[selinux-policy] Add booleans.subs_dist to selinux-policy package

Daniel J Walsh dwalsh at fedoraproject.org
Fri Jun 8 14:10:15 UTC 2012 

commit c3956376c7bcb2927655da7737fe6c064d746d72
Author: Dan Walsh <dwalsh at redhat.com>
Date:   Fri Jun 8 10:09:54 2012 -0400

    Add booleans.subs_dist to selinux-policy package

 booleans.subs_dist  |   44 ++++++++++++++++++++++++++++++++++++++++++++
 selinux-policy.spec |    5 ++++-
 2 files changed, 48 insertions(+), 1 deletions(-)
---
diff --git a/booleans.subs_dist b/booleans.subs_dist
new file mode 100644
index 0000000..314ef25
--- /dev/null
+++ b/booleans.subs_dist
@@ -0,0 +1,44 @@
+allow_auditadm_exec_content auditadm_exec_content
+allow_console_login login_console_enabled
+allow_cvs_read_shadow cvs_read_shadow
+allow_daemons_dump_core daemons_dump_core
+allow_daemons_use_tcp_wrapper daemons_use_tcp_wrapper
+allow_daemons_use_tty daemons_use_tty
+allow_domain_fd_use domain_fd_use
+allow_execheap selinuxuser_execheap
+allow_execmod selinuxuser_execmod
+allow_execstack selinuxuser_execstack
+allow_ftpd_anon_write ftpd_anon_write
+allow_ftpd_full_access ftpd_full_access
+allow_ftpd_use_cifs ftpd_use_cifs
+allow_ftpd_use_nfs ftpd_use_nfs
+allow_gssd_read_tmp gssd_read_tmp
+allow_guest_exec_content guest_exec_content
+allow_httpd_anon_write httpd_anon_write
+allow_httpd_mod_auth_ntlm_winbind httpd_mod_auth_ntlm_winbind
+allow_httpd_mod_auth_pam httpd_mod_auth_pam
+allow_httpd_sys_script_anon_write httpd_sys_script_anon_write
+allow_kerberos kerberos_enabled
+allow_mplayer_execstack mplayer_execstack
+allow_mount_anyfile mount_anyfile
+allow_nfsd_anon_write nfsd_anon_write
+allow_polyinstantiation polyinstantiation_enabled
+allow_postfix_local_write_mail_spool postfix_local_write_mail_spool
+allow_rsync_anon_write rsync_anon_write
+allow_saslauthd_read_shadow saslauthd_read_shadow
+allow_secadm_exec_content secadm_exec_content
+allow_smbd_anon_write smbd_anon_write
+allow_ssh_keysign ssh_keysign
+allow_staff_exec_content staff_exec_content
+allow_sysadm_exec_content sysadm_exec_content
+allow_user_exec_content user_exec_content
+allow_user_mysql_connect selinuxuser_mysql_connect_enabled
+allow_user_postgresql_connect selinuxuser_postgresql_connect_enabled
+allow_write_xshm xserver_clients_write_xshm
+allow_xguest_exec_content xguest_exec_content
+allow_xserver_execmem xserver_execmem
+allow_ypbind nis_enabled
+allow_zebra_write_config zebra_write_config
+user_direct_dri selinuxuser_direct_dri_enabled
+user_ping selinuxuser_ping
+user_share_music selinuxuser_share_music
diff --git a/selinux-policy.spec b/selinux-policy.spec
index 3c105d0..ab22ad1 100644
--- a/selinux-policy.spec
+++ b/selinux-policy.spec
@@ -49,6 +49,7 @@ Source26: file_contexts.subs_dist
 Source27: selinux-policy.conf
 Source28: permissivedomains.pp
 Source29: serefpolicy-contrib-%{version}.tgz
+Source30: booleans.subs_dist
 
 Url: http://oss.tresys.com/repos/refpolicy/
 BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
@@ -133,6 +134,7 @@ touch %{buildroot}%{_sysconfdir}/selinux/%1/modules/active/file_contexts.local \
 touch %{buildroot}%{_sysconfdir}/selinux/%1/modules/active/nodes.local \
 touch %{buildroot}%{_sysconfdir}/selinux/%1/modules/active/users_extra.local \
 touch %{buildroot}%{_sysconfdir}/selinux/%1/modules/active/users.local \
+cp %{SOURCE30} %{buildroot}%{_sysconfdir}/selinux/%1 \
 bzip2 -c %{buildroot}/%{_usr}/share/selinux/%1/base.pp  > %{buildroot}/%{_sysconfdir}/selinux/%1/modules/active/base.pp \
 rm -f %{buildroot}/%{_usr}/share/selinux/%1/base.pp  \
 for i in %{buildroot}/%{_usr}/share/selinux/%1/*.pp; do bzip2 -c $i > %{buildroot}/%{_sysconfdir}/selinux/%1/modules/active/modules/`basename $i`; done \
@@ -191,7 +193,8 @@ rm -f %{buildroot}/%{_sysconfigdir}/selinux/%1/modules/active/policy.kern
 %verify(not md5 size mtime) %{_sysconfdir}/selinux/%1/contexts/files/file_contexts.homedirs \
 %config(noreplace) %{_sysconfdir}/selinux/%1/contexts/files/file_contexts.local \
 %config(noreplace) %{_sysconfdir}/selinux/%1/contexts/files/file_contexts.subs \
-%verify(not md5 size mtime) %{_sysconfdir}/selinux/%1/contexts/files/file_contexts.subs_dist \
+%{_sysconfdir}/selinux/%1/contexts/files/file_contexts.subs_dist \
+%{_sysconfdir}/selinux/%1/booleans.subs_dist \
 %config %{_sysconfdir}/selinux/%1/contexts/files/media \
 %dir %{_sysconfdir}/selinux/%1/contexts/users \
 %config(noreplace) %{_sysconfdir}/selinux/%1/contexts/users/root \

More information about the scm-commits mailing list