rpms/selinux-policy/devel policy-20060104.patch, 1.5, 1.6 selinux-policy.spec, 1.78, 1.79
fedora-cvs-commits at redhat.com
fedora-cvs-commits at redhat.com
Mon Jan 9 22:50:59 UTC 2006
Author: dwalsh
Update of /cvs/dist/rpms/selinux-policy/devel
In directory cvs.devel.redhat.com:/tmp/cvs-serv22202
Modified Files:
policy-20060104.patch selinux-policy.spec
Log Message:
* Mon Jan 9 2006 Dan Walsh <dwalsh at redhat.com> 2.1.8-2
- Fixes for hal and readahead
policy-20060104.patch:
Makefile | 2
policy/modules/admin/amanda.te | 4
policy/modules/admin/consoletype.te | 1
policy/modules/admin/netutils.te | 1
policy/modules/admin/readahead.te | 2
policy/modules/admin/su.if | 2
policy/modules/admin/vpn.te | 7 +
policy/modules/apps/java.fc | 4
policy/modules/apps/java.if | 23 +++++
policy/modules/apps/java.te | 25 ++++++
policy/modules/apps/wine.fc | 2
policy/modules/apps/wine.if | 23 +++++
policy/modules/apps/wine.te | 27 ++++++
policy/modules/kernel/corecommands.te | 6 +
policy/modules/kernel/domain.if | 1
policy/modules/kernel/domain.te | 4
policy/modules/kernel/files.if | 17 ++++
policy/modules/kernel/kernel.if | 21 +++++
policy/modules/kernel/kernel.te | 5 +
policy/modules/kernel/mls.te | 2
policy/modules/services/apache.te | 9 ++
policy/modules/services/apm.te | 1
policy/modules/services/automount.te | 9 +-
policy/modules/services/bluetooth.te | 1
policy/modules/services/cron.te | 32 +------
policy/modules/services/cups.te | 6 -
policy/modules/services/dovecot.te | 1
policy/modules/services/hal.fc | 1
policy/modules/services/hal.te | 10 ++
policy/modules/services/irqbalance.te | 1
policy/modules/services/locate.fc | 4
policy/modules/services/locate.if | 1
policy/modules/services/locate.te | 50 ++++++++++++
policy/modules/services/logwatch.fc | 3
policy/modules/services/logwatch.if | 1
policy/modules/services/logwatch.te | 107 +++++++++++++++++++++++++
policy/modules/services/mta.te | 13 +++
policy/modules/services/networkmanager.te | 10 +-
policy/modules/services/nscd.te | 1
policy/modules/services/ntp.te | 2
policy/modules/services/portmap.te | 1
policy/modules/services/prelink.fc | 7 +
policy/modules/services/prelink.if | 39 +++++++++
policy/modules/services/prelink.te | 64 +++++++++++++++
policy/modules/services/rpc.te | 1
policy/modules/services/samba.if | 2
policy/modules/services/xdm.te | 4
policy/modules/system/authlogin.te | 1
policy/modules/system/clock.te | 1
policy/modules/system/fstools.te | 4
policy/modules/system/hostname.te | 38 +--------
policy/modules/system/init.te | 16 ---
policy/modules/system/libraries.fc | 125 +++++++++++++++---------------
policy/modules/system/libraries.te | 4
policy/modules/system/locallogin.te | 1
policy/modules/system/logging.te | 4
policy/modules/system/lvm.te | 2
policy/modules/system/mount.te | 4
policy/modules/system/selinuxutil.te | 5 -
policy/modules/system/sysnetwork.te | 2
policy/modules/system/unconfined.if | 1
policy/modules/system/unconfined.te | 12 +-
policy/modules/system/userdomain.fc | 2
policy/modules/system/userdomain.if | 66 +++++++++++----
policy/modules/system/userdomain.te | 1
policy/users | 8 +
66 files changed, 682 insertions(+), 175 deletions(-)
Index: policy-20060104.patch
===================================================================
RCS file: /cvs/dist/rpms/selinux-policy/devel/policy-20060104.patch,v
retrieving revision 1.5
retrieving revision 1.6
diff -u -r1.5 -r1.6
--- policy-20060104.patch 9 Jan 2006 20:14:17 -0000 1.5
+++ policy-20060104.patch 9 Jan 2006 22:50:57 -0000 1.6
@@ -1,6 +1,6 @@
diff --exclude-from=exclude -N -u -r nsaserefpolicy/Makefile serefpolicy-2.1.8/Makefile
