rpms/selinux-policy/devel policy-20060207.patch, 1.42, 1.43 selinux-policy.spec, 1.143, 1.144
fedora-cvs-commits at redhat.com
fedora-cvs-commits at redhat.com
Thu Mar 9 00:19:00 UTC 2006
Author: katzj
Update of /cvs/dist/rpms/selinux-policy/devel
In directory cvs.devel.redhat.com:/tmp/cvs-serv12687
Modified Files:
policy-20060207.patch selinux-policy.spec
Log Message:
* Wed Mar 8 2006 Jeremy Katz <katzj at redhat.com> - 2.2.23-10
- more xen fixage (#184393)
policy-20060207.patch:
Rules.modular | 2
policy/modules/admin/readahead.te | 2
policy/modules/admin/rpm.fc | 2
policy/modules/admin/su.fc | 1
policy/modules/admin/su.if | 6
policy/modules/admin/vbetool.te | 5
policy/modules/kernel/corenetwork.te.in | 3
policy/modules/kernel/devices.if | 20 +++
policy/modules/kernel/files.fc | 8 -
policy/modules/kernel/files.if | 20 ++-
policy/modules/kernel/filesystem.te | 1
policy/modules/kernel/kernel.if | 102 ++++++++++++++++
policy/modules/kernel/kernel.te | 3
policy/modules/services/apache.fc | 2
policy/modules/services/apache.if | 5
policy/modules/services/apm.fc | 2
policy/modules/services/apm.te | 4
policy/modules/services/bluetooth.te | 19 +--
policy/modules/services/cron.te | 3
policy/modules/services/cups.fc | 2
policy/modules/services/cups.if | 22 +++
policy/modules/services/cups.te | 7 -
policy/modules/services/cvs.te | 2
policy/modules/services/hal.if | 41 ++++++
policy/modules/services/hal.te | 8 +
policy/modules/services/ktalk.fc | 1
policy/modules/services/ktalk.te | 6
policy/modules/services/mailman.if | 25 ++++
policy/modules/services/nscd.if | 2
policy/modules/services/postfix.te | 4
policy/modules/services/samba.te | 2
policy/modules/system/fstools.te | 1
policy/modules/system/init.te | 5
policy/modules/system/libraries.fc | 2
policy/modules/system/locallogin.te | 1
policy/modules/system/lvm.fc | 1
policy/modules/system/lvm.te | 3
policy/modules/system/selinuxutil.fc | 6
policy/modules/system/selinuxutil.te | 4
policy/modules/system/sysnetwork.te | 3
policy/modules/system/udev.te | 2
policy/modules/system/unconfined.te | 8 -
policy/modules/system/xend.fc | 20 +++
policy/modules/system/xend.if | 71 +++++++++++
policy/modules/system/xend.te | 198 ++++++++++++++++++++++++++++++++
support/Makefile.devel | 5
46 files changed, 617 insertions(+), 45 deletions(-)
Index: policy-20060207.patch
===================================================================
RCS file: /cvs/dist/rpms/selinux-policy/devel/policy-20060207.patch,v
retrieving revision 1.42
retrieving revision 1.43
diff -u -r1.42 -r1.43
--- policy-20060207.patch 8 Mar 2006 22:11:17 -0000 1.42
+++ policy-20060207.patch 9 Mar 2006 00:18:57 -0000 1.43
@@ -1,6 +1,6 @@
-diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/admin/readahead.te serefpolicy-2.2.23/policy/modules/admin/readahead.te
---- nsaserefpolicy/policy/modules/admin/readahead.te 2006-03-04 00:06:33.000000000 -0500
-+++ serefpolicy-2.2.23/policy/modules/admin/readahead.te 2006-03-07 13:42:37.000000000 -0500
+diff -urN serefpolicy-2.2.23/policy/modules/admin/readahead.te serefpolicy/policy/modules/admin/readahead.te
+--- serefpolicy-2.2.23/policy/modules/admin/readahead.te 2006-03-04 00:06:50.000000000 -0500
++++ serefpolicy/policy/modules/admin/readahead.te 2006-03-08 19:11:33.000000000 -0500
@@ -18,7 +18,7 @@
# Local policy
#
@@ -10,9 +10,9 @@
allow readahead_t self:process signal_perms;
allow readahead_t readahead_var_run_t:file create_file_perms;
-diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/admin/rpm.fc serefpolicy-2.2.23/policy/modules/admin/rpm.fc
---- nsaserefpolicy/policy/modules/admin/rpm.fc 2006-01-27 21:35:04.000000000 -0500
-+++ serefpolicy-2.2.23/policy/modules/admin/rpm.fc 2006-03-07 15:39:28.000000000 -0500
+diff -urN serefpolicy-2.2.23/policy/modules/admin/rpm.fc serefpolicy/policy/modules/admin/rpm.fc
+--- serefpolicy-2.2.23/policy/modules/admin/rpm.fc 2006-03-04 00:06:50.000000000 -0500
++++ serefpolicy/policy/modules/admin/rpm.fc 2006-03-08 19:11:33.000000000 -0500
@@ -25,7 +25,7 @@
/var/lib/rpm(/.*)? gen_context(system_u:object_r:rpm_var_lib_t,s0)
@@ -22,17 +22,17 @@
# SuSE
ifdef(`distro_suse', `
-diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/admin/su.fc serefpolicy-2.2.23/policy/modules/admin/su.fc
---- nsaserefpolicy/policy/modules/admin/su.fc 2005-11-14 18:24:06.000000000 -0500
-+++ serefpolicy-2.2.23/policy/modules/admin/su.fc 2006-03-07 13:42:37.000000000 -0500
+diff -urN serefpolicy-2.2.23/policy/modules/admin/su.fc serefpolicy/policy/modules/admin/su.fc
+--- serefpolicy-2.2.23/policy/modules/admin/su.fc 2006-03-04 00:06:50.000000000 -0500
++++ serefpolicy/policy/modules/admin/su.fc 2006-03-08 19:11:33.000000000 -0500
@@ -2,3 +2,4 @@
/bin/su -- gen_context(system_u:object_r:su_exec_t,s0)
/usr(/local)?/bin/ksu -- gen_context(system_u:object_r:su_exec_t,s0)
+/usr/bin/kdesu -- gen_context(system_u:object_r:su_exec_t,s0)
-diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/admin/su.if serefpolicy-2.2.23/policy/modules/admin/su.if
---- nsaserefpolicy/policy/modules/admin/su.if 2006-03-04 00:06:33.000000000 -0500
-+++ serefpolicy-2.2.23/policy/modules/admin/su.if 2006-03-07 13:42:37.000000000 -0500
+diff -urN serefpolicy-2.2.23/policy/modules/admin/su.if serefpolicy/policy/modules/admin/su.if
+--- serefpolicy-2.2.23/policy/modules/admin/su.if 2006-03-04 00:06:50.000000000 -0500
