rpms/selinux-policy/devel policy-20070703.patch,1.74,1.75

Daniel J Walsh (dwalsh) fedora-extras-commits at redhat.com
Tue Sep 25 14:47:55 UTC 2007 

Author: dwalsh

Update of /cvs/extras/rpms/selinux-policy/devel
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv8446

Modified Files:
	policy-20070703.patch 
Log Message:
* Tue Sep 24 2007 Dan Walsh <dwalsh at redhat.com> 3.0.8-13
- Allow login programs to set ioctl on /proc


policy-20070703.patch:

Index: policy-20070703.patch
===================================================================
RCS file: /cvs/extras/rpms/selinux-policy/devel/policy-20070703.patch,v
retrieving revision 1.74
retrieving revision 1.75
diff -u -r1.74 -r1.75
--- policy-20070703.patch	25 Sep 2007 14:20:38 -0000	1.74
+++ policy-20070703.patch	25 Sep 2007 14:47:50 -0000	1.75
@@ -6440,7 +6440,7 @@
 +/var/tmp/host_0			-- 	gen_context(system_u:object_r:krb5_host_rcache_t,s0)
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/kerberos.if serefpolicy-3.0.8/policy/modules/services/kerberos.if
 --- nsaserefpolicy/policy/modules/services/kerberos.if	2007-07-03 07:06:27.000000000 -0400
-+++ serefpolicy-3.0.8/policy/modules/services/kerberos.if	2007-09-22 07:42:39.000000000 -0400
++++ serefpolicy-3.0.8/policy/modules/services/kerberos.if	2007-09-25 10:30:36.000000000 -0400
 @@ -42,6 +42,10 @@
  	dontaudit $1 krb5_conf_t:file write;
  	dontaudit $1 krb5kdc_conf_t:dir list_dir_perms;
@@ -10456,7 +10456,7 @@
 +/var/cache/coolkey(/.*)?	gen_context(system_u:object_r:auth_cache_t,s0)
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/authlogin.if serefpolicy-3.0.8/policy/modules/system/authlogin.if
 --- nsaserefpolicy/policy/modules/system/authlogin.if	2007-08-22 07:14:13.000000000 -0400
-+++ serefpolicy-3.0.8/policy/modules/system/authlogin.if	2007-09-25 10:18:40.000000000 -0400
++++ serefpolicy-3.0.8/policy/modules/system/authlogin.if	2007-09-25 10:32:38.000000000 -0400
 @@ -26,7 +26,8 @@
  	type $1_chkpwd_t, can_read_shadow_passwords;
  	application_domain($1_chkpwd_t,chkpwd_exec_t)
@@ -10562,15 +10562,16 @@
  	corecmd_search_bin($1)
  	domtrans_pattern($1,chkpwd_exec_t,system_chkpwd_t)
  
-@@ -329,6 +356,7 @@
+@@ -329,6 +356,8 @@
  
  	optional_policy(`
  		kerberos_use($1)
 +		kerberos_read_keytab($1)
++		kerberos_524_connect($1)
  	')
  
  	optional_policy(`
-@@ -347,6 +375,37 @@
+@@ -347,6 +376,37 @@
  
  ########################################
  ## <summary>
@@ -10608,7 +10609,7 @@
  ##	Get the attributes of the shadow passwords file.
  ## </summary>
  ## <param name="domain">
-@@ -695,6 +754,24 @@
+@@ -695,6 +755,24 @@
  
  ########################################
  ## <summary>
@@ -10633,7 +10634,7 @@
  ##	Execute pam programs in the PAM domain.
  ## </summary>
  ## <param name="domain">
-@@ -1318,14 +1395,9 @@
+@@ -1318,14 +1396,9 @@
  ## </param>
  #
  interface(`auth_use_nsswitch',`
@@ -10648,7 +10649,7 @@
  	files_list_var_lib($1)
  
  	miscfiles_read_certs($1)
-@@ -1347,6 +1419,8 @@
+@@ -1347,6 +1420,8 @@
  
  	optional_policy(`
  		samba_stream_connect_winbind($1)
@@ -10657,7 +10658,7 @@
  	')
  ')
  
-@@ -1381,3 +1455,163 @@
+@@ -1381,3 +1456,163 @@
  	typeattribute $1 can_write_shadow_passwords;
  	typeattribute $1 can_relabelto_shadow_passwords;
  ')

More information about the fedora-extras-commits mailing list