rpms/selinux-policy/devel .cvsignore, 1.73, 1.74 policy-20060608.patch, 1.15, 1.16 selinux-policy.spec, 1.218, 1.219 sources, 1.77, 1.78
fedora-cvs-commits at redhat.com
fedora-cvs-commits at redhat.com
Thu Jun 22 19:16:53 UTC 2006
Author: dwalsh
Update of /cvs/dist/rpms/selinux-policy/devel
In directory cvs.devel.redhat.com:/tmp/cvs-serv9366
Modified Files:
.cvsignore policy-20060608.patch selinux-policy.spec sources
Log Message:
* Thu Jun 22 2006 Dan Walsh <dwalsh at redhat.com> 2.3.1-1
- Update to upstream
- Add new class for kernel key ring
Index: .cvsignore
===================================================================
RCS file: /cvs/dist/rpms/selinux-policy/devel/.cvsignore,v
retrieving revision 1.73
retrieving revision 1.74
diff -u -r1.73 -r1.74
--- .cvsignore 22 Jun 2006 01:15:06 -0000 1.73
+++ .cvsignore 22 Jun 2006 19:16:49 -0000 1.74
@@ -74,3 +74,4 @@
serefpolicy-2.2.47.tgz
serefpolicy-2.2.48.tgz
serefpolicy-2.2.49.tgz
+serefpolicy-2.3.1.tgz
policy-20060608.patch:
global_tunables | 7 +
modules/admin/consoletype.te | 7 +
modules/kernel/kernel.if | 38 +++++++
modules/services/pegasus.if | 31 ++++++
modules/services/pegasus.te | 5 -
modules/services/squid.te | 2
modules/services/tftp.te | 1
modules/system/hostname.te | 5 -
modules/system/init.if | 7 -
modules/system/selinuxutil.te | 2
modules/system/userdomain.if | 201 ++++++++++++++++++++++++++----------------
modules/system/userdomain.te | 32 ++----
12 files changed, 232 insertions(+), 106 deletions(-)
Index: policy-20060608.patch
===================================================================
RCS file: /cvs/dist/rpms/selinux-policy/devel/policy-20060608.patch,v
retrieving revision 1.15
retrieving revision 1.16
diff -u -r1.15 -r1.16
--- policy-20060608.patch 21 Jun 2006 20:33:38 -0000 1.15
+++ policy-20060608.patch 22 Jun 2006 19:16:49 -0000 1.16
@@ -1,6 +1,6 @@
-diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/global_tunables serefpolicy-2.2.48/policy/global_tunables
+diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/global_tunables serefpolicy-2.2.49/policy/global_tunables
--- nsaserefpolicy/policy/global_tunables 2006-06-08 08:45:56.000000000 -0400
-+++ serefpolicy-2.2.48/policy/global_tunables 2006-06-21 10:00:37.000000000 -0400
++++ serefpolicy-2.2.49/policy/global_tunables 2006-06-22 15:13:37.000000000 -0400
@@ -89,6 +89,13 @@
## <desc>
@@ -15,9 +15,9 @@
## Allow java executable stack
## </p>
## </desc>
-diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/admin/consoletype.te serefpolicy-2.2.48/policy/modules/admin/consoletype.te
+diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/admin/consoletype.te serefpolicy-2.2.49/policy/modules/admin/consoletype.te
--- nsaserefpolicy/policy/modules/admin/consoletype.te 2006-05-19 10:07:51.000000000 -0400
-+++ serefpolicy-2.2.48/policy/modules/admin/consoletype.te 2006-06-21 10:00:37.000000000 -0400
++++ serefpolicy-2.2.49/policy/modules/admin/consoletype.te 2006-06-22 15:13:37.000000000 -0400
@@ -8,7 +8,12 @@
type consoletype_t;
@@ -32,9 +32,9 @@
mls_file_read_up(consoletype_t)
mls_file_write_down(consoletype_t)
role system_r types consoletype_t;
-diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/kernel/kernel.if serefpolicy-2.2.48/policy/modules/kernel/kernel.if
+diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/kernel/kernel.if serefpolicy-2.2.49/policy/modules/kernel/kernel.if
--- nsaserefpolicy/policy/modules/kernel/kernel.if 2006-05-26 14:02:27.000000000 -0400
-+++ serefpolicy-2.2.48/policy/modules/kernel/kernel.if 2006-06-21 10:00:37.000000000 -0400
++++ serefpolicy-2.2.49/policy/modules/kernel/kernel.if 2006-06-22 15:13:37.000000000 -0400
@@ -2096,3 +2096,41 @@
typeattribute $1 kern_unconfined;
@@ -77,9 +77,9 @@
+ dontaudit $1 proc_type:dir list_dir_perms;
+ dontaudit $1 proc_type:file getattr;
+')
-diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/pegasus.if serefpolicy-2.2.48/policy/modules/services/pegasus.if
+diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/pegasus.if serefpolicy-2.2.49/policy/modules/services/pegasus.if
--- nsaserefpolicy/policy/modules/services/pegasus.if 2005-10-25 13:40:18.000000000 -0400
-+++ serefpolicy-2.2.48/policy/modules/services/pegasus.if 2006-06-21 10:00:37.000000000 -0400
++++ serefpolicy-2.2.49/policy/modules/services/pegasus.if 2006-06-22 15:13:37.000000000 -0400
