rpms/selinux-policy/devel policy-20060608.patch,1.28,1.29
fedora-cvs-commits at redhat.com
fedora-cvs-commits at redhat.com
Wed Jul 19 18:44:15 UTC 2006
Author: dwalsh
Update of /cvs/dist/rpms/selinux-policy/devel
In directory cvs.devel.redhat.com:/tmp/cvs-serv11576
Modified Files:
policy-20060608.patch
Log Message:
* Tue Jul 18 2006 Dan Walsh <dwalsh at redhat.com> 2.3.3-4
- setroubleshootd fixes
policy-20060608.patch:
global_tunables | 67 +++++------
modules/admin/bootloader.te | 4
modules/admin/consoletype.te | 7 +
modules/admin/netutils.te | 10 -
modules/admin/prelink.te | 1
modules/admin/rpm.fc | 2
modules/admin/rpm.if | 4
modules/admin/usermanage.te | 2
modules/kernel/corenetwork.te.in | 5
modules/kernel/devices.fc | 1
modules/kernel/files.fc | 1
modules/kernel/filesystem.te | 2
modules/kernel/kernel.if | 38 ++++++
modules/kernel/storage.fc | 1
modules/services/amavis.te | 2
modules/services/automount.te | 8 +
modules/services/avahi.te | 1
modules/services/bluetooth.if | 23 +++
modules/services/bluetooth.te | 2
modules/services/clamav.fc | 3
modules/services/clamav.if | 22 +++
modules/services/clamav.te | 20 ---
modules/services/cups.te | 4
modules/services/cyrus.te | 1
modules/services/dovecot.fc | 1
modules/services/dovecot.te | 10 +
modules/services/ftp.te | 2
modules/services/hal.te | 6 -
modules/services/lpd.if | 20 +--
modules/services/mailman.te | 15 ++
modules/services/nscd.if | 20 +++
modules/services/openvpn.te | 8 +
modules/services/pegasus.if | 31 +++++
modules/services/pegasus.te | 5
modules/services/postfix.te | 6 -
modules/services/postgrey.fc | 2
modules/services/postgrey.if | 19 +++
modules/services/postgrey.te | 20 +++
modules/services/procmail.te | 5
modules/services/radius.fc | 1
modules/services/radius.te | 8 +
modules/services/remotelogin.te | 1
modules/services/samba.te | 6 -
modules/services/setroubleshoot.fc | 8 +
modules/services/setroubleshoot.if | 24 ++++
modules/services/setroubleshoot.te | 128 +++++++++++++++++++++
modules/services/squid.te | 5
modules/services/tftp.te | 1
modules/services/xfs.te | 2
modules/services/xserver.if | 22 +++
modules/services/xserver.te | 3
modules/services/zebra.te | 2
modules/system/authlogin.if | 3
modules/system/authlogin.te | 1
modules/system/fstools.fc | 1
modules/system/getty.fc | 1
modules/system/getty.te | 3
modules/system/hostname.te | 5
modules/system/hotplug.te | 2
modules/system/init.if | 7 -
modules/system/libraries.fc | 2
modules/system/locallogin.te | 1
modules/system/logging.if | 2
modules/system/logging.te | 6 -
modules/system/selinuxutil.te | 21 +++
modules/system/setrans.te | 5
modules/system/sysnetwork.te | 1
modules/system/udev.te | 4
modules/system/unconfined.fc | 1
modules/system/unconfined.if | 1
modules/system/unconfined.te | 8 -
modules/system/userdomain.if | 221 ++++++++++++++++++++++++-------------
modules/system/userdomain.te | 38 ++----
modules/system/xen.te | 2
74 files changed, 739 insertions(+), 209 deletions(-)
Index: policy-20060608.patch
===================================================================
RCS file: /cvs/dist/rpms/selinux-policy/devel/policy-20060608.patch,v
retrieving revision 1.28
retrieving revision 1.29
diff -u -r1.28 -r1.29
--- policy-20060608.patch 19 Jul 2006 18:39:31 -0000 1.28
+++ policy-20060608.patch 19 Jul 2006 18:44:13 -0000 1.29
@@ -606,7 +606,7 @@
kernel_read_kernel_sysctls(clamscan_t)
diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/cups.te serefpolicy-2.3.3/policy/modules/services/cups.te
--- nsaserefpolicy/policy/modules/services/cups.te 2006-07-14 17:04:41.000000000 -0400
-+++ serefpolicy-2.3.3/policy/modules/services/cups.te 2006-07-18 10:42:09.000000000 -0400
++++ serefpolicy-2.3.3/policy/modules/services/cups.te 2006-07-19 14:44:51.000000000 -0400
@@ -81,6 +81,7 @@
allow cupsd_t self:unix_stream_socket { create_stream_socket_perms connectto };
allow cupsd_t self:unix_dgram_socket create_socket_perms;
@@ -621,7 +621,7 @@
-seutil_dontaudit_read_config(cupsd_t)
+seutil_read_config(cupsd_t)
-+selinux_get_enforce_mode(cupsd_t)
++selinux_compute_access_vector(cupsd_t)
sysnet_read_config(cupsd_t)
More information about the fedora-cvs-commits
mailing list