--- nsaserefpolicy/Makefile 2005-12-09 23:35:04.000000000 -0500
-+++ serefpolicy-2.1.8/Makefile 2006-01-09 13:10:33.000000000 -0500
++++ serefpolicy-2.1.8/Makefile 2006-01-09 14:37:14.000000000 -0500
@@ -92,7 +92,7 @@
# enable MLS if requested.
@@ -12,7 +12,7 @@
endif
diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/admin/amanda.te serefpolicy-2.1.8/policy/modules/admin/amanda.te
--- nsaserefpolicy/policy/modules/admin/amanda.te 2005-12-09 23:35:04.000000000 -0500
-+++ serefpolicy-2.1.8/policy/modules/admin/amanda.te 2006-01-09 13:10:33.000000000 -0500
++++ serefpolicy-2.1.8/policy/modules/admin/amanda.te 2006-01-09 14:37:14.000000000 -0500
@@ -165,6 +165,10 @@
sysnet_read_config(amanda_t)
@@ -26,7 +26,7 @@
')
diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/admin/consoletype.te serefpolicy-2.1.8/policy/modules/admin/consoletype.te
--- nsaserefpolicy/policy/modules/admin/consoletype.te 2005-12-09 23:35:04.000000000 -0500
-+++ serefpolicy-2.1.8/policy/modules/admin/consoletype.te 2006-01-09 13:10:59.000000000 -0500
++++ serefpolicy-2.1.8/policy/modules/admin/consoletype.te 2006-01-09 14:37:14.000000000 -0500
@@ -38,6 +38,7 @@
kernel_use_fd(consoletype_t)
@@ -37,7 +37,7 @@
fs_search_auto_mountpoints(consoletype_t)
diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/admin/netutils.te serefpolicy-2.1.8/policy/modules/admin/netutils.te
--- nsaserefpolicy/policy/modules/admin/netutils.te 2005-12-09 23:35:04.000000000 -0500
-+++ serefpolicy-2.1.8/policy/modules/admin/netutils.te 2006-01-09 13:10:59.000000000 -0500
++++ serefpolicy-2.1.8/policy/modules/admin/netutils.te 2006-01-09 14:37:14.000000000 -0500
@@ -42,6 +42,7 @@
files_create_tmp_files(netutils_t, netutils_tmp_t, { file dir })
@@ -46,9 +46,28 @@
corenet_tcp_sendrecv_all_if(netutils_t)
corenet_raw_sendrecv_all_if(netutils_t)
+diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/admin/readahead.te serefpolicy-2.1.8/policy/modules/admin/readahead.te
+--- nsaserefpolicy/policy/modules/admin/readahead.te 2006-01-04 16:55:14.000000000 -0500
++++ serefpolicy-2.1.8/policy/modules/admin/readahead.te 2006-01-09 17:39:19.000000000 -0500
+@@ -27,6 +27,7 @@
+
+ kernel_read_kernel_sysctl(readahead_t)
+ kernel_read_system_state(readahead_t)
++kernel_getattr_core(readahead_t)
+
+ dev_read_sysfs(readahead_t)
+ dev_getattr_generic_chr_file(readahead_t)
+@@ -50,6 +51,7 @@
+
+ init_use_fd(readahead_t)
+ init_use_script_pty(readahead_t)
++init_getattr_initctl(readahead_t)
+
+ libs_use_ld_so(readahead_t)
+ libs_use_shared_libs(readahead_t)
diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/admin/su.if serefpolicy-2.1.8/policy/modules/admin/su.if
--- nsaserefpolicy/policy/modules/admin/su.if 2005-12-09 23:35:04.000000000 -0500
-+++ serefpolicy-2.1.8/policy/modules/admin/su.if 2006-01-09 13:10:33.000000000 -0500
++++ serefpolicy-2.1.8/policy/modules/admin/su.if 2006-01-09 14:37:14.000000000 -0500
@@ -193,7 +193,9 @@
domain_use_wide_inherit_fd($1_su_t)
@@ -61,7 +80,7 @@
# Write to utmp.
diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/admin/vpn.te serefpolicy-2.1.8/policy/modules/admin/vpn.te
--- nsaserefpolicy/policy/modules/admin/vpn.te 2005-12-09 23:35:04.000000000 -0500
-+++ serefpolicy-2.1.8/policy/modules/admin/vpn.te 2006-01-09 13:10:33.000000000 -0500
++++ serefpolicy-2.1.8/policy/modules/admin/vpn.te 2006-01-09 14:37:14.000000000 -0500
@@ -24,6 +24,7 @@
#
@@ -89,7 +108,7 @@
+')
diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/apps/java.fc serefpolicy-2.1.8/policy/modules/apps/java.fc
--- nsaserefpolicy/policy/modules/apps/java.fc 1969-12-31 19:00:00.000000000 -0500
-+++ serefpolicy-2.1.8/policy/modules/apps/java.fc 2006-01-09 13:10:33.000000000 -0500
++++ serefpolicy-2.1.8/policy/modules/apps/java.fc 2006-01-09 14:37:14.000000000 -0500
@@ -0,0 +1,4 @@
+
+/usr/.*/java -- gen_context(system_u:object_r:java_exec_t,s0)
@@ -97,7 +116,7 @@
+
diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/apps/java.if serefpolicy-2.1.8/policy/modules/apps/java.if
--- nsaserefpolicy/policy/modules/apps/java.if 1969-12-31 19:00:00.000000000 -0500
-+++ serefpolicy-2.1.8/policy/modules/apps/java.if 2006-01-09 13:10:33.000000000 -0500
++++ serefpolicy-2.1.8/policy/modules/apps/java.if 2006-01-09 14:37:14.000000000 -0500
@@ -0,0 +1,23 @@
+## <summary>Load keyboard mappings.</summary>
+
@@ -124,7 +143,7 @@
+')
diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/apps/java.te serefpolicy-2.1.8/policy/modules/apps/java.te
--- nsaserefpolicy/policy/modules/apps/java.te 1969-12-31 19:00:00.000000000 -0500
-+++ serefpolicy-2.1.8/policy/modules/apps/java.te 2006-01-09 13:10:33.000000000 -0500
++++ serefpolicy-2.1.8/policy/modules/apps/java.te 2006-01-09 14:37:14.000000000 -0500
@@ -0,0 +1,25 @@
+policy_module(java,1.0.0)
+
@@ -153,13 +172,13 @@
+')
diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/apps/wine.fc serefpolicy-2.1.8/policy/modules/apps/wine.fc
--- nsaserefpolicy/policy/modules/apps/wine.fc 1969-12-31 19:00:00.000000000 -0500
