rpms/selinux-policy/devel policy-20071130.patch, 1.132, 1.133 selinux-policy.spec, 1.658, 1.659
Daniel J Walsh (dwalsh)
fedora-extras-commits at redhat.com
Tue Apr 29 16:05:47 UTC 2008
Author: dwalsh
Update of /cvs/extras/rpms/selinux-policy/devel
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv30405
Modified Files:
policy-20071130.patch selinux-policy.spec
Log Message:
* Mon Apr 28 2008 Dan Walsh <dwalsh at redhat.com> 3.3.1-44
- Change unconfined_t to transition to unconfined_mono_t when running mono
- Change XXX_mono_t to transition to XXX_t when executing bin_t files, so gnome-do will work
policy-20071130.patch:
Index: policy-20071130.patch
===================================================================
RCS file: /cvs/extras/rpms/selinux-policy/devel/policy-20071130.patch,v
retrieving revision 1.132
retrieving revision 1.133
diff -u -r1.132 -r1.133
--- policy-20071130.patch 28 Apr 2008 21:24:59 -0000 1.132
+++ policy-20071130.patch 29 Apr 2008 16:05:10 -0000 1.133
@@ -793,7 +793,7 @@
+system_r:xdm_t xguest_r:xguest_t
diff --exclude-from=exclude -N -u -r nsaserefpolicy/man/man8/ftpd_selinux.8 serefpolicy-3.3.1/man/man8/ftpd_selinux.8
--- nsaserefpolicy/man/man8/ftpd_selinux.8 2007-10-12 08:56:10.000000000 -0400
-+++ serefpolicy-3.3.1/man/man8/ftpd_selinux.8 2008-04-28 08:39:05.840182000 -0400
++++ serefpolicy-3.3.1/man/man8/ftpd_selinux.8 2008-04-28 08:39:05.000000000 -0400
@@ -35,10 +35,6 @@
directorories, you need to set the ftp_home_dir boolean.
.TP
@@ -3239,7 +3239,7 @@
/usr/libexec/gconfd-2 -- gen_context(system_u:object_r:gconfd_exec_t,s0)
diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/apps/gnome.if serefpolicy-3.3.1/policy/modules/apps/gnome.if
--- nsaserefpolicy/policy/modules/apps/gnome.if 2007-07-23 10:20:12.000000000 -0400
-+++ serefpolicy-3.3.1/policy/modules/apps/gnome.if 2008-04-21 11:02:48.000000000 -0400
++++ serefpolicy-3.3.1/policy/modules/apps/gnome.if 2008-04-29 09:37:23.004992000 -0400
@@ -33,9 +33,60 @@
## </param>
#
@@ -4522,8 +4522,8 @@
+userdom_dontaudit_list_sysadm_home_dirs(loadkeys_t)
diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/apps/mono.if serefpolicy-3.3.1/policy/modules/apps/mono.if
--- nsaserefpolicy/policy/modules/apps/mono.if 2007-01-02 12:57:22.000000000 -0500
-+++ serefpolicy-3.3.1/policy/modules/apps/mono.if 2008-04-21 11:02:48.000000000 -0400
-@@ -18,3 +18,101 @@
++++ serefpolicy-3.3.1/policy/modules/apps/mono.if 2008-04-29 11:57:14.653875000 -0400
+@@ -18,3 +18,102 @@
corecmd_search_bin($1)
domtrans_pattern($1, mono_exec_t, mono_t)
')
@@ -4624,6 +4624,7 @@
+ domtrans_pattern($2, mono_exec_t, $1_mono_t)
+
+ fs_dontaudit_rw_tmpfs_files($1_mono_t)
++ corecmd_bin_domtrans($1_mono_t, $1_t)
+')
diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/apps/mono.te serefpolicy-3.3.1/policy/modules/apps/mono.te
--- nsaserefpolicy/policy/modules/apps/mono.te 2007-12-19 05:32:09.000000000 -0500
@@ -7480,7 +7481,7 @@
type lvm_control_t;
diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/kernel/domain.if serefpolicy-3.3.1/policy/modules/kernel/domain.if
--- nsaserefpolicy/policy/modules/kernel/domain.if 2007-11-29 13:29:34.000000000 -0500
-+++ serefpolicy-3.3.1/policy/modules/kernel/domain.if 2008-04-28 09:14:07.261479000 -0400
++++ serefpolicy-3.3.1/policy/modules/kernel/domain.if 2008-04-28 09:14:07.000000000 -0400
@@ -1242,18 +1242,34 @@
## </summary>
## </param>
@@ -7917,7 +7918,7 @@
#
diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/kernel/filesystem.if serefpolicy-3.3.1/policy/modules/kernel/filesystem.if
--- nsaserefpolicy/policy/modules/kernel/filesystem.if 2007-10-24 15:00:24.000000000 -0400
-+++ serefpolicy-3.3.1/policy/modules/kernel/filesystem.if 2008-04-28 17:00:20.022613000 -0400
++++ serefpolicy-3.3.1/policy/modules/kernel/filesystem.if 2008-04-28 17:00:20.000000000 -0400
@@ -310,6 +310,25 @@
########################################
@@ -8616,7 +8617,7 @@
neverallow ~{ selinux_unconfined_type can_setsecparam } security_t:security setsecparam;
diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/kernel/storage.fc serefpolicy-3.3.1/policy/modules/kernel/storage.fc
--- nsaserefpolicy/policy/modules/kernel/storage.fc 2007-10-29 18:02:31.000000000 -0400
-+++ serefpolicy-3.3.1/policy/modules/kernel/storage.fc 2008-04-28 15:02:52.901366000 -0400
++++ serefpolicy-3.3.1/policy/modules/kernel/storage.fc 2008-04-28 15:02:52.000000000 -0400
@@ -13,6 +13,7 @@
