rpms/selinux-policy/devel policy-20060207.patch, 1.50, 1.51 selinux-policy.spec, 1.153, 1.154

fedora-cvs-commits at redhat.com fedora-cvs-commits at redhat.com
Thu Mar 16 14:41:20 UTC 2006 

Author: dwalsh

Update of /cvs/dist/rpms/selinux-policy/devel
In directory cvs.devel.redhat.com:/tmp/cvs-serv18595

Modified Files:
	policy-20060207.patch selinux-policy.spec 
Log Message:
* Wed Mar 15 2006 Dan Walsh <dwalsh at redhat.com> 2.2.23-19
- Get transition rules to create policy.20 at SystemHigh


policy-20060207.patch:
 Rules.modular                           |    2 
 policy/mcs                              |    4 
 policy/modules/admin/bootloader.te      |    2 
 policy/modules/admin/dmidecode.te       |    2 
 policy/modules/admin/readahead.te       |    2 
 policy/modules/admin/rpm.fc             |    2 
 policy/modules/admin/rpm.if             |    3 
 policy/modules/admin/rpm.te             |    1 
 policy/modules/admin/su.fc              |    1 
 policy/modules/admin/su.if              |    6 
 policy/modules/admin/updfstab.te        |    4 
 policy/modules/admin/vbetool.te         |    9 +
 policy/modules/kernel/corenetwork.te.in |    3 
 policy/modules/kernel/devices.fc        |    1 
 policy/modules/kernel/devices.if        |   21 ++-
 policy/modules/kernel/files.fc          |    8 -
 policy/modules/kernel/files.if          |   21 ++-
 policy/modules/kernel/filesystem.te     |    1 
 policy/modules/kernel/kernel.if         |  102 ++++++++++++++
 policy/modules/kernel/kernel.te         |    3 
 policy/modules/kernel/terminal.if       |    2 
 policy/modules/services/apache.fc       |    2 
 policy/modules/services/apache.if       |    5 
 policy/modules/services/apm.fc          |    2 
 policy/modules/services/apm.te          |    4 
 policy/modules/services/bluetooth.te    |   20 +-
 policy/modules/services/cron.te         |    3 
 policy/modules/services/cups.fc         |    2 
 policy/modules/services/cups.if         |   22 +++
 policy/modules/services/cups.te         |    7 -
 policy/modules/services/cvs.te          |    2 
 policy/modules/services/hal.if          |   41 +++++
 policy/modules/services/hal.te          |   13 +
 policy/modules/services/ktalk.fc        |    1 
 policy/modules/services/ktalk.te        |    6 
 policy/modules/services/mailman.if      |   25 +++
 policy/modules/services/nis.fc          |    1 
 policy/modules/services/nis.if          |   25 +++
 policy/modules/services/nis.te          |   28 ++++
 policy/modules/services/nscd.if         |    2 
 policy/modules/services/postfix.te      |    4 
 policy/modules/services/samba.te        |    2 
 policy/modules/services/sendmail.te     |    1 
 policy/modules/system/fstools.if        |   18 ++
 policy/modules/system/fstools.te        |    3 
 policy/modules/system/init.te           |    5 
 policy/modules/system/libraries.fc      |    2 
 policy/modules/system/locallogin.te     |    1 
 policy/modules/system/lvm.fc            |    1 
 policy/modules/system/lvm.te            |    3 
 policy/modules/system/mount.te          |    3 
 policy/modules/system/selinuxutil.fc    |    6 
 policy/modules/system/selinuxutil.if    |   23 ++-
 policy/modules/system/selinuxutil.te    |   16 ++
 policy/modules/system/sysnetwork.te     |    7 +
 policy/modules/system/udev.te           |    2 
 policy/modules/system/unconfined.te     |    8 -
 policy/modules/system/userdomain.te     |    1 
 policy/modules/system/xend.fc           |   23 +++
 policy/modules/system/xend.if           |   71 ++++++++++
 policy/modules/system/xend.te           |  219 ++++++++++++++++++++++++++++++++
 support/Makefile.devel                  |    5 
 62 files changed, 777 insertions(+), 58 deletions(-)

