rpms/selinux-policy/F-10 policy-20080710.patch, 1.174, 1.175 selinux-policy.spec, 1.802, 1.803
Miroslav Grepl
mgrepl at fedoraproject.org
Fri Jul 31 07:14:14 UTC 2009
Author: mgrepl
Update of /cvs/extras/rpms/selinux-policy/F-10
In directory cvs1.fedora.phx.redhat.com:/tmp/cvs-serv28122
Modified Files:
policy-20080710.patch selinux-policy.spec
Log Message:
- Allow lircd read/write input event devices
policy-20080710.patch:
Makefile | 26
Rules.modular | 18
config/appconfig-mcs/default_contexts | 19
config/appconfig-mcs/failsafe_context | 2
config/appconfig-mcs/guest_u_default_contexts | 6
config/appconfig-mcs/root_default_contexts | 8
config/appconfig-mcs/seusers | 4
config/appconfig-mcs/staff_u_default_contexts | 4
config/appconfig-mcs/unconfined_u_default_contexts | 2
config/appconfig-mcs/user_u_default_contexts | 5
config/appconfig-mcs/userhelper_context | 2
config/appconfig-mcs/xguest_u_default_contexts | 7
config/appconfig-mls/default_contexts | 19
config/appconfig-mls/guest_u_default_contexts | 4
config/appconfig-mls/root_default_contexts | 12
config/appconfig-mls/staff_u_default_contexts | 2
config/appconfig-mls/user_u_default_contexts | 2
config/appconfig-mls/xguest_u_default_contexts | 7
config/appconfig-standard/guest_u_default_contexts | 4
config/appconfig-standard/root_default_contexts | 6
config/appconfig-standard/staff_u_default_contexts | 2
config/appconfig-standard/user_u_default_contexts | 2
config/appconfig-standard/xguest_u_default_contexts | 5
man/man8/nfs_selinux.8 | 19
man/man8/samba_selinux.8 | 12
policy/flask/access_vectors | 1
policy/global_tunables | 20
policy/mcs | 8
policy/mls | 9
policy/modules/admin/alsa.te | 1
policy/modules/admin/anaconda.te | 1
policy/modules/admin/certwatch.te | 4
policy/modules/admin/consoletype.te | 11
policy/modules/admin/kismet.if | 1
policy/modules/admin/kismet.te | 49
policy/modules/admin/logrotate.te | 14
policy/modules/admin/logwatch.te | 11
policy/modules/admin/mrtg.te | 1
policy/modules/admin/netutils.te | 11
policy/modules/admin/prelink.te | 18
policy/modules/admin/rpm.fc | 10
policy/modules/admin/rpm.if | 290 +++
policy/modules/admin/rpm.te | 40
policy/modules/admin/su.if | 69
policy/modules/admin/sudo.if | 55
policy/modules/admin/tmpreaper.te | 24
policy/modules/admin/usermanage.te | 19
policy/modules/admin/vbetool.if | 31
policy/modules/admin/vbetool.te | 9
policy/modules/admin/vpn.if | 36
policy/modules/apps/awstats.te | 6
policy/modules/apps/ethereal.fc | 2
policy/modules/apps/ethereal.if | 54
policy/modules/apps/ethereal.te | 7
policy/modules/apps/games.if | 28
policy/modules/apps/gitosis.fc | 4
policy/modules/apps/gitosis.if | 94
policy/modules/apps/gitosis.te | 43
policy/modules/apps/gnome.fc | 14
policy/modules/apps/gnome.if | 171 +
policy/modules/apps/gnome.te | 31
policy/modules/apps/gpg.fc | 8
policy/modules/apps/gpg.if | 304 ---
policy/modules/apps/gpg.te | 248 ++
policy/modules/apps/java.fc | 17
policy/modules/apps/java.if | 188 +
policy/modules/apps/java.te | 31
policy/modules/apps/livecd.fc | 2
policy/modules/apps/livecd.if | 56
policy/modules/apps/livecd.te | 26
policy/modules/apps/loadkeys.te | 5
policy/modules/apps/mono.if | 103 +
policy/modules/apps/mono.te | 6
policy/modules/apps/mozilla.fc | 13
policy/modules/apps/mozilla.if | 325 +--
policy/modules/apps/mozilla.te | 19
policy/modules/apps/mplayer.fc | 8
policy/modules/apps/mplayer.if | 64
policy/modules/apps/mplayer.te | 4
policy/modules/apps/nsplugin.fc | 13
policy/modules/apps/nsplugin.if | 318 +++
policy/modules/apps/nsplugin.te | 290 +++
policy/modules/apps/openoffice.fc | 3
policy/modules/apps/openoffice.if | 106 +
policy/modules/apps/openoffice.te | 14
policy/modules/apps/podsleuth.fc | 2
policy/modules/apps/podsleuth.if | 34
policy/modules/apps/podsleuth.te | 44
policy/modules/apps/qemu.fc | 5
policy/modules/apps/qemu.if | 367 +++
policy/modules/apps/qemu.te | 152 +
policy/modules/apps/sambagui.fc | 4
policy/modules/apps/sambagui.if | 2
policy/modules/apps/sambagui.te | 62
policy/modules/apps/screen.fc | 2
policy/modules/apps/screen.if | 24
policy/modules/apps/screen.te | 4
policy/modules/apps/slocate.te | 4
policy/modules/apps/thunderbird.fc | 2
policy/modules/apps/thunderbird.if | 34
policy/modules/apps/thunderbird.te | 4
policy/modules/apps/tvtime.if | 39
policy/modules/apps/tvtime.te | 6
policy/modules/apps/uml.fc | 2
policy/modules/apps/vmware.fc | 19
policy/modules/apps/vmware.if | 14
policy/modules/apps/vmware.te | 17
policy/modules/apps/webalizer.te | 2
policy/modules/apps/wine.fc | 23
policy/modules/apps/wine.if | 50
policy/modules/apps/wine.te | 8
policy/modules/apps/wireshark.if | 2
policy/modules/apps/wm.fc | 3
policy/modules/apps/wm.if | 178 +
policy/modules/apps/wm.te | 10
policy/modules/kernel/.filesystem.if.swp |binary
policy/modules/kernel/corecommands.fc | 47
policy/modules/kernel/corecommands.if | 1
policy/modules/kernel/corenetwork.if.in | 46
policy/modules/kernel/corenetwork.te.in | 41
policy/modules/kernel/devices.fc | 46
policy/modules/kernel/devices.if | 541 +++++
policy/modules/kernel/devices.te | 45
policy/modules/kernel/domain.if | 22
policy/modules/kernel/domain.te | 53
policy/modules/kernel/files.fc | 2
policy/modules/kernel/files.if | 304 +++
policy/modules/kernel/files.te | 11