-+++ serefpolicy-2.1.8/policy/modules/apps/wine.fc 2006-01-09 13:10:33.000000000 -0500
++++ serefpolicy-2.1.8/policy/modules/apps/wine.fc 2006-01-09 14:37:14.000000000 -0500
@@ -0,0 +1,2 @@
+/usr/bin/wine -- gen_context(system_u:object_r:wine_exec_t,s0)
+
diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/apps/wine.if serefpolicy-2.1.8/policy/modules/apps/wine.if
--- nsaserefpolicy/policy/modules/apps/wine.if 1969-12-31 19:00:00.000000000 -0500
-+++ serefpolicy-2.1.8/policy/modules/apps/wine.if 2006-01-09 13:10:33.000000000 -0500
++++ serefpolicy-2.1.8/policy/modules/apps/wine.if 2006-01-09 14:37:14.000000000 -0500
@@ -0,0 +1,23 @@
+## <summary>Load keyboard mappings.</summary>
+
@@ -186,7 +205,7 @@
+')
diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/apps/wine.te serefpolicy-2.1.8/policy/modules/apps/wine.te
--- nsaserefpolicy/policy/modules/apps/wine.te 1969-12-31 19:00:00.000000000 -0500
-+++ serefpolicy-2.1.8/policy/modules/apps/wine.te 2006-01-09 13:10:33.000000000 -0500
++++ serefpolicy-2.1.8/policy/modules/apps/wine.te 2006-01-09 14:37:14.000000000 -0500
@@ -0,0 +1,27 @@
+policy_module(wine,1.0.0)
+
@@ -217,7 +236,7 @@
+')
diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/kernel/corecommands.te serefpolicy-2.1.8/policy/modules/kernel/corecommands.te
--- nsaserefpolicy/policy/modules/kernel/corecommands.te 2005-12-09 23:35:04.000000000 -0500
-+++ serefpolicy-2.1.8/policy/modules/kernel/corecommands.te 2006-01-09 13:10:33.000000000 -0500
++++ serefpolicy-2.1.8/policy/modules/kernel/corecommands.te 2006-01-09 14:37:14.000000000 -0500
@@ -35,3 +35,9 @@
type chroot_exec_t;
@@ -230,7 +249,7 @@
+
diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/kernel/domain.if serefpolicy-2.1.8/policy/modules/kernel/domain.if
--- nsaserefpolicy/policy/modules/kernel/domain.if 2005-12-12 15:35:53.000000000 -0500
-+++ serefpolicy-2.1.8/policy/modules/kernel/domain.if 2006-01-09 13:10:33.000000000 -0500
++++ serefpolicy-2.1.8/policy/modules/kernel/domain.if 2006-01-09 17:23:08.000000000 -0500
@@ -501,6 +501,7 @@
')
@@ -241,7 +260,7 @@
########################################
diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/kernel/domain.te serefpolicy-2.1.8/policy/modules/kernel/domain.te
--- nsaserefpolicy/policy/modules/kernel/domain.te 2005-12-09 23:35:04.000000000 -0500
-+++ serefpolicy-2.1.8/policy/modules/kernel/domain.te 2006-01-09 13:10:33.000000000 -0500
++++ serefpolicy-2.1.8/policy/modules/kernel/domain.te 2006-01-09 14:37:14.000000000 -0500
@@ -67,3 +67,7 @@
# cjp: also need to except correctly for SEFramework
neverallow { domain unlabeled_t } file_type:process *;
@@ -253,7 +272,7 @@
\ No newline at end of file
diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/kernel/files.if serefpolicy-2.1.8/policy/modules/kernel/files.if
--- nsaserefpolicy/policy/modules/kernel/files.if 2006-01-04 17:28:52.000000000 -0500
-+++ serefpolicy-2.1.8/policy/modules/kernel/files.if 2006-01-09 13:10:33.000000000 -0500
++++ serefpolicy-2.1.8/policy/modules/kernel/files.if 2006-01-09 14:37:14.000000000 -0500
@@ -3183,3 +3183,20 @@
')
')
@@ -278,7 +297,7 @@
\ No newline at end of file
diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/kernel/kernel.if serefpolicy-2.1.8/policy/modules/kernel/kernel.if
--- nsaserefpolicy/policy/modules/kernel/kernel.if 2006-01-09 11:32:53.000000000 -0500
-+++ serefpolicy-2.1.8/policy/modules/kernel/kernel.if 2006-01-09 13:10:59.000000000 -0500
++++ serefpolicy-2.1.8/policy/modules/kernel/kernel.if 2006-01-09 14:37:14.000000000 -0500
@@ -662,6 +662,27 @@
allow $1 proc_mdstat_t:file rw_file_perms;
')
@@ -309,7 +328,7 @@
## Allows caller to get attribues of core kernel interface.
diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/kernel/kernel.te serefpolicy-2.1.8/policy/modules/kernel/kernel.te
--- nsaserefpolicy/policy/modules/kernel/kernel.te 2006-01-09 11:32:53.000000000 -0500
-+++ serefpolicy-2.1.8/policy/modules/kernel/kernel.te 2006-01-09 13:10:59.000000000 -0500
++++ serefpolicy-2.1.8/policy/modules/kernel/kernel.te 2006-01-09 14:37:14.000000000 -0500
@@ -72,6 +72,9 @@
type proc_mdstat_t, proc_type;
genfscon proc /mdstat gen_context(system_u:object_r:proc_mdstat_t,s0)
@@ -331,7 +350,7 @@
allow kernel_t sysctl_t:dir r_dir_perms;
diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/kernel/mls.te serefpolicy-2.1.8/policy/modules/kernel/mls.te
--- nsaserefpolicy/policy/modules/kernel/mls.te 2006-01-09 11:32:53.000000000 -0500
-+++ serefpolicy-2.1.8/policy/modules/kernel/mls.te 2006-01-09 13:10:33.000000000 -0500
++++ serefpolicy-2.1.8/policy/modules/kernel/mls.te 2006-01-09 14:37:14.000000000 -0500
@@ -82,9 +82,11 @@
# these might be targeted_policy only
range_transition unconfined_t su_exec_t s0 - s0:c0.c255;
@@ -346,7 +365,7 @@
')
diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/apache.te serefpolicy-2.1.8/policy/modules/services/apache.te
--- nsaserefpolicy/policy/modules/services/apache.te 2005-12-12 23:05:35.000000000 -0500
