rpms/selinux-policy/devel policy-20060104.patch, 1.26, 1.27 selinux-policy.spec, 1.95, 1.96

fedora-cvs-commits at redhat.com fedora-cvs-commits at redhat.com
Sat Jan 28 05:39:56 UTC 2006 

Author: dwalsh

Update of /cvs/dist/rpms/selinux-policy/devel
In directory cvs.devel.redhat.com:/tmp/cvs-serv16438

Modified Files:
	policy-20060104.patch selinux-policy.spec 
Log Message:
* Fri Jan 27 2006 Dan Walsh <dwalsh at redhat.com> 2.2.8-2
- Update to upstream
- Fix rhgb, and other Xorg startups


policy-20060104.patch:
 admin/usermanage.te    |    3 +++
 kernel/filesystem.if   |   20 ++++++++++----------
 kernel/filesystem.te   |    1 +
 kernel/mls.te          |    3 ++-
 services/automount.te  |    1 +
 services/hal.te        |    1 +
 services/irqbalance.te |    2 ++
 services/xdm.fc        |    4 ++++
 services/xdm.if        |   21 +++++++++++++++++++++
 system/unconfined.te   |    4 ++++
 10 files changed, 49 insertions(+), 11 deletions(-)

Index: policy-20060104.patch
===================================================================
RCS file: /cvs/dist/rpms/selinux-policy/devel/policy-20060104.patch,v
retrieving revision 1.26
retrieving revision 1.27
diff -u -r1.26 -r1.27
--- policy-20060104.patch	28 Jan 2006 04:50:20 -0000	1.26
+++ policy-20060104.patch	28 Jan 2006 05:39:52 -0000	1.27
@@ -1,6 +1,6 @@
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/admin/usermanage.te serefpolicy-2.2.8/policy/modules/admin/usermanage.te
 --- nsaserefpolicy/policy/modules/admin/usermanage.te	2006-01-19 10:00:40.000000000 -0500
-+++ serefpolicy-2.2.8/policy/modules/admin/usermanage.te	2006-01-27 23:48:28.000000000 -0500
++++ serefpolicy-2.2.8/policy/modules/admin/usermanage.te	2006-01-28 00:05:06.000000000 -0500
 @@ -328,6 +328,9 @@
  
  miscfiles_read_localization(passwd_t)
@@ -13,7 +13,7 @@
  userdom_use_unpriv_users_fd(passwd_t)
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/kernel/filesystem.if serefpolicy-2.2.8/policy/modules/kernel/filesystem.if
 --- nsaserefpolicy/policy/modules/kernel/filesystem.if	2006-01-27 21:35:04.000000000 -0500
-+++ serefpolicy-2.2.8/policy/modules/kernel/filesystem.if	2006-01-27 23:48:28.000000000 -0500
++++ serefpolicy-2.2.8/policy/modules/kernel/filesystem.if	2006-01-28 00:05:06.000000000 -0500
 @@ -154,7 +154,7 @@
  		class filesystem unmount;
  	')
@@ -106,7 +106,7 @@
  ########################################
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/kernel/filesystem.te serefpolicy-2.2.8/policy/modules/kernel/filesystem.te
 --- nsaserefpolicy/policy/modules/kernel/filesystem.te	2006-01-17 17:08:52.000000000 -0500
-+++ serefpolicy-2.2.8/policy/modules/kernel/filesystem.te	2006-01-27 23:48:28.000000000 -0500
++++ serefpolicy-2.2.8/policy/modules/kernel/filesystem.te	2006-01-28 00:05:06.000000000 -0500
 @@ -134,6 +134,7 @@
  #
  type dosfs_t, noxattrfs;
@@ -117,7 +117,7 @@
  genfscon ntfs / gen_context(system_u:object_r:dosfs_t,s0)
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/kernel/mls.te serefpolicy-2.2.8/policy/modules/kernel/mls.te
 --- nsaserefpolicy/policy/modules/kernel/mls.te	2006-01-17 17:08:52.000000000 -0500
-+++ serefpolicy-2.2.8/policy/modules/kernel/mls.te	2006-01-27 23:48:28.000000000 -0500
++++ serefpolicy-2.2.8/policy/modules/kernel/mls.te	2006-01-28 00:05:06.000000000 -0500
 @@ -86,7 +86,8 @@
  ')
  
@@ -130,7 +130,7 @@
  ')
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/automount.te serefpolicy-2.2.8/policy/modules/services/automount.te
 --- nsaserefpolicy/policy/modules/services/automount.te	2006-01-17 17:08:53.000000000 -0500
-+++ serefpolicy-2.2.8/policy/modules/services/automount.te	2006-01-27 23:48:28.000000000 -0500
++++ serefpolicy-2.2.8/policy/modules/services/automount.te	2006-01-28 00:05:06.000000000 -0500
 @@ -64,6 +64,7 @@
  kernel_list_proc(automount_t)
  