policy/modules/kernel/filesystem.if | 356 +++
policy/modules/kernel/filesystem.te | 18
policy/modules/kernel/kernel.if | 42
policy/modules/kernel/kernel.te | 16
policy/modules/kernel/selinux.if | 54
policy/modules/kernel/selinux.te | 6
policy/modules/kernel/storage.fc | 2
policy/modules/kernel/storage.if | 1
policy/modules/kernel/terminal.if | 6
policy/modules/roles/.staff.te.swp |binary
policy/modules/roles/guest.fc | 1
policy/modules/roles/guest.if | 161 +
policy/modules/roles/guest.te | 36
policy/modules/roles/logadm.fc | 1
policy/modules/roles/logadm.if | 44
policy/modules/roles/logadm.te | 20
policy/modules/roles/staff.te | 58
policy/modules/roles/sysadm.if | 114 -
policy/modules/roles/sysadm.te | 14
policy/modules/roles/unprivuser.if | 605 ++++++
policy/modules/roles/unprivuser.te | 15
policy/modules/roles/webadm.fc | 1
policy/modules/roles/webadm.if | 44
policy/modules/roles/webadm.te | 65
policy/modules/roles/xguest.fc | 1
policy/modules/roles/xguest.if | 161 +
policy/modules/roles/xguest.te | 87
policy/modules/services/aide.if | 6
policy/modules/services/amavis.if | 20
policy/modules/services/amavis.te | 2
policy/modules/services/apache.fc | 35
policy/modules/services/apache.if | 488 +++--
policy/modules/services/apache.te | 397 +++-
policy/modules/services/apcupsd.fc | 2
policy/modules/services/arpwatch.fc | 1
policy/modules/services/arpwatch.if | 42
policy/modules/services/arpwatch.te | 3
policy/modules/services/asterisk.fc | 1
policy/modules/services/asterisk.if | 53
policy/modules/services/asterisk.te | 3
policy/modules/services/audioentropy.fc | 2
policy/modules/services/audioentropy.te | 1
policy/modules/services/automount.if | 18
policy/modules/services/automount.te | 6
policy/modules/services/avahi.fc | 4
policy/modules/services/avahi.if | 132 +
policy/modules/services/avahi.te | 15
policy/modules/services/bind.fc | 7
policy/modules/services/bind.if | 92
policy/modules/services/bind.te | 5
policy/modules/services/bitlbee.te | 2
policy/modules/services/bluetooth.fc | 5
policy/modules/services/bluetooth.if | 53
policy/modules/services/bluetooth.te | 22
policy/modules/services/certmaster.fc | 9
policy/modules/services/certmaster.if | 128 +
policy/modules/services/certmaster.te | 81
policy/modules/services/clamav.fc | 12
policy/modules/services/clamav.if | 105 +
policy/modules/services/clamav.te | 35
policy/modules/services/consolekit.fc | 3
policy/modules/services/consolekit.if | 21
policy/modules/services/consolekit.te | 64
policy/modules/services/courier.fc | 2
policy/modules/services/courier.if | 19
policy/modules/services/courier.te | 4
policy/modules/services/cron.fc | 10
policy/modules/services/cron.if | 250 +-
policy/modules/services/cron.te | 112 -
policy/modules/services/cups.fc | 32
policy/modules/services/cups.if | 106 +
policy/modules/services/cups.te | 186 +
policy/modules/services/cvs.te | 1
policy/modules/services/cyphesis.fc | 5
policy/modules/services/cyrus.te | 1
policy/modules/services/dbus.fc | 3
policy/modules/services/dbus.if | 235 ++
policy/modules/services/dbus.te | 57
policy/modules/services/dcc.fc | 2
policy/modules/services/dcc.if | 18
policy/modules/services/dcc.te | 62
policy/modules/services/dhcp.fc | 1
policy/modules/services/dhcp.if | 60
policy/modules/services/dhcp.te | 18
policy/modules/services/dnsmasq.fc | 3
policy/modules/services/dnsmasq.if | 174 +
policy/modules/services/dnsmasq.te | 22
policy/modules/services/dovecot.fc | 12
policy/modules/services/dovecot.if | 98 +
policy/modules/services/dovecot.te | 98 -
policy/modules/services/exim.if | 40
policy/modules/services/exim.te | 102 -
policy/modules/services/fail2ban.fc | 1
policy/modules/services/fail2ban.if | 45
policy/modules/services/fail2ban.te | 10
policy/modules/services/fetchmail.fc | 2
policy/modules/services/fetchmail.if | 26
policy/modules/services/fetchmail.te | 10
policy/modules/services/ftp.te | 53
policy/modules/services/gamin.fc | 2
policy/modules/services/gamin.if | 57
policy/modules/services/gamin.te | 39
policy/modules/services/gnomeclock.fc | 3
policy/modules/services/gnomeclock.if | 75
policy/modules/services/gnomeclock.te | 55
policy/modules/services/gpsd.fc | 3
policy/modules/services/gpsd.if | 89
policy/modules/services/gpsd.te | 55
policy/modules/services/hal.fc | 4
policy/modules/services/hal.if | 39
policy/modules/services/hal.te | 112 +
policy/modules/services/inetd.fc | 2
policy/modules/services/inetd.te | 2
policy/modules/services/kerberos.fc | 6
policy/modules/services/kerberos.te | 3
policy/modules/services/kerneloops.if | 23
policy/modules/services/kerneloops.te | 6
policy/modules/services/ktalk.te | 1
policy/modules/services/ldap.te | 6
policy/modules/services/lircd.fc | 9
policy/modules/services/lircd.if | 100 +
policy/modules/services/lircd.te | 70
policy/modules/services/lpd.fc | 6
policy/modules/services/mailman.fc | 1
policy/modules/services/mailman.if | 28
policy/modules/services/mailman.te | 33
policy/modules/services/mailscanner.fc | 2
policy/modules/services/mailscanner.if | 59
policy/modules/services/mailscanner.te | 5
policy/modules/services/milter.fc | 15
policy/modules/services/milter.if | 104 +
policy/modules/services/milter.te | 107 +
policy/modules/services/mta.fc | 10
