rpms/selinux-policy/F-11 policy-20090521.patch, 1.24, 1.25 selinux-policy.spec, 1.881, 1.882
Miroslav Grepl
mgrepl at fedoraproject.org
Mon Jun 29 20:57:52 UTC 2009
Author: mgrepl
Update of /cvs/extras/rpms/selinux-policy/F-11
In directory cvs1.fedora.phx.redhat.com:/tmp/cvs-serv8325
Modified Files:
policy-20090521.patch selinux-policy.spec
Log Message:
- Allow sshd to manage gitosis var/lib files
policy-20090521.patch:
Index: policy-20090521.patch
===================================================================
RCS file: /cvs/extras/rpms/selinux-policy/F-11/policy-20090521.patch,v
retrieving revision 1.24
retrieving revision 1.25
diff -u -p -r1.24 -r1.25
--- policy-20090521.patch 29 Jun 2009 14:46:48 -0000 1.24
+++ policy-20090521.patch 29 Jun 2009 20:57:51 -0000 1.25
@@ -437,8 +437,8 @@ diff -b -B --ignore-all-space --exclude-
+/var/lib/gitosis(/.*)? gen_context(system_u:object_r:gitosis_var_lib_t,s0)
diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/apps/gitosis.if serefpolicy-3.6.12/policy/modules/apps/gitosis.if
--- nsaserefpolicy/policy/modules/apps/gitosis.if 1970-01-01 01:00:00.000000000 +0100
-+++ serefpolicy-3.6.12/policy/modules/apps/gitosis.if 2009-06-25 10:28:47.000000000 +0200
-@@ -0,0 +1,94 @@
++++ serefpolicy-3.6.12/policy/modules/apps/gitosis.if 2009-06-29 22:52:15.000000000 +0200
+@@ -0,0 +1,96 @@
+## <summary>gitosis interface</summary>
+
+#######################################
@@ -506,7 +506,8 @@ diff -b -B --ignore-all-space --exclude-
+ type gitosis_var_lib_t;
+
+ ')
-+
++
++ files_search_var_lib($1)
+ read_files_pattern($1, gitosis_var_lib_t, gitosis_var_lib_t)
+ read_lnk_files_pattern($1, gitosis_var_lib_t, gitosis_var_lib_t)
+ list_dirs_pattern($1, gitosis_var_lib_t, gitosis_var_lib_t)
@@ -529,6 +530,7 @@ diff -b -B --ignore-all-space --exclude-
+
+ ')
+
++ files_search_var_lib($1)
+ manage_files_pattern($1, gitosis_var_lib_t, gitosis_var_lib_t)
+ manage_lnk_files_pattern($1, gitosis_var_lib_t, gitosis_var_lib_t)
+ manage_dirs_pattern($1, gitosis_var_lib_t, gitosis_var_lib_t)
@@ -2891,6 +2893,20 @@ diff -b -B --ignore-all-space --exclude-
HOME_DIR/\.spamassassin(/.*)? gen_context(system_u:object_r:spamc_home_t,s0)
/etc/rc\.d/init\.d/spamd -- gen_context(system_u:object_r:spamd_initrc_exec_t,s0)
+diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/ssh.te serefpolicy-3.6.12/policy/modules/services/ssh.te
+--- nsaserefpolicy/policy/modules/services/ssh.te 2009-06-25 10:19:44.000000000 +0200
++++ serefpolicy-3.6.12/policy/modules/services/ssh.te 2009-06-29 22:52:07.000000000 +0200
+@@ -347,6 +347,10 @@
+ ')
+
+ optional_policy(`
++ gitosis_manage_var_lib(sshd_t)
++')
++
++optional_policy(`
+ inetd_tcp_service_domain(sshd_t, sshd_exec_t)
+ ')
+
diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/uucp.te serefpolicy-3.6.12/policy/modules/services/uucp.te
--- nsaserefpolicy/policy/modules/services/uucp.te 2009-06-25 10:19:44.000000000 +0200
+++ serefpolicy-3.6.12/policy/modules/services/uucp.te 2009-06-25 10:21:01.000000000 +0200
Index: selinux-policy.spec
===================================================================
RCS file: /cvs/extras/rpms/selinux-policy/F-11/selinux-policy.spec,v
retrieving revision 1.881
retrieving revision 1.882
diff -u -p -r1.881 -r1.882
--- selinux-policy.spec 29 Jun 2009 14:46:48 -0000 1.881
+++ selinux-policy.spec 29 Jun 2009 20:57:51 -0000 1.882
@@ -20,7 +20,7 @@
Summary: SELinux policy configuration
Name: selinux-policy
Version: 3.6.12
-Release: 61%{?dist}
+Release: 62%{?dist}
License: GPLv2+
Group: System Environment/Base
Source: serefpolicy-%{version}.tgz
@@ -475,6 +475,9 @@ exit 0
%endif
%changelog
+* Mon Jun 29 2009 Miroslav Grepl <mgrepl at redhat.com> 3.6.12-62
+- Allow sshd to manage gitosis var/lib files
+
* Mon Jun 29 2009 Miroslav Grepl <mgrepl at redhat.com> 3.6.12-61
- Allow avahi net_admin capability
More information about the fedora-extras-commits
mailing list