rpms/selinux-policy/devel .cvsignore, 1.130, 1.131 policy-20071130.patch, 1.8, 1.9 sources, 1.142, 1.143
Daniel J Walsh (dwalsh)
fedora-extras-commits at redhat.com
Thu Dec 13 21:40:37 UTC 2007
Author: dwalsh
Update of /cvs/extras/rpms/selinux-policy/devel
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv20319
Modified Files:
.cvsignore policy-20071130.patch sources
Log Message:
* Wed Dec 12 2007 Dan Walsh <dwalsh at redhat.com> 3.2.4-1
- Update to upstream
Index: .cvsignore
===================================================================
RCS file: /cvs/extras/rpms/selinux-policy/devel/.cvsignore,v
retrieving revision 1.130
retrieving revision 1.131
diff -u -r1.130 -r1.131
--- .cvsignore 11 Dec 2007 06:08:33 -0000 1.130
+++ .cvsignore 13 Dec 2007 21:40:00 -0000 1.131
@@ -132,3 +132,4 @@
serefpolicy-3.2.1.tgz
serefpolicy-3.2.2.tgz
serefpolicy-3.2.3.tgz
+serefpolicy-3.2.4.tgz
policy-20071130.patch:
Index: policy-20071130.patch
===================================================================
RCS file: /cvs/extras/rpms/selinux-policy/devel/policy-20071130.patch,v
retrieving revision 1.8
retrieving revision 1.9
diff -u -r1.8 -r1.9
--- policy-20071130.patch 13 Dec 2007 18:44:17 -0000 1.8
+++ policy-20071130.patch 13 Dec 2007 21:40:00 -0000 1.9
@@ -5055,7 +5055,7 @@
+/var/lib/misc(/.*)? gen_context(system_u:object_r:system_crond_var_lib_t,s0)
diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/cron.if serefpolicy-3.2.4/policy/modules/services/cron.if
--- nsaserefpolicy/policy/modules/services/cron.if 2007-10-12 08:56:07.000000000 -0400
-+++ serefpolicy-3.2.4/policy/modules/services/cron.if 2007-12-13 13:34:36.000000000 -0500
++++ serefpolicy-3.2.4/policy/modules/services/cron.if 2007-12-13 14:22:04.000000000 -0500
@@ -35,38 +35,23 @@
#
template(`cron_per_role_template',`
@@ -5923,9 +5923,37 @@
+
+')
+
+diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/dcc.if serefpolicy-3.2.4/policy/modules/services/dcc.if
+--- nsaserefpolicy/policy/modules/services/dcc.if 2007-03-26 10:39:05.000000000 -0400
++++ serefpolicy-3.2.4/policy/modules/services/dcc.if 2007-12-13 15:58:07.000000000 -0500
+@@ -72,6 +72,24 @@
+
+ ########################################
+ ## <summary>
++## Send a signal to the dcc_client.
++## </summary>
++## <param name="domain">
++## <summary>
++## Domain allowed access.
++## </summary>
++## </param>
++#
++interface(`dcc_signal_client',`
++ gen_require(`
++ type dcc_client_t;
++ ')
++
++ allow $1 dcc_client_t:process signal;
++')
++
++########################################
++## <summary>
+ ## Execute dcc_client in the dcc_client domain, and
+ ## allow the specified role the dcc_client domain.
