rpms/selinux-policy/devel .cvsignore, 1.130, 1.131 policy-20071130.patch, 1.8, 1.9 sources, 1.142, 1.143

Daniel J Walsh (dwalsh) fedora-extras-commits at redhat.com
Thu Dec 13 21:40:37 UTC 2007 

Author: dwalsh

Update of /cvs/extras/rpms/selinux-policy/devel
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv20319

Modified Files:
	.cvsignore policy-20071130.patch sources 
Log Message:
* Wed Dec 12 2007 Dan Walsh <dwalsh at redhat.com> 3.2.4-1
- Update to upstream



Index: .cvsignore
===================================================================
RCS file: /cvs/extras/rpms/selinux-policy/devel/.cvsignore,v
retrieving revision 1.130
retrieving revision 1.131
diff -u -r1.130 -r1.131
--- .cvsignore	11 Dec 2007 06:08:33 -0000	1.130
+++ .cvsignore	13 Dec 2007 21:40:00 -0000	1.131
@@ -132,3 +132,4 @@
 serefpolicy-3.2.1.tgz
 serefpolicy-3.2.2.tgz
 serefpolicy-3.2.3.tgz
+serefpolicy-3.2.4.tgz

policy-20071130.patch:

Index: policy-20071130.patch
===================================================================
RCS file: /cvs/extras/rpms/selinux-policy/devel/policy-20071130.patch,v
retrieving revision 1.8
retrieving revision 1.9
diff -u -r1.8 -r1.9
--- policy-20071130.patch	13 Dec 2007 18:44:17 -0000	1.8
+++ policy-20071130.patch	13 Dec 2007 21:40:00 -0000	1.9
@@ -5055,7 +5055,7 @@
 +/var/lib/misc(/.*)?			gen_context(system_u:object_r:system_crond_var_lib_t,s0)
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/cron.if serefpolicy-3.2.4/policy/modules/services/cron.if
 --- nsaserefpolicy/policy/modules/services/cron.if	2007-10-12 08:56:07.000000000 -0400
-+++ serefpolicy-3.2.4/policy/modules/services/cron.if	2007-12-13 13:34:36.000000000 -0500
++++ serefpolicy-3.2.4/policy/modules/services/cron.if	2007-12-13 14:22:04.000000000 -0500
 @@ -35,38 +35,23 @@
  #
  template(`cron_per_role_template',`
@@ -5923,9 +5923,37 @@
 +
 +')
 +
+diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/dcc.if serefpolicy-3.2.4/policy/modules/services/dcc.if
+--- nsaserefpolicy/policy/modules/services/dcc.if	2007-03-26 10:39:05.000000000 -0400
++++ serefpolicy-3.2.4/policy/modules/services/dcc.if	2007-12-13 15:58:07.000000000 -0500
+@@ -72,6 +72,24 @@
+ 
+ ########################################
+ ## <summary>
++##	Send a signal to the dcc_client.
++## </summary>
++## <param name="domain">
++##	<summary>
++##	Domain allowed access.
++##	</summary>
++## </param>
++#
++interface(`dcc_signal_client',`
++	gen_require(`
++		type dcc_client_t;
++	')
++
++	allow $1 dcc_client_t:process signal;
++')
++
++########################################
++## <summary>
+ ##	Execute dcc_client in the dcc_client domain, and
+ ##	allow the specified role the dcc_client domain.
+ ## </summary>
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/dcc.te serefpolicy-3.2.4/policy/modules/services/dcc.te
 --- nsaserefpolicy/policy/modules/services/dcc.te	2007-10-12 08:56:07.000000000 -0400
-+++ serefpolicy-3.2.4/policy/modules/services/dcc.te	2007-12-13 13:34:36.000000000 -0500
++++ serefpolicy-3.2.4/policy/modules/services/dcc.te	2007-12-13 15:52:57.000000000 -0500
 @@ -124,7 +124,7 @@
  # dcc procmail interface local policy
  #
@@ -5935,6 +5963,15 @@
  allow dcc_client_t self:unix_dgram_socket create_socket_perms;
  allow dcc_client_t self:udp_socket create_socket_perms;
  