@@ -1 +1,32 @@
## <summary>The Open Group Pegasus CIM/WBEM Server.</summary>
+
@@ -113,9 +113,9 @@
+ allow pegasus_t $1:fifo_file rw_file_perms;
+ allow pegasus_t $1:process sigchld;
+')
-diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/pegasus.te serefpolicy-2.2.48/policy/modules/services/pegasus.te
+diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/pegasus.te serefpolicy-2.2.49/policy/modules/services/pegasus.te
--- nsaserefpolicy/policy/modules/services/pegasus.te 2006-06-08 08:45:58.000000000 -0400
-+++ serefpolicy-2.2.48/policy/modules/services/pegasus.te 2006-06-21 10:00:37.000000000 -0400
++++ serefpolicy-2.2.49/policy/modules/services/pegasus.te 2006-06-22 15:13:37.000000000 -0400
@@ -100,13 +100,12 @@
auth_use_nsswitch(pegasus_t)
@@ -132,9 +132,9 @@
files_read_var_lib_symlinks(pegasus_t)
hostname_exec(pegasus_t)
-diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/squid.te serefpolicy-2.2.48/policy/modules/services/squid.te
+diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/squid.te serefpolicy-2.2.49/policy/modules/services/squid.te
--- nsaserefpolicy/policy/modules/services/squid.te 2006-06-06 22:21:56.000000000 -0400
-+++ serefpolicy-2.2.48/policy/modules/services/squid.te 2006-06-21 10:00:37.000000000 -0400
++++ serefpolicy-2.2.49/policy/modules/services/squid.te 2006-06-22 15:13:37.000000000 -0400
@@ -80,8 +80,10 @@
corenet_tcp_bind_all_nodes(squid_t)
corenet_udp_bind_all_nodes(squid_t)
@@ -146,9 +146,9 @@
corenet_tcp_connect_ftp_port(squid_t)
corenet_tcp_connect_gopher_port(squid_t)
corenet_tcp_connect_http_port(squid_t)
-diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/tftp.te serefpolicy-2.2.48/policy/modules/services/tftp.te
+diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/tftp.te serefpolicy-2.2.49/policy/modules/services/tftp.te
--- nsaserefpolicy/policy/modules/services/tftp.te 2006-06-06 22:21:56.000000000 -0400
-+++ serefpolicy-2.2.48/policy/modules/services/tftp.te 2006-06-21 10:00:37.000000000 -0400
++++ serefpolicy-2.2.49/policy/modules/services/tftp.te 2006-06-22 15:13:37.000000000 -0400
@@ -78,6 +78,7 @@
miscfiles_read_localization(tftpd_t)
@@ -157,9 +157,9 @@
userdom_dontaudit_use_unpriv_user_fds(tftpd_t)
userdom_dontaudit_use_sysadm_ttys(tftpd_t)
-diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/hostname.te serefpolicy-2.2.48/policy/modules/system/hostname.te
+diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/hostname.te serefpolicy-2.2.49/policy/modules/system/hostname.te
--- nsaserefpolicy/policy/modules/system/hostname.te 2006-03-02 18:45:56.000000000 -0500
-+++ serefpolicy-2.2.48/policy/modules/system/hostname.te 2006-06-21 10:00:37.000000000 -0400
++++ serefpolicy-2.2.49/policy/modules/system/hostname.te 2006-06-22 15:13:37.000000000 -0400
@@ -8,7 +8,10 @@
type hostname_t;
@@ -172,9 +172,9 @@
role system_r types hostname_t;
########################################
-diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/init.if serefpolicy-2.2.48/policy/modules/system/init.if
+diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/init.if serefpolicy-2.2.49/policy/modules/system/init.if
--- nsaserefpolicy/policy/modules/system/init.if 2006-06-06 22:21:56.000000000 -0400
-+++ serefpolicy-2.2.48/policy/modules/system/init.if 2006-06-21 10:00:37.000000000 -0400
++++ serefpolicy-2.2.49/policy/modules/system/init.if 2006-06-22 15:13:37.000000000 -0400
@@ -158,13 +158,6 @@
allow $1 initrc_t:fifo_file rw_file_perms;
allow $1 initrc_t:process sigchld;
@@ -189,9 +189,9 @@
')
########################################
-diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/selinuxutil.te serefpolicy-2.2.48/policy/modules/system/selinuxutil.te
+diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/selinuxutil.te serefpolicy-2.2.49/policy/modules/system/selinuxutil.te
--- nsaserefpolicy/policy/modules/system/selinuxutil.te 2006-06-13 07:03:48.000000000 -0400
-+++ serefpolicy-2.2.48/policy/modules/system/selinuxutil.te 2006-06-21 10:00:37.000000000 -0400
++++ serefpolicy-2.2.49/policy/modules/system/selinuxutil.te 2006-06-22 15:13:37.000000000 -0400
@@ -352,6 +352,8 @@
kernel_relabelfrom_unlabeled_symlinks(restorecon_t)
kernel_relabelfrom_unlabeled_pipes(restorecon_t)
@@ -201,9 +201,9 @@
dev_relabel_all_dev_nodes(restorecon_t)
