[selinux-policy] Turn back on allow_execmem boolean
Daniel J Walsh
dwalsh at fedoraproject.org
Tue Nov 8 21:33:16 UTC 2011
commit 90160938e2dccb8ab24ac7680cbd06ea46591da2
Author: Dan Walsh <dwalsh at redhat.com>
Date: Tue Nov 8 16:33:10 2011 -0500
Turn back on allow_execmem boolean
selinux-policy.spec | 7 ++++---
1 files changed, 4 insertions(+), 3 deletions(-)
---
diff --git a/selinux-policy.spec b/selinux-policy.spec
index fbe097f..c39a36e 100644
--- a/selinux-policy.spec
+++ b/selinux-policy.spec
@@ -30,6 +30,7 @@ patch6: apache.patch
patch7: ptrace.patch
patch8: qemu.patch
patch9: consoletype.patch
+patch10: denyexecmem.patch
Source1: modules-targeted.conf
Source2: booleans-targeted.conf
Source3: Makefile.devel
@@ -222,10 +223,9 @@ if [ -e /etc/selinux/%2/.rebuild ]; then \
/usr/sbin/semodule -n -s %2 -r execmem openoffice ada tzdata hal hotplug howl java mono moilscanner gamin audio_entropy iscsid polkit_auth polkit rtkit_daemon ModemManager telepathysofiasip ethereal passanger qpidd 2>/dev/null; \
fi \
rm -f /etc/selinux/%2/modules/active/modules/qemu.pp \
- /usr/sbin/semodule -B -s %2; \
-else \
- [ "${SELINUXTYPE}" == "%2" ] && [ selinuxenabled ] && load_policy; \
+ /usr/sbin/semodule -B -n -s %2; \
fi; \
+[ "${SELINUXTYPE}" == "%2" ] && [ selinuxenabled ] && load_policy; \
if [ %1 -eq 1 ]; then \
/sbin/restorecon -R /root /var/log /var/run 2> /dev/null; \
else \
@@ -252,6 +252,7 @@ Based off of reference policy: Checked out revision 2.20091117
%patch7 -p1 -b .ptrace
%patch8 -p1 -b .qemu
%patch9 -p1 -b .consoletype
+%patch10 -p1 -b .denyexecmem
%install
mkdir selinux_config
More information about the scm-commits
mailing list