rpms/selinux-policy/devel policy-20080509.patch,1.16,1.17
Daniel J Walsh (dwalsh)
fedora-extras-commits at redhat.com
Sun Jun 22 12:23:14 UTC 2008
Author: dwalsh
Update of /cvs/extras/rpms/selinux-policy/devel
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv16614
Modified Files:
policy-20080509.patch
Log Message:
* Fri Jun 12 2008 Dan Walsh <dwalsh at redhat.com> 3.4.2-4
- allow hplip to talk dbus
- Fix context on ~/.local dir
policy-20080509.patch:
Index: policy-20080509.patch
===================================================================
RCS file: /cvs/extras/rpms/selinux-policy/devel/policy-20080509.patch,v
retrieving revision 1.16
retrieving revision 1.17
diff -u -r1.16 -r1.17
--- policy-20080509.patch 22 Jun 2008 12:08:02 -0000 1.16
+++ policy-20080509.patch 22 Jun 2008 12:22:25 -0000 1.17
@@ -6837,7 +6837,7 @@
#
diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/kernel/filesystem.if serefpolicy-3.4.2/policy/modules/kernel/filesystem.if
--- nsaserefpolicy/policy/modules/kernel/filesystem.if 2008-06-12 23:25:02.000000000 -0400
-+++ serefpolicy-3.4.2/policy/modules/kernel/filesystem.if 2008-06-12 23:37:51.000000000 -0400
++++ serefpolicy-3.4.2/policy/modules/kernel/filesystem.if 2008-06-22 08:12:48.000000000 -0400
@@ -310,6 +310,25 @@
########################################
@@ -30265,8 +30265,8 @@
+/usr/bin/qemu-kvm -- gen_context(system_u:object_r:qemu_exec_t,s0)
diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/qemu.if serefpolicy-3.4.2/policy/modules/system/qemu.if
--- nsaserefpolicy/policy/modules/system/qemu.if 1969-12-31 19:00:00.000000000 -0500
-+++ serefpolicy-3.4.2/policy/modules/system/qemu.if 2008-06-22 08:07:11.000000000 -0400
-@@ -0,0 +1,340 @@
++++ serefpolicy-3.4.2/policy/modules/system/qemu.if 2008-06-22 08:17:59.000000000 -0400
+@@ -0,0 +1,336 @@
+
+## <summary>policy for qemu</summary>
+
@@ -30596,10 +30596,6 @@
+ ')
+
+ optional_policy(`
-+ xen_rw_image_files($1_t)
-+ ')
-+
-+ optional_policy(`
+ xserver_stream_connect_xdm_xserver($1_t)
+ xserver_read_xdm_tmp_files($1_t)
+ xserver_read_xdm_pid($1_t)
@@ -30609,8 +30605,8 @@
+
diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/qemu.te serefpolicy-3.4.2/policy/modules/system/qemu.te
--- nsaserefpolicy/policy/modules/system/qemu.te 1969-12-31 19:00:00.000000000 -0500
-+++ serefpolicy-3.4.2/policy/modules/system/qemu.te 2008-06-12 23:37:53.000000000 -0400
-@@ -0,0 +1,49 @@
++++ serefpolicy-3.4.2/policy/modules/system/qemu.te 2008-06-22 08:15:43.000000000 -0400
+@@ -0,0 +1,79 @@
+policy_module(qemu,1.0.0)
+
+## <desc>
@@ -30620,6 +30616,20 @@
+## </desc>
+gen_tunable(allow_qemu_full_network,false)
+
++## <desc>
++## <p>
++## Allow qemu to use nfs file systems
++## </p>
++## </desc>
++gen_tunable(qemu_use_nfs,true)
++
++## <desc>
++## <p>
++## Allow qemu to use cifs/Samba file systems
++## </p>
++## </desc>
++gen_tunable(qemu_use_cifs,true)
++
+########################################
+#
+# Declarations
@@ -30649,6 +30659,22 @@
+ corenet_tcp_connect_all_ports(qemu_t)
+')
+
++tunable_policy(`qemu_use_nfs',`
++ fs_manage_nfs_files(qemu_t)
++')
++
++tunable_policy(`qemu_use_cifs',`
++ fs_manage_cifs_dirs(qemu_t)
++')
++
++optional_policy(`
++ xen_rw_image_files(qemu_t)
++')
++
++optional_policy(`
++ xen_rw_image_files(qemu_t)
++')
++
+########################################
+#
+# qemu_unconfined local policy
More information about the fedora-extras-commits
mailing list