rpms/selinux-policy/devel policy-20070703.patch, 1.7, 1.8 selinux-policy.spec, 1.473, 1.474
Daniel J Walsh (dwalsh)
fedora-extras-commits at redhat.com
Sat Jul 14 12:57:18 UTC 2007
Author: dwalsh
Update of /cvs/extras/rpms/selinux-policy/devel
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv21336
Modified Files:
policy-20070703.patch selinux-policy.spec
Log Message:
* Sat Jul 14 2007 Dan Walsh <dwalsh at redhat.com> 3.0.2-8
- Fix moilscanner update problem
policy-20070703.patch:
View full diff with command:
/usr/bin/cvs -f diff -kk -u -N -r 1.7 -r 1.8 policy-20070703.patch
Index: policy-20070703.patch
===================================================================
RCS file: /cvs/extras/rpms/selinux-policy/devel/policy-20070703.patch,v
retrieving revision 1.7
retrieving revision 1.8
diff -u -r1.7 -r1.8
--- policy-20070703.patch 12 Jul 2007 21:37:30 -0000 1.7
+++ policy-20070703.patch 14 Jul 2007 12:56:45 -0000 1.8
@@ -1,6 +1,6 @@
diff --exclude-from=exclude -N -u -r nsaserefpolicy/config/appconfig-strict-mls/guest_u_default_contexts serefpolicy-3.0.2/config/appconfig-strict-mls/guest_u_default_contexts
--- nsaserefpolicy/config/appconfig-strict-mls/guest_u_default_contexts 1969-12-31 19:00:00.000000000 -0500
-+++ serefpolicy-3.0.2/config/appconfig-strict-mls/guest_u_default_contexts 2007-07-11 10:06:28.000000000 -0400
++++ serefpolicy-3.0.2/config/appconfig-strict-mls/guest_u_default_contexts 2007-07-13 08:07:53.000000000 -0400
@@ -0,0 +1,4 @@
+system_r:local_login_t:s0 guest_r:guest_t:s0
+system_r:remote_login_t:s0 guest_r:guest_t:s0
@@ -8,7 +8,7 @@
+system_r:crond_t:s0 guest_r:guest_crond_t:s0
diff --exclude-from=exclude -N -u -r nsaserefpolicy/config/appconfig-strict-mls/staff_u_default_contexts serefpolicy-3.0.2/config/appconfig-strict-mls/staff_u_default_contexts
--- nsaserefpolicy/config/appconfig-strict-mls/staff_u_default_contexts 1969-12-31 19:00:00.000000000 -0500
-+++ serefpolicy-3.0.2/config/appconfig-strict-mls/staff_u_default_contexts 2007-07-11 10:06:28.000000000 -0400
++++ serefpolicy-3.0.2/config/appconfig-strict-mls/staff_u_default_contexts 2007-07-13 08:07:53.000000000 -0400
@@ -0,0 +1,9 @@
+system_r:local_login_t:s0 staff_r:staff_t:s0 sysadm_r:sysadm_t:s0
+system_r:remote_login_t:s0 staff_r:staff_t:s0
@@ -21,7 +21,7 @@
+sysadm_r:sysadm_sudo_t:s0 sysadm_r:sysadm_t:s0
diff --exclude-from=exclude -N -u -r nsaserefpolicy/config/appconfig-strict-mls/user_u_default_contexts serefpolicy-3.0.2/config/appconfig-strict-mls/user_u_default_contexts
--- nsaserefpolicy/config/appconfig-strict-mls/user_u_default_contexts 1969-12-31 19:00:00.000000000 -0500
-+++ serefpolicy-3.0.2/config/appconfig-strict-mls/user_u_default_contexts 2007-07-11 10:06:28.000000000 -0400
++++ serefpolicy-3.0.2/config/appconfig-strict-mls/user_u_default_contexts 2007-07-13 08:07:53.000000000 -0400
@@ -0,0 +1,7 @@
+system_r:local_login_t:s0 user_r:user_t:s0
+system_r:remote_login_t:s0 user_r:user_t:s0
@@ -32,7 +32,7 @@
+user_r:user_sudo_t:s0 user_r:user_t:s0