policy/modules/services/mta.if | 70
policy/modules/services/mta.te | 76
policy/modules/services/munin.fc | 7
policy/modules/services/munin.if | 92
policy/modules/services/munin.te | 77
policy/modules/services/mysql.fc | 3
policy/modules/services/mysql.if | 128 +
policy/modules/services/mysql.te | 53
policy/modules/services/nagios.fc | 11
policy/modules/services/nagios.if | 71
policy/modules/services/nagios.te | 58
policy/modules/services/networkmanager.fc | 12
policy/modules/services/networkmanager.if | 18
policy/modules/services/networkmanager.te | 106 -
policy/modules/services/nis.fc | 6
policy/modules/services/nis.if | 126 +
policy/modules/services/nis.te | 27
policy/modules/services/nscd.fc | 1
policy/modules/services/nscd.if | 126 +
policy/modules/services/nscd.te | 32
policy/modules/services/ntp.if | 57
policy/modules/services/ntp.te | 19
policy/modules/services/oddjob.fc | 2
policy/modules/services/oddjob.if | 32
policy/modules/services/oddjob.te | 28
policy/modules/services/openvpn.fc | 1
policy/modules/services/openvpn.if | 36
policy/modules/services/openvpn.te | 19
policy/modules/services/pads.fc | 12
policy/modules/services/pads.if | 10
policy/modules/services/pads.te | 68
policy/modules/services/pcscd.fc | 1
policy/modules/services/pcscd.te | 12
policy/modules/services/pegasus.te | 28
policy/modules/services/pingd.fc | 11
policy/modules/services/pingd.if | 99 +
policy/modules/services/pingd.te | 54
policy/modules/services/pki.fc | 46
policy/modules/services/pki.if | 643 ++++++
policy/modules/services/pki.te | 91
policy/modules/services/polkit.fc | 9
policy/modules/services/polkit.if | 233 ++
policy/modules/services/polkit.te | 235 ++
policy/modules/services/portmap.te | 1
policy/modules/services/portreserve.fc | 12
policy/modules/services/portreserve.if | 70
policy/modules/services/portreserve.te | 55
policy/modules/services/postfix.fc | 6
policy/modules/services/postfix.if | 136 +
policy/modules/services/postfix.te | 134 +
policy/modules/services/postgresql.fc | 1
policy/modules/services/postgresql.if | 43
policy/modules/services/postgresql.te | 11
policy/modules/services/postgrey.fc | 4
policy/modules/services/postgrey.if | 67
policy/modules/services/postgrey.te | 19
policy/modules/services/ppp.fc | 6
policy/modules/services/ppp.if | 64
policy/modules/services/ppp.te | 38
policy/modules/services/prelude.fc | 14
policy/modules/services/prelude.if | 71
policy/modules/services/prelude.te | 193 ++
policy/modules/services/privoxy.fc | 2
policy/modules/services/privoxy.if | 12
policy/modules/services/privoxy.te | 17
policy/modules/services/procmail.fc | 3
policy/modules/services/procmail.if | 38
policy/modules/services/procmail.te | 35
policy/modules/services/psad.fc | 17
policy/modules/services/psad.if | 304 +++
policy/modules/services/psad.te | 107 +
policy/modules/services/pyzor.fc | 6
policy/modules/services/pyzor.if | 61
policy/modules/services/pyzor.te | 51
policy/modules/services/qmail.te | 8
policy/modules/services/radius.te | 3
policy/modules/services/radvd.te | 2
policy/modules/services/razor.fc | 4
policy/modules/services/razor.if | 87
policy/modules/services/razor.te | 38
policy/modules/services/ricci.te | 18
policy/modules/services/rlogin.te | 16
policy/modules/services/roundup.fc | 2
policy/modules/services/roundup.if | 38
policy/modules/services/roundup.te | 3
policy/modules/services/rpc.fc | 1
policy/modules/services/rpc.if | 43
policy/modules/services/rpc.te | 33
policy/modules/services/rpcbind.fc | 2
policy/modules/services/rpcbind.te | 3
policy/modules/services/rshd.te | 17
policy/modules/services/rsync.fc | 2
policy/modules/services/rsync.te | 11
policy/modules/services/samba.fc | 8
policy/modules/services/samba.if | 387 ++++
policy/modules/services/samba.te | 209 +-
policy/modules/services/sasl.te | 5
policy/modules/services/sendmail.if | 103 +
policy/modules/services/sendmail.te | 92
policy/modules/services/setroubleshoot.fc | 2
policy/modules/services/setroubleshoot.if | 48
policy/modules/services/setroubleshoot.te | 31
policy/modules/services/smartmon.te | 12
policy/modules/services/snmp.fc | 6
policy/modules/services/snmp.if | 36
policy/modules/services/snmp.te | 28
policy/modules/services/snort.if | 9
policy/modules/services/snort.te | 9
policy/modules/services/spamassassin.fc | 16
policy/modules/services/spamassassin.if | 472 ++--
policy/modules/services/spamassassin.te | 219 ++
policy/modules/services/squid.fc | 4
policy/modules/services/squid.if | 18
policy/modules/services/squid.te | 8
policy/modules/services/ssh.fc | 2
policy/modules/services/ssh.if | 151 +
policy/modules/services/ssh.te | 43
policy/modules/services/stunnel.fc | 1
policy/modules/services/stunnel.te | 3
policy/modules/services/sysstat.te | 2
policy/modules/services/telnet.te | 4
policy/modules/services/tftp.te | 1
policy/modules/services/tor.te | 2
policy/modules/services/ulogd.fc | 10
policy/modules/services/ulogd.if | 127 +
policy/modules/services/ulogd.te | 54
policy/modules/services/uucp.fc | 7
policy/modules/services/uucp.te | 14
policy/modules/services/virt.fc | 1
policy/modules/services/virt.if | 94
policy/modules/services/virt.te | 47
policy/modules/services/w3c.te | 7
policy/modules/services/xserver.fc | 40
policy/modules/services/xserver.if | 915 +++++++--
