[selinux-policy/f16] Make colord unconfined for RC1
Daniel J Walsh
dwalsh at fedoraproject.org
Sat Sep 17 02:25:56 UTC 2011
commit c6a731700fbd4b9ce90660cf7d4b995a240e3980
Author: Dan Walsh <dwalsh at redhat.com>
Date: Fri Sep 16 22:25:35 2011 -0400
Make colord unconfined for RC1
colord.patch | 12 ++++++++++++
selinux-policy.spec | 7 ++++++-
2 files changed, 18 insertions(+), 1 deletions(-)
---
diff --git a/colord.patch b/colord.patch
new file mode 100644
index 0000000..72fe9bd
--- /dev/null
+++ b/colord.patch
@@ -0,0 +1,12 @@
+diff --git a/policy/modules/services/colord.te b/policy/modules/services/colord.te
+index 810b790..a073a0c 100644
+--- a/policy/modules/services/colord.te
++++ b/policy/modules/services/colord.te
+@@ -128,3 +128,7 @@ optional_policy(`
+ # /var/lib/gdm/.local/share/icc/edid-0a027915105823af34f99b1704e80336.icc
+ xserver_read_inherited_xdm_lib_files(colord_t)
+ ')
++
++optional_policy(`
++ unconfined_domain(colord_t)
++')
diff --git a/selinux-policy.spec b/selinux-policy.spec
index 6182864..86eaca6 100644
--- a/selinux-policy.spec
+++ b/selinux-policy.spec
@@ -17,11 +17,12 @@
Summary: SELinux policy configuration
Name: selinux-policy
Version: 3.10.0
-Release: 29%{?dist}
+Release: 29.1%{?dist}
License: GPLv2+
Group: System Environment/Base
Source: serefpolicy-%{version}.tgz
patch: policy-F16.patch
+patch1: colord.patch
Source1: modules-targeted.conf
Source2: booleans-targeted.conf
Source3: Makefile.devel
@@ -235,6 +236,7 @@ Based off of reference policy: Checked out revision 2.20091117
%prep
%setup -n serefpolicy-%{version} -q
%patch -p1
+%patch1 -p1
%install
mkdir selinux_config
@@ -466,6 +468,9 @@ SELinux Reference policy mls base module.
%endif
%changelog
+* Fri Sep 16 2011 Dan Walsh <dwalsh at redhat.com> 3.10.0-29.1
+- Make colord unconfined so we can ship RC1
+
* Fri Sep 16 2011 Miroslav Grepl <mgrepl at redhat.com> 3.10.0-29
- Allow sanlock to manage virt lib files
- Add virt_use_sanlock booelan
More information about the scm-commits
mailing list