diff --exclude-from=exclude -N -u -r nsaserefpolicy/config/appconfig-targeted-mcs/default_type serefpolicy-3.0.2/config/appconfig-targeted-mcs/default_type
--- nsaserefpolicy/config/appconfig-targeted-mcs/default_type 2007-05-25 09:09:09.000000000 -0400
-+++ serefpolicy-3.0.2/config/appconfig-targeted-mcs/default_type 2007-07-11 10:06:28.000000000 -0400
++++ serefpolicy-3.0.2/config/appconfig-targeted-mcs/default_type 2007-07-13 08:07:53.000000000 -0400
@@ -1 +1,4 @@
system_r:unconfined_t
+sysadm_r:sysadm_t
@@ -40,7 +40,7 @@
+user_r:user_t
diff --exclude-from=exclude -N -u -r nsaserefpolicy/config/appconfig-targeted-mcs/guest_u_default_contexts serefpolicy-3.0.2/config/appconfig-targeted-mcs/guest_u_default_contexts
--- nsaserefpolicy/config/appconfig-targeted-mcs/guest_u_default_contexts 1969-12-31 19:00:00.000000000 -0500
-+++ serefpolicy-3.0.2/config/appconfig-targeted-mcs/guest_u_default_contexts 2007-07-11 10:06:28.000000000 -0400
++++ serefpolicy-3.0.2/config/appconfig-targeted-mcs/guest_u_default_contexts 2007-07-13 08:07:53.000000000 -0400
@@ -0,0 +1,4 @@
+system_r:local_login_t:s0 guest_r:guest_t:s0
+system_r:remote_login_t:s0 guest_r:guest_t:s0
@@ -48,13 +48,13 @@
+system_r:crond_t:s0 guest_r:guest_crond_t:s0
diff --exclude-from=exclude -N -u -r nsaserefpolicy/config/appconfig-targeted-mcs/initrc_context serefpolicy-3.0.2/config/appconfig-targeted-mcs/initrc_context
--- nsaserefpolicy/config/appconfig-targeted-mcs/initrc_context 2007-05-25 09:09:09.000000000 -0400
-+++ serefpolicy-3.0.2/config/appconfig-targeted-mcs/initrc_context 2007-07-11 10:06:28.000000000 -0400
++++ serefpolicy-3.0.2/config/appconfig-targeted-mcs/initrc_context 2007-07-13 08:07:53.000000000 -0400
@@ -1 +1 @@
-user_u:system_r:initrc_t:s0
+system_u:system_r:initrc_t:s0
diff --exclude-from=exclude -N -u -r nsaserefpolicy/config/appconfig-targeted-mcs/root_default_contexts serefpolicy-3.0.2/config/appconfig-targeted-mcs/root_default_contexts
--- nsaserefpolicy/config/appconfig-targeted-mcs/root_default_contexts 2007-05-25 09:09:09.000000000 -0400
-+++ serefpolicy-3.0.2/config/appconfig-targeted-mcs/root_default_contexts 2007-07-11 10:06:28.000000000 -0400
++++ serefpolicy-3.0.2/config/appconfig-targeted-mcs/root_default_contexts 2007-07-13 08:07:53.000000000 -0400
@@ -1,2 +1,10 @@
-system_r:unconfined_t:s0 system_r:unconfined_t:s0
-system_r:initrc_t:s0 system_r:unconfined_t:s0
@@ -70,14 +70,14 @@
+
diff --exclude-from=exclude -N -u -r nsaserefpolicy/config/appconfig-targeted-mcs/seusers serefpolicy-3.0.2/config/appconfig-targeted-mcs/seusers
--- nsaserefpolicy/config/appconfig-targeted-mcs/seusers 2007-05-31 15:35:39.000000000 -0400
-+++ serefpolicy-3.0.2/config/appconfig-targeted-mcs/seusers 2007-07-11 10:06:28.000000000 -0400
++++ serefpolicy-3.0.2/config/appconfig-targeted-mcs/seusers 2007-07-13 08:07:53.000000000 -0400
@@ -1,2 +1,2 @@
root:root:s0-mcs_systemhigh
-__default__:user_u:s0
+__default__:system_u:s0
diff --exclude-from=exclude -N -u -r nsaserefpolicy/config/appconfig-targeted-mcs/staff_u_default_contexts serefpolicy-3.0.2/config/appconfig-targeted-mcs/staff_u_default_contexts
