rpms/selinux-policy/devel policy-20090105.patch,1.19,1.20

Daniel J Walsh dwalsh at fedoraproject.org
Fri Jan 23 21:48:52 UTC 2009 

Author: dwalsh

Update of /cvs/extras/rpms/selinux-policy/devel
In directory cvs1.fedora.phx.redhat.com:/tmp/cvs-serv6802

Modified Files:
	policy-20090105.patch 
Log Message:
* Fri Jan 23 2009 Dan Walsh <dwalsh at redhat.com> 3.6.3-8
- Add policy to make dbus/nm-applet work


policy-20090105.patch:

Index: policy-20090105.patch
===================================================================
RCS file: /cvs/extras/rpms/selinux-policy/devel/policy-20090105.patch,v
retrieving revision 1.19
retrieving revision 1.20
diff -u -r1.19 -r1.20
--- policy-20090105.patch	23 Jan 2009 20:35:45 -0000	1.19
+++ policy-20090105.patch	23 Jan 2009 21:48:22 -0000	1.20
@@ -12881,7 +12881,7 @@
  /usr/libexec/hald-addon-macbookpro-backlight --	gen_context(system_u:object_r:hald_mac_exec_t,s0)
 diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/hal.if serefpolicy-3.6.3/policy/modules/services/hal.if
 --- nsaserefpolicy/policy/modules/services/hal.if	2008-11-19 11:51:44.000000000 -0500
-+++ serefpolicy-3.6.3/policy/modules/services/hal.if	2009-01-23 14:59:53.000000000 -0500
++++ serefpolicy-3.6.3/policy/modules/services/hal.if	2009-01-23 16:29:03.000000000 -0500
 @@ -20,6 +20,24 @@
  
  ########################################
@@ -12919,14 +12919,14 @@
  ')
  
  ########################################
-@@ -340,3 +355,60 @@
+@@ -340,3 +355,41 @@
  	files_search_pids($1)
  	allow $1 hald_var_run_t:file rw_file_perms;
  ')
 +
 +########################################
 +## <summary>
-+##	Read/Write hald PID files.
++##	Manage hald PID dirs.
 +## </summary>
 +## <param name="domain">
 +##	<summary>
@@ -12934,13 +12934,13 @@
 +##	</summary>
 +## </param>
 +#
-+interface(`hal_rw_pid_files',`
++interface(`hal_manage_pid_dirs',`
 +	gen_require(`
 +		type hald_var_run_t;
 +	')
 +
 +	files_search_pids($1)
-+	allow $1 hald_var_run_t:file rw_file_perms;
++	manage_dirs_pattern($1, hald_var_run_t, hald_var_run_t)
 +')
 +
 +########################################
@@ -12961,25 +12961,6 @@
 +	files_search_pids($1)
 +	manage_files_pattern($1, hald_var_run_t, hald_var_run_t)
 +')
-+
-+########################################
-+## <summary>
-+##	Manage hald PID dirs.
-+## </summary>
-+## <param name="domain">
-+##	<summary>
-+##	Domain allowed access.
-+##	</summary>
-+## </param>
-+#
-+interface(`hal_manage_pid_dirs',`
-+	gen_require(`
-+		type hald_var_run_t;
-+	')
-+
-+	files_search_pids($1)
-+	manage_dirs_pattern($1, hald_var_run_t, hald_var_run_t)
-+')
 diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/hal.te serefpolicy-3.6.3/policy/modules/services/hal.te
 --- nsaserefpolicy/policy/modules/services/hal.te	2009-01-19 11:06:49.000000000 -0500
 +++ serefpolicy-3.6.3/policy/modules/services/hal.te	2009-01-20 11:41:48.000000000 -0500
@@ -22837,7 +22818,7 @@
 +
 diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/xserver.te serefpolicy-3.6.3/policy/modules/services/xserver.te
 --- nsaserefpolicy/policy/modules/services/xserver.te	2009-01-19 11:06:49.000000000 -0500
-+++ serefpolicy-3.6.3/policy/modules/services/xserver.te	2009-01-23 10:14:45.000000000 -0500
++++ serefpolicy-3.6.3/policy/modules/services/xserver.te	2009-01-23 16:45:11.000000000 -0500
 @@ -34,6 +34,13 @@
  
  ## <desc>
@@ -23337,6 +23318,15 @@
  
  modutils_domtrans_insmod(xserver_t)
  
+@@ -742,7 +868,7 @@
+ ')
+ 
+ ifdef(`enable_mls',`
+-	range_transition xserver_t xserver_tmp_t:sock_file s0 - mls_systemhigh;
++#	range_transition xserver_t xserver_tmp_t:sock_file s0 - mls_systemhigh;
+ 	range_transition xserver_t xserver_t:x_drawable s0 - mls_systemhigh;
+ ')
+ 
 @@ -774,6 +900,10 @@
  ')

More information about the fedora-extras-commits mailing list