rpms/selinux-policy/devel .cvsignore, 1.73, 1.74 policy-20060608.patch, 1.15, 1.16 selinux-policy.spec, 1.218, 1.219 sources, 1.77, 1.78

fedora-cvs-commits at redhat.com fedora-cvs-commits at redhat.com
Thu Jun 22 19:16:53 UTC 2006 

Author: dwalsh

Update of /cvs/dist/rpms/selinux-policy/devel
In directory cvs.devel.redhat.com:/tmp/cvs-serv9366

Modified Files:
	.cvsignore policy-20060608.patch selinux-policy.spec sources 
Log Message:
* Thu Jun 22 2006 Dan Walsh <dwalsh at redhat.com> 2.3.1-1
- Update to upstream
- Add new class for kernel key ring



Index: .cvsignore
===================================================================
RCS file: /cvs/dist/rpms/selinux-policy/devel/.cvsignore,v
retrieving revision 1.73
retrieving revision 1.74
diff -u -r1.73 -r1.74
--- .cvsignore	22 Jun 2006 01:15:06 -0000	1.73
+++ .cvsignore	22 Jun 2006 19:16:49 -0000	1.74
@@ -74,3 +74,4 @@
 serefpolicy-2.2.47.tgz
 serefpolicy-2.2.48.tgz
 serefpolicy-2.2.49.tgz
+serefpolicy-2.3.1.tgz

policy-20060608.patch:
 global_tunables               |    7 +
 modules/admin/consoletype.te  |    7 +
 modules/kernel/kernel.if      |   38 +++++++
 modules/services/pegasus.if   |   31 ++++++
 modules/services/pegasus.te   |    5 -
 modules/services/squid.te     |    2 
 modules/services/tftp.te      |    1 
 modules/system/hostname.te    |    5 -
 modules/system/init.if        |    7 -
 modules/system/selinuxutil.te |    2 
 modules/system/userdomain.if  |  201 ++++++++++++++++++++++++++----------------
 modules/system/userdomain.te  |   32 ++----
 12 files changed, 232 insertions(+), 106 deletions(-)

Index: policy-20060608.patch
===================================================================
RCS file: /cvs/dist/rpms/selinux-policy/devel/policy-20060608.patch,v
retrieving revision 1.15
retrieving revision 1.16
diff -u -r1.15 -r1.16
--- policy-20060608.patch	21 Jun 2006 20:33:38 -0000	1.15
+++ policy-20060608.patch	22 Jun 2006 19:16:49 -0000	1.16
@@ -1,6 +1,6 @@
-diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/global_tunables serefpolicy-2.2.48/policy/global_tunables
+diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/global_tunables serefpolicy-2.2.49/policy/global_tunables
 --- nsaserefpolicy/policy/global_tunables	2006-06-08 08:45:56.000000000 -0400
-+++ serefpolicy-2.2.48/policy/global_tunables	2006-06-21 10:00:37.000000000 -0400
++++ serefpolicy-2.2.49/policy/global_tunables	2006-06-22 15:13:37.000000000 -0400
 @@ -89,6 +89,13 @@
  
  ## <desc>
@@ -15,9 +15,9 @@
  ## Allow java executable stack
  ## </p>
  ## </desc>
-diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/admin/consoletype.te serefpolicy-2.2.48/policy/modules/admin/consoletype.te
+diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/admin/consoletype.te serefpolicy-2.2.49/policy/modules/admin/consoletype.te
 --- nsaserefpolicy/policy/modules/admin/consoletype.te	2006-05-19 10:07:51.000000000 -0400
-+++ serefpolicy-2.2.48/policy/modules/admin/consoletype.te	2006-06-21 10:00:37.000000000 -0400
++++ serefpolicy-2.2.49/policy/modules/admin/consoletype.te	2006-06-22 15:13:37.000000000 -0400
 @@ -8,7 +8,12 @@
  
  type consoletype_t;
@@ -32,9 +32,9 @@
  mls_file_read_up(consoletype_t)
  mls_file_write_down(consoletype_t)
  role system_r types consoletype_t;
-diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/kernel/kernel.if serefpolicy-2.2.48/policy/modules/kernel/kernel.if
+diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/kernel/kernel.if serefpolicy-2.2.49/policy/modules/kernel/kernel.if
 --- nsaserefpolicy/policy/modules/kernel/kernel.if	2006-05-26 14:02:27.000000000 -0400
-+++ serefpolicy-2.2.48/policy/modules/kernel/kernel.if	2006-06-21 10:00:37.000000000 -0400
++++ serefpolicy-2.2.49/policy/modules/kernel/kernel.if	2006-06-22 15:13:37.000000000 -0400
 @@ -2096,3 +2096,41 @@
  
