rpms/selinux-policy/devel policy-20090105.patch,1.19,1.20
Daniel J Walsh
dwalsh at fedoraproject.org
Fri Jan 23 21:48:52 UTC 2009
- Previous message (by thread): rpms/kernel/F-9 patch-2.6.27.13-rc1.bz2.sign, NONE, 1.1.2.1 .cvsignore, 1.837.2.3, 1.837.2.4 kernel.spec, 1.891.2.9, 1.891.2.10 sources, 1.798.2.3, 1.798.2.4 upstream, 1.717.2.3, 1.717.2.4 linux-2.6-net-sctp-avoid-memory-overflow-while-FWD-TSN-chunk-is-r.patch, 1.1.2.1, NONE
- Next message (by thread): rpms/asterisk/F-10 .cvsignore, 1.19, 1.20 asterisk.spec, 1.42, 1.43 sources, 1.19, 1.20
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
Author: dwalsh
Update of /cvs/extras/rpms/selinux-policy/devel
In directory cvs1.fedora.phx.redhat.com:/tmp/cvs-serv6802
Modified Files:
policy-20090105.patch
Log Message:
* Fri Jan 23 2009 Dan Walsh <dwalsh at redhat.com> 3.6.3-8
- Add policy to make dbus/nm-applet work
policy-20090105.patch:
Index: policy-20090105.patch
===================================================================
RCS file: /cvs/extras/rpms/selinux-policy/devel/policy-20090105.patch,v
retrieving revision 1.19
retrieving revision 1.20
diff -u -r1.19 -r1.20
--- policy-20090105.patch 23 Jan 2009 20:35:45 -0000 1.19
+++ policy-20090105.patch 23 Jan 2009 21:48:22 -0000 1.20
@@ -12881,7 +12881,7 @@
/usr/libexec/hald-addon-macbookpro-backlight -- gen_context(system_u:object_r:hald_mac_exec_t,s0)
diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/hal.if serefpolicy-3.6.3/policy/modules/services/hal.if
--- nsaserefpolicy/policy/modules/services/hal.if 2008-11-19 11:51:44.000000000 -0500
-+++ serefpolicy-3.6.3/policy/modules/services/hal.if 2009-01-23 14:59:53.000000000 -0500
++++ serefpolicy-3.6.3/policy/modules/services/hal.if 2009-01-23 16:29:03.000000000 -0500
@@ -20,6 +20,24 @@
########################################
@@ -12919,14 +12919,14 @@
')
########################################
-@@ -340,3 +355,60 @@
+@@ -340,3 +355,41 @@
files_search_pids($1)
allow $1 hald_var_run_t:file rw_file_perms;
')
+
+########################################
+## <summary>
-+## Read/Write hald PID files.
++## Manage hald PID dirs.
+## </summary>
+## <param name="domain">
+## <summary>
@@ -12934,13 +12934,13 @@
+## </summary>
+## </param>
+#
-+interface(`hal_rw_pid_files',`
++interface(`hal_manage_pid_dirs',`
+ gen_require(`
+ type hald_var_run_t;
+ ')
+
+ files_search_pids($1)
-+ allow $1 hald_var_run_t:file rw_file_perms;
++ manage_dirs_pattern($1, hald_var_run_t, hald_var_run_t)
+')
+
+########################################
@@ -12961,25 +12961,6 @@
+ files_search_pids($1)
+ manage_files_pattern($1, hald_var_run_t, hald_var_run_t)
+')
-+
-+########################################
-+## <summary>
-+## Manage hald PID dirs.
-+## </summary>
-+## <param name="domain">
-+## <summary>
-+## Domain allowed access.
-+## </summary>
-+## </param>
-+#
-+interface(`hal_manage_pid_dirs',`
-+ gen_require(`
-+ type hald_var_run_t;
-+ ')
-+
-+ files_search_pids($1)
-+ manage_dirs_pattern($1, hald_var_run_t, hald_var_run_t)
-+')
diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/hal.te serefpolicy-3.6.3/policy/modules/services/hal.te
--- nsaserefpolicy/policy/modules/services/hal.te 2009-01-19 11:06:49.000000000 -0500
+++ serefpolicy-3.6.3/policy/modules/services/hal.te 2009-01-20 11:41:48.000000000 -0500
@@ -22837,7 +22818,7 @@
+
diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/xserver.te serefpolicy-3.6.3/policy/modules/services/xserver.te
--- nsaserefpolicy/policy/modules/services/xserver.te 2009-01-19 11:06:49.000000000 -0500
-+++ serefpolicy-3.6.3/policy/modules/services/xserver.te 2009-01-23 10:14:45.000000000 -0500
++++ serefpolicy-3.6.3/policy/modules/services/xserver.te 2009-01-23 16:45:11.000000000 -0500
@@ -34,6 +34,13 @@
## <desc>
@@ -23337,6 +23318,15 @@
modutils_domtrans_insmod(xserver_t)
+@@ -742,7 +868,7 @@
+ ')
+
+ ifdef(`enable_mls',`
+- range_transition xserver_t xserver_tmp_t:sock_file s0 - mls_systemhigh;
++# range_transition xserver_t xserver_tmp_t:sock_file s0 - mls_systemhigh;
+ range_transition xserver_t xserver_t:x_drawable s0 - mls_systemhigh;
+ ')
+
@@ -774,6 +900,10 @@
')
- Previous message (by thread): rpms/kernel/F-9 patch-2.6.27.13-rc1.bz2.sign, NONE, 1.1.2.1 .cvsignore, 1.837.2.3, 1.837.2.4 kernel.spec, 1.891.2.9, 1.891.2.10 sources, 1.798.2.3, 1.798.2.4 upstream, 1.717.2.3, 1.717.2.4 linux-2.6-net-sctp-avoid-memory-overflow-while-FWD-TSN-chunk-is-r.patch, 1.1.2.1, NONE
- Next message (by thread): rpms/asterisk/F-10 .cvsignore, 1.19, 1.20 asterisk.spec, 1.42, 1.43 sources, 1.19, 1.20
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
More information about the fedora-extras-commits
mailing list