policy/modules/services/xserver.te | 317 +++
policy/modules/services/zebra.te | 2
policy/modules/services/zosremote.fc | 2
policy/modules/services/zosremote.if | 52
policy/modules/services/zosremote.te | 36
policy/modules/system/application.te | 6
policy/modules/system/authlogin.fc | 10
policy/modules/system/authlogin.if | 212 ++
policy/modules/system/authlogin.te | 46
policy/modules/system/fstools.fc | 2
policy/modules/system/fstools.te | 9
policy/modules/system/hostname.te | 4
policy/modules/system/init.fc | 5
policy/modules/system/init.if | 129 +
policy/modules/system/init.te | 114 +
policy/modules/system/ipsec.fc | 3
policy/modules/system/ipsec.te | 47
policy/modules/system/iptables.fc | 16
policy/modules/system/iptables.te | 13
policy/modules/system/iscsi.te | 4
policy/modules/system/libraries.fc | 88
policy/modules/system/libraries.te | 18
policy/modules/system/locallogin.te | 26
policy/modules/system/logging.fc | 11
policy/modules/system/logging.if | 25
policy/modules/system/logging.te | 18
policy/modules/system/lvm.fc | 2
policy/modules/system/lvm.te | 66
policy/modules/system/miscfiles.if | 39
policy/modules/system/modutils.te | 40
policy/modules/system/mount.fc | 8
policy/modules/system/mount.if | 21
policy/modules/system/mount.te | 81
policy/modules/system/raid.te | 4
policy/modules/system/selinuxutil.fc | 10
policy/modules/system/selinuxutil.if | 373 +++
policy/modules/system/selinuxutil.te | 229 --
policy/modules/system/setrans.if | 20
policy/modules/system/sysnetwork.fc | 15
policy/modules/system/sysnetwork.if | 82
policy/modules/system/sysnetwork.te | 72
policy/modules/system/udev.fc | 4
policy/modules/system/udev.if | 28
policy/modules/system/udev.te | 16
policy/modules/system/unconfined.fc | 34
policy/modules/system/unconfined.if | 300 +++
policy/modules/system/unconfined.te | 209 +-
policy/modules/system/userdomain.fc | 9
policy/modules/system/userdomain.if | 1899 ++++++++++++++------
policy/modules/system/userdomain.te | 89
policy/modules/system/xen.fc | 6
policy/modules/system/xen.if | 50
policy/modules/system/xen.te | 127 +
policy/policy_capabilities | 2
policy/support/obj_perm_sets.spt | 74
policy/users | 13
support/Makefile.devel | 3
452 files changed, 22211 insertions(+), 3611 deletions(-)
Index: policy-20080710.patch
===================================================================
RCS file: /cvs/extras/rpms/selinux-policy/F-10/policy-20080710.patch,v
retrieving revision 1.174
retrieving revision 1.175
diff -u -p -r1.174 -r1.175
--- policy-20080710.patch 20 Jul 2009 13:25:09 -0000 1.174
+++ policy-20080710.patch 31 Jul 2009 07:14:11 -0000 1.175
@@ -18687,8 +18687,8 @@ diff --exclude-from=exclude -N -u -r nsa
+
diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/lircd.te serefpolicy-3.5.13/policy/modules/services/lircd.te
--- nsaserefpolicy/policy/modules/services/lircd.te 1970-01-01 01:00:00.000000000 +0100
-+++ serefpolicy-3.5.13/policy/modules/services/lircd.te 2009-04-17 10:05:39.000000000 +0200
-@@ -0,0 +1,69 @@
++++ serefpolicy-3.5.13/policy/modules/services/lircd.te 2009-07-30 17:15:19.000000000 +0200
+@@ -0,0 +1,70 @@
+policy_module(lircd,1.0.0)
+
+########################################
@@ -18737,6 +18737,7 @@ diff --exclude-from=exclude -N -u -r nsa
+dev_filetrans(lircd_t, lircd_sock_t, sock_file )
+
+dev_filetrans_lirc(lircd_t)
++dev_rw_input_dev(lircd_t)
+dev_rw_lirc(lircd_t)
+
+dev_read_generic_usb_dev(lircd_t)
@@ -33829,7 +33830,7 @@ diff --exclude-from=exclude -N -u -r nsa
allow iscsid_t iscsi_tmp_t:dir manage_dir_perms;
diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/libraries.fc serefpolicy-3.5.13/policy/modules/system/libraries.fc
--- nsaserefpolicy/policy/modules/system/libraries.fc 2008-10-17 14:49:13.000000000 +0200
-+++ serefpolicy-3.5.13/policy/modules/system/libraries.fc 2009-06-29 15:07:26.000000000 +0200
++++ serefpolicy-3.5.13/policy/modules/system/libraries.fc 2009-07-30 17:12:05.000000000 +0200
@@ -60,12 +60,15 @@
#
# /opt
@@ -33874,7 +33875,7 @@ diff --exclude-from=exclude -N -u -r nsa
/opt/f-secure/fspms/libexec/librapi\.so(\.[^/]*)* -- gen_context(system_u:object_r:textrel_shlib_t,s0)
/opt/ibm/java.*/jre/.+\.jar -- gen_context(system_u:object_r:lib_t,s0)
/opt/ibm/java.*/jre/.+\.so(\.[^/]*)* -- gen_context(system_u:object_r:textrel_shlib_t,s0)
-@@ -115,24 +120,35 @@
+@@ -115,24 +120,36 @@
/usr/(.*/)?nvidia/.+\.so(\..*)? -- gen_context(system_u:object_r:textrel_shlib_t,s0)
@@ -33898,7 +33899,9 @@ diff --exclude-from=exclude -N -u -r nsa
/usr/lib(64)?/fglrx/libGL\.so(\.[^/]*)* -- gen_context(system_u:object_r:textrel_shlib_t,s0)
/usr/lib(64)?/libGLU\.so(\.[^/]*)* -- gen_context(system_u:object_r:textrel_shlib_t,s0)
/usr/lib(64)?/libjs\.so.* -- gen_context(system_u:object_r:textrel_shlib_t,s0)
- /usr/lib(64)?/libx264\.so(\.[^/]*)* -- gen_context(system_u:object_r:textrel_shlib_t,s0)
+-/usr/lib(64)?/libx264\.so(\.[^/]*)* -- gen_context(system_u:object_r:textrel_shlib_t,s0)
++/usr/lib(64)?/libx264\.so(\.[^/]*)* -- gen_context(system_u:object_r:textrel_shlib_t,s0)
++/usr/lib(64)?/libnnz11.so(\.[^/]*)* gen_context(system_u:object_r:textrel_shlib_t,s0)
+/usr/lib(64)?/sse2/libx264\.so(\.[^/]*)* -- gen_context(system_u:object_r:textrel_shlib_t,s0)