++++ serefpolicy/policy/modules/admin/su.if 2006-03-08 19:11:33.000000000 -0500
@@ -141,10 +141,10 @@
# By default, revert to the calling domain when a shell is executed.
@@ -47,9 +47,9 @@
kernel_read_system_state($1_su_t)
kernel_read_kernel_sysctls($1_su_t)
-diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/admin/vbetool.te serefpolicy-2.2.23/policy/modules/admin/vbetool.te
---- nsaserefpolicy/policy/modules/admin/vbetool.te 2006-02-01 08:23:27.000000000 -0500
-+++ serefpolicy-2.2.23/policy/modules/admin/vbetool.te 2006-03-07 13:42:37.000000000 -0500
+diff -urN serefpolicy-2.2.23/policy/modules/admin/vbetool.te serefpolicy/policy/modules/admin/vbetool.te
+--- serefpolicy-2.2.23/policy/modules/admin/vbetool.te 2006-03-04 00:06:50.000000000 -0500
++++ serefpolicy/policy/modules/admin/vbetool.te 2006-03-08 19:11:33.000000000 -0500
@@ -15,6 +15,7 @@
# Local policy
#
@@ -66,9 +66,9 @@
+optional_policy(`hal',`
+ hal_rw_var_run(vbetool_t)
+')
-diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/kernel/corenetwork.te.in serefpolicy-2.2.23/policy/modules/kernel/corenetwork.te.in
---- nsaserefpolicy/policy/modules/kernel/corenetwork.te.in 2006-02-20 14:07:36.000000000 -0500
-+++ serefpolicy-2.2.23/policy/modules/kernel/corenetwork.te.in 2006-03-07 13:42:37.000000000 -0500
+diff -urN serefpolicy-2.2.23/policy/modules/kernel/corenetwork.te.in serefpolicy/policy/modules/kernel/corenetwork.te.in
+--- serefpolicy-2.2.23/policy/modules/kernel/corenetwork.te.in 2006-03-04 00:06:50.000000000 -0500
++++ serefpolicy/policy/modules/kernel/corenetwork.te.in 2006-03-08 19:11:33.000000000 -0500
@@ -66,7 +66,7 @@
network_port(giftd, tcp,1213,s0)
network_port(gopher, tcp,70,s0, udp,70,s0)
@@ -86,9 +86,9 @@
network_port(zebra, tcp,2601,s0)
network_port(zope, tcp,8021,s0)
-diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/kernel/devices.if serefpolicy-2.2.23/policy/modules/kernel/devices.if
---- nsaserefpolicy/policy/modules/kernel/devices.if 2006-02-23 09:25:08.000000000 -0500
-+++ serefpolicy-2.2.23/policy/modules/kernel/devices.if 2006-03-08 10:58:05.000000000 -0500
+diff -urN serefpolicy-2.2.23/policy/modules/kernel/devices.if serefpolicy/policy/modules/kernel/devices.if
+--- serefpolicy-2.2.23/policy/modules/kernel/devices.if 2006-03-04 00:06:50.000000000 -0500
++++ serefpolicy/policy/modules/kernel/devices.if 2006-03-08 19:11:33.000000000 -0500
@@ -2384,7 +2384,7 @@
')
@@ -120,9 +120,9 @@
+ dontaudit $1 device_node:dir_file_class_set getattr;
+')
+
-diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/kernel/files.fc serefpolicy-2.2.23/policy/modules/kernel/files.fc
---- nsaserefpolicy/policy/modules/kernel/files.fc 2006-03-04 00:06:34.000000000 -0500
-+++ serefpolicy-2.2.23/policy/modules/kernel/files.fc 2006-03-08 16:26:29.000000000 -0500
+diff -urN serefpolicy-2.2.23/policy/modules/kernel/files.fc serefpolicy/policy/modules/kernel/files.fc
+--- serefpolicy-2.2.23/policy/modules/kernel/files.fc 2006-03-04 00:06:50.000000000 -0500
++++ serefpolicy/policy/modules/kernel/files.fc 2006-03-08 19:11:33.000000000 -0500
@@ -45,7 +45,7 @@
/etc(/.*)? gen_context(system_u:object_r:etc_t,s0)
/etc/\.fstab\.hal\..+ -- gen_context(system_u:object_r:etc_runtime_t,s0)
@@ -159,9 +159,9 @@
HOME_ROOT/\.journal <<none>>
HOME_ROOT/lost\+found -d gen_context(system_u:object_r:lost_found_t,s15:c0.c255)
HOME_ROOT/lost\+found/.* <<none>>
-diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/kernel/files.if serefpolicy-2.2.23/policy/modules/kernel/files.if
---- nsaserefpolicy/policy/modules/kernel/files.if 2006-03-04 00:06:34.000000000 -0500
-+++ serefpolicy-2.2.23/policy/modules/kernel/files.if 2006-03-07 13:42:37.000000000 -0500
+diff -urN serefpolicy-2.2.23/policy/modules/kernel/files.if serefpolicy/policy/modules/kernel/files.if
+--- serefpolicy-2.2.23/policy/modules/kernel/files.if 2006-03-04 00:06:50.000000000 -0500
++++ serefpolicy/policy/modules/kernel/files.if 2006-03-08 19:11:33.000000000 -0500