--- nsaserefpolicy/config/appconfig-targeted-mcs/staff_u_default_contexts 1969-12-31 19:00:00.000000000 -0500
-+++ serefpolicy-3.0.2/config/appconfig-targeted-mcs/staff_u_default_contexts 2007-07-11 10:06:28.000000000 -0400
++++ serefpolicy-3.0.2/config/appconfig-targeted-mcs/staff_u_default_contexts 2007-07-13 08:07:53.000000000 -0400
@@ -0,0 +1,9 @@
+system_r:local_login_t:s0 staff_r:staff_t:s0 sysadm_r:sysadm_t:s0
+system_r:remote_login_t:s0 staff_r:staff_t:s0
@@ -90,7 +90,7 @@
+sysadm_r:sysadm_sudo_t:s0 sysadm_r:sysadm_t:s0
diff --exclude-from=exclude -N -u -r nsaserefpolicy/config/appconfig-targeted-mcs/user_u_default_contexts serefpolicy-3.0.2/config/appconfig-targeted-mcs/user_u_default_contexts
--- nsaserefpolicy/config/appconfig-targeted-mcs/user_u_default_contexts 1969-12-31 19:00:00.000000000 -0500
-+++ serefpolicy-3.0.2/config/appconfig-targeted-mcs/user_u_default_contexts 2007-07-11 10:06:28.000000000 -0400
++++ serefpolicy-3.0.2/config/appconfig-targeted-mcs/user_u_default_contexts 2007-07-13 08:07:53.000000000 -0400
@@ -0,0 +1,7 @@
+system_r:local_login_t:s0 system_r:unconfined_t:s0 user_r:user_t:s0
+system_r:remote_login_t:s0 system_r:unconfined_t:s0 user_r:user_t:s0
@@ -101,7 +101,7 @@
+user_r:user_sudo_t:s0 system_r:unconfined_t:s0 user_r:user_t:s0
diff --exclude-from=exclude -N -u -r nsaserefpolicy/Makefile serefpolicy-3.0.2/Makefile
--- nsaserefpolicy/Makefile 2007-05-29 13:53:56.000000000 -0400
-+++ serefpolicy-3.0.2/Makefile 2007-07-11 10:06:28.000000000 -0400
++++ serefpolicy-3.0.2/Makefile 2007-07-13 08:07:53.000000000 -0400
@@ -158,8 +158,18 @@
headerdir = $(modpkgdir)/include
docsdir = $(prefix)/share/doc/$(PKGNAME)
@@ -133,7 +133,7 @@
CHECKMODULE += -M
diff --exclude-from=exclude -N -u -r nsaserefpolicy/man/man8/ftpd_selinux.8 serefpolicy-3.0.2/man/man8/ftpd_selinux.8
--- nsaserefpolicy/man/man8/ftpd_selinux.8 2007-05-25 09:09:10.000000000 -0400
-+++ serefpolicy-3.0.2/man/man8/ftpd_selinux.8 2007-07-11 10:06:28.000000000 -0400
++++ serefpolicy-3.0.2/man/man8/ftpd_selinux.8 2007-07-13 08:07:53.000000000 -0400
@@ -12,7 +12,7 @@
.TP
chcon -R -t public_content_t /var/ftp
@@ -145,7 +145,7 @@
.TP
diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/flask/access_vectors serefpolicy-3.0.2/policy/flask/access_vectors
--- nsaserefpolicy/policy/flask/access_vectors 2007-06-19 16:23:34.000000000 -0400
-+++ serefpolicy-3.0.2/policy/flask/access_vectors 2007-07-12 10:05:03.000000000 -0400
++++ serefpolicy-3.0.2/policy/flask/access_vectors 2007-07-13 08:07:53.000000000 -0400
@@ -598,6 +598,8 @@
shmempwd
shmemgrp
@@ -166,7 +166,7 @@
class key
diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/global_tunables serefpolicy-3.0.2/policy/global_tunables
--- nsaserefpolicy/policy/global_tunables 2007-05-29 14:10:59.000000000 -0400
-+++ serefpolicy-3.0.2/policy/global_tunables 2007-07-11 10:06:28.000000000 -0400
++++ serefpolicy-3.0.2/policy/global_tunables 2007-07-13 08:07:53.000000000 -0400
@@ -133,3 +133,10 @@
## </desc>
gen_tunable(write_untrusted_content,false)
@@ -180,7 +180,7 @@
+
diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/mls serefpolicy-3.0.2/policy/mls