+ ## </summary>
diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/dcc.te serefpolicy-3.2.4/policy/modules/services/dcc.te
--- nsaserefpolicy/policy/modules/services/dcc.te 2007-10-12 08:56:07.000000000 -0400
-+++ serefpolicy-3.2.4/policy/modules/services/dcc.te 2007-12-13 13:34:36.000000000 -0500
++++ serefpolicy-3.2.4/policy/modules/services/dcc.te 2007-12-13 15:52:57.000000000 -0500
@@ -124,7 +124,7 @@
# dcc procmail interface local policy
#
@@ -5935,6 +5963,15 @@
allow dcc_client_t self:unix_dgram_socket create_socket_perms;
allow dcc_client_t self:udp_socket create_socket_perms;
+@@ -148,6 +148,8 @@
+ files_read_etc_files(dcc_client_t)
+ files_read_etc_runtime_files(dcc_client_t)
+
++kernel_read_system_state(dcc_client_t)
++
+ libs_use_ld_so(dcc_client_t)
+ libs_use_shared_libs(dcc_client_t)
+
diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/dictd.fc serefpolicy-3.2.4/policy/modules/services/dictd.fc
--- nsaserefpolicy/policy/modules/services/dictd.fc 2006-11-16 17:15:20.000000000 -0500
+++ serefpolicy-3.2.4/policy/modules/services/dictd.fc 2007-12-13 13:34:36.000000000 -0500
@@ -6054,7 +6091,7 @@
+
diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/dovecot.te serefpolicy-3.2.4/policy/modules/services/dovecot.te
--- nsaserefpolicy/policy/modules/services/dovecot.te 2007-12-04 11:02:50.000000000 -0500
-+++ serefpolicy-3.2.4/policy/modules/services/dovecot.te 2007-12-13 13:34:36.000000000 -0500
++++ serefpolicy-3.2.4/policy/modules/services/dovecot.te 2007-12-13 15:31:36.000000000 -0500
@@ -15,6 +15,12 @@
domain_entry_file(dovecot_auth_t,dovecot_auth_exec_t)
role system_r types dovecot_auth_t;
@@ -9815,7 +9852,7 @@
+')
diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/spamassassin.te serefpolicy-3.2.4/policy/modules/services/spamassassin.te
--- nsaserefpolicy/policy/modules/services/spamassassin.te 2007-10-12 08:56:07.000000000 -0400
-+++ serefpolicy-3.2.4/policy/modules/services/spamassassin.te 2007-12-13 13:34:37.000000000 -0500
++++ serefpolicy-3.2.4/policy/modules/services/spamassassin.te 2007-12-13 15:58:16.000000000 -0500
@@ -44,6 +44,15 @@
type spamassassin_exec_t;
application_executable_file(spamassassin_exec_t)
@@ -9858,6 +9895,14 @@
fs_manage_cifs_files(spamd_t)
')
+@@ -171,6 +183,7 @@
+
+ optional_policy(`
+ dcc_domtrans_client(spamd_t)
++ dcc_signal_client(spamd_t)
+ dcc_stream_connect_dccifd(spamd_t)
+ ')
+
diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/squid.fc serefpolicy-3.2.4/policy/modules/services/squid.fc
--- nsaserefpolicy/policy/modules/services/squid.fc 2006-11-16 17:15:21.000000000 -0500
+++ serefpolicy-3.2.4/policy/modules/services/squid.fc 2007-12-13 13:34:37.000000000 -0500
@@ -11789,7 +11834,7 @@
+')
diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/init.te serefpolicy-3.2.4/policy/modules/system/init.te
--- nsaserefpolicy/policy/modules/system/init.te 2007-12-04 11:02:50.000000000 -0500
-+++ serefpolicy-3.2.4/policy/modules/system/init.te 2007-12-13 13:34:37.000000000 -0500
++++ serefpolicy-3.2.4/policy/modules/system/init.te 2007-12-13 14:23:31.000000000 -0500
@@ -10,6 +10,20 @@
# Declarations
#
@@ -11943,7 +11988,19 @@
')
optional_policy(`
-@@ -743,6 +779,10 @@
+@@ -729,6 +765,11 @@
+ uml_setattr_util_sockets(initrc_t)
+ ')
+
++# Cron jobs used to start and stop services
++optional_policy(`
++ cron_read_pipes(daemon)
++')
++
+ optional_policy(`
+ unconfined_domain(initrc_t)
+
+@@ -743,6 +784,10 @@
')
optional_policy(`
Index: sources
===================================================================
RCS file: /cvs/extras/rpms/selinux-policy/devel/sources,v
retrieving revision 1.142
retrieving revision 1.143
diff -u -r1.142 -r1.143
--- sources 11 Dec 2007 06:08:33 -0000 1.142
+++ sources 13 Dec 2007 21:40:00 -0000 1.143
@@ -1 +1 @@
-37b636c3ce51c9c50ebe45aa01b6bb9b serefpolicy-3.2.3.tgz
+cef1db667a75f7bcc53d3541c01a4a2d serefpolicy-3.2.4.tgz
More information about the fedora-extras-commits
mailing list