rpms/selinux-policy/devel policy-20060207.patch, 1.48, 1.49 selinux-policy.spec, 1.150, 1.151
fedora-cvs-commits at redhat.com
fedora-cvs-commits at redhat.com
Tue Mar 14 20:13:33 UTC 2006
- Previous message (by thread): rpms/libbonobo/devel .cvsignore, 1.15, 1.16 libbonobo.spec, 1.37, 1.38 sources, 1.15, 1.16
- Next message (by thread): rpms/libsetrans/devel .cvsignore, 1.20, 1.21 libsetrans.spec, 1.30, 1.31 sources, 1.25, 1.26
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
Author: dwalsh
Update of /cvs/dist/rpms/selinux-policy/devel
In directory cvs.devel.redhat.com:/tmp/cvs-serv14980
Modified Files:
policy-20060207.patch selinux-policy.spec
Log Message:
* Mon Mar 13 2006 Dan Walsh <dwalsh at redhat.com> 2.2.23-17
- MLS Fixes
dmidecode needs mls_file_read_up
- add ypxfr_t
- run init needs access to nscd
- udev needs setuid
- another xen log file
- Dontaudit mount getattr proc_kcore_t
policy-20060207.patch:
Rules.modular | 2
policy/mcs | 4
policy/modules/admin/bootloader.te | 2
policy/modules/admin/dmidecode.te | 2
policy/modules/admin/readahead.te | 2
policy/modules/admin/rpm.fc | 2
policy/modules/admin/su.fc | 1
policy/modules/admin/su.if | 6
policy/modules/admin/updfstab.te | 4
policy/modules/admin/vbetool.te | 9 +
policy/modules/kernel/corenetwork.te.in | 3
policy/modules/kernel/devices.fc | 1
policy/modules/kernel/devices.if | 21 ++-
policy/modules/kernel/files.fc | 8 -
policy/modules/kernel/files.if | 21 ++-
policy/modules/kernel/filesystem.te | 1
policy/modules/kernel/kernel.if | 102 ++++++++++++++
policy/modules/kernel/kernel.te | 3
policy/modules/kernel/terminal.if | 2
policy/modules/services/apache.fc | 2
policy/modules/services/apache.if | 5
policy/modules/services/apm.fc | 2
policy/modules/services/apm.te | 4
policy/modules/services/bluetooth.te | 19 +-
policy/modules/services/cron.te | 3
policy/modules/services/cups.fc | 2
policy/modules/services/cups.if | 22 +++
policy/modules/services/cups.te | 7 -
policy/modules/services/cvs.te | 2
policy/modules/services/hal.if | 41 +++++
policy/modules/services/hal.te | 13 +
policy/modules/services/ktalk.fc | 1
policy/modules/services/ktalk.te | 6
policy/modules/services/mailman.if | 25 +++
policy/modules/services/nis.fc | 1
policy/modules/services/nis.if | 25 +++
policy/modules/services/nis.te | 28 ++++
policy/modules/services/nscd.if | 2
policy/modules/services/postfix.te | 4
policy/modules/services/samba.te | 2
policy/modules/system/fstools.if | 18 ++
policy/modules/system/fstools.te | 3
policy/modules/system/init.te | 5
policy/modules/system/libraries.fc | 2
policy/modules/system/locallogin.te | 1
policy/modules/system/lvm.fc | 1
policy/modules/system/lvm.te | 3
policy/modules/system/mount.te | 3
policy/modules/system/selinuxutil.fc | 6
policy/modules/system/selinuxutil.if | 2
policy/modules/system/selinuxutil.te | 9 +
policy/modules/system/sysnetwork.te | 7 +
policy/modules/system/udev.te | 2
policy/modules/system/unconfined.te | 8 -
policy/modules/system/xend.fc | 23 +++
policy/modules/system/xend.if | 71 ++++++++++
policy/modules/system/xend.te | 219 ++++++++++++++++++++++++++++++++
support/Makefile.devel | 5
58 files changed, 744 insertions(+), 56 deletions(-)