--- nsaserefpolicy/policy/mls 2007-07-03 07:06:36.000000000 -0400
-+++ serefpolicy-3.0.2/policy/mls 2007-07-11 10:06:28.000000000 -0400
++++ serefpolicy-3.0.2/policy/mls 2007-07-13 08:07:53.000000000 -0400
@@ -89,12 +89,14 @@
mlsconstrain { file lnk_file fifo_file dir chr_file blk_file sock_file } { write create setattr relabelfrom append unlink link rename mounton }
(( l1 eq l2 ) or
@@ -265,7 +265,7 @@
mlsconstrain association { polmatch }
diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/admin/acct.te serefpolicy-3.0.2/policy/modules/admin/acct.te
--- nsaserefpolicy/policy/modules/admin/acct.te 2007-05-29 14:10:59.000000000 -0400
-+++ serefpolicy-3.0.2/policy/modules/admin/acct.te 2007-07-11 10:06:28.000000000 -0400
++++ serefpolicy-3.0.2/policy/modules/admin/acct.te 2007-07-13 08:07:53.000000000 -0400
@@ -9,6 +9,7 @@
type acct_t;
type acct_exec_t;
@@ -276,7 +276,7 @@
logging_log_file(acct_data_t)
diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/admin/alsa.fc serefpolicy-3.0.2/policy/modules/admin/alsa.fc
--- nsaserefpolicy/policy/modules/admin/alsa.fc 2007-05-29 14:10:59.000000000 -0400
-+++ serefpolicy-3.0.2/policy/modules/admin/alsa.fc 2007-07-11 10:06:28.000000000 -0400
++++ serefpolicy-3.0.2/policy/modules/admin/alsa.fc 2007-07-13 08:07:53.000000000 -0400
@@ -1,4 +1,7 @@
/etc/alsa/pcm(/.*)? gen_context(system_u:object_r:alsa_etc_rw_t,s0)
@@ -287,7 +287,7 @@
+/sbin/alsactl -- gen_context(system_u:object_r:alsa_exec_t,s0)
diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/admin/alsa.te serefpolicy-3.0.2/policy/modules/admin/alsa.te
--- nsaserefpolicy/policy/modules/admin/alsa.te 2007-05-29 14:10:59.000000000 -0400
-+++ serefpolicy-3.0.2/policy/modules/admin/alsa.te 2007-07-11 10:06:28.000000000 -0400
++++ serefpolicy-3.0.2/policy/modules/admin/alsa.te 2007-07-13 08:07:53.000000000 -0400
@@ -20,20 +20,24 @@
# Local policy
#
@@ -333,7 +333,7 @@
+
diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/admin/anaconda.te serefpolicy-3.0.2/policy/modules/admin/anaconda.te
--- nsaserefpolicy/policy/modules/admin/anaconda.te 2007-05-29 14:10:59.000000000 -0400
-+++ serefpolicy-3.0.2/policy/modules/admin/anaconda.te 2007-07-11 10:06:28.000000000 -0400
++++ serefpolicy-3.0.2/policy/modules/admin/anaconda.te 2007-07-13 08:07:53.000000000 -0400
@@ -37,10 +37,6 @@
userdom_generic_user_home_dir_filetrans_generic_user_home_content(anaconda_t,{ dir file lnk_file fifo_file sock_file })
@@ -347,7 +347,7 @@
diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/admin/bootloader.te serefpolicy-3.0.2/policy/modules/admin/bootloader.te
--- nsaserefpolicy/policy/modules/admin/bootloader.te 2007-05-29 14:10:59.000000000 -0400
-+++ serefpolicy-3.0.2/policy/modules/admin/bootloader.te 2007-07-11 10:06:28.000000000 -0400
++++ serefpolicy-3.0.2/policy/modules/admin/bootloader.te 2007-07-13 08:07:53.000000000 -0400
@@ -182,6 +182,7 @@
optional_policy(`
@@ -358,7 +358,7 @@
optional_policy(`
diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/admin/consoletype.te serefpolicy-3.0.2/policy/modules/admin/consoletype.te