@@ -1648,6 +1648,21 @@
')
@@ -200,17 +200,17 @@
')
########################################
-diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/kernel/filesystem.te serefpolicy-2.2.23/policy/modules/kernel/filesystem.te
---- nsaserefpolicy/policy/modules/kernel/filesystem.te 2006-02-14 07:20:25.000000000 -0500
-+++ serefpolicy-2.2.23/policy/modules/kernel/filesystem.te 2006-03-08 11:55:28.000000000 -0500
+diff -urN serefpolicy-2.2.23/policy/modules/kernel/filesystem.te serefpolicy/policy/modules/kernel/filesystem.te
+--- serefpolicy-2.2.23/policy/modules/kernel/filesystem.te 2006-03-04 00:06:50.000000000 -0500
++++ serefpolicy/policy/modules/kernel/filesystem.te 2006-03-08 19:11:33.000000000 -0500
@@ -167,3 +167,4 @@
genfscon nfs / gen_context(system_u:object_r:nfs_t,s0)
genfscon nfs4 / gen_context(system_u:object_r:nfs_t,s0)
genfscon afs / gen_context(system_u:object_r:nfs_t,s0)
+genfscon hfsplus / gen_context(system_u:object_r:nfs_t,s0)
-diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/kernel/kernel.if serefpolicy-2.2.23/policy/modules/kernel/kernel.if
---- nsaserefpolicy/policy/modules/kernel/kernel.if 2006-03-04 00:06:34.000000000 -0500
-+++ serefpolicy-2.2.23/policy/modules/kernel/kernel.if 2006-03-07 14:00:35.000000000 -0500
+diff -urN serefpolicy-2.2.23/policy/modules/kernel/kernel.if serefpolicy/policy/modules/kernel/kernel.if
+--- serefpolicy-2.2.23/policy/modules/kernel/kernel.if 2006-03-04 00:06:50.000000000 -0500
++++ serefpolicy/policy/modules/kernel/kernel.if 2006-03-08 19:11:33.000000000 -0500
@@ -1044,6 +1044,7 @@
allow $1 proc_t:dir search;
@@ -331,9 +331,9 @@
+ allow $1 proc_xen_t:dir r_dir_perms;
+ allow $1 proc_xen_t:file write;
+')
-diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/kernel/kernel.te serefpolicy-2.2.23/policy/modules/kernel/kernel.te
---- nsaserefpolicy/policy/modules/kernel/kernel.te 2006-02-07 10:43:26.000000000 -0500
-+++ serefpolicy-2.2.23/policy/modules/kernel/kernel.te 2006-03-07 13:42:37.000000000 -0500
+diff -urN serefpolicy-2.2.23/policy/modules/kernel/kernel.te serefpolicy/policy/modules/kernel/kernel.te
+--- serefpolicy-2.2.23/policy/modules/kernel/kernel.te 2006-03-04 00:06:50.000000000 -0500
++++ serefpolicy/policy/modules/kernel/kernel.te 2006-03-08 19:11:33.000000000 -0500
@@ -75,6 +75,9 @@
type proc_net_t, proc_type;
genfscon proc /net gen_context(system_u:object_r:proc_net_t,s0)
@@ -344,9 +344,9 @@
#
# Sysctl types
#
-diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/apache.fc serefpolicy-2.2.23/policy/modules/services/apache.fc
---- nsaserefpolicy/policy/modules/services/apache.fc 2006-02-27 17:17:23.000000000 -0500
-+++ serefpolicy-2.2.23/policy/modules/services/apache.fc 2006-03-07 13:42:37.000000000 -0500
+diff -urN serefpolicy-2.2.23/policy/modules/services/apache.fc serefpolicy/policy/modules/services/apache.fc
+--- serefpolicy-2.2.23/policy/modules/services/apache.fc 2006-03-04 00:06:50.000000000 -0500
++++ serefpolicy/policy/modules/services/apache.fc 2006-03-08 19:11:33.000000000 -0500
@@ -15,6 +15,7 @@
/etc/vhosts -- gen_context(system_u:object_r:httpd_config_t,s0)
@@ -360,9 +360,9 @@
/var/www/icons(/.*)? gen_context(system_u:object_r:httpd_sys_content_t,s0)
/var/www/perl(/.*)? gen_context(system_u:object_r:httpd_sys_script_exec_t,s0)
+/usr/share/selinux-policy([^/]*)?/html(/.*)? gen_context(system_u:object_r:httpd_sys_content_t,s0)
-diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/apache.if serefpolicy-2.2.23/policy/modules/services/apache.if
---- nsaserefpolicy/policy/modules/services/apache.if 2006-03-04 00:06:35.000000000 -0500
-+++ serefpolicy-2.2.23/policy/modules/services/apache.if 2006-03-07 13:42:37.000000000 -0500
+diff -urN serefpolicy-2.2.23/policy/modules/services/apache.if serefpolicy/policy/modules/services/apache.if
+--- serefpolicy-2.2.23/policy/modules/services/apache.if 2006-03-04 00:06:50.000000000 -0500
++++ serefpolicy/policy/modules/services/apache.if 2006-03-08 19:11:33.000000000 -0500