Index: policy-20060207.patch
===================================================================
RCS file: /cvs/dist/rpms/selinux-policy/devel/policy-20060207.patch,v
retrieving revision 1.48
retrieving revision 1.49
diff -u -r1.48 -r1.49
--- policy-20060207.patch 9 Mar 2006 21:54:28 -0000 1.48
+++ policy-20060207.patch 14 Mar 2006 20:13:28 -0000 1.49
@@ -12,6 +12,30 @@
# new file labels must be dominated by the relabeling subject clearance
mlsconstrain { dir lnk_file chr_file blk_file sock_file fifo_file } { relabelfrom }
+diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/admin/bootloader.te serefpolicy-2.2.23/policy/modules/admin/bootloader.te
+--- nsaserefpolicy/policy/modules/admin/bootloader.te 2006-03-02 18:45:54.000000000 -0500
++++ serefpolicy-2.2.23/policy/modules/admin/bootloader.te 2006-03-13 12:23:12.000000000 -0500
+@@ -103,7 +103,7 @@
+ files_manage_boot_symlinks(bootloader_t)
+ files_read_etc_files(bootloader_t)
+ files_exec_etc_files(bootloader_t)
+-files_read_etc_runtime_files(bootloader_t)
++files_manage_etc_runtime_files(bootloader_t)
+ files_read_usr_src_files(bootloader_t)
+ files_read_usr_files(bootloader_t)
+ files_read_var_files(bootloader_t)
+diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/admin/dmidecode.te serefpolicy-2.2.23/policy/modules/admin/dmidecode.te
+--- nsaserefpolicy/policy/modules/admin/dmidecode.te 2006-03-04 00:06:33.000000000 -0500
++++ serefpolicy-2.2.23/policy/modules/admin/dmidecode.te 2006-03-13 12:26:24.000000000 -0500
+@@ -32,6 +32,8 @@
+
+ locallogin_use_fds(dmidecode_t)
+
++mls_file_read_up(dmidecode_t)
++
+ ifdef(`targeted_policy',`
+ term_use_generic_ptys(dmidecode_t)
+ term_use_unallocated_ttys(dmidecode_t)
diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/admin/readahead.te serefpolicy-2.2.23/policy/modules/admin/readahead.te
--- nsaserefpolicy/policy/modules/admin/readahead.te 2006-03-04 00:06:33.000000000 -0500
+++ serefpolicy-2.2.23/policy/modules/admin/readahead.te 2006-03-07 13:42:37.000000000 -0500
@@ -61,6 +85,18 @@
kernel_read_system_state($1_su_t)
kernel_read_kernel_sysctls($1_su_t)
+diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/admin/updfstab.te serefpolicy-2.2.23/policy/modules/admin/updfstab.te
+--- nsaserefpolicy/policy/modules/admin/updfstab.te 2006-03-04 00:06:33.000000000 -0500
++++ serefpolicy-2.2.23/policy/modules/admin/updfstab.te 2006-03-14 11:34:03.000000000 -0500
+@@ -125,6 +125,6 @@
+ udev_read_db(updfstab_t)
+ ')
+
+-ifdef(`TODO',`
+-allow updfstab_t tmpfs_t:dir getattr;
++optional_policy(`fstools',`
++ fstools_getattr_swap_files(updfstab_t)
+ ')
diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/admin/vbetool.te serefpolicy-2.2.23/policy/modules/admin/vbetool.te
--- nsaserefpolicy/policy/modules/admin/vbetool.te 2006-02-01 08:23:27.000000000 -0500
+++ serefpolicy-2.2.23/policy/modules/admin/vbetool.te 2006-03-09 16:31:49.000000000 -0500
@@ -382,6 +418,19 @@
#
# Sysctl types
#
+diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/kernel/terminal.if serefpolicy-2.2.23/policy/modules/kernel/terminal.if
+--- nsaserefpolicy/policy/modules/kernel/terminal.if 2006-02-14 07:20:25.000000000 -0500