--- nsaserefpolicy/policy/modules/admin/consoletype.te 2007-05-29 14:10:59.000000000 -0400
-+++ serefpolicy-3.0.2/policy/modules/admin/consoletype.te 2007-07-11 10:06:28.000000000 -0400
++++ serefpolicy-3.0.2/policy/modules/admin/consoletype.te 2007-07-13 08:07:53.000000000 -0400
@@ -8,12 +8,21 @@
type consoletype_t;
@@ -405,7 +405,7 @@
diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/admin/kudzu.te serefpolicy-3.0.2/policy/modules/admin/kudzu.te
--- nsaserefpolicy/policy/modules/admin/kudzu.te 2007-05-29 14:10:59.000000000 -0400
-+++ serefpolicy-3.0.2/policy/modules/admin/kudzu.te 2007-07-11 10:06:28.000000000 -0400
++++ serefpolicy-3.0.2/policy/modules/admin/kudzu.te 2007-07-13 08:07:53.000000000 -0400
@@ -21,8 +21,8 @@
[...3562 lines suppressed...]
-+## The template for creating a unprivileged login user.
++## The template for creating a unprivileged xwindows login user.
+## </summary>
+## <desc>
+## <p>
@@ -10548,19 +11310,29 @@
+
+userdom_unpriv_login_user($1)
+userdom_xwindows_client_template($1)
++allow xguest_usertype xguest_usertype:unix_stream_socket { create_stream_socket_perms connectto };
+
+auth_exec_pam($1_t)
-+logging_send_syslog_msg($1_t)
++logging_send_syslog_msg($1_usertype)
+
+optional_policy(`
+ alsa_read_rw_config($1_t)
+')
++
+authlogin_per_role_template($1, $1_t, $1_r)
+
+optional_policy(`
-+ dbus_per_role_template($1, $1_t, $1_r)
-+ dbus_system_bus_client_template($1, $1_t)
-+ allow $1_t self:dbus send_msg;
++ dbus_per_role_template($1, $1_usertype, $1_r)
++ dbus_system_bus_client_template($1, $1_usertype)
++ allow $1_usertype self:dbus send_msg;
++')
++
++optional_policy(`
++ java_per_role_template($1, $1_t, $1_r)
++')
++
++optional_policy(`
++ mono_per_role_template($1, $1_t, $1_r)
+')
+
+optional_policy(`
@@ -10571,13 +11343,13 @@
+ setroubleshoot_dontaudit_stream_connect($1_t)
+')
+
-+#dev_read_rand($1_t)
++# gnome keyring wants to read this. Needs to be exlicitly granted
++dev_dontaudit_read_rand($1_usertype)
+
+')
-+')
diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/userdomain.te serefpolicy-3.0.2/policy/modules/system/userdomain.te
--- nsaserefpolicy/policy/modules/system/userdomain.te 2007-07-03 07:06:32.000000000 -0400
-+++ serefpolicy-3.0.2/policy/modules/system/userdomain.te 2007-07-12 10:51:56.000000000 -0400
++++ serefpolicy-3.0.2/policy/modules/system/userdomain.te 2007-07-13 08:07:54.000000000 -0400
@@ -74,6 +74,9 @@
# users home directory contents
attribute home_type;
@@ -10675,9 +11447,37 @@
+tunable_policy(`allow_console_login', `
+ term_use_console(userdomain)
+')
+diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/xen.if serefpolicy-3.0.2/policy/modules/system/xen.if
+--- nsaserefpolicy/policy/modules/system/xen.if 2007-07-03 07:06:32.000000000 -0400
++++ serefpolicy-3.0.2/policy/modules/system/xen.if 2007-07-14 08:55:44.000000000 -0400
+@@ -191,3 +191,24 @@
+
+ domtrans_pattern($1,xm_exec_t,xm_t)
+ ')
++
++########################################
++## <summary>
++## Allow the specified domain to read/write
++## xend image files.
