rpms/selinux-policy/devel policy-20080509.patch,1.22,1.23
Daniel J Walsh (dwalsh)
fedora-extras-commits at redhat.com
Fri Jun 27 11:59:19 UTC 2008
Author: dwalsh
Update of /cvs/extras/rpms/selinux-policy/devel
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv27566
Modified Files:
policy-20080509.patch
Log Message:
* Thu Jun 26 2008 Dan Walsh <dwalsh at redhat.com> 3.4.2-8
- Allow vpnc to run ifconfig
policy-20080509.patch:
Index: policy-20080509.patch
===================================================================
RCS file: /cvs/extras/rpms/selinux-policy/devel/policy-20080509.patch,v
retrieving revision 1.22
retrieving revision 1.23
diff -u -r1.22 -r1.23
--- policy-20080509.patch 26 Jun 2008 12:12:35 -0000 1.22
+++ policy-20080509.patch 27 Jun 2008 11:58:29 -0000 1.23
@@ -25736,7 +25736,7 @@
+')
diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/squid.te serefpolicy-3.4.2/policy/modules/services/squid.te
--- nsaserefpolicy/policy/modules/services/squid.te 2008-06-12 23:25:06.000000000 -0400
-+++ serefpolicy-3.4.2/policy/modules/services/squid.te 2008-06-25 07:54:09.000000000 -0400
++++ serefpolicy-3.4.2/policy/modules/services/squid.te 2008-06-27 07:14:47.000000000 -0400
@@ -31,12 +31,15 @@
type squid_var_run_t;
files_pid_file(squid_var_run_t)
@@ -25750,7 +25750,7 @@
#
-allow squid_t self:capability { setgid setuid dac_override sys_resource };
-+allow squid_t self:capability { setgid killa setuid dac_override sys_resource };
++allow squid_t self:capability { setgid kill setuid dac_override sys_resource };
dontaudit squid_t self:capability sys_tty_config;
allow squid_t self:process ~{ ptrace setcurrent setexec setfscreate execmem execstack execheap };
allow squid_t self:fifo_file rw_fifo_file_perms;
@@ -33295,7 +33295,7 @@
+/root(/.*)? gen_context(system_u:object_r:admin_home_t,s0)
diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/userdomain.if serefpolicy-3.4.2/policy/modules/system/userdomain.if
--- nsaserefpolicy/policy/modules/system/userdomain.if 2008-06-12 23:25:07.000000000 -0400
-+++ serefpolicy-3.4.2/policy/modules/system/userdomain.if 2008-06-26 08:07:11.000000000 -0400
++++ serefpolicy-3.4.2/policy/modules/system/userdomain.if 2008-06-27 07:06:54.000000000 -0400
@@ -28,10 +28,14 @@
class context contains;
')
@@ -35391,8 +35391,8 @@
')
dontaudit $1 { home_dir_type home_type }:dir search_dir_perms;
-+ fs_dontaudit_list_nfs($2)
-+ fs_dontaudit_list_cifs($2)
++ fs_dontaudit_list_nfs($1)
++ fs_dontaudit_list_cifs($1)
')
########################################
More information about the fedora-extras-commits
mailing list