rpms/selinux-policy/devel policy-20080509.patch,1.22,1.23

Daniel J Walsh (dwalsh) fedora-extras-commits at redhat.com
Fri Jun 27 11:59:19 UTC 2008 

Author: dwalsh

Update of /cvs/extras/rpms/selinux-policy/devel
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv27566

Modified Files:
	policy-20080509.patch 
Log Message:
* Thu Jun 26 2008 Dan Walsh <dwalsh at redhat.com> 3.4.2-8
- Allow vpnc to run ifconfig


policy-20080509.patch:

Index: policy-20080509.patch
===================================================================
RCS file: /cvs/extras/rpms/selinux-policy/devel/policy-20080509.patch,v
retrieving revision 1.22
retrieving revision 1.23
diff -u -r1.22 -r1.23
--- policy-20080509.patch	26 Jun 2008 12:12:35 -0000	1.22
+++ policy-20080509.patch	27 Jun 2008 11:58:29 -0000	1.23
@@ -25736,7 +25736,7 @@
 +')
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/squid.te serefpolicy-3.4.2/policy/modules/services/squid.te
 --- nsaserefpolicy/policy/modules/services/squid.te	2008-06-12 23:25:06.000000000 -0400
-+++ serefpolicy-3.4.2/policy/modules/services/squid.te	2008-06-25 07:54:09.000000000 -0400
++++ serefpolicy-3.4.2/policy/modules/services/squid.te	2008-06-27 07:14:47.000000000 -0400
 @@ -31,12 +31,15 @@
  type squid_var_run_t;
  files_pid_file(squid_var_run_t)
@@ -25750,7 +25750,7 @@
  #
  
 -allow squid_t self:capability { setgid setuid dac_override sys_resource };
-+allow squid_t self:capability { setgid killa setuid dac_override sys_resource };
++allow squid_t self:capability { setgid kill setuid dac_override sys_resource };
  dontaudit squid_t self:capability sys_tty_config;
  allow squid_t self:process ~{ ptrace setcurrent setexec setfscreate execmem execstack execheap };
  allow squid_t self:fifo_file rw_fifo_file_perms;
@@ -33295,7 +33295,7 @@
 +/root(/.*)?	 	gen_context(system_u:object_r:admin_home_t,s0)
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/userdomain.if serefpolicy-3.4.2/policy/modules/system/userdomain.if
 --- nsaserefpolicy/policy/modules/system/userdomain.if	2008-06-12 23:25:07.000000000 -0400
-+++ serefpolicy-3.4.2/policy/modules/system/userdomain.if	2008-06-26 08:07:11.000000000 -0400
++++ serefpolicy-3.4.2/policy/modules/system/userdomain.if	2008-06-27 07:06:54.000000000 -0400
 @@ -28,10 +28,14 @@
  		class context contains;
  	')
@@ -35391,8 +35391,8 @@
  	')
  
  	dontaudit $1 { home_dir_type home_type }:dir search_dir_perms;
-+	fs_dontaudit_list_nfs($2)
-+	fs_dontaudit_list_cifs($2)
++	fs_dontaudit_list_nfs($1)
++	fs_dontaudit_list_cifs($1)
  ')
  
  ########################################

More information about the fedora-extras-commits mailing list