@@ -12,6 +12,11 @@
## </param>
#
@@ -375,9 +375,9 @@
# allow write access to public file transfer
# services files.
gen_tunable(allow_httpd_$1_script_anon_write,false)
-diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/apm.fc serefpolicy-2.2.23/policy/modules/services/apm.fc
---- nsaserefpolicy/policy/modules/services/apm.fc 2005-11-14 18:24:08.000000000 -0500
-+++ serefpolicy-2.2.23/policy/modules/services/apm.fc 2006-03-07 15:38:20.000000000 -0500
+diff -urN serefpolicy-2.2.23/policy/modules/services/apm.fc serefpolicy/policy/modules/services/apm.fc
+--- serefpolicy-2.2.23/policy/modules/services/apm.fc 2006-03-04 00:06:50.000000000 -0500
++++ serefpolicy/policy/modules/services/apm.fc 2006-03-08 19:11:33.000000000 -0500
@@ -11,7 +11,7 @@
#
# /var
@@ -387,9 +387,9 @@
/var/run/\.?acpid\.socket -s gen_context(system_u:object_r:apmd_var_run_t,s0)
/var/run/apmd\.pid -- gen_context(system_u:object_r:apmd_var_run_t,s0)
-diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/apm.te serefpolicy-2.2.23/policy/modules/services/apm.te
---- nsaserefpolicy/policy/modules/services/apm.te 2006-03-04 00:06:35.000000000 -0500
-+++ serefpolicy-2.2.23/policy/modules/services/apm.te 2006-03-08 13:36:37.000000000 -0500
+diff -urN serefpolicy-2.2.23/policy/modules/services/apm.te serefpolicy/policy/modules/services/apm.te
+--- serefpolicy-2.2.23/policy/modules/services/apm.te 2006-03-04 00:06:50.000000000 -0500
++++ serefpolicy/policy/modules/services/apm.te 2006-03-08 19:11:33.000000000 -0500
@@ -225,6 +225,10 @@
pcmcia_domtrans_cardctl(apmd_t)
')
@@ -401,9 +401,9 @@
optional_policy(`selinuxutil',`
seutil_sigchld_newrole(apmd_t)
')
-diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/bluetooth.te serefpolicy-2.2.23/policy/modules/services/bluetooth.te
---- nsaserefpolicy/policy/modules/services/bluetooth.te 2006-03-04 00:06:35.000000000 -0500
-+++ serefpolicy-2.2.23/policy/modules/services/bluetooth.te 2006-03-08 11:35:36.000000000 -0500
+diff -urN serefpolicy-2.2.23/policy/modules/services/bluetooth.te serefpolicy/policy/modules/services/bluetooth.te
+--- serefpolicy-2.2.23/policy/modules/services/bluetooth.te 2006-03-04 00:06:50.000000000 -0500
++++ serefpolicy/policy/modules/services/bluetooth.te 2006-03-08 19:11:33.000000000 -0500
@@ -115,6 +115,7 @@
corecmd_exec_shell(bluetooth_t)
@@ -463,9 +463,9 @@
+
+ xserver_stream_connect_xdm(bluetooth_helper_t)
')
-diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/cron.te serefpolicy-2.2.23/policy/modules/services/cron.te
---- nsaserefpolicy/policy/modules/services/cron.te 2006-03-04 00:06:35.000000000 -0500
-+++ serefpolicy-2.2.23/policy/modules/services/cron.te 2006-03-07 13:42:37.000000000 -0500
+diff -urN serefpolicy-2.2.23/policy/modules/services/cron.te serefpolicy/policy/modules/services/cron.te
+--- serefpolicy-2.2.23/policy/modules/services/cron.te 2006-03-04 00:06:50.000000000 -0500
++++ serefpolicy/policy/modules/services/cron.te 2006-03-08 19:11:33.000000000 -0500
@@ -166,6 +166,9 @@
allow crond_t unconfined_t:dbus send_msg;
@@ -476,9 +476,9 @@
',`
allow crond_t crond_tmp_t:dir create_dir_perms;
allow crond_t crond_tmp_t:file create_file_perms;
-diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/cups.fc serefpolicy-2.2.23/policy/modules/services/cups.fc
---- nsaserefpolicy/policy/modules/services/cups.fc 2005-11-14 18:24:08.000000000 -0500
-+++ serefpolicy-2.2.23/policy/modules/services/cups.fc 2006-03-07 13:42:37.000000000 -0500
+diff -urN serefpolicy-2.2.23/policy/modules/services/cups.fc serefpolicy/policy/modules/services/cups.fc
+--- serefpolicy-2.2.23/policy/modules/services/cups.fc 2006-03-04 00:06:50.000000000 -0500
++++ serefpolicy/policy/modules/services/cups.fc 2006-03-08 19:11:33.000000000 -0500
@@ -43,7 +43,7 @@
/var/log/cups(/.*)? gen_context(system_u:object_r:cupsd_log_t,s0)
/var/log/turboprint_cups\.log.* -- gen_context(system_u:object_r:cupsd_log_t,s0)
@@ -488,9 +488,9 @@
/var/run/hp.*\.pid -- gen_context(system_u:object_r:hplip_var_run_t,s0)
/var/run/hp.*\.port -- gen_context(system_u:object_r:hplip_var_run_t,s0)
/var/run/ptal-printd(/.*)? gen_context(system_u:object_r:ptal_var_run_t,s0)
-diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/cups.if serefpolicy-2.2.23/policy/modules/services/cups.if
---- nsaserefpolicy/policy/modules/services/cups.if 2006-02-23 09:25:09.000000000 -0500
-+++ serefpolicy-2.2.23/policy/modules/services/cups.if 2006-03-07 13:42:37.000000000 -0500
+diff -urN serefpolicy-2.2.23/policy/modules/services/cups.if serefpolicy/policy/modules/services/cups.if
+--- serefpolicy-2.2.23/policy/modules/services/cups.if 2006-03-04 00:06:50.000000000 -0500
++++ serefpolicy/policy/modules/services/cups.if 2006-03-08 19:11:33.000000000 -0500
@@ -226,3 +226,25 @@
allow cupsd_t $1:tcp_socket { acceptfrom recvfrom };
kernel_tcp_recvfrom($1)
@@ -517,9 +517,9 @@
+ allow $1 cupsd_t:unix_stream_socket connectto;
+')
+
-diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/cups.te serefpolicy-2.2.23/policy/modules/services/cups.te
---- nsaserefpolicy/policy/modules/services/cups.te 2006-03-04 00:06:35.000000000 -0500
