rpms/selinux-policy/FC-6 modules-targeted.conf, 1.42, 1.43 policy-20061106.patch, 1.32, 1.33 selinux-policy.spec, 1.355, 1.356
fedora-cvs-commits at redhat.com
fedora-cvs-commits at redhat.com
Tue Apr 10 19:12:51 UTC 2007
Author: dwalsh
Update of /cvs/dist/rpms/selinux-policy/FC-6
In directory cvs.devel.redhat.com:/tmp/cvs-serv17732
Modified Files:
modules-targeted.conf policy-20061106.patch
selinux-policy.spec
Log Message:
* Mon Apr 10 2007 Dan Walsh <dwalsh at redhat.com> 2.4.6-54
- syslog needs to be run as SystemHigh
- Fix file context mapping
Resolves: #235725
- Add apcupsd policy
Index: modules-targeted.conf
===================================================================
RCS file: /cvs/dist/rpms/selinux-policy/FC-6/modules-targeted.conf,v
retrieving revision 1.42
retrieving revision 1.43
diff -u -r1.42 -r1.43
--- modules-targeted.conf 28 Mar 2007 13:15:07 -0000 1.42
+++ modules-targeted.conf 10 Apr 2007 19:12:48 -0000 1.43
@@ -1185,3 +1185,11 @@
# File System in Userspace (FUSE) utilities
#
fusermount = base
+
+# Layer: services
+# Module: apcupsd
+#
+# daemon for most APC’s UPS for Linux
+#
+apcupsd = module
+
policy-20061106.patch:
Rules.modular | 10
config/appconfig-strict-mcs/seusers | 1
config/appconfig-strict-mls/default_contexts | 6
config/appconfig-strict-mls/seusers | 1
config/appconfig-strict/seusers | 1
man/man8/kerberos_selinux.8 | 2
policy/flask/access_vectors | 2
policy/global_tunables | 89 ++++
policy/mls | 31 +
policy/modules/admin/acct.te | 1
policy/modules/admin/amanda.if | 17
policy/modules/admin/amanda.te | 6
policy/modules/admin/amtu.fc | 3
policy/modules/admin/amtu.if | 57 ++
policy/modules/admin/amtu.te | 56 ++
policy/modules/admin/backup.te | 5
policy/modules/admin/bootloader.fc | 5
policy/modules/admin/bootloader.te | 14
policy/modules/admin/consoletype.te | 21
policy/modules/admin/ddcprobe.te | 10
policy/modules/admin/dmesg.te | 7
policy/modules/admin/dmidecode.te | 5
policy/modules/admin/firstboot.if | 6
policy/modules/admin/kudzu.te | 11
policy/modules/admin/logrotate.te | 5
policy/modules/admin/logwatch.te | 12
policy/modules/admin/netutils.te | 13
policy/modules/admin/portage.te | 5
policy/modules/admin/prelink.te | 18
policy/modules/admin/quota.fc | 7
policy/modules/admin/quota.te | 24 -
policy/modules/admin/rpm.fc | 3
policy/modules/admin/rpm.if | 43 ++
policy/modules/admin/rpm.te | 49 --
policy/modules/admin/su.if | 28 -
policy/modules/admin/su.te | 2
policy/modules/admin/sudo.if | 10
policy/modules/admin/tripwire.te | 11
policy/modules/admin/usbmodules.te | 5
policy/modules/admin/usermanage.if | 1
policy/modules/admin/usermanage.te | 42 +
policy/modules/admin/vpn.te | 1
policy/modules/apps/ethereal.te | 5
policy/modules/apps/evolution.if | 107 ++++-
policy/modules/apps/evolution.te | 1
policy/modules/apps/games.fc | 1
policy/modules/apps/gnome.fc | 2
policy/modules/apps/gnome.if | 108 +++++
policy/modules/apps/gnome.te | 5
policy/modules/apps/gpg.if | 1
policy/modules/apps/java.fc | 2
policy/modules/apps/java.if | 38 +
policy/modules/apps/java.te | 2
policy/modules/apps/loadkeys.if | 17
policy/modules/apps/mozilla.if | 210 ++++++++-
policy/modules/apps/mplayer.if | 84 +++
policy/modules/apps/mplayer.te | 1
policy/modules/apps/slocate.te | 3
policy/modules/apps/thunderbird.if | 81 +++
policy/modules/apps/userhelper.if | 19
policy/modules/apps/webalizer.te | 6
policy/modules/apps/wine.fc | 1
