rpms/selinux-policy/FC-6 policy-fusermount.patch,1.6,1.7

fedora-cvs-commits at redhat.com fedora-cvs-commits at redhat.com
Tue Oct 9 21:09:30 UTC 2007 

Author: dwalsh

Update of /cvs/dist/rpms/selinux-policy/FC-6
In directory cvs.devel.redhat.com:/tmp/cvs-serv30138

Modified Files:
	policy-fusermount.patch 
Log Message:
* Tue Oct 9 2007 Dan Walsh <dwalsh at redhat.com> 2.4.6-107
- Remove badly labeled pegasus directory


policy-fusermount.patch:
 kernel/files.fc      |    1 +
 kernel/filesystem.te |    6 ++++++
 system/fusermount.fc |    6 ++++++
 system/fusermount.if |   41 +++++++++++++++++++++++++++++++++++++++++
 system/fusermount.te |   46 ++++++++++++++++++++++++++++++++++++++++++++++
 system/mount.fc      |    2 --
 system/mount.if      |    1 +
 system/mount.te      |   46 ++++++++++++++++++++++++++++++++++------------
 8 files changed, 135 insertions(+), 14 deletions(-)

Index: policy-fusermount.patch
===================================================================
RCS file: /cvs/dist/rpms/selinux-policy/FC-6/policy-fusermount.patch,v
retrieving revision 1.6
retrieving revision 1.7
diff -u -r1.6 -r1.7
--- policy-fusermount.patch	5 Sep 2007 03:30:28 -0000	1.6
+++ policy-fusermount.patch	9 Oct 2007 21:09:28 -0000	1.7
@@ -1,6 +1,6 @@
 diff -up /dev/null serefpolicy-2.4.6/policy/modules/system/fusermount.fc
---- /dev/null	2007-09-02 13:37:21.567001794 -0400
-+++ serefpolicy-2.4.6/policy/modules/system/fusermount.fc	2007-08-10 09:53:24.000000000 -0400
+--- /dev/null	2007-10-09 14:08:21.545011848 -0400
++++ serefpolicy-2.4.6/policy/modules/system/fusermount.fc	2007-10-09 17:08:25.000000000 -0400
 @@ -0,0 +1,6 @@
 +# fusermount executable will have:
 +# label: system_u:object_r:fusermount_exec_t
@@ -9,8 +9,8 @@
 +
 +/usr/bin/fusermount		--	gen_context(system_u:object_r:fusermount_exec_t,s0)
 diff -up serefpolicy-2.4.6/policy/modules/system/mount.te.fusermount serefpolicy-2.4.6/policy/modules/system/mount.te
---- serefpolicy-2.4.6/policy/modules/system/mount.te.fusermount	2007-08-10 09:53:24.000000000 -0400
-+++ serefpolicy-2.4.6/policy/modules/system/mount.te	2007-09-04 23:29:48.000000000 -0400
+--- serefpolicy-2.4.6/policy/modules/system/mount.te.fusermount	2007-10-09 17:08:25.000000000 -0400
++++ serefpolicy-2.4.6/policy/modules/system/mount.te	2007-10-09 17:08:25.000000000 -0400
 @@ -12,6 +12,9 @@ init_system_domain(mount_t,mount_exec_t)
  userdom_executable_file(mount_exec_t)
  role system_r types mount_t;
@@ -75,7 +75,7 @@
  	ssh_sigchld(mount_t)
  	ssh_rw_stream_sockets(mount_t)
  ')
-@@ -201,4 +197,30 @@ optional_policy(`
+@@ -201,6 +197,32 @@ optional_policy(`
  ifdef(`targeted_policy',`
  	files_etc_filetrans_etc_runtime(unconfined_mount_t,file)
  	unconfined_domain(unconfined_mount_t)
@@ -106,17 +106,19 @@
 +	hal_use_fds(mount_t)
 +	hal_rw_pipes(mount_t)
  ')
+ 
+ optional_policy(`
 diff -up serefpolicy-2.4.6/policy/modules/system/mount.if.fusermount serefpolicy-2.4.6/policy/modules/system/mount.if
 --- serefpolicy-2.4.6/policy/modules/system/mount.if.fusermount	2006-11-29 12:04:51.000000000 -0500
-+++ serefpolicy-2.4.6/policy/modules/system/mount.if	2007-09-04 09:56:01.000000000 -0400
++++ serefpolicy-2.4.6/policy/modules/system/mount.if	2007-10-09 17:08:25.000000000 -0400
 @@ -147,3 +147,4 @@ interface(`mount_domtrans_unconfined',`
  		refpolicywarn(`$0($1) has no effect in strict policy.')
  	')
  ')
 +
 diff -up /dev/null serefpolicy-2.4.6/policy/modules/system/fusermount.te
---- /dev/null	2007-09-02 13:37:21.567001794 -0400
-+++ serefpolicy-2.4.6/policy/modules/system/fusermount.te	2007-09-04 09:46:40.000000000 -0400
+--- /dev/null	2007-10-09 14:08:21.545011848 -0400
++++ serefpolicy-2.4.6/policy/modules/system/fusermount.te	2007-10-09 17:08:25.000000000 -0400
 @@ -0,0 +1,46 @@
 +policy_module(fusermount,1.0.0)
 +
@@ -165,8 +167,8 @@
 +	hal_rw_pipes(fusermount_t)
 +')
 diff -up /dev/null serefpolicy-2.4.6/policy/modules/system/fusermount.if
---- /dev/null	2007-09-02 13:37:21.567001794 -0400
-+++ serefpolicy-2.4.6/policy/modules/system/fusermount.if	2007-08-10 09:53:24.000000000 -0400
+--- /dev/null	2007-10-09 14:08:21.545011848 -0400
++++ serefpolicy-2.4.6/policy/modules/system/fusermount.if	2007-10-09 17:08:25.000000000 -0400
 @@ -0,0 +1,41 @@
 +## <summary>policy for fusermount</summary>
 +
@@ -211,18 +213,18 @@
 +')
 diff -up serefpolicy-2.4.6/policy/modules/system/mount.fc.fusermount serefpolicy-2.4.6/policy/modules/system/mount.fc
 --- serefpolicy-2.4.6/policy/modules/system/mount.fc.fusermount	2006-11-29 12:04:51.000000000 -0500
-+++ serefpolicy-2.4.6/policy/modules/system/mount.fc	2007-09-04 09:48:11.000000000 -0400
++++ serefpolicy-2.4.6/policy/modules/system/mount.fc	2007-10-09 17:08:25.000000000 -0400
 @@ -1,4 +1,2 @@
  /bin/mount.*			--	gen_context(system_u:object_r:mount_exec_t,s0)
  /bin/umount.*			--	gen_context(system_u:object_r:mount_exec_t,s0)
 -
 -/usr/bin/fusermount		--	gen_context(system_u:object_r:mount_exec_t,s0)
 diff -up serefpolicy-2.4.6/policy/modules/kernel/filesystem.te.fusermount serefpolicy-2.4.6/policy/modules/kernel/filesystem.te
---- serefpolicy-2.4.6/policy/modules/kernel/filesystem.te.fusermount	2007-08-10 09:53:24.000000000 -0400
-+++ serefpolicy-2.4.6/policy/modules/kernel/filesystem.te	2007-08-10 09:53:24.000000000 -0400
-@@ -61,6 +61,11 @@ type configfs_t;
- fs_type(configfs_t)
- genfscon configfs / gen_context(system_u:object_r:configfs_t,s0)
+--- serefpolicy-2.4.6/policy/modules/kernel/filesystem.te.fusermount	2007-10-09 17:08:25.000000000 -0400
++++ serefpolicy-2.4.6/policy/modules/kernel/filesystem.te	2007-10-09 17:08:39.000000000 -0400
+@@ -71,6 +71,11 @@ fs_type(cpusetfs_t)
+ allow cpusetfs_t self:filesystem associate;
+ genfscon cpuset / gen_context(system_u:object_r:cpusetfs_t,s0)
  
