rpms/selinux-policy/devel policy-20060207.patch, 1.50, 1.51 selinux-policy.spec, 1.153, 1.154
fedora-cvs-commits at redhat.com
fedora-cvs-commits at redhat.com
Thu Mar 16 14:41:20 UTC 2006
Author: dwalsh
Update of /cvs/dist/rpms/selinux-policy/devel
In directory cvs.devel.redhat.com:/tmp/cvs-serv18595
Modified Files:
policy-20060207.patch selinux-policy.spec
Log Message:
* Wed Mar 15 2006 Dan Walsh <dwalsh at redhat.com> 2.2.23-19
- Get transition rules to create policy.20 at SystemHigh
policy-20060207.patch:
Rules.modular | 2
policy/mcs | 4
policy/modules/admin/bootloader.te | 2
policy/modules/admin/dmidecode.te | 2
policy/modules/admin/readahead.te | 2
policy/modules/admin/rpm.fc | 2
policy/modules/admin/rpm.if | 3
policy/modules/admin/rpm.te | 1
policy/modules/admin/su.fc | 1
policy/modules/admin/su.if | 6
policy/modules/admin/updfstab.te | 4
policy/modules/admin/vbetool.te | 9 +
policy/modules/kernel/corenetwork.te.in | 3
policy/modules/kernel/devices.fc | 1
policy/modules/kernel/devices.if | 21 ++-
policy/modules/kernel/files.fc | 8 -
policy/modules/kernel/files.if | 21 ++-
policy/modules/kernel/filesystem.te | 1
policy/modules/kernel/kernel.if | 102 ++++++++++++++
policy/modules/kernel/kernel.te | 3
policy/modules/kernel/terminal.if | 2
policy/modules/services/apache.fc | 2
policy/modules/services/apache.if | 5
policy/modules/services/apm.fc | 2
policy/modules/services/apm.te | 4
policy/modules/services/bluetooth.te | 20 +-
policy/modules/services/cron.te | 3
policy/modules/services/cups.fc | 2
policy/modules/services/cups.if | 22 +++
policy/modules/services/cups.te | 7 -
policy/modules/services/cvs.te | 2
policy/modules/services/hal.if | 41 +++++
policy/modules/services/hal.te | 13 +
policy/modules/services/ktalk.fc | 1
policy/modules/services/ktalk.te | 6
policy/modules/services/mailman.if | 25 +++
policy/modules/services/nis.fc | 1
policy/modules/services/nis.if | 25 +++
policy/modules/services/nis.te | 28 ++++
policy/modules/services/nscd.if | 2
policy/modules/services/postfix.te | 4
policy/modules/services/samba.te | 2
policy/modules/services/sendmail.te | 1
policy/modules/system/fstools.if | 18 ++
policy/modules/system/fstools.te | 3
policy/modules/system/init.te | 5
policy/modules/system/libraries.fc | 2
policy/modules/system/locallogin.te | 1
policy/modules/system/lvm.fc | 1
policy/modules/system/lvm.te | 3
policy/modules/system/mount.te | 3
policy/modules/system/selinuxutil.fc | 6
policy/modules/system/selinuxutil.if | 23 ++-
policy/modules/system/selinuxutil.te | 16 ++
policy/modules/system/sysnetwork.te | 7 +
policy/modules/system/udev.te | 2
policy/modules/system/unconfined.te | 8 -
policy/modules/system/userdomain.te | 1
policy/modules/system/xend.fc | 23 +++
policy/modules/system/xend.if | 71 ++++++++++
policy/modules/system/xend.te | 219 ++++++++++++++++++++++++++++++++
support/Makefile.devel | 5
62 files changed, 777 insertions(+), 58 deletions(-)
Index: policy-20060207.patch
===================================================================
