[selinux-policy: 2312/3172] Miscfiles patch from Dan Walsh.

[Daniel J Walsh]

commit 9dfdd48feca4b0b7b4a96949337d60a510368018
Author: Chris PeBenito <cpebenito at tresys.com>
Date:   Tue Nov 24 09:04:48 2009 -0500

    Miscfiles patch from Dan Walsh.

 policy/modules/system/miscfiles.if |   60 +++++++++++++++++++++++++++++++++++-
 policy/modules/system/miscfiles.te |    2 +-
 2 files changed, 60 insertions(+), 2 deletions(-)
---
diff --git a/policy/modules/system/miscfiles.if b/policy/modules/system/miscfiles.if
index 428ce71..ba77018 100644
--- a/policy/modules/system/miscfiles.if
+++ b/policy/modules/system/miscfiles.if
@@ -87,6 +87,45 @@ interface(`miscfiles_read_fonts',`
 
 ########################################
 ## <summary>
+##	Set the attributes on a fonts directory.
+## </summary>
+## <param name="domain">
+##	<summary>
+##	Domain allowed access.
+##	</summary>
+## </param>
+## <rolecap/>
+#
+interface(`miscfiles_setattr_fonts_dirs',`
+	gen_require(`
+		type fonts_t;
+	')
+
+	allow $1 fonts_t:dir setattr;
+')
+
+########################################
+## <summary>
+##	Do not audit attempts to set the attributes
+##	on a fonts directory.
+## </summary>
+## <param name="domain">
+##	<summary>
+##	Domain allowed access.
+##	</summary>
+## </param>
+## <rolecap/>
+#
+interface(`miscfiles_dontaudit_setattr_fonts_dirs',`
+	gen_require(`
+		type fonts_t;
+	')
+
+	dontaudit $1 fonts_t:dir setattr;
+')
+
+########################################
+## <summary>
 ##	Do not audit attempts to write fonts.
 ## </summary>
 ## <param name="domain">
@@ -255,6 +294,25 @@ interface(`miscfiles_legacy_read_localization',`
 
 ########################################
 ## <summary>
+##	Search man pages.
+## </summary>
+## <param name="domain">
+##	<summary>
+##	Domain to not audit.
+##	</summary>
+## </param>
+#
+interface(`miscfiles_search_man_pages',`
+	gen_require(`
+		type man_t;
+	')
+
+	allow $1 man_t:dir search_dir_perms;
+	files_search_usr($1)
+')
+
+########################################
+## <summary>
 ##	Do not audit attempts to search man pages.
 ## </summary>
 ## <param name="domain">
@@ -268,7 +326,7 @@ interface(`miscfiles_dontaudit_search_man_pages',`
 		type man_t;
 	')
 
-	dontaudit $1 man_t:dir search;
+	dontaudit $1 man_t:dir search_dir_perms;
 ')
 
 ########################################
diff --git a/policy/modules/system/miscfiles.te b/policy/modules/system/miscfiles.te
index aa77a21..ef9d197 100644
--- a/policy/modules/system/miscfiles.te
+++ b/policy/modules/system/miscfiles.te
@@ -1,5 +1,5 @@
 
-policy_module(miscfiles, 1.7.0)
+policy_module(miscfiles, 1.7.1)
 
 ########################################
 #