-+++ serefpolicy-2.1.8/policy/modules/services/apache.te 2006-01-09 13:10:33.000000000 -0500
++++ serefpolicy-2.1.8/policy/modules/services/apache.te 2006-01-09 14:37:14.000000000 -0500
@@ -391,6 +391,10 @@
userdom_dontaudit_use_sysadm_terms(httpd_t)
')
@@ -369,7 +388,7 @@
+
diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/apm.te serefpolicy-2.1.8/policy/modules/services/apm.te
--- nsaserefpolicy/policy/modules/services/apm.te 2005-12-09 23:35:05.000000000 -0500
-+++ serefpolicy-2.1.8/policy/modules/services/apm.te 2006-01-09 13:10:33.000000000 -0500
++++ serefpolicy-2.1.8/policy/modules/services/apm.te 2006-01-09 14:37:14.000000000 -0500
@@ -196,6 +196,7 @@
')
@@ -380,7 +399,7 @@
diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/automount.te serefpolicy-2.1.8/policy/modules/services/automount.te
--- nsaserefpolicy/policy/modules/services/automount.te 2006-01-09 11:32:53.000000000 -0500
-+++ serefpolicy-2.1.8/policy/modules/services/automount.te 2006-01-09 13:10:33.000000000 -0500
++++ serefpolicy-2.1.8/policy/modules/services/automount.te 2006-01-09 14:37:14.000000000 -0500
@@ -28,7 +28,7 @@
# Local policy
#
@@ -414,7 +433,7 @@
')
diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/bluetooth.te serefpolicy-2.1.8/policy/modules/services/bluetooth.te
--- nsaserefpolicy/policy/modules/services/bluetooth.te 2005-12-09 23:35:05.000000000 -0500
-+++ serefpolicy-2.1.8/policy/modules/services/bluetooth.te 2006-01-09 13:10:59.000000000 -0500
++++ serefpolicy-2.1.8/policy/modules/services/bluetooth.te 2006-01-09 14:37:14.000000000 -0500
@@ -86,6 +86,7 @@
kernel_read_kernel_sysctl(bluetooth_t)
@@ -425,7 +444,7 @@
corenet_udp_sendrecv_all_if(bluetooth_t)
diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/cron.te serefpolicy-2.1.8/policy/modules/services/cron.te
--- nsaserefpolicy/policy/modules/services/cron.te 2006-01-09 11:32:53.000000000 -0500
-+++ serefpolicy-2.1.8/policy/modules/services/cron.te 2006-01-09 13:10:33.000000000 -0500
++++ serefpolicy-2.1.8/policy/modules/services/cron.te 2006-01-09 14:37:14.000000000 -0500
@@ -407,43 +407,21 @@
sysstat_manage_log(system_crond_t)
')
@@ -477,7 +496,7 @@
')
diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/cups.te serefpolicy-2.1.8/policy/modules/services/cups.te
--- nsaserefpolicy/policy/modules/services/cups.te 2006-01-09 11:32:53.000000000 -0500
-+++ serefpolicy-2.1.8/policy/modules/services/cups.te 2006-01-09 13:10:33.000000000 -0500
++++ serefpolicy-2.1.8/policy/modules/services/cups.te 2006-01-09 14:37:14.000000000 -0500
@@ -201,8 +201,7 @@
')
@@ -500,7 +519,7 @@
optional_policy(`dbus',`
diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/dovecot.te serefpolicy-2.1.8/policy/modules/services/dovecot.te
--- nsaserefpolicy/policy/modules/services/dovecot.te 2006-01-09 11:32:54.000000000 -0500
-+++ serefpolicy-2.1.8/policy/modules/services/dovecot.te 2006-01-09 13:10:33.000000000 -0500
++++ serefpolicy-2.1.8/policy/modules/services/dovecot.te 2006-01-09 14:37:14.000000000 -0500
@@ -95,6 +95,7 @@
files_read_etc_files(dovecot_t)
files_search_spool(dovecot_t)
@@ -511,7 +530,7 @@
init_use_fd(dovecot_t)
diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/hal.fc serefpolicy-2.1.8/policy/modules/services/hal.fc
--- nsaserefpolicy/policy/modules/services/hal.fc 2005-11-14 18:24:07.000000000 -0500
-+++ serefpolicy-2.1.8/policy/modules/services/hal.fc 2006-01-09 13:10:33.000000000 -0500
++++ serefpolicy-2.1.8/policy/modules/services/hal.fc 2006-01-09 14:37:14.000000000 -0500
@@ -7,3 +7,4 @@
/usr/sbin/hald -- gen_context(system_u:object_r:hald_exec_t,s0)
@@ -519,12 +538,13 @@
+/usr/share/hal/scripts(/.*)? gen_context(system_u:object_r:bin_t,s0)
diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/hal.te serefpolicy-2.1.8/policy/modules/services/hal.te
--- nsaserefpolicy/policy/modules/services/hal.te 2006-01-09 11:32:54.000000000 -0500
-+++ serefpolicy-2.1.8/policy/modules/services/hal.te 2006-01-09 13:10:33.000000000 -0500
-@@ -47,8 +47,11 @@
++++ serefpolicy-2.1.8/policy/modules/services/hal.te 2006-01-09 17:37:17.000000000 -0500
+@@ -47,8 +47,12 @@
kernel_read_system_state(hald_t)
kernel_read_network_state(hald_t)
kernel_read_kernel_sysctl(hald_t)
+kernel_read_fs_sysctl(hald_t)
++
kernel_write_proc_file(hald_t)
+mls_file_read_up(hald_t)
@@ -532,7 +552,7 @@
corecmd_exec_bin(hald_t)
corecmd_exec_sbin(hald_t)
-@@ -74,6 +77,7 @@
+@@ -74,6 +78,7 @@
dev_manage_generic_chr_file(hald_t)
# hal is now execing pm-suspend
dev_rw_sysfs(hald_t)
@@ -540,9 +560,28 @@
domain_use_wide_inherit_fd(hald_t)
domain_exec_all_entry_files(hald_t)
+@@ -82,6 +87,7 @@
+ files_read_etc_files(hald_t)
+ files_rw_etc_runtime_files(hald_t)
+ files_search_mnt(hald_t)
++files_manage_mnt_dirs(hald_t)
+ files_search_var_lib(hald_t)
+ files_read_usr_files(hald_t)
+ # hal is now execing pm-suspend
+@@ -145,6 +151,10 @@
+ clock_domtrans(hald_t)
+ ')
+
++optional_policy(`rpc',`
++ rpc_search_nfs_state_data(hald_t)
++')
++
+ optional_policy(`cups',`
+ cups_domtrans_config(hald_t)