/dev/cm20.* -b gen_context(system_u:object_r:removable_device_t,s0)
/dev/dasd[^/]* -b gen_context(system_u:object_r:fixed_disk_device_t,mls_systemhigh)
@@ -8635,7 +8636,7 @@
/dev/ataraid/.* -b gen_context(system_u:object_r:fixed_disk_device_t,mls_systemhigh)
diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/kernel/storage.if serefpolicy-3.3.1/policy/modules/kernel/storage.if
--- nsaserefpolicy/policy/modules/kernel/storage.if 2008-02-26 08:17:43.000000000 -0500
-+++ serefpolicy-3.3.1/policy/modules/kernel/storage.if 2008-04-28 16:19:58.789387000 -0400
++++ serefpolicy-3.3.1/policy/modules/kernel/storage.if 2008-04-28 16:19:58.000000000 -0400
@@ -81,6 +81,26 @@
########################################
@@ -8665,7 +8666,7 @@
## SELinux protections for filesystem objects, and
diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/kernel/terminal.if serefpolicy-3.3.1/policy/modules/kernel/terminal.if
--- nsaserefpolicy/policy/modules/kernel/terminal.if 2007-09-12 10:34:17.000000000 -0400
-+++ serefpolicy-3.3.1/policy/modules/kernel/terminal.if 2008-04-28 15:49:59.242976000 -0400
++++ serefpolicy-3.3.1/policy/modules/kernel/terminal.if 2008-04-28 15:49:59.000000000 -0400
@@ -525,11 +525,13 @@
interface(`term_use_generic_ptys',`
gen_require(`
@@ -12506,7 +12507,7 @@
+
diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/cups.te serefpolicy-3.3.1/policy/modules/services/cups.te
--- nsaserefpolicy/policy/modules/services/cups.te 2007-12-19 05:32:17.000000000 -0500
-+++ serefpolicy-3.3.1/policy/modules/services/cups.te 2008-04-28 15:33:05.015286000 -0400
++++ serefpolicy-3.3.1/policy/modules/services/cups.te 2008-04-28 15:33:05.000000000 -0400
@@ -43,14 +43,13 @@
type cupsd_var_run_t;
@@ -13211,7 +13212,7 @@
/var/run/dbus(/.*)? gen_context(system_u:object_r:system_dbusd_var_run_t,s0)
diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/dbus.if serefpolicy-3.3.1/policy/modules/services/dbus.if
--- nsaserefpolicy/policy/modules/services/dbus.if 2007-12-04 11:02:50.000000000 -0500
-+++ serefpolicy-3.3.1/policy/modules/services/dbus.if 2008-04-21 12:08:05.000000000 -0400
++++ serefpolicy-3.3.1/policy/modules/services/dbus.if 2008-04-29 10:45:04.731105000 -0400
@@ -53,6 +53,7 @@
gen_require(`
type system_dbusd_exec_t, system_dbusd_t, dbusd_etc_t;
@@ -13478,7 +13479,7 @@
+')
diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/dbus.te serefpolicy-3.3.1/policy/modules/services/dbus.te
--- nsaserefpolicy/policy/modules/services/dbus.te 2007-12-19 05:32:17.000000000 -0500
-+++ serefpolicy-3.3.1/policy/modules/services/dbus.te 2008-04-28 17:24:06.516754000 -0400
++++ serefpolicy-3.3.1/policy/modules/services/dbus.te 2008-04-28 17:24:06.000000000 -0400
@@ -9,9 +9,10 @@
#
# Delcarations
@@ -15489,7 +15490,7 @@
+')
diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/gnomeclock.te serefpolicy-3.3.1/policy/modules/services/gnomeclock.te
--- nsaserefpolicy/policy/modules/services/gnomeclock.te 1969-12-31 19:00:00.000000000 -0500
-+++ serefpolicy-3.3.1/policy/modules/services/gnomeclock.te 2008-04-28 10:32:02.385047000 -0400
++++ serefpolicy-3.3.1/policy/modules/services/gnomeclock.te 2008-04-28 10:32:02.000000000 -0400
@@ -0,0 +1,55 @@
+policy_module(gnomeclock,1.0.0)
+########################################
@@ -17421,7 +17422,7 @@
+/etc/rc\.d/init\.d/mysqld -- gen_context(system_u:object_r:mysqld_script_exec_t,s0)
diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/mysql.if serefpolicy-3.3.1/policy/modules/services/mysql.if
--- nsaserefpolicy/policy/modules/services/mysql.if 2007-01-02 12:57:43.000000000 -0500
-+++ serefpolicy-3.3.1/policy/modules/services/mysql.if 2008-04-28 14:00:53.714473000 -0400
++++ serefpolicy-3.3.1/policy/modules/services/mysql.if 2008-04-28 14:00:53.000000000 -0400
@@ -32,9 +32,11 @@
interface(`mysql_stream_connect',`
gen_require(`
@@ -17786,7 +17787,7 @@
#
diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/networkmanager.fc serefpolicy-3.3.1/policy/modules/services/networkmanager.fc
--- nsaserefpolicy/policy/modules/services/networkmanager.fc 2007-09-12 10:34:18.000000000 -0400
-+++ serefpolicy-3.3.1/policy/modules/services/networkmanager.fc 2008-04-28 17:01:05.578193000 -0400
++++ serefpolicy-3.3.1/policy/modules/services/networkmanager.fc 2008-04-28 17:01:05.000000000 -0400
@@ -1,7 +1,11 @@
/usr/s?bin/NetworkManager -- gen_context(system_u:object_r:NetworkManager_exec_t,s0)
/usr/s?bin/wpa_supplicant -- gen_context(system_u:object_r:NetworkManager_exec_t,s0)