/usr/lib(64)?(/.*)?/libnvidia.+\.so(\.[^/]*)* -- gen_context(system_u:object_r:textrel_shlib_t,s0)
/usr/lib(64)?(/.*)?/nvidia_drv.*\.so(\.[^/]*)* -- gen_context(system_u:object_r:textrel_shlib_t,s0)
@@ -33910,7 +33913,7 @@ diff --exclude-from=exclude -N -u -r nsa
/usr/lib(64)?/xulrunner-[^/]*/libgtkembedmoz\.so -- gen_context(system_u:object_r:textrel_shlib_t,s0)
/usr/lib(64)?/xulrunner-[^/]*/libxul\.so -- gen_context(system_u:object_r:textrel_shlib_t,s0)
-@@ -168,7 +184,8 @@
+@@ -168,7 +185,8 @@
# Fedora Core packages: gstreamer-plugins, compat-libstdc++, Glide3, libdv
# HelixPlayer, SDL, xorg-x11, xorg-x11-libs, Hermes, valgrind, openoffice.org-libs, httpd - php
/usr/lib(64)?/gstreamer-.*/[^/]*\.so.* -- gen_context(system_u:object_r:textrel_shlib_t,s0)
@@ -33920,7 +33923,7 @@ diff --exclude-from=exclude -N -u -r nsa
/usr/lib/firefox-[^/]*/plugins/nppdf.so -- gen_context(system_u:object_r:textrel_shlib_t,s0)
/usr/lib/libFLAC\.so.* -- gen_context(system_u:object_r:textrel_shlib_t,s0)
-@@ -180,6 +197,7 @@
+@@ -180,6 +198,7 @@
/usr/lib/VBoxVMM\.so -- gen_context(system_u:object_r:textrel_shlib_t,s0)
/usr/lib64/mozilla/plugins/libvlcplugin\.so -- gen_context(system_u:object_r:textrel_shlib_t,s0)
@@ -33928,7 +33931,7 @@ diff --exclude-from=exclude -N -u -r nsa
/usr/lib(64)?/libstdc\+\+\.so\.2\.7\.2\.8 -- gen_context(system_u:object_r:textrel_shlib_t,s0)
/usr/lib(64)?/libg\+\+\.so\.2\.7\.2\.8 -- gen_context(system_u:object_r:textrel_shlib_t,s0)
/usr/lib(64)?/libglide3\.so.* -- gen_context(system_u:object_r:textrel_shlib_t,s0)
-@@ -187,12 +205,14 @@
+@@ -187,12 +206,14 @@
/usr/lib(64)?/libdv\.so.* -- gen_context(system_u:object_r:textrel_shlib_t,s0)
/usr/lib(64)?/helix/plugins/[^/]*\.so -- gen_context(system_u:object_r:textrel_shlib_t,s0)
/usr/lib(64)?/helix/codecs/[^/]*\.so -- gen_context(system_u:object_r:textrel_shlib_t,s0)
@@ -33943,7 +33946,7 @@ diff --exclude-from=exclude -N -u -r nsa
/usr/lib(64)?/libHermes\.so.* -- gen_context(system_u:object_r:textrel_shlib_t,s0)
/usr/lib(64)?/valgrind/hp2ps -- gen_context(system_u:object_r:textrel_shlib_t,s0)
/usr/lib(64)?/valgrind/stage2 -- gen_context(system_u:object_r:textrel_shlib_t,s0)
-@@ -208,6 +228,9 @@
+@@ -208,6 +229,9 @@
/usr/lib(64)?/.*/program/libsoffice\.so -- gen_context(system_u:object_r:textrel_shlib_t,s0)
/usr/(.*/)?pcsc/drivers(/.*)?/lib(cm2020|cm4000|SCR24x)\.so(\.[^/]*)* -- gen_context(system_u:object_r:textrel_shlib_t,s0)
@@ -33953,7 +33956,7 @@ diff --exclude-from=exclude -N -u -r nsa
# Fedora Extras packages: ladspa, imlib2, ocaml
/usr/lib(64)?/ladspa/analogue_osc_1416\.so -- gen_context(system_u:object_r:textrel_shlib_t,s0)
/usr/lib(64)?/ladspa/bandpass_a_iir_1893\.so -- gen_context(system_u:object_r:textrel_shlib_t,s0)
-@@ -233,7 +256,7 @@
+@@ -233,7 +257,7 @@
/usr/lib(64)?/php/modules/.+\.so -- gen_context(system_u:object_r:textrel_shlib_t,s0)
# Livna.org packages: xmms-mp3, ffmpeg, xvidcore, xine-lib, gsm, lame
@@ -33962,7 +33965,7 @@ diff --exclude-from=exclude -N -u -r nsa
/usr/lib(64)?/codecs/drv[1-9c]\.so(\.[^/]*)* -- gen_context(system_u:object_r:textrel_shlib_t,s0)
/usr/lib(64)?/libpostproc\.so.* -- gen_context(system_u:object_r:textrel_shlib_t,s0)
/usr/lib(64)?/libavformat.*\.so(\.[^/]*)* -- gen_context(system_u:object_r:textrel_shlib_t,s0)
-@@ -246,13 +269,16 @@
+@@ -246,13 +270,16 @@
# Flash plugin, Macromedia
HOME_DIR/\.mozilla(/.*)?/plugins/libflashplayer\.so.* -- gen_context(system_u:object_r:textrel_shlib_t,s0)
@@ -33981,7 +33984,7 @@ diff --exclude-from=exclude -N -u -r nsa
# Jai, Sun Microsystems (Jpackage SPRM)
/usr/lib(64)?/libmlib_jai\.so -- gen_context(system_u:object_r:textrel_shlib_t,s0)
/usr/lib(64)?/libdivxdecore\.so\.0 -- gen_context(system_u:object_r:textrel_shlib_t,s0)
-@@ -263,10 +289,14 @@
+@@ -263,10 +290,14 @@
/usr/lib(64)?/python2.4/site-packages/M2Crypto/__m2crypto\.so -- gen_context(system_u:object_r:textrel_shlib_t,s0)
# vmware
@@ -33996,7 +33999,7 @@ diff --exclude-from=exclude -N -u -r nsa
# Java, Sun Microsystems (JPackage SRPM)
/usr/(.*/)?jre.*/.*\.so(\.[^/]*)* -- gen_context(system_u:object_r:textrel_shlib_t,s0)
/usr/local/(.*/)?jre.*/.*\.so(\.[^/]*)* -- gen_context(system_u:object_r:textrel_shlib_t,s0)
-@@ -283,6 +313,7 @@
+@@ -283,6 +314,7 @@
/usr/(local/)?matlab.*/bin/glnx86/libmwlapack\.so -- gen_context(system_u:object_r:textrel_shlib_t,s0)
/usr/(local/)?matlab.*/bin/glnx86/(libmw(lapack|mathutil|services)|lapack|libmkl)\.so -- gen_context(system_u:object_r:textrel_shlib_t,s0)
/usr/(local/)?matlab.*/sys/os/glnx86/libtermcap\.so -- gen_context(system_u:object_r:textrel_shlib_t,s0)
@@ -34004,7 +34007,7 @@ diff --exclude-from=exclude -N -u -r nsa
/usr/(.*/)?intellinux/SPPlugins/ADMPlugin\.apl -- gen_context(system_u:object_r:textrel_shlib_t,s0)
-@@ -291,6 +322,8 @@
+@@ -291,6 +323,8 @@
/usr/lib/acroread/(.*/)?lib/[^/]*\.so(\.[^/]*)* -- gen_context(system_u:object_r:textrel_shlib_t,s0)
/usr/lib/acroread/.+\.api -- gen_context(system_u:object_r:textrel_shlib_t,s0)
/usr/lib/acroread/(.*/)?ADMPlugin\.apl -- gen_context(system_u:object_r:textrel_shlib_t,s0)
@@ -34013,7 +34016,7 @@ diff --exclude-from=exclude -N -u -r nsa
') dnl end distro_redhat
#
-@@ -307,6 +340,36 @@
+@@ -307,6 +341,36 @@
/var/lib/samba/bin/.+\.so(\.[^/]*)* -l gen_context(system_u:object_r:lib_t,s0)