++++ serefpolicy-2.2.23/policy/modules/kernel/terminal.if 2006-03-13 15:57:21.000000000 -0500
+@@ -588,8 +588,8 @@
+ type devpts_t;
+ ')
+
+- dev_list_all_dev_nodes($1)
+ allow $1 devpts_t:dir r_dir_perms;
++ dev_list_all_dev_nodes($1)
+ allow $1 ptynode:chr_file { rw_term_perms lock append };
+ ')
+
diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/apache.fc serefpolicy-2.2.23/policy/modules/services/apache.fc
--- nsaserefpolicy/policy/modules/services/apache.fc 2006-02-27 17:17:23.000000000 -0500
+++ serefpolicy-2.2.23/policy/modules/services/apache.fc 2006-03-07 13:42:37.000000000 -0500
@@ -785,6 +834,102 @@
+ allow mailman_queue_t $1:process sigchld;
+')
+
+diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/nis.fc serefpolicy-2.2.23/policy/modules/services/nis.fc
+--- nsaserefpolicy/policy/modules/services/nis.fc 2005-11-28 21:48:04.000000000 -0500
++++ serefpolicy-2.2.23/policy/modules/services/nis.fc 2006-03-10 16:47:00.000000000 -0500
+@@ -7,3 +7,4 @@
+ /usr/sbin/ypserv -- gen_context(system_u:object_r:ypserv_exec_t,s0)
+
+ /var/yp(/.*)? gen_context(system_u:object_r:var_yp_t,s0)
++/usr/sbin/rpc.ypxfr -- gen_context(system_u:object_r:ypxfr_exec_t,s0)
+diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/nis.if serefpolicy-2.2.23/policy/modules/services/nis.if
+--- nsaserefpolicy/policy/modules/services/nis.if 2006-02-10 21:34:14.000000000 -0500
++++ serefpolicy-2.2.23/policy/modules/services/nis.if 2006-03-10 16:45:39.000000000 -0500
+@@ -277,3 +277,28 @@
+ files_search_etc($1)
+ allow $1 ypserv_conf_t:file { getattr read };
+ ')
++
++
++########################################
++## <summary>
++## Execute ypxfr in the ypxfr domain.
++## </summary>
++## <param name="domain">
++## <summary>
++## Domain allowed access.
++## </summary>
++## </param>
++#
++interface(`nis_domtrans_ypxfr',`
++ gen_require(`
++ type ypxfr_t, ypxfr_exec_t;
++ ')
++
++ corecmd_search_bin($1)
++ domain_auto_trans($1,ypxfr_exec_t,ypxfr_t)
++
++ allow $1 ypxfr_t:fd use;
++ allow ypxfr_t $1:fd use;
++ allow ypxfr_t $1:fifo_file rw_file_perms;
++ allow ypxfr_t $1:process sigchld;
++')
+diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/nis.te serefpolicy-2.2.23/policy/modules/services/nis.te
+--- nsaserefpolicy/policy/modules/services/nis.te 2006-03-04 00:06:36.000000000 -0500
++++ serefpolicy-2.2.23/policy/modules/services/nis.te 2006-03-13 13:32:08.000000000 -0500
+@@ -31,6 +31,10 @@
+ type ypserv_exec_t;
+ init_daemon_domain(ypserv_t,ypserv_exec_t)
+
++type ypxfr_t;
++type ypxfr_exec_t;
++init_daemon_domain(ypxfr_t,ypxfr_exec_t)
++
+ type ypserv_conf_t;
+ files_type(ypserv_conf_t)
+
+@@ -245,6 +249,7 @@
+ allow ypserv_t self:fifo_file rw_file_perms;
+ allow ypserv_t self:process signal_perms;
+ allow ypserv_t self:unix_dgram_socket create_socket_perms;
++allow ypserv_t self:unix_stream_socket create_stream_socket_perms;
+ allow ypserv_t self:netlink_route_socket r_netlink_socket_perms;
+ allow ypserv_t self:tcp_socket connected_stream_socket_perms;
+ allow ypserv_t self:udp_socket create_socket_perms;
+@@ -306,6 +311,8 @@
+
+ miscfiles_read_localization(ypserv_t)
+
++nis_domtrans_ypxfr(ypserv_t)
++
+ sysnet_read_config(ypserv_t)
+
+ userdom_dontaudit_use_unpriv_user_fds(ypserv_t)