@@ -17801,7 +17802,7 @@
+/etc/NetworkManager/dispatcher.d(/.*) gen_context(system_u:object_r:NetworkManager_script_exec_t,s0)
diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/networkmanager.if serefpolicy-3.3.1/policy/modules/services/networkmanager.if
--- nsaserefpolicy/policy/modules/services/networkmanager.if 2007-06-12 10:15:45.000000000 -0400
-+++ serefpolicy-3.3.1/policy/modules/services/networkmanager.if 2008-04-28 17:23:33.835317000 -0400
++++ serefpolicy-3.3.1/policy/modules/services/networkmanager.if 2008-04-28 17:23:33.000000000 -0400
@@ -97,3 +97,40 @@
allow $1 NetworkManager_t:dbus send_msg;
allow NetworkManager_t $1:dbus send_msg;
@@ -17845,7 +17846,7 @@
+
diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/networkmanager.te serefpolicy-3.3.1/policy/modules/services/networkmanager.te
--- nsaserefpolicy/policy/modules/services/networkmanager.te 2007-12-19 05:32:17.000000000 -0500
-+++ serefpolicy-3.3.1/policy/modules/services/networkmanager.te 2008-04-28 17:20:44.106667000 -0400
++++ serefpolicy-3.3.1/policy/modules/services/networkmanager.te 2008-04-28 17:20:44.000000000 -0400
@@ -13,6 +13,13 @@
type NetworkManager_var_run_t;
files_pid_file(NetworkManager_var_run_t)
@@ -18872,7 +18873,7 @@
diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/polkit.fc serefpolicy-3.3.1/policy/modules/services/polkit.fc
--- nsaserefpolicy/policy/modules/services/polkit.fc 1969-12-31 19:00:00.000000000 -0500
-+++ serefpolicy-3.3.1/policy/modules/services/polkit.fc 2008-04-28 15:14:56.271771000 -0400
++++ serefpolicy-3.3.1/policy/modules/services/polkit.fc 2008-04-28 15:14:56.000000000 -0400
@@ -0,0 +1,9 @@
+
+/usr/libexec/polkit-read-auth-helper -- gen_context(system_u:object_r:polkit_auth_exec_t,s0)
@@ -18885,7 +18886,7 @@
+/var/lib/PolicyKit-public(/.*)? gen_context(system_u:object_r:polkit_var_lib_t,s0)
diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/polkit.if serefpolicy-3.3.1/policy/modules/services/polkit.if
--- nsaserefpolicy/policy/modules/services/polkit.if 1969-12-31 19:00:00.000000000 -0500
-+++ serefpolicy-3.3.1/policy/modules/services/polkit.if 2008-04-28 15:56:30.712486000 -0400
++++ serefpolicy-3.3.1/policy/modules/services/polkit.if 2008-04-28 15:56:30.000000000 -0400
@@ -0,0 +1,208 @@
+
+## <summary>policy for polkit_auth</summary>
@@ -19097,7 +19098,7 @@
+
diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/polkit.te serefpolicy-3.3.1/policy/modules/services/polkit.te
--- nsaserefpolicy/policy/modules/services/polkit.te 1969-12-31 19:00:00.000000000 -0500
-+++ serefpolicy-3.3.1/policy/modules/services/polkit.te 2008-04-28 16:10:18.292199000 -0400
++++ serefpolicy-3.3.1/policy/modules/services/polkit.te 2008-04-28 16:10:18.000000000 -0400
@@ -0,0 +1,190 @@
+policy_module(polkit_auth,1.0.0)
+
@@ -21410,7 +21411,7 @@
## <param name="domain">
diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/rpc.te serefpolicy-3.3.1/policy/modules/services/rpc.te
--- nsaserefpolicy/policy/modules/services/rpc.te 2007-12-19 05:32:17.000000000 -0500
-+++ serefpolicy-3.3.1/policy/modules/services/rpc.te 2008-04-28 16:23:06.250792000 -0400
++++ serefpolicy-3.3.1/policy/modules/services/rpc.te 2008-04-28 16:23:06.000000000 -0400
@@ -23,7 +23,7 @@
gen_tunable(allow_nfsd_anon_write,false)
@@ -22999,7 +23000,7 @@
+
diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/setroubleshoot.te serefpolicy-3.3.1/policy/modules/services/setroubleshoot.te
--- nsaserefpolicy/policy/modules/services/setroubleshoot.te 2007-12-19 05:32:17.000000000 -0500
-+++ serefpolicy-3.3.1/policy/modules/services/setroubleshoot.te 2008-04-28 15:21:41.039805000 -0400
++++ serefpolicy-3.3.1/policy/modules/services/setroubleshoot.te 2008-04-28 15:21:41.000000000 -0400
@@ -22,13 +22,16 @@
type setroubleshoot_var_run_t;
files_pid_file(setroubleshoot_var_run_t)
@@ -25255,7 +25256,7 @@
/var/lib/pam_devperm/:0 -- gen_context(system_u:object_r:xdm_var_lib_t,s0)
diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/xserver.if serefpolicy-3.3.1/policy/modules/services/xserver.if
--- nsaserefpolicy/policy/modules/services/xserver.if 2007-12-04 11:02:50.000000000 -0500
-+++ serefpolicy-3.3.1/policy/modules/services/xserver.if 2008-04-25 13:53:23.000000000 -0400
++++ serefpolicy-3.3.1/policy/modules/services/xserver.if 2008-04-29 09:37:38.934561000 -0400
@@ -12,9 +12,15 @@
## </summary>
## </param>
@@ -26631,7 +26632,7 @@
+
diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/xserver.te serefpolicy-3.3.1/policy/modules/services/xserver.te
--- nsaserefpolicy/policy/modules/services/xserver.te 2007-12-19 05:32:17.000000000 -0500
-+++ serefpolicy-3.3.1/policy/modules/services/xserver.te 2008-04-23 10:06:49.000000000 -0400
++++ serefpolicy-3.3.1/policy/modules/services/xserver.te 2008-04-29 11:09:45.700467000 -0400
@@ -8,6 +8,14 @@
## <desc>
@@ -26820,7 +26821,16 @@
# Allow gdm to run gdm-binary
can_exec(xdm_t, xdm_exec_t)
-@@ -131,15 +239,22 @@
+@@ -124,6 +232,8 @@
+ manage_files_pattern(xdm_t,xdm_tmp_t,xdm_tmp_t)
+ manage_sock_files_pattern(xdm_t,xdm_tmp_t,xdm_tmp_t)
+ files_tmp_filetrans(xdm_t, xdm_tmp_t, { file dir sock_file })
++relabelfrom_dirs_pattern(xdm_t,xdm_tmp_t,xdm_tmp_t)
++relabelfrom_files_pattern(xdm_t,xdm_tmp_t,xdm_tmp_t)
+
+ manage_dirs_pattern(xdm_t,xdm_tmpfs_t,xdm_tmpfs_t)
+ manage_files_pattern(xdm_t,xdm_tmpfs_t,xdm_tmpfs_t)
+@@ -131,15 +241,22 @@
manage_fifo_files_pattern(xdm_t,xdm_tmpfs_t,xdm_tmpfs_t)
manage_sock_files_pattern(xdm_t,xdm_tmpfs_t,xdm_tmpfs_t)
fs_tmpfs_filetrans(xdm_t,xdm_tmpfs_t,{ dir file lnk_file sock_file fifo_file })
@@ -26845,7 +26855,7 @@
allow xdm_t xdm_xserver_t:process signal;
allow xdm_t xdm_xserver_t:unix_stream_socket connectto;
-@@ -153,6 +268,7 @@
+@@ -153,6 +270,7 @@
allow xdm_t xdm_xserver_t:process { noatsecure siginh rlimitinh signal sigkill };
allow xdm_t xdm_xserver_t:shm rw_shm_perms;
@@ -26853,7 +26863,7 @@
# connect to xdm xserver over stream socket
stream_connect_pattern(xdm_t,xdm_xserver_tmp_t,xdm_xserver_tmp_t,xdm_xserver_t)
-@@ -173,6 +289,8 @@
+@@ -173,6 +291,8 @@
corecmd_exec_shell(xdm_t)
corecmd_exec_bin(xdm_t)
@@ -26862,7 +26872,7 @@
corenet_all_recvfrom_unlabeled(xdm_t)
corenet_all_recvfrom_netlabel(xdm_t)
-@@ -184,6 +302,7 @@
+@@ -184,6 +304,7 @@
corenet_udp_sendrecv_all_ports(xdm_t)
corenet_tcp_bind_all_nodes(xdm_t)
corenet_udp_bind_all_nodes(xdm_t)
@@ -26870,7 +26880,7 @@
corenet_tcp_connect_all_ports(xdm_t)
corenet_sendrecv_all_client_packets(xdm_t)
# xdm tries to bind to biff_port_t
-@@ -196,6 +315,7 @@
+@@ -196,6 +317,7 @@
dev_getattr_mouse_dev(xdm_t)
dev_setattr_mouse_dev(xdm_t)
dev_rw_apm_bios(xdm_t)
@@ -26878,7 +26888,7 @@
dev_setattr_apm_bios_dev(xdm_t)
dev_rw_dri(xdm_t)
dev_rw_agp(xdm_t)
-@@ -208,14 +328,15 @@
+@@ -208,14 +330,15 @@
dev_setattr_video_dev(xdm_t)
dev_getattr_scanner_dev(xdm_t)
dev_setattr_scanner_dev(xdm_t)
@@ -26896,7 +26906,7 @@
files_read_etc_files(xdm_t)
files_read_var_files(xdm_t)
-@@ -226,9 +347,13 @@
+@@ -226,9 +349,13 @@
files_read_usr_files(xdm_t)
# Poweroff wants to create the /poweroff file when run from xdm
files_create_boot_flag(xdm_t)
@@ -26910,7 +26920,7 @@
storage_dontaudit_read_fixed_disk(xdm_t)
storage_dontaudit_write_fixed_disk(xdm_t)
-@@ -237,6 +362,7 @@
+@@ -237,6 +364,7 @@
storage_dontaudit_raw_write_removable_device(xdm_t)
storage_dontaudit_setattr_removable_dev(xdm_t)
storage_dontaudit_rw_scsi_generic(xdm_t)
@@ -26918,7 +26928,7 @@
term_setattr_console(xdm_t)
term_use_unallocated_ttys(xdm_t)
-@@ -245,6 +371,7 @@
+@@ -245,6 +373,7 @@
auth_domtrans_pam_console(xdm_t)
auth_manage_pam_pid(xdm_t)
auth_manage_pam_console_data(xdm_t)
@@ -26926,7 +26936,7 @@
auth_rw_faillog(xdm_t)
auth_write_login_records(xdm_t)
-@@ -256,22 +383,29 @@
+@@ -256,22 +385,29 @@
libs_exec_lib_files(xdm_t)
logging_read_generic_logs(xdm_t)
@@ -26959,7 +26969,7 @@
tunable_policy(`use_nfs_home_dirs',`
fs_manage_nfs_dirs(xdm_t)
-@@ -297,14 +431,20 @@
+@@ -297,14 +433,20 @@
# xserver_rw_session_template(xdm,unpriv_userdomain)
# dontaudit xdm_xserver_t sysadm_t:shm { unix_read unix_write };
# allow xdm_xserver_t xdm_tmpfs_t:file rw_file_perms;
@@ -26981,7 +26991,7 @@
')
optional_policy(`
-@@ -312,6 +452,23 @@
+@@ -312,6 +454,23 @@
')
optional_policy(`
@@ -27005,7 +27015,7 @@
# Talk to the console mouse server.
gpm_stream_connect(xdm_t)
gpm_setattr_gpmctl(xdm_t)
-@@ -322,6 +479,10 @@
+@@ -322,6 +481,10 @@
')
optional_policy(`
@@ -27016,7 +27026,7 @@
loadkeys_exec(xdm_t)
')
-@@ -335,6 +496,11 @@
+@@ -335,6 +498,11 @@
')
optional_policy(`
@@ -27028,7 +27038,7 @@
seutil_sigchld_newrole(xdm_t)
')
-@@ -343,8 +509,8 @@
+@@ -343,8 +511,8 @@
')
optional_policy(`
@@ -27038,7 +27048,7 @@
ifndef(`distro_redhat',`
allow xdm_t self:process { execheap execmem };
-@@ -380,7 +546,7 @@
+@@ -380,7 +548,7 @@
allow xdm_xserver_t xdm_var_lib_t:file { getattr read };
dontaudit xdm_xserver_t xdm_var_lib_t:dir search;
