rpms/selinux-policy/F-8 policy-20070703.patch,1.207,1.208
Daniel J Walsh (dwalsh)
fedora-extras-commits at redhat.com
Tue May 13 18:50:30 UTC 2008
Author: dwalsh
Update of /cvs/extras/rpms/selinux-policy/F-8
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv25702
Modified Files:
policy-20070703.patch
Log Message:
* Tue May 13 2008 Dan Walsh <dwalsh at redhat.com> 3.0.8-103
-Fix labeling on /var/spool/fax and /var/spool/voice
policy-20070703.patch:
Index: policy-20070703.patch
===================================================================
RCS file: /cvs/extras/rpms/selinux-policy/F-8/policy-20070703.patch,v
retrieving revision 1.207
retrieving revision 1.208
diff -u -r1.207 -r1.208
--- policy-20070703.patch 13 May 2008 17:13:01 -0000 1.207
+++ policy-20070703.patch 13 May 2008 18:49:51 -0000 1.208
@@ -18992,7 +18992,7 @@
+')
diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/authlogin.te serefpolicy-3.0.8/policy/modules/system/authlogin.te
--- nsaserefpolicy/policy/modules/system/authlogin.te 2007-10-22 13:21:40.000000000 -0400
-+++ serefpolicy-3.0.8/policy/modules/system/authlogin.te 2008-05-13 11:39:04.617949000 -0400
++++ serefpolicy-3.0.8/policy/modules/system/authlogin.te 2008-05-13 14:26:59.442650000 -0400
@@ -9,6 +9,13 @@
attribute can_read_shadow_passwords;
attribute can_write_shadow_passwords;
@@ -19060,7 +19060,7 @@
+userdom_dontaudit_read_unpriv_users_home_content_files(pam_t)
+userdom_dontaudit_write_user_home_content_files(user, pam_t)
+userdom_append_unpriv_users_home_content_files(pam_t)
-+userdom_dontaudit_read_user_tmp_files(pam_t)
++userdom_dontaudit_read_user_tmp_files(user, pam_t)
optional_policy(`
locallogin_use_fds(pam_t)
@@ -19387,7 +19387,7 @@
diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/init.if serefpolicy-3.0.8/policy/modules/system/init.if
--- nsaserefpolicy/policy/modules/system/init.if 2007-10-22 13:21:40.000000000 -0400
-+++ serefpolicy-3.0.8/policy/modules/system/init.if 2008-04-04 16:11:03.000000000 -0400
++++ serefpolicy-3.0.8/policy/modules/system/init.if 2008-05-13 14:35:09.563203000 -0400
@@ -211,6 +211,21 @@
kernel_dontaudit_use_fds($1)
')
@@ -19558,7 +19558,7 @@
')
########################################
-@@ -1273,3 +1318,64 @@
+@@ -1273,3 +1318,83 @@
files_search_pids($1)
allow $1 initrc_var_run_t:file manage_file_perms;
')
@@ -19623,6 +19623,25 @@
+ domain_entry_file(initrc_t,$1)
+
+')
++
++########################################
++## <summary>
++## Execute a file in a bin directory
++## in the initrc_t domain
++## </summary>
++## <param name="domain">
++## <summary>
++## Domain allowed access.
++## </summary>
++## </param>
++#
++interface(`init_bin_domtrans_spec',`
++ gen_require(`
++ type initrc_t;
++ ')
++
++ corecmd_bin_domtrans($1, initrc_t)
++')
diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/init.te serefpolicy-3.0.8/policy/modules/system/init.te
--- nsaserefpolicy/policy/modules/system/init.te 2007-10-22 13:21:40.000000000 -0400
+++ serefpolicy-3.0.8/policy/modules/system/init.te 2008-04-04 16:11:03.000000000 -0400
@@ -19997,7 +20016,7 @@
diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/iptables.te serefpolicy-3.0.8/policy/modules/system/iptables.te
--- nsaserefpolicy/policy/modules/system/iptables.te 2007-10-22 13:21:40.000000000 -0400
-+++ serefpolicy-3.0.8/policy/modules/system/iptables.te 2008-05-13 11:33:34.065230000 -0400
++++ serefpolicy-3.0.8/policy/modules/system/iptables.te 2008-05-13 13:29:53.001644000 -0400
@@ -64,13 +64,14 @@
init_use_script_ptys(iptables_t)
# to allow rules to be saved on reboot:
@@ -20008,9 +20027,10 @@
libs_use_shared_libs(iptables_t)
logging_send_syslog_msg(iptables_t)
- # system-config-network appends to /var/log
+-# system-config-network appends to /var/log
-#logging_append_system_logs(iptables_t)
-+logging_append_system_logs(iptables_t)
++# system-config-network appends to /var/lo
++logging_append_all_logs(iptables_t)
miscfiles_read_localization(iptables_t)
More information about the fedora-extras-commits
mailing list