+@@ -326,3 +333,24 @@
+ optional_policy(`udev',`
+ udev_read_db(ypserv_t)
+ ')
++
++corenet_tcp_sendrecv_all_if(ypxfr_t)
++corenet_udp_sendrecv_all_if(ypxfr_t)
++corenet_raw_sendrecv_all_if(ypxfr_t)
++corenet_tcp_sendrecv_all_nodes(ypxfr_t)
++corenet_udp_sendrecv_all_nodes(ypxfr_t)
++corenet_raw_sendrecv_all_nodes(ypxfr_t)
++corenet_tcp_sendrecv_all_ports(ypxfr_t)
++corenet_udp_sendrecv_all_ports(ypxfr_t)
++corenet_non_ipsec_sendrecv(ypxfr_t)
++corenet_tcp_bind_all_nodes(ypxfr_t)
++corenet_udp_bind_all_nodes(ypxfr_t)
++corenet_tcp_bind_reserved_port(ypxfr_t)
++corenet_udp_bind_reserved_port(ypxfr_t)
++corenet_dontaudit_tcp_bind_all_reserved_ports(ypxfr_t)
++corenet_dontaudit_udp_bind_all_reserved_ports(ypxfr_t)
++corenet_tcp_connect_all_ports(ypxfr_t)
++allow ypxfr_t self:unix_stream_socket create_stream_socket_perms;
++
++allow ypxfr_t etc_t:file { getattr read };
++files_read_etc_files(ypxfr_t)
diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/nscd.if serefpolicy-2.2.23/policy/modules/services/nscd.if
--- nsaserefpolicy/policy/modules/services/nscd.if 2006-02-10 21:34:14.000000000 -0500
+++ serefpolicy-2.2.23/policy/modules/services/nscd.if 2006-03-07 13:42:37.000000000 -0500
@@ -824,9 +969,34 @@
files_config_file(samba_share_t)
type samba_var_t;
+diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/fstools.if serefpolicy-2.2.23/policy/modules/system/fstools.if
+--- nsaserefpolicy/policy/modules/system/fstools.if 2006-02-10 21:34:15.000000000 -0500
++++ serefpolicy-2.2.23/policy/modules/system/fstools.if 2006-03-14 11:33:20.000000000 -0500
+@@ -110,3 +110,21 @@
+
+ allow $1 fsadm_exec_t:file create_file_perms;
+ ')
++
++########################################
++## <summary>
++## Getattr swapfile
++## </summary>
++## <param name="domain">
++## <summary>
++## The type of the process performing this action.
++## </summary>
++## </param>
++#
++interface(`fstools_getattr_swap_files',`
++ gen_require(`
++ type swapfile_t;
++ ')
++
++ allow $1 swapfile_t:file getattr;
++')
diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/fstools.te serefpolicy-2.2.23/policy/modules/system/fstools.te
--- nsaserefpolicy/policy/modules/system/fstools.te 2006-03-04 00:06:37.000000000 -0500
-+++ serefpolicy-2.2.23/policy/modules/system/fstools.te 2006-03-09 16:38:01.000000000 -0500
++++ serefpolicy-2.2.23/policy/modules/system/fstools.te 2006-03-14 11:32:08.000000000 -0500
@@ -53,6 +53,7 @@
kernel_change_ring_buffer_level(fsadm_t)
# mkreiserfs needs this
@@ -936,8 +1106,16 @@
fs_search_auto_mountpoints(lvm_t)
diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/mount.te serefpolicy-2.2.23/policy/modules/system/mount.te
--- nsaserefpolicy/policy/modules/system/mount.te 2006-03-04 00:06:37.000000000 -0500
-+++ serefpolicy-2.2.23/policy/modules/system/mount.te 2006-03-09 16:54:17.000000000 -0500
-@@ -33,6 +33,7 @@
++++ serefpolicy-2.2.23/policy/modules/system/mount.te 2006-03-14 14:40:50.000000000 -0500
+@@ -26,6 +26,7 @@
+ files_tmp_filetrans(mount_t,mount_tmp_t,{ file dir })
+
+ kernel_read_system_state(mount_t)
++kernel_dontaudit_getattr_core_if(mount_t)
+
+ corenet_dontaudit_tcp_bind_all_reserved_ports(mount_t)
+ corenet_dontaudit_udp_bind_all_reserved_ports(mount_t)