')
@@ -36220,8 +36223,15 @@ diff --exclude-from=exclude -N -u -r nsa
xen_append_log(ifconfig_t)
diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/udev.fc serefpolicy-3.5.13/policy/modules/system/udev.fc
--- nsaserefpolicy/policy/modules/system/udev.fc 2008-10-17 14:49:13.000000000 +0200
-+++ serefpolicy-3.5.13/policy/modules/system/udev.fc 2009-02-10 15:07:15.000000000 +0100
-@@ -13,8 +13,11 @@
++++ serefpolicy-3.5.13/policy/modules/system/udev.fc 2009-07-30 17:22:23.000000000 +0200
+@@ -7,14 +7,18 @@
+ /etc/dev\.d/.+ -- gen_context(system_u:object_r:udev_helper_exec_t,s0)
+
+ /etc/hotplug\.d/default/udev.* -- gen_context(system_u:object_r:udev_helper_exec_t,s0)
++/etc/udev/rules\.d(/.*)? gen_context(system_u:object_r:udev_var_run_t,s0)
+
+ /etc/udev/scripts/.+ -- gen_context(system_u:object_r:udev_helper_exec_t,s0)
+
/sbin/start_udev -- gen_context(system_u:object_r:udev_exec_t,s0)
/sbin/udev -- gen_context(system_u:object_r:udev_exec_t,s0)
/sbin/udevd -- gen_context(system_u:object_r:udev_exec_t,s0)
@@ -36291,8 +36301,16 @@ diff --exclude-from=exclude -N -u -r nsa
')
diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/udev.te serefpolicy-3.5.13/policy/modules/system/udev.te
--- nsaserefpolicy/policy/modules/system/udev.te 2008-10-17 14:49:13.000000000 +0200
-+++ serefpolicy-3.5.13/policy/modules/system/udev.te 2009-02-10 15:07:15.000000000 +0100
-@@ -83,6 +83,7 @@
++++ serefpolicy-3.5.13/policy/modules/system/udev.te 2009-07-30 17:22:08.000000000 +0200
+@@ -70,6 +70,7 @@
+
+ manage_dirs_pattern(udev_t,udev_var_run_t,udev_var_run_t)
+ manage_files_pattern(udev_t,udev_var_run_t,udev_var_run_t)
++manage_lnk_files_pattern(udev_t, udev_var_run_t, udev_var_run_t)
+ files_pid_filetrans(udev_t,udev_var_run_t,{ dir file })
+
+ kernel_read_system_state(udev_t)
+@@ -83,6 +84,7 @@
kernel_rw_unix_dgram_sockets(udev_t)
kernel_dgram_send(udev_t)
kernel_signal(udev_t)
@@ -36300,7 +36318,7 @@ diff --exclude-from=exclude -N -u -r nsa
#https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=235182
kernel_rw_net_sysctls(udev_t)
-@@ -142,6 +143,7 @@
+@@ -142,6 +144,7 @@
logging_search_logs(udev_t)
logging_send_syslog_msg(udev_t)
@@ -36308,7 +36326,7 @@ diff --exclude-from=exclude -N -u -r nsa
miscfiles_read_localization(udev_t)
-@@ -189,6 +191,7 @@
+@@ -189,6 +192,7 @@
optional_policy(`
alsa_domtrans(udev_t)
@@ -36316,7 +36334,7 @@ diff --exclude-from=exclude -N -u -r nsa
alsa_read_rw_config(udev_t)
')
-@@ -197,6 +200,10 @@
+@@ -197,6 +201,10 @@
')
optional_policy(`
@@ -36327,7 +36345,7 @@ diff --exclude-from=exclude -N -u -r nsa
consoletype_exec(udev_t)
')
-@@ -233,6 +240,10 @@
+@@ -233,6 +241,10 @@
')
optional_policy(`
@@ -36338,7 +36356,7 @@ diff --exclude-from=exclude -N -u -r nsa
kernel_write_xen_state(udev_t)
kernel_read_xen_state(udev_t)
xen_manage_log(udev_t)
-@@ -240,5 +251,9 @@
+@@ -240,5 +252,9 @@
')
optional_policy(`
@@ -37132,7 +37150,7 @@ diff --exclude-from=exclude -N -u -r nsa
+/root(/.*)? gen_context(system_u:object_r:admin_home_t,s0)
diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/userdomain.if serefpolicy-3.5.13/policy/modules/system/userdomain.if
--- nsaserefpolicy/policy/modules/system/userdomain.if 2008-10-17 14:49:13.000000000 +0200
-+++ serefpolicy-3.5.13/policy/modules/system/userdomain.if 2009-07-20 14:40:31.000000000 +0200
++++ serefpolicy-3.5.13/policy/modules/system/userdomain.if 2009-07-31 08:38:31.000000000 +0200
@@ -28,10 +28,14 @@
class context contains;
')
@@ -38467,7 +38485,7 @@ diff --exclude-from=exclude -N -u -r nsa
')
########################################
-@@ -1841,11 +1841,11 @@
+@@ -1841,11 +1841,12 @@
#
template(`userdom_search_user_home_dirs',`
gen_require(`
@@ -38478,10 +38496,11 @@ diff --exclude-from=exclude -N -u -r nsa
files_search_home($2)
- allow $2 $1_home_dir_t:dir search_dir_perms;
+ allow $2 user_home_dir_t:dir search_dir_perms;
++ allow $2 user_home_dir_t:lnk_file read_lnk_file_perms;
')
########################################
-@@ -1875,11 +1875,11 @@
+@@ -1875,11 +1876,11 @@
#
template(`userdom_list_user_home_dirs',`
gen_require(`
@@ -38495,7 +38514,7 @@ diff --exclude-from=exclude -N -u -r nsa
')
########################################
-@@ -1923,12 +1923,12 @@
+@@ -1923,12 +1924,12 @@
#
template(`userdom_user_home_domtrans',`
gen_require(`
@@ -38511,7 +38530,7 @@ diff --exclude-from=exclude -N -u -r nsa
')
########################################
-@@ -1958,10 +1958,11 @@
+@@ -1958,10 +1959,11 @@
#
template(`userdom_dontaudit_list_user_home_dirs',`
gen_require(`
@@ -38525,7 +38544,7 @@ diff --exclude-from=exclude -N -u -r nsa
')
########################################
-@@ -1993,11 +1994,72 @@
+@@ -1993,11 +1995,72 @@
#
template(`userdom_manage_user_home_content_dirs',`
gen_require(`
@@ -38600,7 +38619,7 @@ diff --exclude-from=exclude -N -u -r nsa
')
########################################
-@@ -2029,10 +2091,10 @@
+@@ -2029,10 +2092,10 @@
#
template(`userdom_dontaudit_setattr_user_home_content_files',`
gen_require(`
@@ -38613,7 +38632,7 @@ diff --exclude-from=exclude -N -u -r nsa
')
########################################
-@@ -2062,11 +2124,11 @@
+@@ -2062,11 +2125,11 @@
#
template(`userdom_read_user_home_content_files',`
gen_require(`