@@ -27047,7 +27057,7 @@
# Label pid and temporary files with derived types.
manage_files_pattern(xdm_xserver_t,xdm_tmp_t,xdm_tmp_t)
-@@ -392,6 +558,15 @@
+@@ -392,6 +560,15 @@
can_exec(xdm_xserver_t, xkb_var_lib_t)
files_search_var_lib(xdm_xserver_t)
@@ -27063,7 +27073,7 @@
# VNC v4 module in X server
corenet_tcp_bind_vnc_port(xdm_xserver_t)
-@@ -404,9 +579,18 @@
+@@ -404,9 +581,18 @@
# to read ROLE_home_t - examine this in more detail
# (xauth?)
userdom_read_unpriv_users_home_content_files(xdm_xserver_t)
@@ -27082,7 +27092,7 @@
tunable_policy(`use_nfs_home_dirs',`
fs_manage_nfs_dirs(xdm_xserver_t)
fs_manage_nfs_files(xdm_xserver_t)
-@@ -420,6 +604,22 @@
+@@ -420,6 +606,22 @@
')
optional_policy(`
@@ -27105,7 +27115,7 @@
resmgr_stream_connect(xdm_t)
')
-@@ -429,47 +629,138 @@
+@@ -429,47 +631,138 @@
')
optional_policy(`
@@ -27506,7 +27516,7 @@
+/var/cache/coolkey(/.*)? gen_context(system_u:object_r:auth_cache_t,s0)
diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/authlogin.if serefpolicy-3.3.1/policy/modules/system/authlogin.if
--- nsaserefpolicy/policy/modules/system/authlogin.if 2008-02-01 09:12:53.000000000 -0500
-+++ serefpolicy-3.3.1/policy/modules/system/authlogin.if 2008-04-28 09:15:47.070186000 -0400
++++ serefpolicy-3.3.1/policy/modules/system/authlogin.if 2008-04-29 10:58:08.742336000 -0400
@@ -99,7 +99,7 @@
template(`authlogin_per_role_template',`
@@ -27553,7 +27563,7 @@
# for SSP/ProPolice
dev_read_urand($1)
# for fingerprint readers
-@@ -226,8 +243,38 @@
+@@ -226,8 +243,40 @@
seutil_read_config($1)
seutil_read_default_contexts($1)
@@ -27589,10 +27599,12 @@
files_polyinstantiate_all($1)
+ userdom_manage_user_home_content_dirs(user, $1)
+ userdom_manage_user_home_content_files(user, $1)
++ userdom_relabel_all_home_dirs($1)
++ userdom_relabel_all_home_files($1)
')
')
-@@ -342,6 +389,8 @@
+@@ -342,6 +391,8 @@
optional_policy(`
kerberos_use($1)
@@ -27601,7 +27613,7 @@
')
optional_policy(`
-@@ -356,6 +405,28 @@
+@@ -356,6 +407,28 @@
optional_policy(`
samba_stream_connect_winbind($1)
')
@@ -27630,7 +27642,7 @@
')
########################################
-@@ -369,12 +440,12 @@
+@@ -369,12 +442,12 @@
## </param>
## <param name="role">
## <summary>
@@ -27645,7 +27657,7 @@
## </summary>
## </param>
#
-@@ -386,6 +457,7 @@
+@@ -386,6 +459,7 @@
auth_domtrans_chk_passwd($1)
role $2 types system_chkpwd_t;
allow system_chkpwd_t $3:chr_file rw_file_perms;
@@ -27653,7 +27665,7 @@
')
########################################
-@@ -1457,6 +1529,7 @@
+@@ -1457,6 +1531,7 @@
optional_policy(`
samba_stream_connect_winbind($1)
samba_read_var_files($1)
@@ -27661,7 +27673,7 @@
')
')
-@@ -1491,3 +1564,59 @@
+@@ -1491,3 +1566,59 @@
typeattribute $1 can_write_shadow_passwords;
typeattribute $1 can_relabelto_shadow_passwords;
')
@@ -27915,7 +27927,7 @@
-
diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/init.if serefpolicy-3.3.1/policy/modules/system/init.if
--- nsaserefpolicy/policy/modules/system/init.if 2007-10-29 18:02:31.000000000 -0400
-+++ serefpolicy-3.3.1/policy/modules/system/init.if 2008-04-28 09:15:35.654776000 -0400
++++ serefpolicy-3.3.1/policy/modules/system/init.if 2008-04-28 09:15:35.000000000 -0400
@@ -211,6 +211,13 @@
kernel_dontaudit_use_fds($1)
')
@@ -28593,7 +28605,7 @@
diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/iscsi.te serefpolicy-3.3.1/policy/modules/system/iscsi.te
--- nsaserefpolicy/policy/modules/system/iscsi.te 2008-02-18 14:30:18.000000000 -0500
-+++ serefpolicy-3.3.1/policy/modules/system/iscsi.te 2008-04-28 10:29:25.956857000 -0400
++++ serefpolicy-3.3.1/policy/modules/system/iscsi.te 2008-04-28 10:29:25.000000000 -0400
@@ -29,7 +29,7 @@
#
@@ -28838,7 +28850,7 @@
+/var/cfengine/outputs(/.*)? gen_context(system_u:object_r:var_log_t,s0)
diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/logging.if serefpolicy-3.3.1/policy/modules/system/logging.if
--- nsaserefpolicy/policy/modules/system/logging.if 2007-12-12 11:35:28.000000000 -0500
-+++ serefpolicy-3.3.1/policy/modules/system/logging.if 2008-04-21 11:02:50.000000000 -0400
++++ serefpolicy-3.3.1/policy/modules/system/logging.if 2008-04-29 08:53:40.798973000 -0400
@@ -213,12 +213,7 @@
## </param>
#
@@ -29304,7 +29316,7 @@
+/var/run/dmevent.* gen_context(system_u:object_r:lvm_var_run_t,s0)
diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/lvm.te serefpolicy-3.3.1/policy/modules/system/lvm.te
--- nsaserefpolicy/policy/modules/system/lvm.te 2007-12-19 05:32:17.000000000 -0500
-+++ serefpolicy-3.3.1/policy/modules/system/lvm.te 2008-04-23 10:09:00.000000000 -0400
++++ serefpolicy-3.3.1/policy/modules/system/lvm.te 2008-04-29 08:38:10.482745000 -0400