+@@ -33,6 +34,7 @@
dev_getattr_all_blk_files(mount_t)
dev_list_all_dev_nodes(mount_t)
dev_rw_lvm_control(mount_t)
@@ -945,7 +1123,7 @@
dev_dontaudit_getattr_memory_dev(mount_t)
dev_getattr_sound_dev(mount_t)
-@@ -73,6 +74,7 @@
+@@ -73,6 +75,7 @@
init_use_fds(mount_t)
init_use_script_ptys(mount_t)
@@ -969,9 +1147,21 @@
/etc/selinux/([^/]*/)?users(/.*)? -- gen_context(system_u:object_r:selinux_config_t,s15:c0.c255)
#
+diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/selinuxutil.if serefpolicy-2.2.23/policy/modules/system/selinuxutil.if
+--- nsaserefpolicy/policy/modules/system/selinuxutil.if 2006-02-23 09:25:09.000000000 -0500
++++ serefpolicy-2.2.23/policy/modules/system/selinuxutil.if 2006-03-13 12:46:45.000000000 -0500
+@@ -853,7 +853,7 @@
+ ')
+
+ files_search_etc($1)
+- allow $1 selinux_config_t:dir rw_dir_perms;
++ allow $1 selinux_config_t:dir create_dir_perms;
+ type_transition $1 selinux_config_t:dir semanage_store_t;
+
+ allow $1 semanage_store_t:dir create_dir_perms;
diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/selinuxutil.te serefpolicy-2.2.23/policy/modules/system/selinuxutil.te
--- nsaserefpolicy/policy/modules/system/selinuxutil.te 2006-03-04 00:06:37.000000000 -0500
-+++ serefpolicy-2.2.23/policy/modules/system/selinuxutil.te 2006-03-07 13:42:37.000000000 -0500
++++ serefpolicy-2.2.23/policy/modules/system/selinuxutil.te 2006-03-13 13:21:24.000000000 -0500
@@ -192,6 +192,9 @@
selinux_load_policy(load_policy_t)
selinux_set_boolean(load_policy_t)
@@ -990,6 +1180,18 @@
term_use_all_user_ttys(newrole_t)
term_use_all_user_ptys(newrole_t)
term_relabel_all_user_ttys(newrole_t)
+@@ -476,6 +480,11 @@
+ optional_policy(`daemontools',`
+ daemontools_domtrans_start(run_init_t)
+ ')
++
++ optional_policy(`nscd',`
++ nscd_socket_use(run_init_t)
++ ')
++
+ ') dnl end ifdef targeted policy
+
+ ########################################
diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/sysnetwork.te serefpolicy-2.2.23/policy/modules/system/sysnetwork.te
--- nsaserefpolicy/policy/modules/system/sysnetwork.te 2006-03-04 00:06:37.000000000 -0500
+++ serefpolicy-2.2.23/policy/modules/system/sysnetwork.te 2006-03-09 11:15:56.000000000 -0500
@@ -1016,13 +1218,13 @@
term_use_generic_ptys(ifconfig_t)
diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/udev.te serefpolicy-2.2.23/policy/modules/system/udev.te
--- nsaserefpolicy/policy/modules/system/udev.te 2006-03-04 00:06:37.000000000 -0500
-+++ serefpolicy-2.2.23/policy/modules/system/udev.te 2006-03-07 13:42:37.000000000 -0500
++++ serefpolicy-2.2.23/policy/modules/system/udev.te 2006-03-13 12:21:29.000000000 -0500
@@ -39,7 +39,7 @@
# Local policy
#
-allow udev_t self:capability { chown dac_override dac_read_search fowner fsetid sys_admin mknod net_raw net_admin sys_nice sys_rawio sys_resource sys_nice };
-+allow udev_t self:capability { chown dac_override dac_read_search fowner fsetid sys_admin mknod net_raw net_admin sys_nice sys_rawio sys_resource setgid sys_nice };
++allow udev_t self:capability { chown dac_override dac_read_search fowner fsetid sys_admin mknod net_raw net_admin sys_nice sys_rawio sys_resource setuid setgid sys_nice };
