rpms/selinux-policy/devel policy-20090105.patch, 1.43, 1.44 selinux-policy.spec, 1.792, 1.793
Daniel J Walsh
dwalsh at fedoraproject.org
Tue Feb 17 16:21:42 UTC 2009
- Previous message (by thread): rpms/squidGuard/F-10 squidGuard-1.3-SG-2008-06-13.patch, NONE, 1.1 sources, 1.3, 1.4 squidGuard.spec, 1.12, 1.13
- Next message (by thread): rpms/hyphen-sv/devel .cvsignore, 1.2, 1.3 hyphen-sv.spec, 1.1, 1.2 sources, 1.2, 1.3
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
Author: dwalsh
Update of /cvs/extras/rpms/selinux-policy/devel
In directory cvs1.fedora.phx.redhat.com:/tmp/cvs-serv493
Modified Files:
policy-20090105.patch selinux-policy.spec
Log Message:
* Tue Feb 17 2009 Dan Walsh <dwalsh at redhat.com> 3.6.6-3
- Fix sysnet/net_conf_t
policy-20090105.patch:
Index: policy-20090105.patch
===================================================================
RCS file: /cvs/extras/rpms/selinux-policy/devel/policy-20090105.patch,v
retrieving revision 1.43
retrieving revision 1.44
diff -u -r1.43 -r1.44
--- policy-20090105.patch 17 Feb 2009 14:07:10 -0000 1.43
+++ policy-20090105.patch 17 Feb 2009 16:21:41 -0000 1.44
@@ -28096,7 +28096,7 @@
+/etc/firestarter/firestarter\.sh gen_context(system_u:object_r:dhcpc_helper_exec_t,s0)
diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/sysnetwork.if serefpolicy-3.6.6/policy/modules/system/sysnetwork.if
--- nsaserefpolicy/policy/modules/system/sysnetwork.if 2009-01-19 11:07:34.000000000 -0500
-+++ serefpolicy-3.6.6/policy/modules/system/sysnetwork.if 2009-02-16 17:51:03.000000000 -0500
++++ serefpolicy-3.6.6/policy/modules/system/sysnetwork.if 2009-02-17 11:02:02.000000000 -0500
@@ -43,6 +43,39 @@
sysnet_domtrans_dhcpc($1)
@@ -28173,16 +28173,17 @@
')
#######################################
-@@ -323,7 +374,7 @@
+@@ -323,7 +374,8 @@
type net_conf_t;
')
- allow $1 net_conf_t:file manage_file_perms;
++ allow $1 net_conf_t:dir list_dir_perms;
+ manage_files_pattern($1, net_conf_t, net_conf_t)
')
#######################################
-@@ -541,6 +592,7 @@
+@@ -541,6 +593,7 @@
type net_conf_t;
')
@@ -28190,7 +28191,7 @@
allow $1 self:tcp_socket create_socket_perms;
allow $1 self:udp_socket create_socket_perms;
-@@ -557,6 +609,14 @@
+@@ -557,6 +610,14 @@
files_search_etc($1)
allow $1 net_conf_t:file read_file_perms;
@@ -28205,7 +28206,7 @@
')
########################################
-@@ -586,6 +646,8 @@
+@@ -586,6 +647,8 @@
files_search_etc($1)
allow $1 net_conf_t:file read_file_perms;
@@ -28214,7 +28215,7 @@
')
########################################
-@@ -620,3 +682,49 @@
+@@ -620,3 +683,49 @@
files_search_etc($1)
allow $1 net_conf_t:file read_file_perms;
')
@@ -28266,7 +28267,7 @@
+')
diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/sysnetwork.te serefpolicy-3.6.6/policy/modules/system/sysnetwork.te
--- nsaserefpolicy/policy/modules/system/sysnetwork.te 2009-01-19 11:07:34.000000000 -0500
-+++ serefpolicy-3.6.6/policy/modules/system/sysnetwork.te 2009-02-16 17:27:59.000000000 -0500
++++ serefpolicy-3.6.6/policy/modules/system/sysnetwork.te 2009-02-17 11:14:42.000000000 -0500
@@ -20,6 +20,9 @@
init_daemon_domain(dhcpc_t,dhcpc_exec_t)
role system_r types dhcpc_t;
@@ -28304,6 +28305,15 @@
manage_files_pattern(dhcpc_t,dhcpc_state_t,dhcpc_state_t)
filetrans_pattern(dhcpc_t,dhcp_state_t,dhcpc_state_t,file)
+@@ -65,7 +69,7 @@
+
+ # Allow read/write to /etc/resolv.conf and /etc/ntp.conf. Note that any files
+ # in /etc created by dhcpcd will be labelled net_conf_t.
+-allow dhcpc_t net_conf_t:file manage_file_perms;
++sysnet_manage_config(dhcpc_t)
+ files_etc_filetrans(dhcpc_t,net_conf_t,file)
+
+ # create temp files
@@ -116,7 +120,7 @@
corecmd_exec_shell(dhcpc_t)
Index: selinux-policy.spec
===================================================================
RCS file: /cvs/extras/rpms/selinux-policy/devel/selinux-policy.spec,v
retrieving revision 1.792
retrieving revision 1.793
diff -u -r1.792 -r1.793
--- selinux-policy.spec 17 Feb 2009 14:07:10 -0000 1.792
+++ selinux-policy.spec 17 Feb 2009 16:21:42 -0000 1.793
@@ -20,7 +20,7 @@
Summary: SELinux policy configuration
Name: selinux-policy
Version: 3.6.6
-Release: 2%{?dist}
+Release: 3%{?dist}
License: GPLv2+
Group: System Environment/Base
Source: serefpolicy-%{version}.tgz
@@ -444,6 +444,9 @@
%endif
%changelog
+* Tue Feb 17 2009 Dan Walsh <dwalsh at redhat.com> 3.6.6-3
+- Fix sysnet/net_conf_t
+
* Tue Feb 17 2009 Dan Walsh <dwalsh at redhat.com> 3.6.6-2
- Fix squidGuard labeling
- Previous message (by thread): rpms/squidGuard/F-10 squidGuard-1.3-SG-2008-06-13.patch, NONE, 1.1 sources, 1.3, 1.4 squidGuard.spec, 1.12, 1.13
- Next message (by thread): rpms/hyphen-sv/devel .cvsignore, 1.2, 1.3 hyphen-sv.spec, 1.1, 1.2 sources, 1.2, 1.3
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
More information about the fedora-extras-commits
mailing list