[selinux-policy/f16] * Mon Apr 16 2012 Miroslav Grepl <mgrepl at redhat.com> 3.10.0-8 - Allow wdmd chown - Add storage_dev_f
Miroslav Grepl
mgrepl at fedoraproject.org
Mon Apr 16 06:47:06 UTC 2012
commit e550e273ba11d240204d05fa4444687dd4a16802
Author: Miroslav <mgrepl at redhat.com>
Date: Mon Apr 16 08:46:54 2012 +0200
* Mon Apr 16 2012 Miroslav Grepl <mgrepl at redhat.com> 3.10.0-8
- Allow wdmd chown
- Add storage_dev_filetrans_named_fixed_disk() for fsdaemon
policy-F16.patch | 12 +++++++-----
selinux-policy.spec | 6 +++++-
2 files changed, 12 insertions(+), 6 deletions(-)
---
diff --git a/policy-F16.patch b/policy-F16.patch
index a9cd17e..a93eff4 100644
--- a/policy-F16.patch
+++ b/policy-F16.patch
@@ -59543,7 +59543,7 @@ index adea9f9..d5b2d93 100644
init_labeled_script_domtrans($1, fsdaemon_initrc_exec_t)
diff --git a/policy/modules/services/smartmon.te b/policy/modules/services/smartmon.te
-index 606a098..5e4d100 100644
+index 606a098..2a3ea76 100644
--- a/policy/modules/services/smartmon.te
+++ b/policy/modules/services/smartmon.te
@@ -35,7 +35,7 @@ ifdef(`enable_mls',`
@@ -59555,7 +59555,7 @@ index 606a098..5e4d100 100644
dontaudit fsdaemon_t self:capability sys_tty_config;
allow fsdaemon_t self:process { getcap setcap signal_perms };
allow fsdaemon_t self:fifo_file rw_fifo_file_perms;
-@@ -73,19 +73,28 @@ files_read_etc_runtime_files(fsdaemon_t)
+@@ -73,19 +73,29 @@ files_read_etc_runtime_files(fsdaemon_t)
files_read_usr_files(fsdaemon_t)
# for config
files_read_etc_files(fsdaemon_t)
@@ -59574,6 +59574,7 @@ index 606a098..5e4d100 100644
storage_raw_read_removable_device(fsdaemon_t)
+storage_read_scsi_generic(fsdaemon_t)
+storage_write_scsi_generic(fsdaemon_t)
++storage_dev_filetrans_named_fixed_disk(fsdaemon_t)
term_dontaudit_search_ptys(fsdaemon_t)
@@ -65127,10 +65128,10 @@ index 0000000..a554011
+')
diff --git a/policy/modules/services/wdmd.te b/policy/modules/services/wdmd.te
new file mode 100644
-index 0000000..307c99e
+index 0000000..45918db
--- /dev/null
+++ b/policy/modules/services/wdmd.te
-@@ -0,0 +1,51 @@
+@@ -0,0 +1,52 @@
+policy_module(wdmd,1.0.0)
+
+########################################
@@ -65152,7 +65153,8 @@ index 0000000..307c99e
+#
+# wdmd local policy
+#
-+allow wdmd_t self:capability { sys_nice ipc_lock };
++
++allow wdmd_t self:capability { chown sys_nice ipc_lock };
+allow wdmd_t self:process { setsched signal };
+
+allow wdmd_t self:fifo_file rw_fifo_file_perms;
diff --git a/selinux-policy.spec b/selinux-policy.spec
index bcfba22..cf5aa30 100644
--- a/selinux-policy.spec
+++ b/selinux-policy.spec
@@ -17,7 +17,7 @@
Summary: SELinux policy configuration
Name: selinux-policy
Version: 3.10.0
-Release: 82%{?dist}
+Release: 83%{?dist}
License: GPLv2+
Group: System Environment/Base
Source: serefpolicy-%{version}.tgz
@@ -466,6 +466,10 @@ SELinux Reference policy mls base module.
%endif
%changelog
+* Mon Apr 16 2012 Miroslav Grepl <mgrepl at redhat.com> 3.10.0-83
+- Allow wdmd chown
+- Add storage_dev_filetrans_named_fixed_disk() for fsdaemon
+
* Fri Apr 6 2012 Miroslav Grepl <mgrepl at redhat.com> 3.10.0-82
- zfs now supports xattrs
- allow mozilla_plugin_t to read user_home_t socket
More information about the scm-commits
mailing list