++## </summary>
++## <param name="domain">
++## <summary>
++## Domain allowed to transition.
++## </summary>
++## </param>
++#
++interface(`xen_rw_image_files',`
++ gen_require(`
++ type xen_image_t, xend_var_lib_t;
++ ')
++
++ files_list_var_lib($1)
++ allow $1 xend_var_lib_t:dir search_dir_perms;
++ rw_files_pattern($1,xen_image_t,xen_image_t)
++')
diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/xen.te serefpolicy-3.0.2/policy/modules/system/xen.te
--- nsaserefpolicy/policy/modules/system/xen.te 2007-07-03 07:06:32.000000000 -0400
-+++ serefpolicy-3.0.2/policy/modules/system/xen.te 2007-07-11 10:06:29.000000000 -0400
++++ serefpolicy-3.0.2/policy/modules/system/xen.te 2007-07-13 08:07:54.000000000 -0400
@@ -176,6 +176,7 @@
files_manage_etc_runtime_files(xend_t)
files_etc_filetrans_etc_runtime(xend_t,file)
@@ -10711,17 +11511,17 @@
+fs_read_nfs_symlinks(xend_t)
diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/users/guest.fc serefpolicy-3.0.2/policy/modules/users/guest.fc
--- nsaserefpolicy/policy/modules/users/guest.fc 1969-12-31 19:00:00.000000000 -0500
-+++ serefpolicy-3.0.2/policy/modules/users/guest.fc 2007-07-11 10:06:29.000000000 -0400
++++ serefpolicy-3.0.2/policy/modules/users/guest.fc 2007-07-13 08:07:54.000000000 -0400
@@ -0,0 +1 @@
+# No guest file contexts.
diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/users/guest.if serefpolicy-3.0.2/policy/modules/users/guest.if
--- nsaserefpolicy/policy/modules/users/guest.if 1969-12-31 19:00:00.000000000 -0500
-+++ serefpolicy-3.0.2/policy/modules/users/guest.if 2007-07-11 10:06:29.000000000 -0400
++++ serefpolicy-3.0.2/policy/modules/users/guest.if 2007-07-13 08:07:54.000000000 -0400
@@ -0,0 +1 @@
+## <summary>Policy for guest user</summary>
diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/users/guest.te serefpolicy-3.0.2/policy/modules/users/guest.te
--- nsaserefpolicy/policy/modules/users/guest.te 1969-12-31 19:00:00.000000000 -0500
-+++ serefpolicy-3.0.2/policy/modules/users/guest.te 2007-07-12 17:31:09.000000000 -0400
++++ serefpolicy-3.0.2/policy/modules/users/guest.te 2007-07-13 08:07:54.000000000 -0400
@@ -0,0 +1,5 @@
+policy_module(guest,1.0.0)
+userdom_unpriv_login_user(guest)
@@ -10730,17 +11530,17 @@
+mozilla_per_role_template(xguest, xguest_t, xguest_r)
diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/users/logadm.fc serefpolicy-3.0.2/policy/modules/users/logadm.fc
--- nsaserefpolicy/policy/modules/users/logadm.fc 1969-12-31 19:00:00.000000000 -0500
-+++ serefpolicy-3.0.2/policy/modules/users/logadm.fc 2007-07-11 10:06:29.000000000 -0400
++++ serefpolicy-3.0.2/policy/modules/users/logadm.fc 2007-07-13 08:07:54.000000000 -0400
@@ -0,0 +1 @@
+# No logadm file contexts.
diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/users/logadm.if serefpolicy-3.0.2/policy/modules/users/logadm.if
--- nsaserefpolicy/policy/modules/users/logadm.if 1969-12-31 19:00:00.000000000 -0500
-+++ serefpolicy-3.0.2/policy/modules/users/logadm.if 2007-07-11 10:06:29.000000000 -0400
++++ serefpolicy-3.0.2/policy/modules/users/logadm.if 2007-07-13 08:07:54.000000000 -0400
@@ -0,0 +1 @@
+## <summary>Policy for logadm user</summary>
diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/users/logadm.te serefpolicy-3.0.2/policy/modules/users/logadm.te
--- nsaserefpolicy/policy/modules/users/logadm.te 1969-12-31 19:00:00.000000000 -0500
-+++ serefpolicy-3.0.2/policy/modules/users/logadm.te 2007-07-11 10:06:29.000000000 -0400
++++ serefpolicy-3.0.2/policy/modules/users/logadm.te 2007-07-13 08:07:54.000000000 -0400
@@ -0,0 +1,33 @@
+policy_module(logadm,1.0.0)
+
@@ -10777,22 +11577,22 @@
+files_dontaudit_getattr_all_files(logadm_t)
diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/users/metadata.xml serefpolicy-3.0.2/policy/modules/users/metadata.xml
--- nsaserefpolicy/policy/modules/users/metadata.xml 1969-12-31 19:00:00.000000000 -0500
-+++ serefpolicy-3.0.2/policy/modules/users/metadata.xml 2007-07-11 10:06:29.000000000 -0400
++++ serefpolicy-3.0.2/policy/modules/users/metadata.xml 2007-07-13 08:07:54.000000000 -0400
@@ -0,0 +1 @@
+<summary>Policy modules for users</summary>
diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/users/webadm.fc serefpolicy-3.0.2/policy/modules/users/webadm.fc
--- nsaserefpolicy/policy/modules/users/webadm.fc 1969-12-31 19:00:00.000000000 -0500
-+++ serefpolicy-3.0.2/policy/modules/users/webadm.fc 2007-07-11 10:06:29.000000000 -0400
++++ serefpolicy-3.0.2/policy/modules/users/webadm.fc 2007-07-13 08:07:54.000000000 -0400
@@ -0,0 +1 @@
+# No webadm file contexts.
diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/users/webadm.if serefpolicy-3.0.2/policy/modules/users/webadm.if
--- nsaserefpolicy/policy/modules/users/webadm.if 1969-12-31 19:00:00.000000000 -0500
-+++ serefpolicy-3.0.2/policy/modules/users/webadm.if 2007-07-11 10:06:29.000000000 -0400
++++ serefpolicy-3.0.2/policy/modules/users/webadm.if 2007-07-13 08:07:54.000000000 -0400
@@ -0,0 +1 @@
+## <summary>Policy for webadm user</summary>
diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/users/webadm.te serefpolicy-3.0.2/policy/modules/users/webadm.te
--- nsaserefpolicy/policy/modules/users/webadm.te 1969-12-31 19:00:00.000000000 -0500
-+++ serefpolicy-3.0.2/policy/modules/users/webadm.te 2007-07-11 10:06:29.000000000 -0400
++++ serefpolicy-3.0.2/policy/modules/users/webadm.te 2007-07-13 08:07:54.000000000 -0400
@@ -0,0 +1,70 @@
+policy_module(webadm,1.0.0)
+
@@ -10866,7 +11666,7 @@
+
diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/support/obj_perm_sets.spt serefpolicy-3.0.2/policy/support/obj_perm_sets.spt
--- nsaserefpolicy/policy/support/obj_perm_sets.spt 2007-05-29 14:10:59.000000000 -0400
-+++ serefpolicy-3.0.2/policy/support/obj_perm_sets.spt 2007-07-11 10:06:29.000000000 -0400
++++ serefpolicy-3.0.2/policy/support/obj_perm_sets.spt 2007-07-13 08:07:54.000000000 -0400
@@ -201,7 +201,7 @@
define(`search_dir_perms',`{ getattr search }')
define(`list_dir_perms',`{ getattr search read lock ioctl }')
@@ -10901,7 +11701,7 @@
+
diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/users serefpolicy-3.0.2/policy/users