+ cups_signal_config(hald_t)
diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/irqbalance.te serefpolicy-2.1.8/policy/modules/services/irqbalance.te
--- nsaserefpolicy/policy/modules/services/irqbalance.te 2005-11-28 17:23:58.000000000 -0500
-+++ serefpolicy-2.1.8/policy/modules/services/irqbalance.te 2006-01-09 13:10:59.000000000 -0500
++++ serefpolicy-2.1.8/policy/modules/services/irqbalance.te 2006-01-09 14:37:14.000000000 -0500
@@ -28,6 +28,7 @@
kernel_read_system_state(irqbalance_t)
kernel_read_kernel_sysctl(irqbalance_t)
@@ -553,7 +592,7 @@
diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/locate.fc serefpolicy-2.1.8/policy/modules/services/locate.fc
--- nsaserefpolicy/policy/modules/services/locate.fc 1969-12-31 19:00:00.000000000 -0500
-+++ serefpolicy-2.1.8/policy/modules/services/locate.fc 2006-01-09 13:10:33.000000000 -0500
++++ serefpolicy-2.1.8/policy/modules/services/locate.fc 2006-01-09 14:37:14.000000000 -0500
@@ -0,0 +1,4 @@
+# locate - file locater
+/usr/bin/updatedb -- gen_context(system_u:object_r:locate_exec_t, s0)
@@ -561,12 +600,12 @@
+
diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/locate.if serefpolicy-2.1.8/policy/modules/services/locate.if
--- nsaserefpolicy/policy/modules/services/locate.if 1969-12-31 19:00:00.000000000 -0500
-+++ serefpolicy-2.1.8/policy/modules/services/locate.if 2006-01-09 13:10:33.000000000 -0500
++++ serefpolicy-2.1.8/policy/modules/services/locate.if 2006-01-09 14:37:14.000000000 -0500
@@ -0,0 +1 @@
+## <summary>Update database for mlocate</summary>
diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/locate.te serefpolicy-2.1.8/policy/modules/services/locate.te
--- nsaserefpolicy/policy/modules/services/locate.te 1969-12-31 19:00:00.000000000 -0500
-+++ serefpolicy-2.1.8/policy/modules/services/locate.te 2006-01-09 13:10:33.000000000 -0500
++++ serefpolicy-2.1.8/policy/modules/services/locate.te 2006-01-09 14:37:14.000000000 -0500
@@ -0,0 +1,50 @@
+policy_module(locate,1.0.0)
+
@@ -620,19 +659,19 @@
+')
diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/logwatch.fc serefpolicy-2.1.8/policy/modules/services/logwatch.fc
--- nsaserefpolicy/policy/modules/services/logwatch.fc 1969-12-31 19:00:00.000000000 -0500
-+++ serefpolicy-2.1.8/policy/modules/services/logwatch.fc 2006-01-09 13:10:33.000000000 -0500
++++ serefpolicy-2.1.8/policy/modules/services/logwatch.fc 2006-01-09 14:37:14.000000000 -0500
@@ -0,0 +1,3 @@
+# logwatch - file logwatchr
+/usr/share/logwatch/scripts/logwatch.pl -- gen_context(system_u:object_r:logwatch_exec_t, s0)
+/var/cache/logwatch(/.*)? gen_context(system_u:object_r:logwatch_cache_t, s0)
diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/logwatch.if serefpolicy-2.1.8/policy/modules/services/logwatch.if
--- nsaserefpolicy/policy/modules/services/logwatch.if 1969-12-31 19:00:00.000000000 -0500
-+++ serefpolicy-2.1.8/policy/modules/services/logwatch.if 2006-01-09 13:10:33.000000000 -0500
++++ serefpolicy-2.1.8/policy/modules/services/logwatch.if 2006-01-09 14:37:14.000000000 -0500
@@ -0,0 +1 @@
+## <summary>Update database for mlogwatch</summary>
diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/logwatch.te serefpolicy-2.1.8/policy/modules/services/logwatch.te
--- nsaserefpolicy/policy/modules/services/logwatch.te 1969-12-31 19:00:00.000000000 -0500
-+++ serefpolicy-2.1.8/policy/modules/services/logwatch.te 2006-01-09 13:10:33.000000000 -0500
++++ serefpolicy-2.1.8/policy/modules/services/logwatch.te 2006-01-09 14:37:14.000000000 -0500
@@ -0,0 +1,107 @@
+policy_module(logwatch,1.0.0)
+
@@ -743,7 +782,7 @@
+
diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/mta.te serefpolicy-2.1.8/policy/modules/services/mta.te
--- nsaserefpolicy/policy/modules/services/mta.te 2006-01-04 17:28:52.000000000 -0500
-+++ serefpolicy-2.1.8/policy/modules/services/mta.te 2006-01-09 13:10:33.000000000 -0500
++++ serefpolicy-2.1.8/policy/modules/services/mta.te 2006-01-09 14:37:14.000000000 -0500
@@ -47,6 +47,9 @@
allow system_mail_t etc_mail_t:dir { getattr search };
allow system_mail_t etc_mail_t:file r_file_perms;
@@ -777,7 +816,7 @@
+')
diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/networkmanager.te serefpolicy-2.1.8/policy/modules/services/networkmanager.te
--- nsaserefpolicy/policy/modules/services/networkmanager.te 2005-12-09 23:35:05.000000000 -0500
-+++ serefpolicy-2.1.8/policy/modules/services/networkmanager.te 2006-01-09 13:10:33.000000000 -0500
++++ serefpolicy-2.1.8/policy/modules/services/networkmanager.te 2006-01-09 14:37:14.000000000 -0500
@@ -28,8 +28,6 @@
allow NetworkManager_t self:tcp_socket create_stream_socket_perms;
allow NetworkManager_t self:udp_socket create_socket_perms;
@@ -811,7 +850,7 @@
')
diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/nscd.te serefpolicy-2.1.8/policy/modules/services/nscd.te
--- nsaserefpolicy/policy/modules/services/nscd.te 2005-12-09 23:35:06.000000000 -0500
-+++ serefpolicy-2.1.8/policy/modules/services/nscd.te 2006-01-09 13:10:33.000000000 -0500