@@ -22,7 +22,7 @@
role system_r types lvm_t;
@@ -29615,7 +29627,7 @@
## <param name="domain">
diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/modutils.te serefpolicy-3.3.1/policy/modules/system/modutils.te
--- nsaserefpolicy/policy/modules/system/modutils.te 2008-02-06 10:33:22.000000000 -0500
-+++ serefpolicy-3.3.1/policy/modules/system/modutils.te 2008-04-21 11:02:50.000000000 -0400
++++ serefpolicy-3.3.1/policy/modules/system/modutils.te 2008-04-29 08:36:55.595920000 -0400
@@ -22,6 +22,8 @@
type insmod_exec_t;
application_domain(insmod_t,insmod_exec_t)
@@ -30246,7 +30258,7 @@
+
diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/qemu.te serefpolicy-3.3.1/policy/modules/system/qemu.te
--- nsaserefpolicy/policy/modules/system/qemu.te 1969-12-31 19:00:00.000000000 -0500
-+++ serefpolicy-3.3.1/policy/modules/system/qemu.te 2008-04-28 16:14:23.857051000 -0400
++++ serefpolicy-3.3.1/policy/modules/system/qemu.te 2008-04-28 16:14:23.000000000 -0400
@@ -0,0 +1,49 @@
+policy_module(qemu,1.0.0)
+
@@ -30299,7 +30311,7 @@
+')
diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/raid.te serefpolicy-3.3.1/policy/modules/system/raid.te
--- nsaserefpolicy/policy/modules/system/raid.te 2007-12-19 05:32:17.000000000 -0500
-+++ serefpolicy-3.3.1/policy/modules/system/raid.te 2008-04-21 11:02:50.000000000 -0400
++++ serefpolicy-3.3.1/policy/modules/system/raid.te 2008-04-29 08:35:21.523317000 -0400
@@ -19,7 +19,7 @@
# Local policy
#
@@ -30623,7 +30635,7 @@
+')
diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/selinuxutil.te serefpolicy-3.3.1/policy/modules/system/selinuxutil.te
--- nsaserefpolicy/policy/modules/system/selinuxutil.te 2008-02-06 10:33:22.000000000 -0500
-+++ serefpolicy-3.3.1/policy/modules/system/selinuxutil.te 2008-04-28 10:24:53.045591000 -0400
++++ serefpolicy-3.3.1/policy/modules/system/selinuxutil.te 2008-04-28 10:24:53.000000000 -0400
@@ -75,7 +75,6 @@
type restorecond_exec_t;
init_daemon_domain(restorecond_t,restorecond_exec_t)
@@ -31165,7 +31177,7 @@
xen_append_log(ifconfig_t)
diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/udev.if serefpolicy-3.3.1/policy/modules/system/udev.if
--- nsaserefpolicy/policy/modules/system/udev.if 2007-01-02 12:57:49.000000000 -0500
-+++ serefpolicy-3.3.1/policy/modules/system/udev.if 2008-04-28 10:54:03.940707000 -0400
++++ serefpolicy-3.3.1/policy/modules/system/udev.if 2008-04-29 08:34:43.098742000 -0400
@@ -96,6 +96,24 @@
########################################
@@ -31191,7 +31203,7 @@
## Allow process to read list of devices.
## </summary>
## <param name="domain">
-@@ -106,11 +124,11 @@
+@@ -106,11 +124,13 @@
#
interface(`udev_read_db',`
gen_require(`
@@ -31201,11 +31213,13 @@
dev_list_all_dev_nodes($1)
- allow $1 udev_tdb_t:file read_file_perms;
++ allow $1 udev_tbl_t:dir list_dir_perms;
+ read_files_pattern($1, udev_tbl_t, udev_tbl_t)
++ read_lnk_files_pattern($1, udev_tbl_t, udev_tbl_t)
')
########################################
-@@ -125,9 +143,9 @@
+@@ -125,9 +145,9 @@
#
interface(`udev_rw_db',`
gen_require(`
@@ -31646,7 +31660,7 @@
')
diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/unconfined.te serefpolicy-3.3.1/policy/modules/system/unconfined.te
--- nsaserefpolicy/policy/modules/system/unconfined.te 2008-02-13 16:26:06.000000000 -0500
-+++ serefpolicy-3.3.1/policy/modules/system/unconfined.te 2008-04-25 14:52:17.000000000 -0400
++++ serefpolicy-3.3.1/policy/modules/system/unconfined.te 2008-04-29 12:04:03.912060000 -0400
@@ -6,35 +6,74 @@
# Declarations
#
@@ -31819,26 +31833,33 @@
')
optional_policy(`
-@@ -134,82 +188,97 @@
+@@ -134,14 +188,6 @@
')
optional_policy(`
- mono_domtrans(unconfined_t)
-+ oddjob_domtrans_mkhomedir(unconfined_t)
- ')
-
- optional_policy(`
+-')
+-
+-optional_policy(`
- mta_per_role_template(unconfined, unconfined_t, unconfined_r)
-+ prelink_run(unconfined_t, unconfined_r, { unconfined_devpts_t unconfined_tty_device_t })
+-')
+-
+-optional_policy(`
+ oddjob_domtrans_mkhomedir(unconfined_t)
')
- optional_policy(`
-- oddjob_domtrans_mkhomedir(unconfined_t)
-+ portmap_run_helper(unconfined_t, unconfined_r, { unconfined_devpts_t unconfined_tty_device_t })
+@@ -154,38 +200,46 @@
')
optional_policy(`
-- prelink_run(unconfined_t, unconfined_r, { unconfined_devpts_t unconfined_tty_device_t })
+- postfix_run_map(unconfined_t, unconfined_r, { unconfined_devpts_t unconfined_tty_device_t })
+- # cjp: this should probably be removed:
+- postfix_domtrans_master(unconfined_t)
+-')
+-
+-
+-optional_policy(`
+- pyzor_per_role_template(unconfined)
+ tunable_policy(`allow_unconfined_qemu_transition', `