policy/modules/apps/yam.te | 5
policy/modules/kernel/corecommands.fc | 19
policy/modules/kernel/corecommands.if | 77 +++
policy/modules/kernel/corenetwork.if.in | 140 ++++++
policy/modules/kernel/corenetwork.te.in | 14
policy/modules/kernel/devices.fc | 8
policy/modules/kernel/devices.if | 18
policy/modules/kernel/devices.te | 8
policy/modules/kernel/domain.if | 58 ++
policy/modules/kernel/domain.te | 22 +
policy/modules/kernel/files.fc | 2
policy/modules/kernel/files.if | 224 ++++++++++
policy/modules/kernel/filesystem.if | 62 ++
policy/modules/kernel/filesystem.te | 19
policy/modules/kernel/kernel.if | 84 +++
policy/modules/kernel/kernel.te | 22 -
policy/modules/kernel/mls.if | 28 +
policy/modules/kernel/mls.te | 6
policy/modules/kernel/storage.fc | 3
policy/modules/kernel/storage.if | 2
policy/modules/kernel/terminal.fc | 1
policy/modules/kernel/terminal.if | 2
policy/modules/kernel/terminal.te | 1
policy/modules/services/aide.fc | 4
policy/modules/services/aide.te | 7
policy/modules/services/amavis.te | 2
policy/modules/services/apache.fc | 17
policy/modules/services/apache.if | 21
policy/modules/services/apache.te | 40 +
policy/modules/services/apm.te | 3
policy/modules/services/automount.fc | 1
policy/modules/services/automount.te | 9
policy/modules/services/avahi.if | 40 +
policy/modules/services/bind.fc | 1
policy/modules/services/bind.te | 5
policy/modules/services/bluetooth.te | 8
policy/modules/services/ccs.fc | 1
policy/modules/services/ccs.te | 11
policy/modules/services/clamav.te | 2
policy/modules/services/cron.fc | 6
policy/modules/services/cron.if | 92 ++--
policy/modules/services/cron.te | 52 ++
policy/modules/services/cups.fc | 3
policy/modules/services/cups.te | 9
policy/modules/services/cvs.te | 1
policy/modules/services/cyrus.te | 5
policy/modules/services/dbus.fc | 1
policy/modules/services/dbus.if | 62 ++
policy/modules/services/dcc.te | 9
policy/modules/services/dhcp.te | 2
policy/modules/services/dovecot.te | 6
policy/modules/services/ftp.te | 18
policy/modules/services/hal.fc | 4
policy/modules/services/hal.if | 57 ++
policy/modules/services/hal.te | 22 -
policy/modules/services/inetd.te | 28 +
policy/modules/services/irqbalance.te | 4
policy/modules/services/kerberos.if | 25 +
policy/modules/services/kerberos.te | 15
policy/modules/services/ktalk.fc | 3
policy/modules/services/ktalk.te | 5
policy/modules/services/lpd.if | 57 +-
policy/modules/services/lpd.te | 5
policy/modules/services/mta.fc | 1
policy/modules/services/mta.if | 20
policy/modules/services/mta.te | 2
policy/modules/services/munin.te | 5
policy/modules/services/networkmanager.fc | 2
policy/modules/services/networkmanager.te | 2
policy/modules/services/nis.fc | 3
policy/modules/services/nis.if | 8
policy/modules/services/nis.te | 34 +
policy/modules/services/nscd.if | 20
policy/modules/services/nscd.te | 24 -
policy/modules/services/oav.te | 5
policy/modules/services/oddjob.te | 3
policy/modules/services/openca.if | 4
policy/modules/services/openca.te | 2
policy/modules/services/openvpn.te | 4
policy/modules/services/pcscd.fc | 9
policy/modules/services/pcscd.if | 62 ++
policy/modules/services/pcscd.te | 78 +++
policy/modules/services/pegasus.if | 31 +
policy/modules/services/pegasus.te | 6
policy/modules/services/portmap.te | 5
policy/modules/services/postfix.fc | 1
policy/modules/services/postfix.if | 3
policy/modules/services/postfix.te | 21