@@ -38627,7 +38646,7 @@ diff --exclude-from=exclude -N -u -r nsa
')
########################################
-@@ -2096,11 +2158,11 @@
+@@ -2096,11 +2159,11 @@
#
template(`userdom_dontaudit_read_user_home_content_files',`
gen_require(`
@@ -38642,7 +38661,7 @@ diff --exclude-from=exclude -N -u -r nsa
')
########################################
-@@ -2130,10 +2192,14 @@
+@@ -2130,10 +2193,14 @@
#
template(`userdom_dontaudit_write_user_home_content_files',`
gen_require(`
@@ -38659,7 +38678,7 @@ diff --exclude-from=exclude -N -u -r nsa
')
########################################
-@@ -2163,11 +2229,11 @@
+@@ -2163,11 +2230,11 @@
#
template(`userdom_read_user_home_content_symlinks',`
gen_require(`
@@ -38673,7 +38692,7 @@ diff --exclude-from=exclude -N -u -r nsa
')
########################################
-@@ -2197,11 +2263,11 @@
+@@ -2197,11 +2264,11 @@
#
template(`userdom_exec_user_home_content_files',`
gen_require(`
@@ -38687,7 +38706,7 @@ diff --exclude-from=exclude -N -u -r nsa
')
########################################
-@@ -2231,10 +2297,37 @@
+@@ -2231,10 +2298,37 @@
#
template(`userdom_dontaudit_exec_user_home_content_files',`
gen_require(`
@@ -38727,7 +38746,7 @@ diff --exclude-from=exclude -N -u -r nsa
')
########################################
-@@ -2266,12 +2359,12 @@
+@@ -2266,12 +2360,12 @@
#
template(`userdom_manage_user_home_content_files',`
gen_require(`
@@ -38743,7 +38762,7 @@ diff --exclude-from=exclude -N -u -r nsa
')
########################################
-@@ -2303,10 +2396,10 @@
+@@ -2303,10 +2397,10 @@
#
template(`userdom_dontaudit_manage_user_home_content_dirs',`
gen_require(`
@@ -38756,7 +38775,7 @@ diff --exclude-from=exclude -N -u -r nsa
')
########################################
-@@ -2338,12 +2431,12 @@
+@@ -2338,12 +2432,12 @@
#
template(`userdom_manage_user_home_content_symlinks',`
gen_require(`
@@ -38772,7 +38791,7 @@ diff --exclude-from=exclude -N -u -r nsa
')
########################################
-@@ -2375,12 +2468,12 @@
+@@ -2375,12 +2469,12 @@
#
template(`userdom_manage_user_home_content_pipes',`
gen_require(`
@@ -38788,7 +38807,7 @@ diff --exclude-from=exclude -N -u -r nsa
')
########################################
-@@ -2412,12 +2505,12 @@
+@@ -2412,12 +2506,12 @@
#
template(`userdom_manage_user_home_content_sockets',`
gen_require(`
@@ -38804,7 +38823,7 @@ diff --exclude-from=exclude -N -u -r nsa
')
########################################
-@@ -2462,11 +2555,11 @@
+@@ -2462,11 +2556,11 @@
#
template(`userdom_user_home_dir_filetrans',`
gen_require(`
@@ -38818,7 +38837,7 @@ diff --exclude-from=exclude -N -u -r nsa
')
########################################
-@@ -2511,11 +2604,11 @@
+@@ -2511,11 +2605,11 @@
#
template(`userdom_user_home_content_filetrans',`
gen_require(`
@@ -38832,7 +38851,7 @@ diff --exclude-from=exclude -N -u -r nsa
')
########################################
-@@ -2555,11 +2648,11 @@
+@@ -2555,11 +2649,11 @@
#
template(`userdom_user_home_dir_filetrans_user_home_content',`
gen_require(`
@@ -38846,7 +38865,7 @@ diff --exclude-from=exclude -N -u -r nsa
')
########################################
-@@ -2589,11 +2682,11 @@
+@@ -2589,11 +2683,11 @@
#
template(`userdom_write_user_tmp_sockets',`
gen_require(`
@@ -38860,7 +38879,7 @@ diff --exclude-from=exclude -N -u -r nsa
')
########################################
-@@ -2623,11 +2716,11 @@
+@@ -2623,11 +2717,11 @@
#
template(`userdom_list_user_tmp',`
gen_require(`
@@ -38874,7 +38893,7 @@ diff --exclude-from=exclude -N -u -r nsa
')
########################################
-@@ -2659,10 +2752,10 @@
+@@ -2659,10 +2753,10 @@
#
template(`userdom_dontaudit_list_user_tmp',`
gen_require(`
@@ -38887,7 +38906,7 @@ diff --exclude-from=exclude -N -u -r nsa
')
########################################
-@@ -2694,10 +2787,10 @@
+@@ -2694,10 +2788,10 @@
#
template(`userdom_dontaudit_manage_user_tmp_dirs',`
gen_require(`
@@ -38900,7 +38919,7 @@ diff --exclude-from=exclude -N -u -r nsa
')
########################################
-@@ -2727,12 +2820,12 @@
+@@ -2727,12 +2821,12 @@
#
template(`userdom_read_user_tmp_files',`
gen_require(`
@@ -38916,7 +38935,7 @@ diff --exclude-from=exclude -N -u -r nsa
')
########################################
-@@ -2764,10 +2857,10 @@
+@@ -2764,10 +2858,10 @@
#
template(`userdom_dontaudit_read_user_tmp_files',`
gen_require(`
@@ -38929,7 +38948,7 @@ diff --exclude-from=exclude -N -u -r nsa
')
########################################
-@@ -2799,10 +2892,10 @@
+@@ -2799,10 +2893,10 @@
#
template(`userdom_dontaudit_append_user_tmp_files',`
gen_require(`
@@ -38942,7 +38961,7 @@ diff --exclude-from=exclude -N -u -r nsa
')
########################################
-@@ -2832,12 +2925,12 @@
+@@ -2832,12 +2926,12 @@
#
template(`userdom_rw_user_tmp_files',`
gen_require(`
@@ -38958,7 +38977,7 @@ diff --exclude-from=exclude -N -u -r nsa
')
########################################
-@@ -2869,10 +2962,10 @@
+@@ -2869,10 +2963,10 @@
#
template(`userdom_dontaudit_manage_user_tmp_files',`
gen_require(`
@@ -38971,7 +38990,7 @@ diff --exclude-from=exclude -N -u -r nsa
')
########################################
-@@ -2904,12 +2997,12 @@
+@@ -2904,12 +2998,12 @@
#
template(`userdom_read_user_tmp_symlinks',`
gen_require(`
@@ -38987,7 +39006,7 @@ diff --exclude-from=exclude -N -u -r nsa