 +type cpusetfs_t;
 +fs_type(cpusetfs_t)
@@ -232,7 +234,7 @@
  type eventpollfs_t;
  fs_type(eventpollfs_t)
  # change to task SID 20060628
-@@ -71,6 +76,7 @@ fs_type(fusefs_t)
+@@ -81,6 +86,7 @@ fs_type(fusefs_t)
  allow fusefs_t self:filesystem associate;
  fs_noxattr_type(fusefs_t)
  genfscon fuse / gen_context(system_u:object_r:fusefs_t,s0)
@@ -241,9 +243,9 @@
  type futexfs_t;
  fs_type(futexfs_t)
 diff -up serefpolicy-2.4.6/policy/modules/kernel/files.fc.fusermount serefpolicy-2.4.6/policy/modules/kernel/files.fc
---- serefpolicy-2.4.6/policy/modules/kernel/files.fc.fusermount	2007-08-10 09:53:24.000000000 -0400
-+++ serefpolicy-2.4.6/policy/modules/kernel/files.fc	2007-08-10 09:53:24.000000000 -0400
-@@ -54,6 +54,7 @@ ifdef(`distro_suse',`
+--- serefpolicy-2.4.6/policy/modules/kernel/files.fc.fusermount	2007-10-09 17:08:25.000000000 -0400
++++ serefpolicy-2.4.6/policy/modules/kernel/files.fc	2007-10-09 17:08:39.000000000 -0400
+@@ -53,6 +53,7 @@ ifdef(`distro_suse',`
  /etc/issue\.net		--	gen_context(system_u:object_r:etc_runtime_t,s0)
  /etc/localtime		-l	gen_context(system_u:object_r:etc_t,s0)
  /etc/mtab		--	gen_context(system_u:object_r:etc_runtime_t,s0)

More information about the fedora-cvs-commits mailing list