw_file_perms;
+ allow stunnel_t self:tcp_socket create_stream_socket_perms;
+ allow stunnel_t self:udp_socket create_socket_perms;
++allow stunnel_t self:netlink_route_socket r_netlink_socket_perms;
+ 
+ allow stunnel_t stunnel_etc_t:dir { getattr read search };
+ allow stunnel_t stunnel_etc_t:file { read getattr };
+@@ -64,6 +65,7 @@
+ corenet_udp_sendrecv_all_ports(stunnel_t)
+ corenet_tcp_bind_all_nodes(stunnel_t)
+ #corenet_tcp_bind_stunnel_port(stunnel_t)
++corenet_tcp_connect_smtp_port(stunnel_t)
+ 
+ fs_getattr_all_fs(stunnel_t)
+ 
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/sysstat.te serefpolicy-2.3.8/policy/modules/services/sysstat.te
 --- nsaserefpolicy/policy/modules/services/sysstat.te	2006-07-14 17:04:41.000000000 -0400
 +++ serefpolicy-2.3.8/policy/modules/services/sysstat.te	2006-08-18 23:12:03.000000000 -0400


Index: selinux-policy.spec
===================================================================
RCS file: /cvs/dist/rpms/selinux-policy/devel/selinux-policy.spec,v
retrieving revision 1.253
retrieving revision 1.254
diff -u -r1.253 -r1.254
--- selinux-policy.spec	18 Aug 2006 14:18:35 -0000	1.253
+++ selinux-policy.spec	20 Aug 2006 14:54:47 -0000	1.254
@@ -16,7 +16,7 @@
 Summary: SELinux policy configuration
 Name: selinux-policy
 Version: 2.3.8
-Release: 1
+Release: 2
 License: GPL
 Group: System Environment/Base
 Source: serefpolicy-%{version}.tgz
@@ -347,6 +347,9 @@
 %endif
 
 %changelog
+* Sun Aug 20 2006 Dan Walsh <dwalsh redhat com> 2.3.8-2
+- Fixes for stunnel and postgresql
+
 * Fri Aug 18 2006 Dan Walsh <dwalsh redhat com> 2.3.8-1
 - Update from upstream
 


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]