-+++ serefpolicy-2.2.23/policy/modules/services/cups.te 2006-03-07 13:42:37.000000000 -0500
+diff -urN serefpolicy-2.2.23/policy/modules/services/cups.te serefpolicy/policy/modules/services/cups.te
+--- serefpolicy-2.2.23/policy/modules/services/cups.te 2006-03-04 00:06:50.000000000 -0500
++++ serefpolicy/policy/modules/services/cups.te 2006-03-08 19:11:33.000000000 -0500
@@ -77,7 +77,7 @@
dontaudit cupsd_t self:capability { sys_tty_config net_admin };
allow cupsd_t self:process { setsched signal_perms };
@@ -562,9 +562,9 @@
')
########################################
-diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/cvs.te serefpolicy-2.2.23/policy/modules/services/cvs.te
---- nsaserefpolicy/policy/modules/services/cvs.te 2006-03-04 00:06:35.000000000 -0500
-+++ serefpolicy-2.2.23/policy/modules/services/cvs.te 2006-03-07 13:42:37.000000000 -0500
+diff -urN serefpolicy-2.2.23/policy/modules/services/cvs.te serefpolicy/policy/modules/services/cvs.te
+--- serefpolicy-2.2.23/policy/modules/services/cvs.te 2006-03-04 00:06:50.000000000 -0500
++++ serefpolicy/policy/modules/services/cvs.te 2006-03-08 19:11:33.000000000 -0500
@@ -11,7 +11,7 @@
inetd_tcp_service_domain(cvs_t,cvs_exec_t)
role system_r types cvs_t;
@@ -574,9 +574,9 @@
files_type(cvs_data_t)
type cvs_tmp_t;
-diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/hal.if serefpolicy-2.2.23/policy/modules/services/hal.if
---- nsaserefpolicy/policy/modules/services/hal.if 2006-03-04 00:06:36.000000000 -0500
-+++ serefpolicy-2.2.23/policy/modules/services/hal.if 2006-03-07 13:42:37.000000000 -0500
+diff -urN serefpolicy-2.2.23/policy/modules/services/hal.if serefpolicy/policy/modules/services/hal.if
+--- serefpolicy-2.2.23/policy/modules/services/hal.if 2006-03-04 00:06:50.000000000 -0500
++++ serefpolicy/policy/modules/services/hal.if 2006-03-08 19:11:33.000000000 -0500
@@ -100,3 +100,44 @@
allow $1 hald_t:dbus send_msg;
allow hald_t $1:dbus send_msg;
@@ -622,9 +622,9 @@
+ allow $1 hald_var_run_t:file rw_file_perms;
+')
+
-diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/hal.te serefpolicy-2.2.23/policy/modules/services/hal.te
---- nsaserefpolicy/policy/modules/services/hal.te 2006-03-04 00:06:36.000000000 -0500
-+++ serefpolicy-2.2.23/policy/modules/services/hal.te 2006-03-08 15:25:53.000000000 -0500
+diff -urN serefpolicy-2.2.23/policy/modules/services/hal.te serefpolicy/policy/modules/services/hal.te
+--- serefpolicy-2.2.23/policy/modules/services/hal.te 2006-03-04 00:06:50.000000000 -0500
++++ serefpolicy/policy/modules/services/hal.te 2006-03-08 19:11:33.000000000 -0500
@@ -48,6 +48,7 @@
kernel_read_network_state(hald_t)
kernel_read_kernel_sysctls(hald_t)
@@ -661,17 +661,17 @@
optional_policy(`mount',`
mount_domtrans(hald_t)
')
-diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/ktalk.fc serefpolicy-2.2.23/policy/modules/services/ktalk.fc
---- nsaserefpolicy/policy/modules/services/ktalk.fc 2006-02-20 14:07:37.000000000 -0500
-+++ serefpolicy-2.2.23/policy/modules/services/ktalk.fc 2006-03-07 13:42:37.000000000 -0500
+diff -urN serefpolicy-2.2.23/policy/modules/services/ktalk.fc serefpolicy/policy/modules/services/ktalk.fc
+--- serefpolicy-2.2.23/policy/modules/services/ktalk.fc 2006-03-04 00:06:50.000000000 -0500
++++ serefpolicy/policy/modules/services/ktalk.fc 2006-03-08 19:11:33.000000000 -0500
@@ -1,3 +1,4 @@
/usr/bin/in.talkd -- gen_context(system_u:object_r:ktalkd_exec_t,s0)
/usr/bin/ktalkd -- gen_context(system_u:object_r:ktalkd_exec_t,s0)
+/var/log/talkd.* -- gen_context(system_u:object_r:ktalkd_log_t,s0)
-diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/ktalk.te serefpolicy-2.2.23/policy/modules/services/ktalk.te
---- nsaserefpolicy/policy/modules/services/ktalk.te 2006-03-04 00:06:36.000000000 -0500
-+++ serefpolicy-2.2.23/policy/modules/services/ktalk.te 2006-03-07 13:42:37.000000000 -0500
+diff -urN serefpolicy-2.2.23/policy/modules/services/ktalk.te serefpolicy/policy/modules/services/ktalk.te
+--- serefpolicy-2.2.23/policy/modules/services/ktalk.te 2006-03-04 00:06:50.000000000 -0500
++++ serefpolicy/policy/modules/services/ktalk.te 2006-03-08 19:11:33.000000000 -0500
@@ -14,6 +14,9 @@
type ktalkd_tmp_t;
files_tmp_file(ktalkd_tmp_t)
@@ -695,9 +695,9 @@
miscfiles_read_localization(ktalkd_t)
-diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/mailman.if serefpolicy-2.2.23/policy/modules/services/mailman.if
---- nsaserefpolicy/policy/modules/services/mailman.if 2006-03-04 00:06:36.000000000 -0500
-+++ serefpolicy-2.2.23/policy/modules/services/mailman.if 2006-03-08 16:59:01.000000000 -0500
+diff -urN serefpolicy-2.2.23/policy/modules/services/mailman.if serefpolicy/policy/modules/services/mailman.if
+--- serefpolicy-2.2.23/policy/modules/services/mailman.if 2006-03-04 00:06:50.000000000 -0500
++++ serefpolicy/policy/modules/services/mailman.if 2006-03-08 19:11:33.000000000 -0500
@@ -275,3 +275,28 @@
allow $1 mailman_archive_t:file r_file_perms;
allow $1 mailman_archive_t:lnk_file { getattr read };
@@ -727,9 +727,9 @@
+ allow mailman_queue_t $1:process sigchld;
+')
+
-diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/nscd.if serefpolicy-2.2.23/policy/modules/services/nscd.if