RCS file: /cvs/dist/rpms/selinux-policy/devel/policy-20060207.patch,v
retrieving revision 1.50
retrieving revision 1.51
diff -u -r1.50 -r1.51
--- policy-20060207.patch 14 Mar 2006 22:43:44 -0000 1.50
+++ policy-20060207.patch 16 Mar 2006 14:41:17 -0000 1.51
@@ -75,7 +75,7 @@
diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/admin/rpm.te serefpolicy-2.2.23/policy/modules/admin/rpm.te
--- nsaserefpolicy/policy/modules/admin/rpm.te 2006-03-04 00:06:33.000000000 -0500
-+++ serefpolicy-2.2.23/policy/modules/admin/rpm.te 2006-03-14 16:51:22.000000000 -0500
++++ serefpolicy-2.2.23/policy/modules/admin/rpm.te 2006-03-15 09:22:44.000000000 -0500
@@ -326,6 +326,7 @@
seutil_domtrans_loadpolicy(rpm_script_t)
@@ -514,7 +514,7 @@
')
diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/bluetooth.te serefpolicy-2.2.23/policy/modules/services/bluetooth.te
--- nsaserefpolicy/policy/modules/services/bluetooth.te 2006-03-04 00:06:35.000000000 -0500
-+++ serefpolicy-2.2.23/policy/modules/services/bluetooth.te 2006-03-08 11:35:36.000000000 -0500
++++ serefpolicy-2.2.23/policy/modules/services/bluetooth.te 2006-03-16 09:30:42.000000000 -0500
@@ -115,6 +115,7 @@
corecmd_exec_shell(bluetooth_t)
@@ -523,9 +523,11 @@
files_read_etc_files(bluetooth_t)
files_read_etc_runtime_files(bluetooth_t)
-@@ -146,6 +147,9 @@
+@@ -145,7 +146,11 @@
+
optional_policy(`dbus',`
dbus_system_bus_client_template(bluetooth,bluetooth_t)
++ dbus_connect_system_bus(bluetooth_t)
dbus_send_system_bus(bluetooth_t)
+ dbus_system_bus_client_template(bluetooth_helper,bluetooth_helper_t)
+ dbus_connect_system_bus(bluetooth_helper_t)
@@ -533,7 +535,7 @@
')
optional_policy(`nis',`
-@@ -170,6 +174,7 @@
+@@ -170,6 +175,7 @@
allow bluetooth_helper_t self:fifo_file rw_file_perms;
allow bluetooth_helper_t self:shm create_shm_perms;
allow bluetooth_helper_t self:unix_stream_socket { create_stream_socket_perms connectto };
@@ -541,7 +543,7 @@
allow bluetooth_helper_t bluetooth_t:socket { read write };
-@@ -202,20 +207,17 @@
+@@ -202,20 +208,17 @@
miscfiles_read_localization(bluetooth_helper_t)
miscfiles_read_fonts(bluetooth_helper_t)
@@ -566,7 +568,7 @@
ifdef(`strict_policy',`
ifdef(`xdm.te',`
allow bluetooth_helper_t xdm_xserver_tmp_t:sock_file { read write };
-@@ -227,4 +229,7 @@
+@@ -227,4 +230,7 @@
files_rw_generic_tmp_sockets(bluetooth_helper_t)
allow bluetooth_helper_t tmpfs_t:file { read write };
allow bluetooth_helper_t unconfined_t:unix_stream_socket connectto;
@@ -1058,7 +1060,7 @@
libs_use_shared_libs(fsadm_t)
diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/init.te serefpolicy-2.2.23/policy/modules/system/init.te
--- nsaserefpolicy/policy/modules/system/init.te 2006-03-04 00:06:37.000000000 -0500
-+++ serefpolicy-2.2.23/policy/modules/system/init.te 2006-03-07 13:42:37.000000000 -0500
++++ serefpolicy-2.2.23/policy/modules/system/init.te 2006-03-15 09:44:32.000000000 -0500
@@ -349,6 +349,7 @@
files_mounton_isid_type_dirs(initrc_t)
files_list_default(initrc_t)
