rpms/selinux-policy/devel policy-20070703.patch,1.57,1.58

Daniel J Walsh (dwalsh) fedora-extras-commits at redhat.com
Tue Sep 18 14:45:36 UTC 2007 

Author: dwalsh

Update of /cvs/extras/rpms/selinux-policy/devel
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv13174

Modified Files:
	policy-20070703.patch 
Log Message:
* Mon Sep 17 2007 Dan Walsh <dwalsh at redhat.com> 3.0.8-1
- Allow cron to search nfs and samba homedirs


policy-20070703.patch:

Index: policy-20070703.patch
===================================================================
RCS file: /cvs/extras/rpms/selinux-policy/devel/policy-20070703.patch,v
retrieving revision 1.57
retrieving revision 1.58
diff -u -r1.57 -r1.58
--- policy-20070703.patch	18 Sep 2007 14:42:55 -0000	1.57
+++ policy-20070703.patch	18 Sep 2007 14:45:04 -0000	1.58
@@ -4769,7 +4769,7 @@
 +/usr/local/Brother/inf(/.*)?	gen_context(system_u:object_r:cupsd_rw_etc_t,s0)
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/cups.te serefpolicy-3.0.8/policy/modules/services/cups.te
 --- nsaserefpolicy/policy/modules/services/cups.te	2007-09-12 10:34:50.000000000 -0400
-+++ serefpolicy-3.0.8/policy/modules/services/cups.te	2007-09-17 16:20:18.000000000 -0400
++++ serefpolicy-3.0.8/policy/modules/services/cups.te	2007-09-18 10:43:40.000000000 -0400
 @@ -81,12 +81,11 @@
  # /usr/lib/cups/backend/serial needs sys_admin(?!)
  allow cupsd_t self:capability { sys_admin dac_override dac_read_search kill setgid setuid fsetid net_bind_service fowner chown dac_override sys_resource sys_tty_config };
@@ -4847,7 +4847,15 @@
  files_list_world_readable(cupsd_t)
  files_read_world_readable_files(cupsd_t)
  files_read_world_readable_symlinks(cupsd_t)
-@@ -221,17 +228,37 @@
+@@ -202,6 +209,7 @@
+ files_dontaudit_getattr_all_tmp_files(cupsd_t)
+ 
+ selinux_compute_access_vector(cupsd_t)
++selinux_validate_context(cupsd_t)
+ 
+ init_exec_script_files(cupsd_t)
+ 
+@@ -221,17 +229,37 @@
  
  sysnet_read_config(cupsd_t)
  
@@ -4885,7 +4893,7 @@
  	apm_domtrans_client(cupsd_t)
  ')
  
-@@ -263,16 +290,16 @@
+@@ -263,16 +291,16 @@
  ')
  
  optional_policy(`
@@ -4906,7 +4914,7 @@
  	seutil_sigchld_newrole(cupsd_t)
  ')
  
-@@ -377,6 +404,14 @@
+@@ -377,6 +405,14 @@
  ')
  
  optional_policy(`
@@ -4921,7 +4929,7 @@
  	cron_system_entry(cupsd_config_t, cupsd_config_exec_t)
  ')
  
-@@ -560,7 +595,7 @@
+@@ -560,7 +596,7 @@
  dev_read_urand(hplip_t)
  dev_read_rand(hplip_t)
  dev_rw_generic_usb_dev(hplip_t)
@@ -4930,7 +4938,7 @@
  
  fs_getattr_all_fs(hplip_t)
  fs_search_auto_mountpoints(hplip_t)
-@@ -587,8 +622,6 @@
+@@ -587,8 +623,6 @@
  userdom_dontaudit_search_sysadm_home_dirs(hplip_t)
  userdom_dontaudit_search_all_users_home_content(hplip_t)

More information about the fedora-extras-commits mailing list