policy/modules/services/procmail.te | 28 +
policy/modules/services/pyzor.if | 18
policy/modules/services/pyzor.te | 13
policy/modules/services/radius.te | 1
policy/modules/services/radvd.te | 2
policy/modules/services/rhgb.if | 76 +++
policy/modules/services/rhgb.te | 3
policy/modules/services/ricci.te | 21
policy/modules/services/rlogin.te | 10
policy/modules/services/rpc.fc | 1
policy/modules/services/rpc.if | 3
policy/modules/services/rpc.te | 26 -
policy/modules/services/rsync.te | 1
policy/modules/services/samba.fc | 5
policy/modules/services/samba.if | 41 +
policy/modules/services/samba.te | 51 ++
policy/modules/services/sasl.te | 12
policy/modules/services/sendmail.if | 22 +
policy/modules/services/sendmail.te | 8
policy/modules/services/setroubleshoot.if | 20
policy/modules/services/setroubleshoot.te | 2
policy/modules/services/smartmon.te | 1
policy/modules/services/snmp.if | 17
policy/modules/services/snmp.te | 17
policy/modules/services/spamassassin.fc | 2
policy/modules/services/spamassassin.if | 42 +
policy/modules/services/spamassassin.te | 18
policy/modules/services/squid.fc | 2
policy/modules/services/squid.if | 21
policy/modules/services/squid.te | 11
policy/modules/services/ssh.if | 83 +++
policy/modules/services/ssh.te | 10
policy/modules/services/telnet.te | 3
policy/modules/services/tftp.te | 2
policy/modules/services/uucp.fc | 1
policy/modules/services/uucp.if | 67 +++
policy/modules/services/uucp.te | 44 +-
policy/modules/services/xserver.fc | 2
policy/modules/services/xserver.if | 190 ++++++++-
policy/modules/services/xserver.te | 12
policy/modules/system/authlogin.if | 76 +++
policy/modules/system/authlogin.te | 6
policy/modules/system/clock.te | 13
policy/modules/system/fstools.fc | 1
policy/modules/system/fstools.te | 11
policy/modules/system/getty.te | 14
policy/modules/system/hostname.te | 19
policy/modules/system/init.if | 64 +++
policy/modules/system/init.te | 51 ++
policy/modules/system/ipsec.fc | 5
policy/modules/system/ipsec.if | 99 ++++
policy/modules/system/ipsec.te | 122 +++++
policy/modules/system/iptables.te | 22 -
policy/modules/system/libraries.fc | 39 +
policy/modules/system/libraries.te | 11
policy/modules/system/locallogin.if | 37 +
policy/modules/system/locallogin.te | 6
policy/modules/system/logging.fc | 5
policy/modules/system/logging.te | 27 +
policy/modules/system/lvm.fc | 2
policy/modules/system/lvm.if | 44 ++
policy/modules/system/lvm.te | 78 +++
policy/modules/system/miscfiles.fc | 3
policy/modules/system/miscfiles.if | 79 +++
policy/modules/system/modutils.te | 25 -
policy/modules/system/mount.te | 27 -
policy/modules/system/netlabel.te | 6
policy/modules/system/pcmcia.te | 5
policy/modules/system/raid.te | 15
policy/modules/system/selinuxutil.fc | 2
policy/modules/system/selinuxutil.if | 119 +++++
policy/modules/system/selinuxutil.te | 124 ++---
policy/modules/system/sysnetwork.te | 10
policy/modules/system/tzdata.fc | 3
policy/modules/system/tzdata.if | 23 +
policy/modules/system/tzdata.te | 51 ++
policy/modules/system/unconfined.fc | 4
policy/modules/system/unconfined.if | 19
policy/modules/system/unconfined.te | 23 +
policy/modules/system/userdomain.if | 569 ++++++++++++++++++++++++---
policy/modules/system/userdomain.te | 76 +--
policy/modules/system/xen.fc | 1
policy/modules/system/xen.te | 46 +-
233 files changed, 5454 insertions(+), 620 deletions(-)
