[selinux-policy] Add interface to dontaudit getattr access on sysctls

[Daniel J Walsh]

commit 26761212674615c14295fdd52991dfe1e95e4c9a
Author: Dan Walsh <dwalsh at redhat.com>
Date:   Tue Jul 24 15:56:40 2012 -0400

    Add interface to dontaudit getattr access on sysctls
    
    - Allow sshd to execute /bin/login
    - Looks like xdm is recreating the xdm directory in ~/.cache/ on login
    - Allow syslog to use the leaked kernel_t unix_dgram_socket from system-jounald
    -  Fix semanage to work with unconfined domain disabled on F18
    - Dontaudit attempts by mozilla plugins to getattr on all kernel sysctls
    - Virt seems to be using lock files
    - Dovecot seems to be searching directories of every mountpoint
    - Allow jockey to read random/urandom, execute shell and install third-party drivers
    - Add aditional params to allow cachedfiles to manage its content
    - gpg agent needs to read /dev/random
    - The kernel hands an svirt domains /SYSxxxxx which is a tmpfs that httpd wants to read and write
    - Add a bunch of dontaudit rules to quiet svirt_lxc domains
    - Additional perms needed to run svirt_lxc domains
    - Allow cgclear to read cgconfig
    - Allow sys_ptrace capability for snmp
    - Allow freshclam to read /proc
    - Allow procmail to manage /home/user/Maildir content
    - Allow NM to execute wpa_cli
    - Allow amavis to read clamd system state
    - Regenerate man pages

 selinux-policy.spec |    2 +-
 1 files changed, 1 insertions(+), 1 deletions(-)
---
diff --git a/selinux-policy.spec b/selinux-policy.spec
index 3fea886..69aa863 100644
--- a/selinux-policy.spec
+++ b/selinux-policy.spec
@@ -15,7 +15,7 @@
 %endif
 %define POLICYVER 27
 %define POLICYCOREUTILSVER 2.1.9-4
-%define CHECKPOLICYVER 2.1.9-4
+%define CHECKPOLICYVER 2.1.10-3
 Summary: SELinux policy configuration
 Name: selinux-policy
 Version: 3.11.0