[selinux-policy/f16] * Mon Apr 16 2012 Miroslav Grepl <mgrepl at redhat.com> 3.10.0-8 - Allow wdmd chown - Add storage_dev_f

Miroslav Grepl mgrepl at fedoraproject.org
Mon Apr 16 06:47:06 UTC 2012 

commit e550e273ba11d240204d05fa4444687dd4a16802
Author: Miroslav <mgrepl at redhat.com>
Date:   Mon Apr 16 08:46:54 2012 +0200

    * Mon Apr 16 2012 Miroslav Grepl <mgrepl at redhat.com> 3.10.0-8
    - Allow wdmd chown
    - Add storage_dev_filetrans_named_fixed_disk() for fsdaemon

 policy-F16.patch    |   12 +++++++-----
 selinux-policy.spec |    6 +++++-
 2 files changed, 12 insertions(+), 6 deletions(-)
---
diff --git a/policy-F16.patch b/policy-F16.patch
index a9cd17e..a93eff4 100644
--- a/policy-F16.patch
+++ b/policy-F16.patch
@@ -59543,7 +59543,7 @@ index adea9f9..d5b2d93 100644
  
  	init_labeled_script_domtrans($1, fsdaemon_initrc_exec_t)
 diff --git a/policy/modules/services/smartmon.te b/policy/modules/services/smartmon.te
-index 606a098..5e4d100 100644
+index 606a098..2a3ea76 100644
 --- a/policy/modules/services/smartmon.te
 +++ b/policy/modules/services/smartmon.te
 @@ -35,7 +35,7 @@ ifdef(`enable_mls',`
@@ -59555,7 +59555,7 @@ index 606a098..5e4d100 100644
  dontaudit fsdaemon_t self:capability sys_tty_config;
  allow fsdaemon_t self:process { getcap setcap signal_perms };
  allow fsdaemon_t self:fifo_file rw_fifo_file_perms;
-@@ -73,19 +73,28 @@ files_read_etc_runtime_files(fsdaemon_t)
+@@ -73,19 +73,29 @@ files_read_etc_runtime_files(fsdaemon_t)
  files_read_usr_files(fsdaemon_t)
  # for config
  files_read_etc_files(fsdaemon_t)
@@ -59574,6 +59574,7 @@ index 606a098..5e4d100 100644
  storage_raw_read_removable_device(fsdaemon_t)
 +storage_read_scsi_generic(fsdaemon_t)
 +storage_write_scsi_generic(fsdaemon_t)
++storage_dev_filetrans_named_fixed_disk(fsdaemon_t)
  
  term_dontaudit_search_ptys(fsdaemon_t)
  
@@ -65127,10 +65128,10 @@ index 0000000..a554011
 +')
 diff --git a/policy/modules/services/wdmd.te b/policy/modules/services/wdmd.te
 new file mode 100644
-index 0000000..307c99e
+index 0000000..45918db
 --- /dev/null
 +++ b/policy/modules/services/wdmd.te
-@@ -0,0 +1,51 @@
+@@ -0,0 +1,52 @@
 +policy_module(wdmd,1.0.0)
 +
 +########################################
@@ -65152,7 +65153,8 @@ index 0000000..307c99e
 +#
 +# wdmd local policy
 +#
-+allow wdmd_t self:capability { sys_nice ipc_lock };
++
++allow wdmd_t self:capability { chown sys_nice ipc_lock };
 +allow wdmd_t self:process { setsched signal };
 +
 +allow wdmd_t self:fifo_file rw_fifo_file_perms;
diff --git a/selinux-policy.spec b/selinux-policy.spec
index bcfba22..cf5aa30 100644
--- a/selinux-policy.spec
+++ b/selinux-policy.spec
@@ -17,7 +17,7 @@
 Summary: SELinux policy configuration
 Name: selinux-policy
 Version: 3.10.0
-Release: 82%{?dist}
+Release: 83%{?dist}
 License: GPLv2+
 Group: System Environment/Base
 Source: serefpolicy-%{version}.tgz
@@ -466,6 +466,10 @@ SELinux Reference policy mls base module.
 %endif
 
 %changelog
+* Mon Apr 16 2012 Miroslav Grepl <mgrepl at redhat.com> 3.10.0-83
+- Allow wdmd chown
+- Add storage_dev_filetrans_named_fixed_disk() for fsdaemon
+
 * Fri Apr 6 2012 Miroslav Grepl <mgrepl at redhat.com> 3.10.0-82
 - zfs now supports xattrs
 - allow mozilla_plugin_t to read user_home_t socket

More information about the scm-commits mailing list