Index: policy-20061106.patch
===================================================================
RCS file: /cvs/dist/rpms/selinux-policy/FC-6/policy-20061106.patch,v
retrieving revision 1.32
retrieving revision 1.33
diff -u -r1.32 -r1.33
--- policy-20061106.patch 10 Apr 2007 12:49:35 -0000 1.32
+++ policy-20061106.patch 10 Apr 2007 19:12:48 -0000 1.33
@@ -699,7 +699,7 @@
+')
diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/admin/logwatch.te serefpolicy-2.4.6/policy/modules/admin/logwatch.te
--- nsaserefpolicy/policy/modules/admin/logwatch.te 2006-11-29 12:04:49.000000000 -0500
-+++ serefpolicy-2.4.6/policy/modules/admin/logwatch.te 2007-03-20 23:21:55.000000000 -0400
++++ serefpolicy-2.4.6/policy/modules/admin/logwatch.te 2007-04-10 14:37:57.000000000 -0400
@@ -30,6 +30,7 @@
allow logwatch_t self:process signal;
allow logwatch_t self:fifo_file rw_file_perms;
@@ -729,7 +729,18 @@
miscfiles_read_localization(logwatch_t)
-@@ -126,3 +130,7 @@
+@@ -95,6 +99,10 @@
+ ')
+
+ optional_policy(`
++ avahi_dontaudit_search_pid(logwatch_t)
++')
++
++optional_policy(`
+ bind_read_config(logwatch_t)
+ bind_read_zone(logwatch_t)
+ ')
+@@ -126,3 +134,7 @@
optional_policy(`
samba_read_log(logwatch_t)
')
@@ -2936,7 +2947,7 @@
+')
diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/kernel/corenetwork.te.in serefpolicy-2.4.6/policy/modules/kernel/corenetwork.te.in
--- nsaserefpolicy/policy/modules/kernel/corenetwork.te.in 2006-11-29 12:04:51.000000000 -0500
-+++ serefpolicy-2.4.6/policy/modules/kernel/corenetwork.te.in 2007-04-02 13:29:59.000000000 -0400
++++ serefpolicy-2.4.6/policy/modules/kernel/corenetwork.te.in 2007-04-10 14:52:19.000000000 -0400
@@ -48,6 +48,11 @@
type reserved_port_t, port_type, reserved_port_type;
@@ -2949,7 +2960,15 @@
# server_packet_t is the default type of IPv4 and IPv6 server packets.
#
type server_packet_t, packet_type, server_packet_type;
-@@ -85,7 +90,7 @@
+@@ -60,6 +65,7 @@
+ network_port(amanda, udp,10080,s0, tcp,10080,s0, udp,10081,s0, tcp,10081,s0, tcp,10082,s0, tcp,10083,s0)
+ network_port(amavisd_recv, tcp,10024,s0)
+ network_port(amavisd_send, tcp,10025,s0)
++network_port(apcupsd, tcp,3551,s0, udp,3551,s0)
+ network_port(asterisk, tcp,1720,s0, udp,2427,s0, udp,2727,s0, udp,4569,s0, udp,5060,s0)
+ network_port(auth, tcp,113,s0)
+ network_port(bgp, tcp,179,s0, udp,179,s0, tcp,2605,s0, udp,2605,s0)
+@@ -85,7 +91,7 @@
network_port(http_cache, tcp,3128,s0, udp,3130,s0, tcp,8080,s0, tcp,8118,s0) # 8118 is for privoxy
network_port(http, tcp,80,s0, tcp,443,s0, tcp,488,s0, tcp,8008,s0, tcp,8009,s0, tcp,8443,s0) #8443 is mod_nss default port
network_port(howl, tcp,5335,s0, udp,5353,s0)
@@ -2958,7 +2977,7 @@
network_port(i18n_input, tcp,9010,s0)
network_port(imaze, tcp,5323,s0, udp,5323,s0)
network_port(inetd_child, tcp,7,s0, udp,7,s0, tcp,9,s0, udp,9,s0, tcp,13,s0, udp,13,s0, tcp,19,s0, udp,19,s0, tcp,37,s0, udp,37,s0, tcp,512,s0, tcp,543,s0, tcp,544,s0, tcp,891,s0, udp,891,s0, tcp,892,s0, udp,892,s0, tcp,2105,s0, tcp,5666,s0)
-@@ -110,7 +115,8 @@
+@@ -110,7 +116,8 @@
network_port(netsupport, tcp,5405,s0, udp,5405,s0)
network_port(nmbd, udp,137,s0, udp,138,s0, udp,139,s0)
network_port(ntp, udp,123,s0)
@@ -2968,7 +2987,7 @@
network_port(pegasus_http, tcp,5988,s0)
network_port(pegasus_https, tcp,5989,s0)
network_port(pop, tcp,106,s0, tcp,109,s0, tcp,110,s0, tcp,143,s0, tcp,220,s0, tcp,993,s0, tcp,995,s0, tcp,1109,s0)