---- nsaserefpolicy/policy/modules/services/nscd.if 2006-02-10 21:34:14.000000000 -0500
-+++ serefpolicy-2.2.23/policy/modules/services/nscd.if 2006-03-07 13:42:37.000000000 -0500
+diff -urN serefpolicy-2.2.23/policy/modules/services/nscd.if serefpolicy/policy/modules/services/nscd.if
+--- serefpolicy-2.2.23/policy/modules/services/nscd.if 2006-03-04 00:06:50.000000000 -0500
++++ serefpolicy/policy/modules/services/nscd.if 2006-03-08 19:11:33.000000000 -0500
@@ -49,8 +49,8 @@
dontaudit $1 nscd_t:nscd { shmempwd shmemgrp shmemhost };
@@ -740,9 +740,9 @@
dontaudit $1 nscd_var_run_t:file { getattr read };
')
-diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/postfix.te serefpolicy-2.2.23/policy/modules/services/postfix.te
---- nsaserefpolicy/policy/modules/services/postfix.te 2006-03-04 00:06:36.000000000 -0500
-+++ serefpolicy-2.2.23/policy/modules/services/postfix.te 2006-03-08 16:58:41.000000000 -0500
+diff -urN serefpolicy-2.2.23/policy/modules/services/postfix.te serefpolicy/policy/modules/services/postfix.te
+--- serefpolicy-2.2.23/policy/modules/services/postfix.te 2006-03-04 00:06:50.000000000 -0500
++++ serefpolicy/policy/modules/services/postfix.te 2006-03-08 19:11:33.000000000 -0500
@@ -406,6 +406,10 @@
procmail_domtrans(postfix_pipe_t)
')
@@ -754,9 +754,9 @@
########################################
#
# Postfix postdrop local policy
-diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/samba.te serefpolicy-2.2.23/policy/modules/services/samba.te
---- nsaserefpolicy/policy/modules/services/samba.te 2006-03-04 00:06:36.000000000 -0500
-+++ serefpolicy-2.2.23/policy/modules/services/samba.te 2006-03-07 13:42:37.000000000 -0500
+diff -urN serefpolicy-2.2.23/policy/modules/services/samba.te serefpolicy/policy/modules/services/samba.te
+--- serefpolicy-2.2.23/policy/modules/services/samba.te 2006-03-04 00:06:50.000000000 -0500
++++ serefpolicy/policy/modules/services/samba.te 2006-03-08 19:11:33.000000000 -0500
@@ -32,7 +32,7 @@
type samba_secrets_t;
files_type(samba_secrets_t)
@@ -766,9 +766,9 @@
files_config_file(samba_share_t)
type samba_var_t;
-diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/fstools.te serefpolicy-2.2.23/policy/modules/system/fstools.te
---- nsaserefpolicy/policy/modules/system/fstools.te 2006-03-04 00:06:37.000000000 -0500
-+++ serefpolicy-2.2.23/policy/modules/system/fstools.te 2006-03-07 16:50:14.000000000 -0500
+diff -urN serefpolicy-2.2.23/policy/modules/system/fstools.te serefpolicy/policy/modules/system/fstools.te
+--- serefpolicy-2.2.23/policy/modules/system/fstools.te 2006-03-04 00:06:50.000000000 -0500
++++ serefpolicy/policy/modules/system/fstools.te 2006-03-08 19:11:33.000000000 -0500
@@ -73,6 +73,7 @@
dev_getattr_usbfs_dirs(fsadm_t)
# Access to /dev/mapper/control
@@ -777,9 +777,9 @@
fs_search_auto_mountpoints(fsadm_t)
fs_getattr_xattr_fs(fsadm_t)
-diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/init.te serefpolicy-2.2.23/policy/modules/system/init.te
---- nsaserefpolicy/policy/modules/system/init.te 2006-03-04 00:06:37.000000000 -0500
-+++ serefpolicy-2.2.23/policy/modules/system/init.te 2006-03-07 13:42:37.000000000 -0500
+diff -urN serefpolicy-2.2.23/policy/modules/system/init.te serefpolicy/policy/modules/system/init.te
+--- serefpolicy-2.2.23/policy/modules/system/init.te 2006-03-04 00:06:50.000000000 -0500
++++ serefpolicy/policy/modules/system/init.te 2006-03-08 19:11:33.000000000 -0500
@@ -349,6 +349,7 @@
files_mounton_isid_type_dirs(initrc_t)
files_list_default(initrc_t)
@@ -799,9 +799,9 @@
',`
# cjp: require doesnt work in optionals :\
# this also would result in a type transition
-diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/libraries.fc serefpolicy-2.2.23/policy/modules/system/libraries.fc
---- nsaserefpolicy/policy/modules/system/libraries.fc 2006-02-20 14:07:38.000000000 -0500
-+++ serefpolicy-2.2.23/policy/modules/system/libraries.fc 2006-03-07 13:42:37.000000000 -0500
+diff -urN serefpolicy-2.2.23/policy/modules/system/libraries.fc serefpolicy/policy/modules/system/libraries.fc
+--- serefpolicy-2.2.23/policy/modules/system/libraries.fc 2006-03-04 00:06:50.000000000 -0500
++++ serefpolicy/policy/modules/system/libraries.fc 2006-03-08 19:11:33.000000000 -0500
@@ -65,6 +65,7 @@
/usr/lib(64)?/(nvidia/)?libGL(core)?\.so(\.[^/]*)* -- gen_context(system_u:object_r:textrel_shlib_t,s0)
/usr/lib(64)?/libGLU\.so(\.[^/]*)* -- gen_context(system_u:object_r:textrel_shlib_t,s0)
@@ -818,9 +818,9 @@
ifdef(`distro_redhat',`
/usr/lib(64)?/.*/program/.*\.so.* gen_context(system_u:object_r:shlib_t,s0)
-diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/locallogin.te serefpolicy-2.2.23/policy/modules/system/locallogin.te
---- nsaserefpolicy/policy/modules/system/locallogin.te 2006-03-04 00:06:37.000000000 -0500
-+++ serefpolicy-2.2.23/policy/modules/system/locallogin.te 2006-03-07 13:42:37.000000000 -0500
+diff -urN serefpolicy-2.2.23/policy/modules/system/locallogin.te serefpolicy/policy/modules/system/locallogin.te
+--- serefpolicy-2.2.23/policy/modules/system/locallogin.te 2006-03-04 00:06:50.000000000 -0500
++++ serefpolicy/policy/modules/system/locallogin.te 2006-03-08 19:11:33.000000000 -0500
