rpms/kernel/devel linux-2.6-selinux-disable-attributes-no-policy.patch, NONE, 1.1 kernel-2.6.spec, 1.1966, 1.1967
fedora-cvs-commits at redhat.com
fedora-cvs-commits at redhat.com
Sat Feb 18 23:34:46 UTC 2006
Author: davej
Update of /cvs/dist/rpms/kernel/devel
In directory cvs.devel.redhat.com:/tmp/cvs-serv20008
Modified Files:
kernel-2.6.spec
Added Files:
linux-2.6-selinux-disable-attributes-no-policy.patch
Log Message:
- Disable setting of security attributes on new inodes when
no policy is loaded. (#180296)
linux-2.6-selinux-disable-attributes-no-policy.patch:
hooks.c | 2 +-
1 files changed, 1 insertion(+), 1 deletion(-)
--- NEW FILE linux-2.6-selinux-disable-attributes-no-policy.patch ---
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=180296
Disable setting of security attributes on new inodes when no policy is loaded
--- linux-2.6.15.noarch/security/selinux/hooks.c~ 2006-02-18 18:31:02.000000000 -0500
+++ linux-2.6.15.noarch/security/selinux/hooks.c 2006-02-18 18:31:17.000000000 -0500
@@ -1957,7 +1957,7 @@ static int selinux_inode_init_security(s
inode_security_set_sid(inode, newsid);
- if (sbsec->behavior == SECURITY_FS_USE_MNTPOINT)
+ if (!ss_initialized || sbsec->behavior == SECURITY_FS_USE_MNTPOINT)
return -EOPNOTSUPP;
if (name) {
Index: kernel-2.6.spec
===================================================================
RCS file: /cvs/dist/rpms/kernel/devel/kernel-2.6.spec,v
retrieving revision 1.1966
retrieving revision 1.1967
diff -u -r1.1966 -r1.1967
--- kernel-2.6.spec 18 Feb 2006 21:23:48 -0000 1.1966
+++ kernel-2.6.spec 18 Feb 2006 23:34:22 -0000 1.1967
@@ -357,6 +357,7 @@
Patch1710: linux-2.6-autofs-pathlookup.patch
Patch1720: linux-2.6-selinux-hush.patch
Patch1721: linux-2.6-selinux-mprotect-checks.patch
+Patch1722: linux-2.6-selinux-disable-attributes-no-policy.patch
Patch1730: linux-2.6-ide-cd-shutup.patch
Patch1740: linux-2.6-block-reduce-stack.patch
Patch1750: linux-2.6-ub.patch
@@ -918,6 +919,8 @@
%patch1720 -p1
# Fix the SELinux mprotect checks on executable mappings
%patch1721 -p1
+# Disable setting of security attributes on new inodes when no policy is loaded
+%patch1722 -p1
# Silence noisy CD drive spew
%patch1730 -p1
# Reduce stack usage in block layer
@@ -1580,6 +1583,8 @@
- Reenable EMI26 driver. (#181813)
- Fix counting of hotplug cpu's in x86 microcode driver
- Fix syscall auditting doing allocations whilst atomic.
+- Disable setting of security attributes on new inodes when
+ no policy is loaded. (#180296)
* Fri Feb 17 2006 Dave Jones <davej at redhat.com>
- 2.6.16rc4
More information about the fedora-cvs-commits
mailing list