-@@ -156,6 +162,9 @@
+@@ -156,6 +163,9 @@
# Defaults for reserved ports. Earlier portcon entries take precedence;
# these entries just cover any remaining reserved ports not otherwise declared.
@@ -4330,8 +4349,8 @@
fs_unmount_all_fs(automount_t)
diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/avahi.if serefpolicy-2.4.6/policy/modules/services/avahi.if
--- nsaserefpolicy/policy/modules/services/avahi.if 2006-11-29 12:04:49.000000000 -0500
-+++ serefpolicy-2.4.6/policy/modules/services/avahi.if 2007-03-09 13:35:58.000000000 -0500
-@@ -20,3 +20,24 @@
++++ serefpolicy-2.4.6/policy/modules/services/avahi.if 2007-04-10 14:49:32.000000000 -0400
+@@ -20,3 +20,43 @@
allow $1 avahi_t:dbus send_msg;
allow avahi_t $1:dbus send_msg;
')
@@ -4356,6 +4375,25 @@
+ allow $1 avahi_var_run_t:sock_file rw_file_perms;
+ allow $1 avahi_t:unix_stream_socket connectto;
+')
++
++########################################
++## <summary>
++## Do not audit attempts to search the AVAHI pid directory.
++## </summary>
++## <param name="domain">
++## <summary>
++## Domain allowed access.
++## </summary>
++## </param>
++#
++interface(`avahi_dontaudit_search_pid',`
++ gen_require(`
++ type avahi_var_run_t;
++ ')
++
++ dontaudit $1 avahi_var_run_t:dir search_dir_perms;
++')
++
diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/bind.fc serefpolicy-2.4.6/policy/modules/services/bind.fc
--- nsaserefpolicy/policy/modules/services/bind.fc 2006-11-29 12:04:49.000000000 -0500
+++ serefpolicy-2.4.6/policy/modules/services/bind.fc 2007-03-09 13:35:58.000000000 -0500
@@ -7235,7 +7273,7 @@
+')
diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/snmp.te serefpolicy-2.4.6/policy/modules/services/snmp.te
--- nsaserefpolicy/policy/modules/services/snmp.te 2006-11-29 12:04:49.000000000 -0500
-+++ serefpolicy-2.4.6/policy/modules/services/snmp.te 2007-03-26 13:52:41.000000000 -0400
++++ serefpolicy-2.4.6/policy/modules/services/snmp.te 2007-04-10 11:01:01.000000000 -0400
@@ -77,6 +77,7 @@
dev_read_sysfs(snmpd_t)
dev_read_urand(snmpd_t)
@@ -7268,7 +7306,7 @@
nis_use_ypbind(snmpd_t)
')
-@@ -150,6 +157,10 @@
+@@ -150,9 +157,17 @@
')
optional_policy(`
@@ -7279,6 +7317,13 @@
seutil_sigchld_newrole(snmpd_t)
')
+ optional_policy(`
++ squid_read_config(snmpd_t)
++')
++
++optional_policy(`
+ udev_read_db(snmpd_t)
+ ')
diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/spamassassin.fc serefpolicy-2.4.6/policy/modules/services/spamassassin.fc
--- nsaserefpolicy/policy/modules/services/spamassassin.fc 2006-11-29 12:04:49.000000000 -0500
+++ serefpolicy-2.4.6/policy/modules/services/spamassassin.fc 2007-03-09 13:35:59.000000000 -0500
@@ -9287,7 +9332,7 @@
corecmd_read_sbin_symlinks(local_login_t)
diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/logging.fc serefpolicy-2.4.6/policy/modules/system/logging.fc
--- nsaserefpolicy/policy/modules/system/logging.fc 2006-11-29 12:04:51.000000000 -0500
-+++ serefpolicy-2.4.6/policy/modules/system/logging.fc 2007-04-09 17:10:37.000000000 -0400
++++ serefpolicy-2.4.6/policy/modules/system/logging.fc 2007-04-10 13:48:11.000000000 -0400
@@ -26,6 +26,11 @@
/var/log -d gen_context(system_u:object_r:var_log_t,s0-mls_systemhigh)
@@ -9295,14 +9340,14 @@
+/var/log/messages[^/]* gen_context(system_u:object_r:var_log_t,mls_systemhigh)