  	typeattribute $1 kern_unconfined;
@@ -77,9 +77,9 @@
 +	dontaudit $1 proc_type:dir list_dir_perms;
 +	dontaudit $1 proc_type:file getattr;
 +')
-diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/pegasus.if serefpolicy-2.2.48/policy/modules/services/pegasus.if
+diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/pegasus.if serefpolicy-2.2.49/policy/modules/services/pegasus.if
 --- nsaserefpolicy/policy/modules/services/pegasus.if	2005-10-25 13:40:18.000000000 -0400
-+++ serefpolicy-2.2.48/policy/modules/services/pegasus.if	2006-06-21 10:00:37.000000000 -0400
++++ serefpolicy-2.2.49/policy/modules/services/pegasus.if	2006-06-22 15:13:37.000000000 -0400
 @@ -1 +1,32 @@
  ## <summary>The Open Group Pegasus CIM/WBEM Server.</summary>
 +
@@ -113,9 +113,9 @@
 +	allow pegasus_t $1:fifo_file rw_file_perms;
 +	allow pegasus_t $1:process sigchld;
 +')
-diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/pegasus.te serefpolicy-2.2.48/policy/modules/services/pegasus.te
+diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/pegasus.te serefpolicy-2.2.49/policy/modules/services/pegasus.te
 --- nsaserefpolicy/policy/modules/services/pegasus.te	2006-06-08 08:45:58.000000000 -0400
-+++ serefpolicy-2.2.48/policy/modules/services/pegasus.te	2006-06-21 10:00:37.000000000 -0400
++++ serefpolicy-2.2.49/policy/modules/services/pegasus.te	2006-06-22 15:13:37.000000000 -0400
 @@ -100,13 +100,12 @@
  
  auth_use_nsswitch(pegasus_t)
@@ -132,9 +132,9 @@
  files_read_var_lib_symlinks(pegasus_t)
  
  hostname_exec(pegasus_t)
-diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/squid.te serefpolicy-2.2.48/policy/modules/services/squid.te
+diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/squid.te serefpolicy-2.2.49/policy/modules/services/squid.te
 --- nsaserefpolicy/policy/modules/services/squid.te	2006-06-06 22:21:56.000000000 -0400
-+++ serefpolicy-2.2.48/policy/modules/services/squid.te	2006-06-21 10:00:37.000000000 -0400
++++ serefpolicy-2.2.49/policy/modules/services/squid.te	2006-06-22 15:13:37.000000000 -0400
 @@ -80,8 +80,10 @@
  corenet_tcp_bind_all_nodes(squid_t)
  corenet_udp_bind_all_nodes(squid_t)
@@ -146,9 +146,9 @@
  corenet_tcp_connect_ftp_port(squid_t)
  corenet_tcp_connect_gopher_port(squid_t)
  corenet_tcp_connect_http_port(squid_t)
-diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/tftp.te serefpolicy-2.2.48/policy/modules/services/tftp.te
+diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/tftp.te serefpolicy-2.2.49/policy/modules/services/tftp.te
 --- nsaserefpolicy/policy/modules/services/tftp.te	2006-06-06 22:21:56.000000000 -0400
-+++ serefpolicy-2.2.48/policy/modules/services/tftp.te	2006-06-21 10:00:37.000000000 -0400
++++ serefpolicy-2.2.49/policy/modules/services/tftp.te	2006-06-22 15:13:37.000000000 -0400
 @@ -78,6 +78,7 @@
  miscfiles_read_localization(tftpd_t)
  
@@ -157,9 +157,9 @@
  
  userdom_dontaudit_use_unpriv_user_fds(tftpd_t)
  userdom_dontaudit_use_sysadm_ttys(tftpd_t)
-diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/hostname.te serefpolicy-2.2.48/policy/modules/system/hostname.te
+diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/hostname.te serefpolicy-2.2.49/policy/modules/system/hostname.te
 --- nsaserefpolicy/policy/modules/system/hostname.te	2006-03-02 18:45:56.000000000 -0500
-+++ serefpolicy-2.2.48/policy/modules/system/hostname.te	2006-06-21 10:00:37.000000000 -0400
++++ serefpolicy-2.2.49/policy/modules/system/hostname.te	2006-06-22 15:13:37.000000000 -0400
 @@ -8,7 +8,10 @@
  
  type hostname_t;
@@ -172,9 +172,9 @@
  role system_r types hostname_t;
  
  ########################################
-diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/init.if serefpolicy-2.2.48/policy/modules/system/init.if
+diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/init.if serefpolicy-2.2.49/policy/modules/system/init.if
 --- nsaserefpolicy/policy/modules/system/init.if	2006-06-06 22:21:56.000000000 -0400
-+++ serefpolicy-2.2.48/policy/modules/system/init.if	2006-06-21 10:00:37.000000000 -0400
++++ serefpolicy-2.2.49/policy/modules/system/init.if	2006-06-22 15:13:37.000000000 -0400
 @@ -158,13 +158,6 @@
  	allow $1 initrc_t:fifo_file rw_file_perms;
  	allow $1 initrc_t:process sigchld;
@@ -189,9 +189,9 @@
  ')
  