++++ serefpolicy-2.1.8/policy/modules/services/nscd.te 2006-01-09 14:37:14.000000000 -0500
@@ -128,7 +128,6 @@
optional_policy(`samba',`
@@ -822,7 +861,7 @@
optional_policy(`udev',`
diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/ntp.te serefpolicy-2.1.8/policy/modules/services/ntp.te
--- nsaserefpolicy/policy/modules/services/ntp.te 2005-12-09 23:35:06.000000000 -0500
-+++ serefpolicy-2.1.8/policy/modules/services/ntp.te 2006-01-09 13:10:33.000000000 -0500
++++ serefpolicy-2.1.8/policy/modules/services/ntp.te 2006-01-09 14:37:14.000000000 -0500
@@ -148,8 +148,6 @@
')
@@ -834,7 +873,7 @@
diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/portmap.te serefpolicy-2.1.8/policy/modules/services/portmap.te
--- nsaserefpolicy/policy/modules/services/portmap.te 2005-12-09 23:35:06.000000000 -0500
-+++ serefpolicy-2.1.8/policy/modules/services/portmap.te 2006-01-09 13:10:59.000000000 -0500
++++ serefpolicy-2.1.8/policy/modules/services/portmap.te 2006-01-09 14:37:14.000000000 -0500
@@ -47,6 +47,7 @@
kernel_read_proc_symlinks(portmap_t)
kernel_udp_sendfrom(portmap_t)
@@ -845,7 +884,7 @@
corenet_udp_sendrecv_all_if(portmap_t)
diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/prelink.fc serefpolicy-2.1.8/policy/modules/services/prelink.fc
--- nsaserefpolicy/policy/modules/services/prelink.fc 1969-12-31 19:00:00.000000000 -0500
-+++ serefpolicy-2.1.8/policy/modules/services/prelink.fc 2006-01-09 13:10:33.000000000 -0500
++++ serefpolicy-2.1.8/policy/modules/services/prelink.fc 2006-01-09 14:37:14.000000000 -0500
@@ -0,0 +1,7 @@
+# prelink - prelink ELF shared libraries and binaries to speed up startup time
+/usr/sbin/prelink -- gen_context(system_u:object_r:prelink_exec_t,s0)
@@ -856,7 +895,7 @@
+/etc/prelink\.cache -- gen_context(system_u:object_r:prelink_cache_t,s0)
diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/prelink.if serefpolicy-2.1.8/policy/modules/services/prelink.if
--- nsaserefpolicy/policy/modules/services/prelink.if 1969-12-31 19:00:00.000000000 -0500
-+++ serefpolicy-2.1.8/policy/modules/services/prelink.if 2006-01-09 13:10:33.000000000 -0500
++++ serefpolicy-2.1.8/policy/modules/services/prelink.if 2006-01-09 14:37:14.000000000 -0500
@@ -0,0 +1,39 @@
+## <summary>Prelink mappings.</summary>
+
@@ -899,7 +938,7 @@
+')
diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/prelink.te serefpolicy-2.1.8/policy/modules/services/prelink.te
--- nsaserefpolicy/policy/modules/services/prelink.te 1969-12-31 19:00:00.000000000 -0500
-+++ serefpolicy-2.1.8/policy/modules/services/prelink.te 2006-01-09 13:10:33.000000000 -0500
++++ serefpolicy-2.1.8/policy/modules/services/prelink.te 2006-01-09 14:37:14.000000000 -0500
@@ -0,0 +1,64 @@
+policy_module(prelink,1.0.0)
+
@@ -967,7 +1006,7 @@
+
diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/rpc.te serefpolicy-2.1.8/policy/modules/services/rpc.te
--- nsaserefpolicy/policy/modules/services/rpc.te 2005-12-09 23:35:06.000000000 -0500
-+++ serefpolicy-2.1.8/policy/modules/services/rpc.te 2006-01-09 13:10:59.000000000 -0500
++++ serefpolicy-2.1.8/policy/modules/services/rpc.te 2006-01-09 14:37:14.000000000 -0500
@@ -48,6 +48,7 @@
kernel_search_network_state(rpcd_t)
# for rpc.rquotad
@@ -978,7 +1017,7 @@
corenet_udp_bind_reserved_port(rpcd_t)
diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/samba.if serefpolicy-2.1.8/policy/modules/services/samba.if
--- nsaserefpolicy/policy/modules/services/samba.if 2006-01-09 11:32:54.000000000 -0500
-+++ serefpolicy-2.1.8/policy/modules/services/samba.if 2006-01-09 13:10:33.000000000 -0500
++++ serefpolicy-2.1.8/policy/modules/services/samba.if 2006-01-09 14:37:14.000000000 -0500
@@ -342,7 +342,9 @@
')
@@ -991,7 +1030,7 @@
+
diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/xdm.te serefpolicy-2.1.8/policy/modules/services/xdm.te
--- nsaserefpolicy/policy/modules/services/xdm.te 2005-12-09 23:35:06.000000000 -0500
-+++ serefpolicy-2.1.8/policy/modules/services/xdm.te 2006-01-09 13:10:33.000000000 -0500
++++ serefpolicy-2.1.8/policy/modules/services/xdm.te 2006-01-09 14:37:14.000000000 -0500
@@ -319,6 +319,10 @@
allow xdm_xserver_t xkb_var_lib_t:lnk_file read;
can_exec(xdm_xserver_t, xkb_var_lib_t)
@@ -1005,7 +1044,7 @@
allow xdm_xserver_t sysctl_modprobe_t:file { getattr read };
diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/authlogin.te serefpolicy-2.1.8/policy/modules/system/authlogin.te
--- nsaserefpolicy/policy/modules/system/authlogin.te 2006-01-09 11:32:54.000000000 -0500
-+++ serefpolicy-2.1.8/policy/modules/system/authlogin.te 2006-01-09 13:10:59.000000000 -0500
++++ serefpolicy-2.1.8/policy/modules/system/authlogin.te 2006-01-09 14:37:14.000000000 -0500
@@ -157,6 +157,7 @@
kernel_use_fd(pam_console_t)
# Read /proc/meminfo
@@ -1016,7 +1055,7 @@
dev_getattr_apm_bios(pam_console_t)
diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/clock.te serefpolicy-2.1.8/policy/modules/system/clock.te
--- nsaserefpolicy/policy/modules/system/clock.te 2005-12-09 23:35:06.000000000 -0500