+/var/log/secure[^/]* gen_context(system_u:object_r:var_log_t,mls_systemhigh)
+/var/log/cron[^/]* gen_context(system_u:object_r:var_log_t,mls_systemhigh)
-+/var/log/messages[^/]* gen_context(system_u:object_r:var_log_t,mls_systemhigh)
+/var/log/maillog[^/]* gen_context(system_u:object_r:var_log_t,mls_systemhigh)
++/var/log/spooler[^/]* gen_context(system_u:object_r:var_log_t,mls_systemhigh)
/var/log/audit(/.*)? gen_context(system_u:object_r:auditd_log_t,mls_systemhigh)
ifndef(`distro_gentoo',`
diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/logging.te serefpolicy-2.4.6/policy/modules/system/logging.te
--- nsaserefpolicy/policy/modules/system/logging.te 2006-11-29 12:04:51.000000000 -0500
-+++ serefpolicy-2.4.6/policy/modules/system/logging.te 2007-04-09 17:14:48.000000000 -0400
++++ serefpolicy-2.4.6/policy/modules/system/logging.te 2007-04-10 13:44:51.000000000 -0400
@@ -53,9 +53,11 @@
type var_log_t;
@@ -9333,16 +9378,18 @@
# Create and bind to /dev/log or /var/run/log.
allow syslogd_t devlog_t:sock_file create_file_perms;
files_pid_filetrans(syslogd_t,devlog_t,sock_file)
-@@ -311,6 +313,8 @@
+@@ -311,6 +313,10 @@
fs_search_auto_mountpoints(syslogd_t)
++mls_file_write_down(syslogd_t) # Need to be able to write to /var/run/ directory
+mls_rangetrans_target(syslogd_t)
++mls_fd_use_all_levels(syslogd_t)
+
term_write_console(syslogd_t)
# Allow syslog to a terminal
term_write_unallocated_ttys(syslogd_t)
-@@ -326,6 +330,18 @@
+@@ -326,6 +332,18 @@
corenet_udp_sendrecv_all_ports(syslogd_t)
corenet_udp_bind_all_nodes(syslogd_t)
corenet_udp_bind_syslogd_port(syslogd_t)
@@ -9361,7 +9408,7 @@
# syslog-ng can send or receive logs
corenet_sendrecv_syslogd_client_packets(syslogd_t)
corenet_sendrecv_syslogd_server_packets(syslogd_t)
-@@ -398,3 +414,8 @@
+@@ -398,3 +416,8 @@
# log to the xconsole
xserver_rw_console(syslogd_t)
')
Index: selinux-policy.spec
===================================================================
RCS file: /cvs/dist/rpms/selinux-policy/FC-6/selinux-policy.spec,v
retrieving revision 1.355
retrieving revision 1.356
diff -u -r1.355 -r1.356
--- selinux-policy.spec 10 Apr 2007 12:49:35 -0000 1.355
+++ selinux-policy.spec 10 Apr 2007 19:12:49 -0000 1.356
@@ -17,13 +17,14 @@
Summary: SELinux policy configuration
Name: selinux-policy
Version: 2.4.6
-Release: 52%{?dist}
+Release: 54%{?dist}
License: GPL
Group: System Environment/Base
Source: serefpolicy-%{version}.tgz
patch: policy-20061106.patch
patch1: policy-dccp.patch
patch2: policy-fusermount.patch
+patch3: policy-apcupsd.patch
Source1: modules-targeted.conf
Source2: booleans-targeted.conf
Source3: Makefile.devel
@@ -170,8 +171,9 @@
%prep
%setup -q -n serefpolicy-%{version}
%patch -p1
-%patch1 -p1
+%patch1 -p1 -b .dccp
%patch2 -p1 -b .fusermount
+%patch3 -p1 -b .apcupsd
%install
# Build targeted policy
@@ -358,6 +360,12 @@
%endif
%changelog
+* Mon Apr 10 2007 Dan Walsh <dwalsh at redhat.com> 2.4.6-54
+- syslog needs to be run as SystemHigh
+- Fix file context mapping
+Resolves: #235725
+- Add apcupsd policy
+
* Thu Apr 5 2007 Dan Walsh <dwalsh at redhat.com> 2.4.6-52
- Don't relabel if selinux is not enabled
- Allow netutils to read sysfs
More information about the fedora-cvs-commits
mailing list