@@ -1168,7 +1170,7 @@
libs_use_shared_libs(mount_t)
diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/selinuxutil.fc serefpolicy-2.2.23/policy/modules/system/selinuxutil.fc
--- nsaserefpolicy/policy/modules/system/selinuxutil.fc 2006-02-23 09:25:09.000000000 -0500
-+++ serefpolicy-2.2.23/policy/modules/system/selinuxutil.fc 2006-03-07 13:42:37.000000000 -0500
++++ serefpolicy-2.2.23/policy/modules/system/selinuxutil.fc 2006-03-15 16:33:44.000000000 -0500
@@ -8,9 +8,9 @@
/etc/selinux/([^/]*/)?contexts/files(/.*)? gen_context(system_u:object_r:file_context_t,s0)
/etc/selinux/([^/]*/)?policy(/.*)? gen_context(system_u:object_r:policy_config_t,s15:c0.c255)
@@ -1176,7 +1178,7 @@
-/etc/selinux([^/]*/)?modules/(active|tmp|previous)(/.*)? -- gen_context(system_u:object_r:semanage_store_t,s0)
-/etc/selinux([^/]*/)?modules/semanage.read.LOCK -- gen_context(system_u:object_r:semanage_read_lock_t,s0)
-/etc/selinux([^/]*/)?modules/semanage.trans.LOCK -- gen_context(system_u:object_r:semanage_trans_lock_t,s0)
-+/etc/selinux/([^/]*/)?modules/(active|tmp|previous)(/.*)? -- gen_context(system_u:object_r:semanage_store_t,s0)
++/etc/selinux/([^/]*/)?modules/(active|tmp|previous)(/.*)? gen_context(system_u:object_r:semanage_store_t,s0)
+/etc/selinux/([^/]*/)?modules/semanage.read.LOCK -- gen_context(system_u:object_r:semanage_read_lock_t,s0)
+/etc/selinux/([^/]*/)?modules/semanage.trans.LOCK -- gen_context(system_u:object_r:semanage_trans_lock_t,s0)
/etc/selinux/([^/]*/)?users(/.*)? -- gen_context(system_u:object_r:selinux_config_t,s15:c0.c255)
@@ -1228,7 +1230,7 @@
+
diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/selinuxutil.te serefpolicy-2.2.23/policy/modules/system/selinuxutil.te
--- nsaserefpolicy/policy/modules/system/selinuxutil.te 2006-03-04 00:06:37.000000000 -0500
-+++ serefpolicy-2.2.23/policy/modules/system/selinuxutil.te 2006-03-14 17:32:51.000000000 -0500
++++ serefpolicy-2.2.23/policy/modules/system/selinuxutil.te 2006-03-15 09:23:03.000000000 -0500
@@ -192,6 +192,9 @@
selinux_load_policy(load_policy_t)
selinux_set_boolean(load_policy_t)
Index: selinux-policy.spec
===================================================================
RCS file: /cvs/dist/rpms/selinux-policy/devel/selinux-policy.spec,v
retrieving revision 1.153
retrieving revision 1.154
diff -u -r1.153 -r1.154
--- selinux-policy.spec 14 Mar 2006 22:43:44 -0000 1.153
+++ selinux-policy.spec 16 Mar 2006 14:41:17 -0000 1.154
@@ -10,7 +10,7 @@
Summary: SELinux policy configuration
Name: selinux-policy
Version: 2.2.23
-Release: 18
+Release: 19
License: GPL
Group: System Environment/Base
Source: serefpolicy-%{version}.tgz
@@ -298,6 +298,9 @@
%fileList strict
%changelog
+* Wed Mar 15 2006 Dan Walsh <dwalsh at redhat.com> 2.2.23-19
+- Get transition rules to create policy.20 at SystemHigh
+
* Tue Mar 14 2006 Dan Walsh <dwalsh at redhat.com> 2.2.23-18
- Allow secadmin to shutdown system
- Allow sendmail to exec newalias
More information about the fedora-cvs-commits
mailing list