Index: policy-20060207.patch
===================================================================
RCS file: /cvs/dist/rpms/selinux-policy/devel/policy-20060207.patch,v
retrieving revision 1.50
retrieving revision 1.51
diff -u -r1.50 -r1.51
--- policy-20060207.patch	14 Mar 2006 22:43:44 -0000	1.50
+++ policy-20060207.patch	16 Mar 2006 14:41:17 -0000	1.51
@@ -75,7 +75,7 @@
  
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/admin/rpm.te serefpolicy-2.2.23/policy/modules/admin/rpm.te
 --- nsaserefpolicy/policy/modules/admin/rpm.te	2006-03-04 00:06:33.000000000 -0500
-+++ serefpolicy-2.2.23/policy/modules/admin/rpm.te	2006-03-14 16:51:22.000000000 -0500
++++ serefpolicy-2.2.23/policy/modules/admin/rpm.te	2006-03-15 09:22:44.000000000 -0500
 @@ -326,6 +326,7 @@
  
  seutil_domtrans_loadpolicy(rpm_script_t)
@@ -514,7 +514,7 @@
  ')
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/bluetooth.te serefpolicy-2.2.23/policy/modules/services/bluetooth.te
 --- nsaserefpolicy/policy/modules/services/bluetooth.te	2006-03-04 00:06:35.000000000 -0500
-+++ serefpolicy-2.2.23/policy/modules/services/bluetooth.te	2006-03-08 11:35:36.000000000 -0500
++++ serefpolicy-2.2.23/policy/modules/services/bluetooth.te	2006-03-16 09:30:42.000000000 -0500
 @@ -115,6 +115,7 @@
  corecmd_exec_shell(bluetooth_t)
  
@@ -523,9 +523,11 @@
  
  files_read_etc_files(bluetooth_t)
  files_read_etc_runtime_files(bluetooth_t)
-@@ -146,6 +147,9 @@
+@@ -145,7 +146,11 @@
+ 
  optional_policy(`dbus',`
  	dbus_system_bus_client_template(bluetooth,bluetooth_t)
++	dbus_connect_system_bus(bluetooth_t)
  	dbus_send_system_bus(bluetooth_t)
 +	dbus_system_bus_client_template(bluetooth_helper,bluetooth_helper_t)
 +	dbus_connect_system_bus(bluetooth_helper_t)
@@ -533,7 +535,7 @@
  ')
  
  optional_policy(`nis',`
-@@ -170,6 +174,7 @@
+@@ -170,6 +175,7 @@
  allow bluetooth_helper_t self:fifo_file rw_file_perms;
  allow bluetooth_helper_t self:shm create_shm_perms;
  allow bluetooth_helper_t self:unix_stream_socket { create_stream_socket_perms connectto };
@@ -541,7 +543,7 @@
  
  allow bluetooth_helper_t bluetooth_t:socket { read write };
  
-@@ -202,20 +207,17 @@
+@@ -202,20 +208,17 @@
  miscfiles_read_localization(bluetooth_helper_t) 
  miscfiles_read_fonts(bluetooth_helper_t)
  