+ qemu_runas(unconfined_t, unconfined_r, { unconfined_devpts_t unconfined_tty_device_t })
+ ', `
@@ -31849,7 +31870,8 @@
')
optional_policy(`
-- portmap_run_helper(unconfined_t, unconfined_r, { unconfined_devpts_t unconfined_tty_device_t })
+- # cjp: this should probably be removed:
+- rpc_domtrans_nfsd(unconfined_t)
+ rpm_run(unconfined_t, unconfined_r, { unconfined_devpts_t unconfined_tty_device_t })
+ # Allow SELinux aware applications to request rpm_script execution
+ rpm_transition_script(unconfined_t)
@@ -31857,9 +31879,7 @@
')
optional_policy(`
-- postfix_run_map(unconfined_t, unconfined_r, { unconfined_devpts_t unconfined_tty_device_t })
-- # cjp: this should probably be removed:
-- postfix_domtrans_master(unconfined_t)
+- rpm_run(unconfined_t, unconfined_r, { unconfined_devpts_t unconfined_tty_device_t })
+ cron_per_role_template(unconfined, unconfined_t, unconfined_r)
+ # this is disallowed usage:
+ unconfined_domain(unconfined_crond_t)
@@ -31868,81 +31888,66 @@
+ rpm_transition_script(unconfined_crond_t)
')
--
optional_policy(`
-- pyzor_per_role_template(unconfined)
-+ samba_per_role_template(unconfined)
+ samba_per_role_template(unconfined)
+- samba_run_net(unconfined_t, unconfined_r, { unconfined_devpts_t unconfined_tty_device_t })
+ samba_run_unconfined_net(unconfined_t, unconfined_r, { unconfined_devpts_t unconfined_tty_device_t })
-+ samba_run_winbind_helper(unconfined_t, unconfined_r, { unconfined_devpts_t unconfined_tty_device_t })
+ samba_run_winbind_helper(unconfined_t, unconfined_r, { unconfined_devpts_t unconfined_tty_device_t })
+ samba_run_smbcontrol(unconfined_t, unconfined_r, { unconfined_devpts_t unconfined_tty_device_t })
')
optional_policy(`
-- # cjp: this should probably be removed:
-- rpc_domtrans_nfsd(unconfined_t)
+- spamassassin_per_role_template(unconfined, unconfined_t, unconfined_r)
+ sendmail_run_unconfined(unconfined_t, unconfined_r, { unconfined_devpts_t unconfined_tty_device_t })
')
optional_policy(`
-- rpm_run(unconfined_t, unconfined_r, { unconfined_devpts_t unconfined_tty_device_t })
-+ sysnet_run_dhcpc(unconfined_t, unconfined_r, { unconfined_devpts_t unconfined_tty_device_t })
-+ sysnet_dbus_chat_dhcpc(unconfined_t)
+ sysnet_run_dhcpc(unconfined_t, unconfined_r, { unconfined_devpts_t unconfined_tty_device_t })
+ sysnet_dbus_chat_dhcpc(unconfined_t)
+ sysnet_role_transition_dhcpc(unconfined_r)
')
optional_policy(`
-- samba_per_role_template(unconfined)
-- samba_run_net(unconfined_t, unconfined_r, { unconfined_devpts_t unconfined_tty_device_t })
-- samba_run_winbind_helper(unconfined_t, unconfined_r, { unconfined_devpts_t unconfined_tty_device_t })
-+ tzdata_run(unconfined_t, unconfined_r, { unconfined_devpts_t unconfined_tty_device_t })
- ')
-
- optional_policy(`
-- spamassassin_per_role_template(unconfined, unconfined_t, unconfined_r)
-+ vpn_run(unconfined_t, unconfined_r, { unconfined_devpts_t unconfined_tty_device_t })
- ')
-
- optional_policy(`
-- sysnet_run_dhcpc(unconfined_t, unconfined_r, { unconfined_devpts_t unconfined_tty_device_t })
-- sysnet_dbus_chat_dhcpc(unconfined_t)
-+ webalizer_run(unconfined_t, unconfined_r, { unconfined_devpts_t unconfined_tty_device_t })
- ')
-
- optional_policy(`
-- tzdata_run(unconfined_t, unconfined_r, { unconfined_devpts_t unconfined_tty_device_t })
-+ wine_run(unconfined_t, unconfined_r, { unconfined_devpts_t unconfined_tty_device_t })
+@@ -193,23 +247,33 @@
')
optional_policy(`
- usermanage_run_admin_passwd(unconfined_t, unconfined_r, { unconfined_devpts_t unconfined_tty_device_t })
-+ java_run(unconfined_t, unconfined_r, { unconfined_devpts_t unconfined_tty_device_t })
++ vpn_run(unconfined_t, unconfined_r, { unconfined_devpts_t unconfined_tty_device_t })
')
optional_policy(`
- vpn_run(unconfined_t, unconfined_r, { unconfined_devpts_t unconfined_tty_device_t })
-+ mono_run(unconfined_t, unconfined_r, { unconfined_devpts_t unconfined_tty_device_t })
++ webalizer_run(unconfined_t, unconfined_r, { unconfined_devpts_t unconfined_tty_device_t })
')
optional_policy(`
- webalizer_run(unconfined_t, unconfined_r, { unconfined_devpts_t unconfined_tty_device_t })
-+ mozilla_per_role_template(unconfined, unconfined_t, unconfined_r)
-+ unconfined_domain(unconfined_mozilla_t)
-+ allow unconfined_mozilla_t self:process { execstack execmem };
++ wine_run(unconfined_t, unconfined_r, { unconfined_devpts_t unconfined_tty_device_t })
')
optional_policy(`
- wine_domtrans(unconfined_t)
-+ kismet_run(unconfined_t, unconfined_r, { unconfined_tty_device_t unconfined_devpts_t })
++ java_run(unconfined_t, unconfined_r, { unconfined_devpts_t unconfined_tty_device_t })
