[selinux-policy: 984/3172] fixes from dan

[Daniel J Walsh]

commit 95f82b0de8270052d3b7477c2b488d99f50b09ef
Author: Chris PeBenito <cpebenito at tresys.com>
Date:   Mon Nov 21 22:15:11 2005 +0000

    fixes from dan

 refpolicy/policy/modules/system/authlogin.if    |    1 +
 refpolicy/policy/modules/system/corecommands.fc |    4 ++--
 refpolicy/policy/modules/system/corecommands.if |    3 +--
 3 files changed, 4 insertions(+), 4 deletions(-)
---
diff --git a/refpolicy/policy/modules/system/authlogin.if b/refpolicy/policy/modules/system/authlogin.if
index 8fedb48..b43b764 100644
--- a/refpolicy/policy/modules/system/authlogin.if
+++ b/refpolicy/policy/modules/system/authlogin.if
@@ -926,6 +926,7 @@ interface(`auth_use_nsswitch',`
 
 	allow $1 var_auth_t:dir r_dir_perms;
 	allow $1 var_auth_t:file create_file_perms;
+	files_list_var_lib($1)
 
 	sysnet_dns_name_resolve($1)
 	sysnet_use_ldap($1)
diff --git a/refpolicy/policy/modules/system/corecommands.fc b/refpolicy/policy/modules/system/corecommands.fc
index 298abe0..8fca398 100644
--- a/refpolicy/policy/modules/system/corecommands.fc
+++ b/refpolicy/policy/modules/system/corecommands.fc
@@ -98,8 +98,8 @@ ifdef(`distro_gentoo',`
 /usr/lib/qt.*/bin(/.*)?			gen_context(system_u:object_r:bin_t,s0)
 # these two lines are separate because of a
 # sorting issue with the java module
-/usr/lib/jvm/java.*/jre/bin -d		gen_context(system_u:object_r:bin_t,s0)
-/usr/lib/jvm/java.*/jre/bin/.*		gen_context(system_u:object_r:bin_t,s0)
+/usr/lib/jvm/java.*/bin -d		gen_context(system_u:object_r:bin_t,s0)
+/usr/lib/jvm/java.*/bin/.*		gen_context(system_u:object_r:bin_t,s0)
 
 /usr/lib(64)?/cups/cgi-bin/.*	--	gen_context(system_u:object_r:bin_t,s0)
 /usr/lib(64)?/cups/filter/.*	--	gen_context(system_u:object_r:bin_t,s0)
diff --git a/refpolicy/policy/modules/system/corecommands.if b/refpolicy/policy/modules/system/corecommands.if
index 2057f82..0033679 100644
--- a/refpolicy/policy/modules/system/corecommands.if
+++ b/refpolicy/policy/modules/system/corecommands.if
@@ -238,10 +238,9 @@ interface(`corecmd_bin_domtrans',`
 interface(`corecmd_search_sbin',`
 	gen_require(`
 		type sbin_t;
-		class dir search;
 	')
 
-	allow $1 sbin_t:dir search;
+	allow $1 sbin_t:dir search_dir_perms;
 ')
 
 ########################################