@@ -20,6 +20,7 @@
type local_login_tmp_t;
@@ -829,9 +829,9 @@
type sulogin_t;
type sulogin_exec_t;
-diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/lvm.fc serefpolicy-2.2.23/policy/modules/system/lvm.fc
---- nsaserefpolicy/policy/modules/system/lvm.fc 2005-11-14 18:24:06.000000000 -0500
-+++ serefpolicy-2.2.23/policy/modules/system/lvm.fc 2006-03-07 13:42:37.000000000 -0500
+diff -urN serefpolicy-2.2.23/policy/modules/system/lvm.fc serefpolicy/policy/modules/system/lvm.fc
+--- serefpolicy-2.2.23/policy/modules/system/lvm.fc 2006-03-04 00:06:50.000000000 -0500
++++ serefpolicy/policy/modules/system/lvm.fc 2006-03-08 19:11:33.000000000 -0500
@@ -25,6 +25,7 @@
# /sbin
#
@@ -840,9 +840,9 @@
/sbin/dmsetup -- gen_context(system_u:object_r:lvm_exec_t,s0)
/sbin/dmsetup\.static -- gen_context(system_u:object_r:lvm_exec_t,s0)
/sbin/e2fsadm -- gen_context(system_u:object_r:lvm_exec_t,s0)
-diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/lvm.te serefpolicy-2.2.23/policy/modules/system/lvm.te
---- nsaserefpolicy/policy/modules/system/lvm.te 2006-03-04 00:06:37.000000000 -0500
-+++ serefpolicy-2.2.23/policy/modules/system/lvm.te 2006-03-08 10:58:24.000000000 -0500
+diff -urN serefpolicy-2.2.23/policy/modules/system/lvm.te serefpolicy/policy/modules/system/lvm.te
+--- serefpolicy-2.2.23/policy/modules/system/lvm.te 2006-03-04 00:06:49.000000000 -0500
++++ serefpolicy/policy/modules/system/lvm.te 2006-03-08 19:11:33.000000000 -0500
@@ -129,6 +129,8 @@
# DAC overrides and mknod for modifying /dev entries (vgmknodes)
@@ -860,9 +860,9 @@
fs_getattr_xattr_fs(lvm_t)
fs_search_auto_mountpoints(lvm_t)
-diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/selinuxutil.fc serefpolicy-2.2.23/policy/modules/system/selinuxutil.fc
---- nsaserefpolicy/policy/modules/system/selinuxutil.fc 2006-02-23 09:25:09.000000000 -0500
-+++ serefpolicy-2.2.23/policy/modules/system/selinuxutil.fc 2006-03-07 13:42:37.000000000 -0500
+diff -urN serefpolicy-2.2.23/policy/modules/system/selinuxutil.fc serefpolicy/policy/modules/system/selinuxutil.fc
+--- serefpolicy-2.2.23/policy/modules/system/selinuxutil.fc 2006-03-04 00:06:49.000000000 -0500
++++ serefpolicy/policy/modules/system/selinuxutil.fc 2006-03-08 19:11:33.000000000 -0500
@@ -8,9 +8,9 @@
/etc/selinux/([^/]*/)?contexts/files(/.*)? gen_context(system_u:object_r:file_context_t,s0)
/etc/selinux/([^/]*/)?policy(/.*)? gen_context(system_u:object_r:policy_config_t,s15:c0.c255)
@@ -876,9 +876,9 @@
/etc/selinux/([^/]*/)?users(/.*)? -- gen_context(system_u:object_r:selinux_config_t,s15:c0.c255)
#
-diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/selinuxutil.te serefpolicy-2.2.23/policy/modules/system/selinuxutil.te
---- nsaserefpolicy/policy/modules/system/selinuxutil.te 2006-03-04 00:06:37.000000000 -0500
-+++ serefpolicy-2.2.23/policy/modules/system/selinuxutil.te 2006-03-07 13:42:37.000000000 -0500
+diff -urN serefpolicy-2.2.23/policy/modules/system/selinuxutil.te serefpolicy/policy/modules/system/selinuxutil.te
+--- serefpolicy-2.2.23/policy/modules/system/selinuxutil.te 2006-03-04 00:06:50.000000000 -0500
++++ serefpolicy/policy/modules/system/selinuxutil.te 2006-03-08 19:11:33.000000000 -0500
@@ -192,6 +192,9 @@
selinux_load_policy(load_policy_t)
selinux_set_boolean(load_policy_t)
@@ -897,9 +897,9 @@
term_use_all_user_ttys(newrole_t)
term_use_all_user_ptys(newrole_t)
term_relabel_all_user_ttys(newrole_t)
-diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/sysnetwork.te serefpolicy-2.2.23/policy/modules/system/sysnetwork.te
---- nsaserefpolicy/policy/modules/system/sysnetwork.te 2006-03-04 00:06:37.000000000 -0500
-+++ serefpolicy-2.2.23/policy/modules/system/sysnetwork.te 2006-03-07 15:47:26.000000000 -0500
+diff -urN serefpolicy-2.2.23/policy/modules/system/sysnetwork.te serefpolicy/policy/modules/system/sysnetwork.te
+--- serefpolicy-2.2.23/policy/modules/system/sysnetwork.te 2006-03-04 00:06:49.000000000 -0500
++++ serefpolicy/policy/modules/system/sysnetwork.te 2006-03-08 19:11:33.000000000 -0500
@@ -322,6 +322,9 @@
udev_dontaudit_rw_dgram_sockets(ifconfig_t)
')
@@ -910,9 +910,9 @@
ifdef(`targeted_policy',`
term_use_generic_ptys(ifconfig_t)
-diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/udev.te serefpolicy-2.2.23/policy/modules/system/udev.te
---- nsaserefpolicy/policy/modules/system/udev.te 2006-03-04 00:06:37.000000000 -0500
-+++ serefpolicy-2.2.23/policy/modules/system/udev.te 2006-03-07 13:42:37.000000000 -0500
+diff -urN serefpolicy-2.2.23/policy/modules/system/udev.te serefpolicy/policy/modules/system/udev.te
+--- serefpolicy-2.2.23/policy/modules/system/udev.te 2006-03-04 00:06:49.000000000 -0500
++++ serefpolicy/policy/modules/system/udev.te 2006-03-08 19:11:33.000000000 -0500
@@ -39,7 +39,7 @@
# Local policy
#
@@ -922,9 +922,9 @@
dontaudit udev_t self:capability sys_tty_config;
allow udev_t self:process ~{ ptrace setcurrent setexec setfscreate setrlimit execmem execstack execheap };
allow udev_t self:process { execmem setfscreate };
-diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/unconfined.te serefpolicy-2.2.23/policy/modules/system/unconfined.te