')
optional_policy(`
- xserver_domtrans_xdm_xserver(unconfined_t)
++ mono_per_role_template(unconfined, unconfined_t, unconfined_r)
++ unconfined_domain(unconfined_mono_t)
++')
++
++optional_policy(`
++ kismet_run(unconfined_t, unconfined_r, { unconfined_tty_device_t unconfined_devpts_t })
++')
++
++optional_policy(`
+ xserver_run_xdm_xserver(unconfined_t, unconfined_r, { unconfined_devpts_t unconfined_tty_device_t })
+ xserver_xdm_rw_shm(unconfined_t)
')
########################################
-@@ -219,14 +288,35 @@
+@@ -219,14 +283,35 @@
allow unconfined_execmem_t self:process { execstack execmem };
unconfined_domain_noaudit(unconfined_execmem_t)
@@ -31998,7 +32003,7 @@
+/root(/.*)? gen_context(system_u:object_r:admin_home_t,s0)
diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/userdomain.if serefpolicy-3.3.1/policy/modules/system/userdomain.if
--- nsaserefpolicy/policy/modules/system/userdomain.if 2008-02-15 09:52:56.000000000 -0500
-+++ serefpolicy-3.3.1/policy/modules/system/userdomain.if 2008-04-28 15:32:37.832254000 -0400
++++ serefpolicy-3.3.1/policy/modules/system/userdomain.if 2008-04-29 10:58:27.618425000 -0400
@@ -29,9 +29,14 @@
')
@@ -34596,7 +34601,7 @@
## Send a dbus message to all user domains.
## </summary>
## <param name="domain">
-@@ -5704,3 +6135,370 @@
+@@ -5704,3 +6135,408 @@
interface(`userdom_unconfined',`
refpolicywarn(`$0($*) has been deprecated.')
')
@@ -34967,6 +34972,44 @@
+')
+
+
++########################################
++## <summary>
++## Relabel to all user home directories.
++## </summary>
++## <param name="domain">
++## <summary>
++## Domain allowed access.
++## </summary>
++## </param>
++#
++interface(`userdom_relabel_all_home_dirs',`
++ gen_require(`
++ type user_home_type;
++ ')
++
++ files_search_home($1)
++ relabel_dirs_pattern($1, user_home_type, user_home_type)
++')
++
++########################################
++## <summary>
++## Relabel to all user home files.
++## </summary>
++## <param name="domain">
++## <summary>
++## Domain allowed access.
++## </summary>
++## </param>
++#
++interface(`userdom_relabel_all_home_files',`
++ gen_require(`
++ type user_home_type;
++ ')
++
++ files_search_home($1)
++ relabel_files_pattern($1, user_home_type, user_home_type)
++')
++
diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/userdomain.te serefpolicy-3.3.1/policy/modules/system/userdomain.te
--- nsaserefpolicy/policy/modules/system/userdomain.te 2007-12-19 05:32:17.000000000 -0500
+++ serefpolicy-3.3.1/policy/modules/system/userdomain.te 2008-04-21 11:02:50.000000000 -0400
@@ -35294,7 +35337,7 @@
+/etc/libvirt/.*/.* gen_context(system_u:object_r:virt_etc_rw_t,s0)
diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/virt.if serefpolicy-3.3.1/policy/modules/system/virt.if
--- nsaserefpolicy/policy/modules/system/virt.if 1969-12-31 19:00:00.000000000 -0500
-+++ serefpolicy-3.3.1/policy/modules/system/virt.if 2008-04-28 16:10:44.344207000 -0400
++++ serefpolicy-3.3.1/policy/modules/system/virt.if 2008-04-28 16:10:44.000000000 -0400
@@ -0,0 +1,324 @@
+
+## <summary>policy for virt</summary>
@@ -35622,7 +35665,7 @@
+
diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/virt.te serefpolicy-3.3.1/policy/modules/system/virt.te
--- nsaserefpolicy/policy/modules/system/virt.te 1969-12-31 19:00:00.000000000 -0500
-+++ serefpolicy-3.3.1/policy/modules/system/virt.te 2008-04-28 16:24:22.547363000 -0400
++++ serefpolicy-3.3.1/policy/modules/system/virt.te 2008-04-28 16:24:22.000000000 -0400
@@ -0,0 +1,197 @@
+
+policy_module(virt,1.0.0)
Index: selinux-policy.spec
===================================================================
RCS file: /cvs/extras/rpms/selinux-policy/devel/selinux-policy.spec,v
retrieving revision 1.658
retrieving revision 1.659
diff -u -r1.658 -r1.659
--- selinux-policy.spec 28 Apr 2008 21:24:59 -0000 1.658
+++ selinux-policy.spec 29 Apr 2008 16:05:11 -0000 1.659
@@ -17,7 +17,7 @@
Summary: SELinux policy configuration
Name: selinux-policy
Version: 3.3.1
-Release: 43%{?dist}
+Release: 44%{?dist}
License: GPLv2+
Group: System Environment/Base
Source: serefpolicy-%{version}.tgz
@@ -385,6 +385,10 @@
%endif
%changelog
+* Mon Apr 28 2008 Dan Walsh <dwalsh at redhat.com> 3.3.1-44
+- Change unconfined_t to transition to unconfined_mono_t when running mono
+- Change XXX_mono_t to transition to XXX_t when executing bin_t files, so gnome-do will work
+
* Mon Apr 28 2008 Dan Walsh <dwalsh at redhat.com> 3.3.1-43
- Remove old booleans from targeted-booleans.conf file
More information about the fedora-extras-commits
mailing list