+@@ -148,6 +148,8 @@
+ files_read_etc_files(dcc_client_t)
+ files_read_etc_runtime_files(dcc_client_t)
+ 
++kernel_read_system_state(dcc_client_t)
++
+ libs_use_ld_so(dcc_client_t)
+ libs_use_shared_libs(dcc_client_t)
+ 
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/dictd.fc serefpolicy-3.2.4/policy/modules/services/dictd.fc
 --- nsaserefpolicy/policy/modules/services/dictd.fc	2006-11-16 17:15:20.000000000 -0500
 +++ serefpolicy-3.2.4/policy/modules/services/dictd.fc	2007-12-13 13:34:36.000000000 -0500
@@ -6054,7 +6091,7 @@
 +
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/dovecot.te serefpolicy-3.2.4/policy/modules/services/dovecot.te
 --- nsaserefpolicy/policy/modules/services/dovecot.te	2007-12-04 11:02:50.000000000 -0500
-+++ serefpolicy-3.2.4/policy/modules/services/dovecot.te	2007-12-13 13:34:36.000000000 -0500
++++ serefpolicy-3.2.4/policy/modules/services/dovecot.te	2007-12-13 15:31:36.000000000 -0500
 @@ -15,6 +15,12 @@
  domain_entry_file(dovecot_auth_t,dovecot_auth_exec_t)
  role system_r types dovecot_auth_t;
@@ -9815,7 +9852,7 @@
 +')
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/spamassassin.te serefpolicy-3.2.4/policy/modules/services/spamassassin.te
 --- nsaserefpolicy/policy/modules/services/spamassassin.te	2007-10-12 08:56:07.000000000 -0400
-+++ serefpolicy-3.2.4/policy/modules/services/spamassassin.te	2007-12-13 13:34:37.000000000 -0500
++++ serefpolicy-3.2.4/policy/modules/services/spamassassin.te	2007-12-13 15:58:16.000000000 -0500
 @@ -44,6 +44,15 @@
  type spamassassin_exec_t;
  application_executable_file(spamassassin_exec_t)
@@ -9858,6 +9895,14 @@
  	fs_manage_cifs_files(spamd_t)
  ')
  
+@@ -171,6 +183,7 @@
+ 
+ optional_policy(`
+ 	dcc_domtrans_client(spamd_t)
++	dcc_signal_client(spamd_t)
+ 	dcc_stream_connect_dccifd(spamd_t)
+ ')
+ 
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/squid.fc serefpolicy-3.2.4/policy/modules/services/squid.fc
 --- nsaserefpolicy/policy/modules/services/squid.fc	2006-11-16 17:15:21.000000000 -0500
 +++ serefpolicy-3.2.4/policy/modules/services/squid.fc	2007-12-13 13:34:37.000000000 -0500
@@ -11789,7 +11834,7 @@
 +')
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/init.te serefpolicy-3.2.4/policy/modules/system/init.te
 --- nsaserefpolicy/policy/modules/system/init.te	2007-12-04 11:02:50.000000000 -0500
-+++ serefpolicy-3.2.4/policy/modules/system/init.te	2007-12-13 13:34:37.000000000 -0500
++++ serefpolicy-3.2.4/policy/modules/system/init.te	2007-12-13 14:23:31.000000000 -0500
 @@ -10,6 +10,20 @@
  # Declarations
  #
@@ -11943,7 +11988,19 @@
  ')
  
  optional_policy(`
-@@ -743,6 +779,10 @@
+@@ -729,6 +765,11 @@
+ 	uml_setattr_util_sockets(initrc_t)
+ ')
+ 
++# Cron jobs used to start and stop services
++optional_policy(`
++	cron_read_pipes(daemon)
++')
++
+ optional_policy(`
+ 	unconfined_domain(initrc_t)
+ 
+@@ -743,6 +784,10 @@
  ')
  
  optional_policy(`


Index: sources
===================================================================
RCS file: /cvs/extras/rpms/selinux-policy/devel/sources,v
retrieving revision 1.142
retrieving revision 1.143
diff -u -r1.142 -r1.143
--- sources	11 Dec 2007 06:08:33 -0000	1.142
+++ sources	13 Dec 2007 21:40:00 -0000	1.143
@@ -1 +1 @@
-37b636c3ce51c9c50ebe45aa01b6bb9b  serefpolicy-3.2.3.tgz
+cef1db667a75f7bcc53d3541c01a4a2d  serefpolicy-3.2.4.tgz

More information about the fedora-extras-commits mailing list