@@ -566,7 +568,7 @@
  ifdef(`strict_policy',`
  	ifdef(`xdm.te',`
  		allow bluetooth_helper_t xdm_xserver_tmp_t:sock_file { read write };
-@@ -227,4 +229,7 @@
+@@ -227,4 +230,7 @@
  	files_rw_generic_tmp_sockets(bluetooth_helper_t)
  	allow bluetooth_helper_t tmpfs_t:file { read write };
  	allow bluetooth_helper_t unconfined_t:unix_stream_socket connectto;
@@ -1058,7 +1060,7 @@
  libs_use_shared_libs(fsadm_t)
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/init.te serefpolicy-2.2.23/policy/modules/system/init.te
 --- nsaserefpolicy/policy/modules/system/init.te	2006-03-04 00:06:37.000000000 -0500
-+++ serefpolicy-2.2.23/policy/modules/system/init.te	2006-03-07 13:42:37.000000000 -0500
++++ serefpolicy-2.2.23/policy/modules/system/init.te	2006-03-15 09:44:32.000000000 -0500
 @@ -349,6 +349,7 @@
  files_mounton_isid_type_dirs(initrc_t)
  files_list_default(initrc_t)
@@ -1168,7 +1170,7 @@
  libs_use_shared_libs(mount_t)
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/selinuxutil.fc serefpolicy-2.2.23/policy/modules/system/selinuxutil.fc
 --- nsaserefpolicy/policy/modules/system/selinuxutil.fc	2006-02-23 09:25:09.000000000 -0500
-+++ serefpolicy-2.2.23/policy/modules/system/selinuxutil.fc	2006-03-07 13:42:37.000000000 -0500
++++ serefpolicy-2.2.23/policy/modules/system/selinuxutil.fc	2006-03-15 16:33:44.000000000 -0500
 @@ -8,9 +8,9 @@
  /etc/selinux/([^/]*/)?contexts/files(/.*)? gen_context(system_u:object_r:file_context_t,s0)
  /etc/selinux/([^/]*/)?policy(/.*)?	gen_context(system_u:object_r:policy_config_t,s15:c0.c255)
@@ -1176,7 +1178,7 @@
 -/etc/selinux([^/]*/)?modules/(active|tmp|previous)(/.*)?     --	gen_context(system_u:object_r:semanage_store_t,s0)
 -/etc/selinux([^/]*/)?modules/semanage.read.LOCK    --	gen_context(system_u:object_r:semanage_read_lock_t,s0)
 -/etc/selinux([^/]*/)?modules/semanage.trans.LOCK   --	gen_context(system_u:object_r:semanage_trans_lock_t,s0)
-+/etc/selinux/([^/]*/)?modules/(active|tmp|previous)(/.*)?     --	gen_context(system_u:object_r:semanage_store_t,s0)
++/etc/selinux/([^/]*/)?modules/(active|tmp|previous)(/.*)?     gen_context(system_u:object_r:semanage_store_t,s0)
 +/etc/selinux/([^/]*/)?modules/semanage.read.LOCK    --	gen_context(system_u:object_r:semanage_read_lock_t,s0)
 +/etc/selinux/([^/]*/)?modules/semanage.trans.LOCK   --	gen_context(system_u:object_r:semanage_trans_lock_t,s0)
  /etc/selinux/([^/]*/)?users(/.*)?	--	gen_context(system_u:object_r:selinux_config_t,s15:c0.c255)
@@ -1228,7 +1230,7 @@
 +
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/selinuxutil.te serefpolicy-2.2.23/policy/modules/system/selinuxutil.te
 --- nsaserefpolicy/policy/modules/system/selinuxutil.te	2006-03-04 00:06:37.000000000 -0500
-+++ serefpolicy-2.2.23/policy/modules/system/selinuxutil.te	2006-03-14 17:32:51.000000000 -0500
++++ serefpolicy-2.2.23/policy/modules/system/selinuxutil.te	2006-03-15 09:23:03.000000000 -0500
 @@ -192,6 +192,9 @@
  selinux_load_policy(load_policy_t)
  selinux_set_boolean(load_policy_t)


Index: selinux-policy.spec
===================================================================
RCS file: /cvs/dist/rpms/selinux-policy/devel/selinux-policy.spec,v
retrieving revision 1.153
retrieving revision 1.154
diff -u -r1.153 -r1.154
--- selinux-policy.spec	14 Mar 2006 22:43:44 -0000	1.153
+++ selinux-policy.spec	16 Mar 2006 14:41:17 -0000	1.154
@@ -10,7 +10,7 @@
 Summary: SELinux policy configuration
 Name: selinux-policy
 Version: 2.2.23
-Release: 18
+Release: 19
 License: GPL
 Group: System Environment/Base
 Source: serefpolicy-%{version}.tgz
@@ -298,6 +298,9 @@
 %fileList strict
 
 %changelog
+* Wed Mar 15 2006 Dan Walsh <dwalsh at redhat.com> 2.2.23-19
+- Get transition rules to create policy.20 at SystemHigh
+
 * Tue Mar 14 2006 Dan Walsh <dwalsh at redhat.com> 2.2.23-18
 - Allow secadmin to shutdown system
 - Allow sendmail to exec newalias

More information about the fedora-cvs-commits mailing list