rpms/selinux-policy/F-8 policy-20070703.patch,1.123,1.124
Daniel J Walsh (dwalsh)
fedora-extras-commits at redhat.com
Tue Nov 6 21:51:13 UTC 2007
- Previous message: rpms/scorched3d/devel scorched3d-41.1-64bit.patch, NONE, 1.1 .cvsignore, 1.6, 1.7 scorched3d-help.patch, 1.4, 1.5 scorched3d-syslibs.patch, 1.5, 1.6 scorched3d.spec, 1.25, 1.26 sources, 1.6, 1.7 scorched3d-openal.patch, 1.2, NONE scorched3d-wx26.patch, 1.2, NONE scorched3d-wx28.patch, 1.1, NONE
- Next message: rpms/kdepim/F-7 kdepim.spec,1.130,1.131
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
Author: dwalsh
Update of /cvs/extras/rpms/selinux-policy/F-8
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv8139
Modified Files:
policy-20070703.patch
Log Message:
* Tue Nov 6 2007 Dan Walsh <dwalsh at redhat.com> 3.0.8-47
- Allow all dns_resolves to use avahi stream
- Don't transition from unconfined_t to ping_t
policy-20070703.patch:
Index: policy-20070703.patch
===================================================================
RCS file: /cvs/extras/rpms/selinux-policy/F-8/policy-20070703.patch,v
retrieving revision 1.123
retrieving revision 1.124
diff -u -r1.123 -r1.124
--- policy-20070703.patch 6 Nov 2007 21:06:39 -0000 1.123
+++ policy-20070703.patch 6 Nov 2007 21:51:09 -0000 1.124
@@ -8529,7 +8529,7 @@
+/var/tmp/host_0 -- gen_context(system_u:object_r:krb5_host_rcache_t,s0)
diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/kerberos.if serefpolicy-3.0.8/policy/modules/services/kerberos.if
--- nsaserefpolicy/policy/modules/services/kerberos.if 2007-10-22 13:21:39.000000000 -0400
-+++ serefpolicy-3.0.8/policy/modules/services/kerberos.if 2007-10-29 23:59:29.000000000 -0400
++++ serefpolicy-3.0.8/policy/modules/services/kerberos.if 2007-11-06 16:45:48.000000000 -0500
@@ -42,6 +42,10 @@
dontaudit $1 krb5_conf_t:file write;
dontaudit $1 krb5kdc_conf_t:dir list_dir_perms;
@@ -8541,6 +8541,17 @@
tunable_policy(`allow_kerberos',`
allow $1 self:tcp_socket create_socket_perms;
+@@ -62,8 +66,8 @@
+ corenet_sendrecv_kerberos_client_packets($1)
+ corenet_sendrecv_ocsp_client_packets($1)
+
+- sysnet_read_config($1)
+- sysnet_dns_name_resolve($1)
++# sysnet_read_config($1)
++# sysnet_dns_name_resolve($1)
+ ')
+
+ optional_policy(`
@@ -172,3 +176,51 @@
allow $1 krb5kdc_conf_t:file read_file_perms;
- Previous message: rpms/scorched3d/devel scorched3d-41.1-64bit.patch, NONE, 1.1 .cvsignore, 1.6, 1.7 scorched3d-help.patch, 1.4, 1.5 scorched3d-syslibs.patch, 1.5, 1.6 scorched3d.spec, 1.25, 1.26 sources, 1.6, 1.7 scorched3d-openal.patch, 1.2, NONE scorched3d-wx26.patch, 1.2, NONE scorched3d-wx28.patch, 1.1, NONE
- Next message: rpms/kdepim/F-7 kdepim.spec,1.130,1.131
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
More information about the scm-commits
mailing list