--- nsaserefpolicy/policy/users 2007-05-31 15:36:08.000000000 -0400
-+++ serefpolicy-3.0.2/policy/users 2007-07-11 10:06:29.000000000 -0400
++++ serefpolicy-3.0.2/policy/users 2007-07-13 08:07:54.000000000 -0400
@@ -16,7 +16,7 @@
# and a user process should never be assigned the system user
# identity.
@@ -10932,7 +11732,7 @@
+gen_user(root, sysadm, sysadm_r staff_r ifdef(`enable_mls',`secadm_r auditadm_r') system_r, s0, s0 - mls_systemhigh, mcs_allcats)
diff --exclude-from=exclude -N -u -r nsaserefpolicy/Rules.modular serefpolicy-3.0.2/Rules.modular
--- nsaserefpolicy/Rules.modular 2007-05-25 09:09:10.000000000 -0400
-+++ serefpolicy-3.0.2/Rules.modular 2007-07-11 10:06:29.000000000 -0400
++++ serefpolicy-3.0.2/Rules.modular 2007-07-13 08:07:54.000000000 -0400
@@ -167,7 +167,7 @@
# these have to run individually because order matters:
$(verbose) $(GREP) '^sid ' $(tmpdir)/all_te_files.conf >> $(tmpdir)/all_post.conf || true
@@ -10961,7 +11761,7 @@
clean:
diff --exclude-from=exclude -N -u -r nsaserefpolicy/support/Makefile.devel serefpolicy-3.0.2/support/Makefile.devel
--- nsaserefpolicy/support/Makefile.devel 2007-05-29 13:53:56.000000000 -0400
-+++ serefpolicy-3.0.2/support/Makefile.devel 2007-07-11 10:06:29.000000000 -0400
++++ serefpolicy-3.0.2/support/Makefile.devel 2007-07-13 08:07:54.000000000 -0400
@@ -24,7 +24,7 @@
XMLLINT := $(BINDIR)/xmllint
Index: selinux-policy.spec
===================================================================
RCS file: /cvs/extras/rpms/selinux-policy/devel/selinux-policy.spec,v
retrieving revision 1.473
retrieving revision 1.474
diff -u -r1.473 -r1.474
--- selinux-policy.spec 12 Jul 2007 21:37:30 -0000 1.473
+++ selinux-policy.spec 14 Jul 2007 12:56:45 -0000 1.474
@@ -17,7 +17,7 @@
Summary: SELinux policy configuration
Name: selinux-policy
Version: 3.0.2
-Release: 7%{?dist}
+Release: 8%{?dist}
License: GPL
Group: System Environment/Base
Source: serefpolicy-%{version}.tgz
@@ -288,6 +288,7 @@
%saveFileContext targeted
%post targeted
+semodule -r moilscanner 2>/dev/null
%loadpolicy targeted
%relabel targeted
exit 0
@@ -356,6 +357,9 @@
%endif
%changelog
+* Sat Jul 14 2007 Dan Walsh <dwalsh at redhat.com> 3.0.2-8
+- Fix moilscanner update problem
+
* Thu Jul 12 2007 Dan Walsh <dwalsh at redhat.com> 3.0.2-7
- Begin adding policy to separate setsebool from semanage
- Fix xserver.if definition to not break sepolgen.if
More information about the scm-commits
mailing list