  ########################################
-diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/selinuxutil.te serefpolicy-2.2.48/policy/modules/system/selinuxutil.te
+diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/selinuxutil.te serefpolicy-2.2.49/policy/modules/system/selinuxutil.te
 --- nsaserefpolicy/policy/modules/system/selinuxutil.te	2006-06-13 07:03:48.000000000 -0400
-+++ serefpolicy-2.2.48/policy/modules/system/selinuxutil.te	2006-06-21 10:00:37.000000000 -0400
++++ serefpolicy-2.2.49/policy/modules/system/selinuxutil.te	2006-06-22 15:13:37.000000000 -0400
 @@ -352,6 +352,8 @@
  kernel_relabelfrom_unlabeled_symlinks(restorecon_t)
  kernel_relabelfrom_unlabeled_pipes(restorecon_t)
@@ -201,9 +201,9 @@
  
  dev_relabel_all_dev_nodes(restorecon_t)
  # cjp: why is this needed?
-diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/userdomain.if serefpolicy-2.2.48/policy/modules/system/userdomain.if
---- nsaserefpolicy/policy/modules/system/userdomain.if	2006-06-20 09:54:08.000000000 -0400
-+++ serefpolicy-2.2.48/policy/modules/system/userdomain.if	2006-06-21 10:00:37.000000000 -0400
+diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/userdomain.if serefpolicy-2.2.49/policy/modules/system/userdomain.if
+--- nsaserefpolicy/policy/modules/system/userdomain.if	2006-06-22 15:12:02.000000000 -0400
++++ serefpolicy-2.2.49/policy/modules/system/userdomain.if	2006-06-22 15:13:37.000000000 -0400
 @@ -8,11 +8,10 @@
  ## <desc>
  ##	<p>
@@ -508,7 +508,7 @@
  	files_home_filetrans($1,user_home_dir_t,dir)
  ')
  
-@@ -4767,3 +4789,34 @@
+@@ -4789,3 +4789,34 @@
  	allow $1 user_home_dir_t:dir create_dir_perms;
  	files_home_filetrans($1,user_home_dir_t,dir)
  ')
@@ -543,9 +543,9 @@
 +        dontaudit $1_t { $2_devpts_t $2_tty_device_t }:chr_file ioctl;
 +')
 +
-diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/userdomain.te serefpolicy-2.2.48/policy/modules/system/userdomain.te
---- nsaserefpolicy/policy/modules/system/userdomain.te	2006-06-13 07:03:49.000000000 -0400
-+++ serefpolicy-2.2.48/policy/modules/system/userdomain.te	2006-06-21 10:00:37.000000000 -0400
+diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/userdomain.te serefpolicy-2.2.49/policy/modules/system/userdomain.te
+--- nsaserefpolicy/policy/modules/system/userdomain.te	2006-06-22 15:12:02.000000000 -0400
++++ serefpolicy-2.2.49/policy/modules/system/userdomain.te	2006-06-22 15:13:37.000000000 -0400
 @@ -56,14 +56,6 @@
  # Local policy
  #


Index: selinux-policy.spec
===================================================================
RCS file: /cvs/dist/rpms/selinux-policy/devel/selinux-policy.spec,v
retrieving revision 1.218
retrieving revision 1.219
diff -u -r1.218 -r1.219
--- selinux-policy.spec	21 Jun 2006 20:33:38 -0000	1.218
+++ selinux-policy.spec	22 Jun 2006 19:16:49 -0000	1.219
@@ -15,7 +15,7 @@
 %define CHECKPOLICYVER 1.30.4-1
 Summary: SELinux policy configuration
 Name: selinux-policy
-Version: 2.2.49
+Version: 2.3.1
 Release: 1
 License: GPL
 Group: System Environment/Base
@@ -342,6 +342,10 @@
 %endif
 
 %changelog
+* Thu Jun 22 2006 Dan Walsh <dwalsh at redhat.com> 2.3.1-1
+- Update to upstream
+- Add new class for kernel key ring
+
 * Wed Jun 21 2006 Dan Walsh <dwalsh at redhat.com> 2.2.49-1
 - Update to upstream
 


Index: sources
===================================================================
RCS file: /cvs/dist/rpms/selinux-policy/devel/sources,v
retrieving revision 1.77
retrieving revision 1.78
diff -u -r1.77 -r1.78
--- sources	22 Jun 2006 01:15:06 -0000	1.77
+++ sources	22 Jun 2006 19:16:49 -0000	1.78
@@ -1 +1 @@
-a28b824570eeac1482c43c62f88735c9  serefpolicy-2.2.49.tgz
+ea51e2652a0d30a9a043cca14c4523fe  serefpolicy-2.3.1.tgz

More information about the fedora-cvs-commits mailing list