-+++ serefpolicy-2.1.8/policy/modules/system/clock.te 2006-01-09 13:10:59.000000000 -0500
++++ serefpolicy-2.1.8/policy/modules/system/clock.te 2006-01-09 14:37:14.000000000 -0500
@@ -33,6 +33,7 @@
kernel_read_kernel_sysctl(hwclock_t)
kernel_list_proc(hwclock_t)
@@ -1027,7 +1066,7 @@
dev_rw_realtime_clock(hwclock_t)
diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/fstools.te serefpolicy-2.1.8/policy/modules/system/fstools.te
--- nsaserefpolicy/policy/modules/system/fstools.te 2005-12-09 23:35:06.000000000 -0500
-+++ serefpolicy-2.1.8/policy/modules/system/fstools.te 2006-01-09 13:10:59.000000000 -0500
++++ serefpolicy-2.1.8/policy/modules/system/fstools.te 2006-01-09 14:37:14.000000000 -0500
@@ -56,6 +56,8 @@
# Access to /initrd devices
kernel_rw_unlabeled_dir(fsadm_t)
@@ -1048,7 +1087,7 @@
fs_getattr_xattr_fs(fsadm_t)
diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/hostname.te serefpolicy-2.1.8/policy/modules/system/hostname.te
--- nsaserefpolicy/policy/modules/system/hostname.te 2005-12-09 23:35:06.000000000 -0500
-+++ serefpolicy-2.1.8/policy/modules/system/hostname.te 2006-01-09 13:10:59.000000000 -0500
++++ serefpolicy-2.1.8/policy/modules/system/hostname.te 2006-01-09 14:37:14.000000000 -0500
@@ -7,8 +7,10 @@
#
@@ -1109,7 +1148,7 @@
+
diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/init.te serefpolicy-2.1.8/policy/modules/system/init.te
--- nsaserefpolicy/policy/modules/system/init.te 2006-01-09 11:32:54.000000000 -0500
-+++ serefpolicy-2.1.8/policy/modules/system/init.te 2006-01-09 13:10:33.000000000 -0500
++++ serefpolicy-2.1.8/policy/modules/system/init.te 2006-01-09 14:37:14.000000000 -0500
@@ -449,7 +449,6 @@
# readahead asks for these
@@ -1156,7 +1195,7 @@
') dnl end TODO
diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/libraries.fc serefpolicy-2.1.8/policy/modules/system/libraries.fc
--- nsaserefpolicy/policy/modules/system/libraries.fc 2006-01-09 11:32:54.000000000 -0500
-+++ serefpolicy-2.1.8/policy/modules/system/libraries.fc 2006-01-09 13:10:33.000000000 -0500
++++ serefpolicy-2.1.8/policy/modules/system/libraries.fc 2006-01-09 14:37:14.000000000 -0500
@@ -11,6 +11,9 @@
/emul/ia32-linux/lib(/.*)? gen_context(system_u:object_r:lib_t,s0)
/emul/ia32-linux/lib/.*\.so(\.[^/]*)* -- gen_context(system_u:object_r:shlib_t,s0)
@@ -1336,7 +1375,7 @@
#
diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/libraries.te serefpolicy-2.1.8/policy/modules/system/libraries.te
--- nsaserefpolicy/policy/modules/system/libraries.te 2005-12-12 15:35:54.000000000 -0500
-+++ serefpolicy-2.1.8/policy/modules/system/libraries.te 2006-01-09 13:10:33.000000000 -0500
++++ serefpolicy-2.1.8/policy/modules/system/libraries.te 2006-01-09 14:37:14.000000000 -0500
@@ -94,6 +94,10 @@
unconfined_domain_template(ldconfig_t)
')
@@ -1350,7 +1389,7 @@
apache_dontaudit_search_modules(ldconfig_t)
diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/locallogin.te serefpolicy-2.1.8/policy/modules/system/locallogin.te
--- nsaserefpolicy/policy/modules/system/locallogin.te 2006-01-09 11:32:54.000000000 -0500
-+++ serefpolicy-2.1.8/policy/modules/system/locallogin.te 2006-01-09 13:10:33.000000000 -0500
++++ serefpolicy-2.1.8/policy/modules/system/locallogin.te 2006-01-09 14:37:14.000000000 -0500
@@ -165,6 +165,7 @@
userdom_signal_all_users(local_login_t)
userdom_search_all_users_home(local_login_t)
@@ -1361,7 +1400,7 @@
mta_getattr_spool(local_login_t)
diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/logging.te serefpolicy-2.1.8/policy/modules/system/logging.te
--- nsaserefpolicy/policy/modules/system/logging.te 2006-01-09 11:32:54.000000000 -0500
-+++ serefpolicy-2.1.8/policy/modules/system/logging.te 2006-01-09 13:10:59.000000000 -0500
++++ serefpolicy-2.1.8/policy/modules/system/logging.te 2006-01-09 14:37:14.000000000 -0500
@@ -70,6 +70,7 @@
kernel_read_kernel_sysctl(auditctl_t)
@@ -1396,7 +1435,7 @@
dev_read_sysfs(syslogd_t)
diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/lvm.te serefpolicy-2.1.8/policy/modules/system/lvm.te
--- nsaserefpolicy/policy/modules/system/lvm.te 2005-12-09 23:35:08.000000000 -0500
-+++ serefpolicy-2.1.8/policy/modules/system/lvm.te 2006-01-09 13:10:33.000000000 -0500
++++ serefpolicy-2.1.8/policy/modules/system/lvm.te 2006-01-09 14:37:14.000000000 -0500
@@ -155,6 +155,8 @@
allow lvm_t lvm_etc_t:file r_file_perms;
@@ -1408,7 +1447,7 @@
allow lvm_t lvm_metadata_t:file create_file_perms;
diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/mount.te serefpolicy-2.1.8/policy/modules/system/mount.te
--- nsaserefpolicy/policy/modules/system/mount.te 2005-12-12 23:05:35.000000000 -0500
-+++ serefpolicy-2.1.8/policy/modules/system/mount.te 2006-01-09 13:10:59.000000000 -0500
++++ serefpolicy-2.1.8/policy/modules/system/mount.te 2006-01-09 14:37:14.000000000 -0500
@@ -26,12 +26,14 @@
files_create_tmp_files(mount_t,mount_tmp_t,{ file dir })
@@ -1435,7 +1474,7 @@
corecmd_exec_sbin(mount_t)
diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/selinuxutil.te serefpolicy-2.1.8/policy/modules/system/selinuxutil.te
--- nsaserefpolicy/policy/modules/system/selinuxutil.te 2006-01-09 11:32:54.000000000 -0500
-+++ serefpolicy-2.1.8/policy/modules/system/selinuxutil.te 2006-01-09 13:10:59.000000000 -0500
++++ serefpolicy-2.1.8/policy/modules/system/selinuxutil.te 2006-01-09 14:37:14.000000000 -0500
@@ -324,6 +324,7 @@
kernel_use_fd(restorecon_t)
kernel_rw_pipe(restorecon_t)
@@ -1459,7 +1498,7 @@
# the failed access to the current directory
diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/sysnetwork.te serefpolicy-2.1.8/policy/modules/system/sysnetwork.te
--- nsaserefpolicy/policy/modules/system/sysnetwork.te 2005-12-09 23:35:08.000000000 -0500
-+++ serefpolicy-2.1.8/policy/modules/system/sysnetwork.te 2006-01-09 13:10:59.000000000 -0500
++++ serefpolicy-2.1.8/policy/modules/system/sysnetwork.te 2006-01-09 14:37:14.000000000 -0500
@@ -90,6 +90,7 @@
kernel_read_network_state(dhcpc_t)
kernel_read_kernel_sysctl(dhcpc_t)
@@ -1476,9 +1515,20 @@
corenet_use_tun_tap_device(ifconfig_t)
+diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/unconfined.if serefpolicy-2.1.8/policy/modules/system/unconfined.if
+--- nsaserefpolicy/policy/modules/system/unconfined.if 2005-12-13 15:51:50.000000000 -0500
++++ serefpolicy-2.1.8/policy/modules/system/unconfined.if 2006-01-09 17:22:51.000000000 -0500
+@@ -33,6 +33,7 @@
+ corenet_unconfined($1)
+ dev_unconfined($1)
+ domain_unconfined($1)
++ domain_dontaudit_read_all_domains_state($1)
+ files_unconfined($1)
+ fs_unconfined($1)
+ selinux_unconfined($1)
diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/unconfined.te serefpolicy-2.1.8/policy/modules/system/unconfined.te
--- nsaserefpolicy/policy/modules/system/unconfined.te 2006-01-09 11:32:54.000000000 -0500
-+++ serefpolicy-2.1.8/policy/modules/system/unconfined.te 2006-01-09 13:10:33.000000000 -0500
++++ serefpolicy-2.1.8/policy/modules/system/unconfined.te 2006-01-09 14:37:14.000000000 -0500
@@ -57,6 +57,10 @@
bluetooth_domtrans_helper(unconfined_t)
')
@@ -1514,7 +1564,7 @@
rw_dir_create_file(sysadm_su_t, home_dir_type)
diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/userdomain.fc serefpolicy-2.1.8/policy/modules/system/userdomain.fc
--- nsaserefpolicy/policy/modules/system/userdomain.fc 2005-11-15 09:13:40.000000000 -0500
-+++ serefpolicy-2.1.8/policy/modules/system/userdomain.fc 2006-01-09 13:10:33.000000000 -0500
++++ serefpolicy-2.1.8/policy/modules/system/userdomain.fc 2006-01-09 14:37:14.000000000 -0500
@@ -4,6 +4,6 @@
HOME_DIR -d gen_context(system_u:object_r:user_home_dir_t,s0)
HOME_DIR/.+ gen_context(system_u:object_r:user_home_t,s0)
@@ -1525,7 +1575,7 @@
')
diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/userdomain.if serefpolicy-2.1.8/policy/modules/system/userdomain.if
--- nsaserefpolicy/policy/modules/system/userdomain.if 2006-01-09 11:32:54.000000000 -0500
-+++ serefpolicy-2.1.8/policy/modules/system/userdomain.if 2006-01-09 13:10:33.000000000 -0500
++++ serefpolicy-2.1.8/policy/modules/system/userdomain.if 2006-01-09 14:37:14.000000000 -0500
@@ -1881,19 +1881,16 @@
## </param>
#
@@ -1628,7 +1678,7 @@
## <param name="domain">
diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/userdomain.te serefpolicy-2.1.8/policy/modules/system/userdomain.te
--- nsaserefpolicy/policy/modules/system/userdomain.te 2006-01-09 11:32:54.000000000 -0500
-+++ serefpolicy-2.1.8/policy/modules/system/userdomain.te 2006-01-09 13:10:33.000000000 -0500
++++ serefpolicy-2.1.8/policy/modules/system/userdomain.te 2006-01-09 14:37:14.000000000 -0500
@@ -205,6 +205,7 @@
optional_policy(`hostname',`
@@ -1639,7 +1689,7 @@
optional_policy(`ipsec',`
diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/users serefpolicy-2.1.8/policy/users
--- nsaserefpolicy/policy/users 2005-12-05 22:35:02.000000000 -0500
-+++ serefpolicy-2.1.8/policy/users 2006-01-09 13:10:33.000000000 -0500
++++ serefpolicy-2.1.8/policy/users 2006-01-09 14:37:14.000000000 -0500
@@ -26,7 +26,9 @@
ifdef(`targeted_policy',`
gen_user(user_u, user_r sysadm_r system_r, s0, s0 - s15:c0.c255, c0.c255)
Index: selinux-policy.spec
===================================================================
RCS file: /cvs/dist/rpms/selinux-policy/devel/selinux-policy.spec,v
retrieving revision 1.78
retrieving revision 1.79
diff -u -r1.78 -r1.79
--- selinux-policy.spec 9 Jan 2006 20:14:17 -0000 1.78
+++ selinux-policy.spec 9 Jan 2006 22:50:57 -0000 1.79
@@ -7,7 +7,7 @@
Summary: SELinux policy configuration
Name: selinux-policy
Version: 2.1.8
-Release: 1
+Release: 2
License: GPL
Group: System Environment/Base
Source: serefpolicy-%{version}.tgz
@@ -262,9 +262,12 @@
%endif
%changelog
+* Mon Jan 9 2006 Dan Walsh <dwalsh at redhat.com> 2.1.8-2
+- Fixes for hal and readahead
+
* Mon Jan 9 2006 Dan Walsh <dwalsh at redhat.com> 2.1.8-1
- Update to upstream
-
+- Apply
* Fri Jan 7 2006 Dan Walsh <dwalsh at redhat.com> 2.1.7-4
- Add wine and fix hal problems
More information about the fedora-cvs-commits
mailing list