')
########################################
-@@ -2941,11 +3034,11 @@
+@@ -2941,11 +3035,11 @@
#
template(`userdom_manage_user_tmp_dirs',`
gen_require(`
@@ -39001,7 +39020,7 @@ diff --exclude-from=exclude -N -u -r nsa
')
########################################
-@@ -2977,11 +3070,11 @@
+@@ -2977,11 +3071,11 @@
#
template(`userdom_manage_user_tmp_files',`
gen_require(`
@@ -39015,7 +39034,7 @@ diff --exclude-from=exclude -N -u -r nsa
')
########################################
-@@ -3013,11 +3106,11 @@
+@@ -3013,11 +3107,11 @@
#
template(`userdom_manage_user_tmp_symlinks',`
gen_require(`
@@ -39029,7 +39048,7 @@ diff --exclude-from=exclude -N -u -r nsa
')
########################################
-@@ -3049,11 +3142,11 @@
+@@ -3049,11 +3143,11 @@
#
template(`userdom_manage_user_tmp_pipes',`
gen_require(`
@@ -39043,7 +39062,7 @@ diff --exclude-from=exclude -N -u -r nsa
')
########################################
-@@ -3085,11 +3178,11 @@
+@@ -3085,11 +3179,11 @@
#
template(`userdom_manage_user_tmp_sockets',`
gen_require(`
@@ -39057,7 +39076,7 @@ diff --exclude-from=exclude -N -u -r nsa
')
########################################
-@@ -3134,10 +3227,10 @@
+@@ -3134,10 +3228,10 @@
#
template(`userdom_user_tmp_filetrans',`
gen_require(`
@@ -39070,7 +39089,7 @@ diff --exclude-from=exclude -N -u -r nsa
files_search_tmp($2)
')
-@@ -3178,19 +3271,19 @@
+@@ -3178,19 +3272,19 @@
#
template(`userdom_tmp_filetrans_user_tmp',`
gen_require(`
@@ -39094,7 +39113,7 @@ diff --exclude-from=exclude -N -u -r nsa
## </p>
## <p>
## This is a templated interface, and should only
-@@ -3211,13 +3304,13 @@
+@@ -3211,13 +3305,13 @@
#
template(`userdom_rw_user_tmpfs_files',`
gen_require(`
@@ -39112,7 +39131,7 @@ diff --exclude-from=exclude -N -u -r nsa
')
########################################
-@@ -4616,11 +4709,11 @@
+@@ -4616,11 +4710,11 @@
#
interface(`userdom_search_all_users_home_dirs',`
gen_require(`
@@ -39126,7 +39145,7 @@ diff --exclude-from=exclude -N -u -r nsa
')
########################################
-@@ -4640,6 +4733,14 @@
+@@ -4640,6 +4734,14 @@
files_list_home($1)
allow $1 home_dir_type:dir list_dir_perms;
@@ -39141,7 +39160,7 @@ diff --exclude-from=exclude -N -u -r nsa
')
########################################
-@@ -4677,6 +4778,8 @@
+@@ -4677,6 +4779,8 @@
')
dontaudit $1 { home_dir_type home_type }:dir search_dir_perms;
@@ -39150,7 +39169,7 @@ diff --exclude-from=exclude -N -u -r nsa
')
########################################
-@@ -4721,6 +4824,25 @@
+@@ -4721,6 +4825,25 @@
########################################
## <summary>
@@ -39176,7 +39195,7 @@ diff --exclude-from=exclude -N -u -r nsa
## Create, read, write, and delete all files
## in all users home directories.
## </summary>
-@@ -4946,7 +5068,7 @@
+@@ -4946,7 +5069,7 @@
########################################
## <summary>
@@ -39185,7 +39204,7 @@ diff --exclude-from=exclude -N -u -r nsa
## </summary>
## <param name="domain">
## <summary>
-@@ -5318,7 +5440,7 @@
+@@ -5318,7 +5441,7 @@
########################################
## <summary>
@@ -39194,7 +39213,7 @@ diff --exclude-from=exclude -N -u -r nsa
## </summary>
## <param name="domain">
## <summary>
-@@ -5326,18 +5448,17 @@
+@@ -5326,18 +5449,17 @@
## </summary>
## </param>
#
@@ -39217,7 +39236,7 @@ diff --exclude-from=exclude -N -u -r nsa
## </summary>
## <param name="domain">
## <summary>
-@@ -5345,17 +5466,54 @@
+@@ -5345,17 +5467,54 @@
## </summary>
## </param>
#
@@ -39276,7 +39295,7 @@ diff --exclude-from=exclude -N -u -r nsa
## </summary>
## <param name="domain">
## <summary>
-@@ -5368,7 +5526,7 @@
+@@ -5368,7 +5527,7 @@
attribute userdomain;
')
@@ -39285,7 +39304,7 @@ diff --exclude-from=exclude -N -u -r nsa
kernel_search_proc($1)
')
-@@ -5447,6 +5605,24 @@
+@@ -5447,6 +5606,24 @@
########################################
## <summary>
@@ -39310,7 +39329,7 @@ diff --exclude-from=exclude -N -u -r nsa
## Send a SIGCHLD signal to all user domains.
## </summary>
## <param name="domain">
-@@ -5483,6 +5659,42 @@
+@@ -5483,6 +5660,42 @@
########################################
## <summary>
@@ -39353,7 +39372,7 @@ diff --exclude-from=exclude -N -u -r nsa
## Send a dbus message to all user domains.
## </summary>
## <param name="domain">
-@@ -5513,3 +5725,661 @@
+@@ -5513,3 +5726,661 @@
interface(`userdom_unconfined',`
refpolicywarn(`$0($*) has been deprecated.')
')
Index: selinux-policy.spec
===================================================================
RCS file: /cvs/extras/rpms/selinux-policy/F-10/selinux-policy.spec,v
retrieving revision 1.802
retrieving revision 1.803
diff -u -p -r1.802 -r1.803
--- selinux-policy.spec 20 Jul 2009 13:25:10 -0000 1.802
+++ selinux-policy.spec 31 Jul 2009 07:14:12 -0000 1.803
@@ -20,7 +20,7 @@
Summary: SELinux policy configuration
Name: selinux-policy
Version: 3.5.13
-Release: 67%{?dist}
+Release: 68%{?dist}
License: GPLv2+
Group: System Environment/Base
Source: serefpolicy-%{version}.tgz
@@ -462,6 +462,9 @@ exit 0
%endif
%changelog
+* Fri Jul 31 2009 Miroslav Grepl <mgrepl at redhat.com> 3.5.13-68
+- Allow lircd read/write input event devices
+
* Mon Jul 20 2009 Miroslav Grepl <mgrepl at redhat.com> 3.5.13-67
- Allow setroubleshootd to read all symlinks
More information about the fedora-extras-commits
mailing list