@@ -141,7 +141,7 @@
  corecmd_exec_bin(automount_t)
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/hal.te serefpolicy-2.2.8/policy/modules/services/hal.te
 --- nsaserefpolicy/policy/modules/services/hal.te	2006-01-27 21:35:04.000000000 -0500
-+++ serefpolicy-2.2.8/policy/modules/services/hal.te	2006-01-27 23:48:28.000000000 -0500
++++ serefpolicy-2.2.8/policy/modules/services/hal.te	2006-01-28 00:05:06.000000000 -0500
 @@ -51,6 +51,7 @@
  kernel_write_proc_file(hald_t)
  
@@ -152,7 +152,7 @@
  corecmd_exec_sbin(hald_t)
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/irqbalance.te serefpolicy-2.2.8/policy/modules/services/irqbalance.te
 --- nsaserefpolicy/policy/modules/services/irqbalance.te	2006-01-13 17:06:07.000000000 -0500
-+++ serefpolicy-2.2.8/policy/modules/services/irqbalance.te	2006-01-27 23:48:28.000000000 -0500
++++ serefpolicy-2.2.8/policy/modules/services/irqbalance.te	2006-01-28 00:05:06.000000000 -0500
 @@ -31,6 +31,8 @@
  
  dev_read_sysfs(irqbalance_t)
@@ -164,12 +164,50 @@
  
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/xdm.fc serefpolicy-2.2.8/policy/modules/services/xdm.fc
 --- nsaserefpolicy/policy/modules/services/xdm.fc	2006-01-20 10:02:32.000000000 -0500
-+++ serefpolicy-2.2.8/policy/modules/services/xdm.fc	2006-01-27 23:49:40.000000000 -0500
++++ serefpolicy-2.2.8/policy/modules/services/xdm.fc	2006-01-28 00:28:26.000000000 -0500
 @@ -30,3 +30,7 @@
  
  /var/run/xdm\.pid	--	gen_context(system_u:object_r:xdm_var_run_t,s0)
  /var/run/xdmctl(/.*)?		gen_context(system_u:object_r:xdm_var_run_t,s0)
 +ifdef(`targeted_policy',`
-+/usr/bin/rhgb		--	gen_context(system_u:object_r:xdm_exec_t,s0)
++/usr/bin/Xorg		--	gen_context(system_u:object_r:xdm_exec_t,s0)
 +')
 +
+diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/xdm.if serefpolicy-2.2.8/policy/modules/services/xdm.if
+--- nsaserefpolicy/policy/modules/services/xdm.if	2005-11-14 18:24:08.000000000 -0500
++++ serefpolicy-2.2.8/policy/modules/services/xdm.if	2006-01-28 00:05:06.000000000 -0500
+@@ -1 +1,22 @@
+ ## <summary>X windows login display manager</summary>
++########################################
++## <summary>
++##	Execute xdmd in the xdmd domain.
++## </summary>
++## <param name="domain">
++##	The type of the process performing this action.
++## </param>
++#
++interface(`xdm_domtrans',`
++	gen_require(`
++		type xdm_t, xdm_exec_t;
++	')
++
++	domain_auto_trans($1,xdm_exec_t,xdm_t)
++
++	allow $1 xdm_t:fd use;
++	allow xdm_t $1:fd use;
++	allow xdm_t $1:fifo_file rw_file_perms;
++	allow xdm_t $1:process sigchld;
++')
++
+diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/unconfined.te serefpolicy-2.2.8/policy/modules/system/unconfined.te
+--- nsaserefpolicy/policy/modules/system/unconfined.te	2006-01-27 21:35:05.000000000 -0500
++++ serefpolicy-2.2.8/policy/modules/system/unconfined.te	2006-01-28 00:05:06.000000000 -0500
+@@ -148,4 +148,8 @@
+ 	optional_policy(`wine',`
+ 		wine_domtrans(unconfined_t)
+ 	')
++
++	optional_policy(`xdm',`
++		xdm_domtrans(unconfined_t)
++	')
+ ')


Index: selinux-policy.spec
===================================================================
RCS file: /cvs/dist/rpms/selinux-policy/devel/selinux-policy.spec,v
retrieving revision 1.95
retrieving revision 1.96
diff -u -r1.95 -r1.96
--- selinux-policy.spec	28 Jan 2006 04:51:05 -0000	1.95
+++ selinux-policy.spec	28 Jan 2006 05:39:52 -0000	1.96
@@ -6,7 +6,7 @@
 Summary: SELinux policy configuration
 Name: selinux-policy
 Version: 2.2.8
-Release: 1
+Release: 2
 License: GPL
 Group: System Environment/Base
 Source: serefpolicy-%{version}.tgz
@@ -282,9 +282,9 @@
 %{_usr}/share/selinux/refpolicy/include/*
 
 %changelog
-* Thu Jan 26 2006 Dan Walsh <dwalsh at redhat.com> 2.2.8-1
+* Fri Jan 27 2006 Dan Walsh <dwalsh at redhat.com> 2.2.8-2
 - Update to upstream
-- Fix rhgb
+- Fix rhgb, and other Xorg startups
 
 * Thu Jan 26 2006 Dan Walsh <dwalsh at redhat.com> 2.2.7-1
 - Update to upstream

More information about the fedora-cvs-commits mailing list