# cjp: why is this needed?
-diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/userdomain.if serefpolicy-2.2.48/policy/modules/system/userdomain.if
---- nsaserefpolicy/policy/modules/system/userdomain.if 2006-06-20 09:54:08.000000000 -0400
-+++ serefpolicy-2.2.48/policy/modules/system/userdomain.if 2006-06-21 10:00:37.000000000 -0400
+diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/userdomain.if serefpolicy-2.2.49/policy/modules/system/userdomain.if
+--- nsaserefpolicy/policy/modules/system/userdomain.if 2006-06-22 15:12:02.000000000 -0400
++++ serefpolicy-2.2.49/policy/modules/system/userdomain.if 2006-06-22 15:13:37.000000000 -0400
@@ -8,11 +8,10 @@
## <desc>
## <p>
@@ -508,7 +508,7 @@
files_home_filetrans($1,user_home_dir_t,dir)
')
-@@ -4767,3 +4789,34 @@
+@@ -4789,3 +4789,34 @@
allow $1 user_home_dir_t:dir create_dir_perms;
files_home_filetrans($1,user_home_dir_t,dir)
')
@@ -543,9 +543,9 @@
+ dontaudit $1_t { $2_devpts_t $2_tty_device_t }:chr_file ioctl;
+')
+
-diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/userdomain.te serefpolicy-2.2.48/policy/modules/system/userdomain.te
---- nsaserefpolicy/policy/modules/system/userdomain.te 2006-06-13 07:03:49.000000000 -0400
-+++ serefpolicy-2.2.48/policy/modules/system/userdomain.te 2006-06-21 10:00:37.000000000 -0400
+diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/userdomain.te serefpolicy-2.2.49/policy/modules/system/userdomain.te
+--- nsaserefpolicy/policy/modules/system/userdomain.te 2006-06-22 15:12:02.000000000 -0400
++++ serefpolicy-2.2.49/policy/modules/system/userdomain.te 2006-06-22 15:13:37.000000000 -0400
@@ -56,14 +56,6 @@
# Local policy
#
Index: selinux-policy.spec
===================================================================
RCS file: /cvs/dist/rpms/selinux-policy/devel/selinux-policy.spec,v
retrieving revision 1.218
retrieving revision 1.219
diff -u -r1.218 -r1.219
--- selinux-policy.spec 21 Jun 2006 20:33:38 -0000 1.218
+++ selinux-policy.spec 22 Jun 2006 19:16:49 -0000 1.219
@@ -15,7 +15,7 @@
%define CHECKPOLICYVER 1.30.4-1
Summary: SELinux policy configuration
Name: selinux-policy
-Version: 2.2.49
+Version: 2.3.1
Release: 1
License: GPL
Group: System Environment/Base
@@ -342,6 +342,10 @@
%endif
%changelog
+* Thu Jun 22 2006 Dan Walsh <dwalsh at redhat.com> 2.3.1-1
+- Update to upstream
+- Add new class for kernel key ring
+
* Wed Jun 21 2006 Dan Walsh <dwalsh at redhat.com> 2.2.49-1
- Update to upstream
Index: sources
===================================================================
RCS file: /cvs/dist/rpms/selinux-policy/devel/sources,v
retrieving revision 1.77
retrieving revision 1.78
diff -u -r1.77 -r1.78
--- sources 22 Jun 2006 01:15:06 -0000 1.77
+++ sources 22 Jun 2006 19:16:49 -0000 1.78
@@ -1 +1 @@
-a28b824570eeac1482c43c62f88735c9 serefpolicy-2.2.49.tgz
+ea51e2652a0d30a9a043cca14c4523fe serefpolicy-2.3.1.tgz
More information about the fedora-cvs-commits
mailing list