---- nsaserefpolicy/policy/modules/system/unconfined.te 2006-02-20 14:07:38.000000000 -0500
-+++ serefpolicy-2.2.23/policy/modules/system/unconfined.te 2006-03-08 12:35:43.000000000 -0500
+diff -urN serefpolicy-2.2.23/policy/modules/system/unconfined.te serefpolicy/policy/modules/system/unconfined.te
+--- serefpolicy-2.2.23/policy/modules/system/unconfined.te 2006-03-04 00:06:50.000000000 -0500
++++ serefpolicy/policy/modules/system/unconfined.te 2006-03-08 19:11:33.000000000 -0500
@@ -89,10 +89,6 @@
firstboot_domtrans(unconfined_t)
')
@@ -947,10 +947,10 @@
optional_policy(`netutils',`
netutils_domtrans_ping(unconfined_t)
')
-diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/xend.fc serefpolicy-2.2.23/policy/modules/system/xend.fc
---- nsaserefpolicy/policy/modules/system/xend.fc 1969-12-31 19:00:00.000000000 -0500
-+++ serefpolicy-2.2.23/policy/modules/system/xend.fc 2006-03-07 14:59:39.000000000 -0500
-@@ -0,0 +1,19 @@
+diff -urN serefpolicy-2.2.23/policy/modules/system/xend.fc serefpolicy/policy/modules/system/xend.fc
+--- serefpolicy-2.2.23/policy/modules/system/xend.fc 1969-12-31 19:00:00.000000000 -0500
++++ serefpolicy/policy/modules/system/xend.fc 2006-03-08 19:13:09.000000000 -0500
+@@ -0,0 +1,20 @@
+# xend executable will have:
+# label: system_u:object_r:xend_exec_t
+# MLS sensitivity: s0
@@ -970,9 +970,10 @@
+/var/run/xenconsoled\.pid -- system_u:object_r:xenconsoled_var_run_t:s0
+/etc/xen/scripts(/.*)? system_u:object_r:bin_t:s0
+/dev/evtchn -c system_u:object_r:xend_device_t:s0
-diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/xend.if serefpolicy-2.2.23/policy/modules/system/xend.if
---- nsaserefpolicy/policy/modules/system/xend.if 1969-12-31 19:00:00.000000000 -0500
-+++ serefpolicy-2.2.23/policy/modules/system/xend.if 2006-03-07 15:47:54.000000000 -0500
++/dev/xen/evtchn -c system_u:object_r:xend_device_t:s0
+diff -urN serefpolicy-2.2.23/policy/modules/system/xend.if serefpolicy/policy/modules/system/xend.if
+--- serefpolicy-2.2.23/policy/modules/system/xend.if 1969-12-31 19:00:00.000000000 -0500
++++ serefpolicy/policy/modules/system/xend.if 2006-03-08 19:11:33.000000000 -0500
@@ -0,0 +1,71 @@
+## <summary>policy for xen</summary>
+
@@ -1045,9 +1046,9 @@
+ allow $1 xenstored_t:unix_stream_socket connectto;
+')
+
-diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/xend.te serefpolicy-2.2.23/policy/modules/system/xend.te
---- nsaserefpolicy/policy/modules/system/xend.te 1969-12-31 19:00:00.000000000 -0500
-+++ serefpolicy-2.2.23/policy/modules/system/xend.te 2006-03-08 14:24:46.000000000 -0500
+diff -urN serefpolicy-2.2.23/policy/modules/system/xend.te serefpolicy/policy/modules/system/xend.te
+--- serefpolicy-2.2.23/policy/modules/system/xend.te 1969-12-31 19:00:00.000000000 -0500
++++ serefpolicy/policy/modules/system/xend.te 2006-03-08 19:11:33.000000000 -0500
@@ -0,0 +1,198 @@
+policy_module(xend,1.0.0)
+
@@ -1247,9 +1248,9 @@
+dev_create_generic_dirs(xenstored_t)
+dev_filetrans(xenstored_t, xend_device_t, chr_file)
+allow xenstored_t xend_device_t:chr_file create_file_perms;
-diff --exclude-from=exclude -N -u -r nsaserefpolicy/Rules.modular serefpolicy-2.2.23/Rules.modular
---- nsaserefpolicy/Rules.modular 2006-02-17 14:46:10.000000000 -0500
-+++ serefpolicy-2.2.23/Rules.modular 2006-03-07 13:42:37.000000000 -0500
+diff -urN serefpolicy-2.2.23/Rules.modular serefpolicy/Rules.modular
+--- serefpolicy-2.2.23/Rules.modular 2006-03-04 00:06:50.000000000 -0500
++++ serefpolicy/Rules.modular 2006-03-08 19:11:33.000000000 -0500
@@ -204,7 +204,7 @@
#
$(APPDIR)/customizable_types: $(BASE_CONF)
@@ -1259,9 +1260,9 @@
$(verbose) install -m 644 $(TMPDIR)/customizable_types $@
########################################
-diff --exclude-from=exclude -N -u -r nsaserefpolicy/support/Makefile.devel serefpolicy-2.2.23/support/Makefile.devel
---- nsaserefpolicy/support/Makefile.devel 2006-02-22 14:09:04.000000000 -0500
-+++ serefpolicy-2.2.23/support/Makefile.devel 2006-03-07 13:42:37.000000000 -0500
+diff -urN serefpolicy-2.2.23/support/Makefile.devel serefpolicy/support/Makefile.devel
+--- serefpolicy-2.2.23/support/Makefile.devel 2006-03-04 00:06:49.000000000 -0500
++++ serefpolicy/support/Makefile.devel 2006-03-08 19:11:33.000000000 -0500
@@ -6,10 +6,7 @@
SED ?= sed
EINFO ?= echo
Index: selinux-policy.spec
===================================================================
RCS file: /cvs/dist/rpms/selinux-policy/devel/selinux-policy.spec,v
retrieving revision 1.143
retrieving revision 1.144
diff -u -r1.143 -r1.144
--- selinux-policy.spec 8 Mar 2006 22:11:17 -0000 1.143
+++ selinux-policy.spec 9 Mar 2006 00:18:57 -0000 1.144
@@ -10,7 +10,7 @@
Summary: SELinux policy configuration
Name: selinux-policy
Version: 2.2.23
-Release: 9
+Release: 10
License: GPL
Group: System Environment/Base
Source: serefpolicy-%{version}.tgz
@@ -299,6 +299,9 @@
%fileList strict
%changelog
+* Wed Mar 8 2006 Jeremy Katz <katzj at redhat.com> - 2.2.23-10
+- more xen fixage (#184393)
+
* Wed Mar 8 2006 Dan Walsh <dwalsh at redhat.com> 2.2.23-9
- Fix blkid specification
- Allow postfix to execute mailman_que
More information about the fedora-cvs-commits
mailing list