dontaudit udev_t self:capability sys_tty_config;
allow udev_t self:process ~{ ptrace setcurrent setexec setfscreate setrlimit execmem execstack execheap };
allow udev_t self:process { execmem setfscreate };
@@ -1053,8 +1255,8 @@
')
diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/xend.fc serefpolicy-2.2.23/policy/modules/system/xend.fc
--- nsaserefpolicy/policy/modules/system/xend.fc 1969-12-31 19:00:00.000000000 -0500
-+++ serefpolicy-2.2.23/policy/modules/system/xend.fc 2006-03-09 10:11:00.000000000 -0500
-@@ -0,0 +1,22 @@
++++ serefpolicy-2.2.23/policy/modules/system/xend.fc 2006-03-10 16:48:34.000000000 -0500
+@@ -0,0 +1,23 @@
+# xend executable will have:
+# label: system_u:object_r:xend_exec_t
+# MLS sensitivity: s0
@@ -1065,6 +1267,7 @@
+
+/var/log/xend\.log -- system_u:object_r:xend_var_log_t:s0
+/var/log/xend-debug\.log -- system_u:object_r:xend_var_log_t:s0
++/var/log/xen-hotplug\.log -- system_u:object_r:xend_var_log_t:s0
+/var/lib/xen(/.*)? system_u:object_r:xend_var_lib_t:s0
+/var/lib/xend(/.*)? system_u:object_r:xend_var_lib_t:s0
+/var/lib/xenstored(/.*)? system_u:object_r:xenstored_var_lib_t:s0
@@ -1154,8 +1357,8 @@
+
diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/xend.te serefpolicy-2.2.23/policy/modules/system/xend.te
--- nsaserefpolicy/policy/modules/system/xend.te 1969-12-31 19:00:00.000000000 -0500
-+++ serefpolicy-2.2.23/policy/modules/system/xend.te 2006-03-09 13:10:10.000000000 -0500
-@@ -0,0 +1,217 @@
++++ serefpolicy-2.2.23/policy/modules/system/xend.te 2006-03-13 16:17:27.000000000 -0500
+@@ -0,0 +1,219 @@
+policy_module(xend,1.0.0)
+
+########################################
@@ -1294,6 +1497,8 @@
+term_dontaudit_getattr_all_user_ptys(xend_t)
+term_dontaudit_use_generic_ptys(xend_t)
+
++storage_raw_read_fixed_disk(xend_t)
++
+xend_store_stream_connect(xend_t)
+
+################################ xenconsoled_t ##############################
Index: selinux-policy.spec
===================================================================
RCS file: /cvs/dist/rpms/selinux-policy/devel/selinux-policy.spec,v
retrieving revision 1.150
retrieving revision 1.151
diff -u -r1.150 -r1.151
--- selinux-policy.spec 14 Mar 2006 10:37:14 -0000 1.150
+++ selinux-policy.spec 14 Mar 2006 20:13:28 -0000 1.151
@@ -10,7 +10,7 @@
Summary: SELinux policy configuration
Name: selinux-policy
Version: 2.2.23
-Release: 16
+Release: 17
License: GPL
Group: System Environment/Base
Source: serefpolicy-%{version}.tgz
@@ -298,6 +298,15 @@
%fileList strict
%changelog
+* Mon Mar 13 2006 Dan Walsh <dwalsh at redhat.com> 2.2.23-17
+- MLS Fixes
+ dmidecode needs mls_file_read_up
+- add ypxfr_t
+- run init needs access to nscd
+- udev needs setuid
+- another xen log file
+- Dontaudit mount getattr proc_kcore_t
+
* Tue Mar 14 2006 Karsten Hopp <karsten at redhat.de> 2.2.23-16
- fix buildroot usage (#185391)
- Previous message (by thread): rpms/libbonobo/devel .cvsignore, 1.15, 1.16 libbonobo.spec, 1.37, 1.38 sources, 1.15, 1.16
- Next message (by thread): rpms/libsetrans/devel .cvsignore, 1.20, 1.21 libsetrans.spec, 1.30, 1.31 sources, 1.25, 1.26
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
More information about the fedora-cvs-commits
mailing list