rpms/selinux-policy/devel policy-20080710.patch,1.59,1.60

Daniel J Walsh dwalsh at fedoraproject.org
Thu Oct 9 11:58:32 UTC 2008 

Author: dwalsh

Update of /cvs/extras/rpms/selinux-policy/devel
In directory cvs1.fedora.phx.redhat.com:/tmp/cvs-serv9440

Modified Files:
	policy-20080710.patch 
Log Message:
* Wed Oct 8 2008 Dan Walsh <dwalsh at redhat.com> 3.5.11-1
- Update to upstream policy


policy-20080710.patch:

Index: policy-20080710.patch
===================================================================
RCS file: /cvs/extras/rpms/selinux-policy/devel/policy-20080710.patch,v
retrieving revision 1.59
retrieving revision 1.60
diff -u -r1.59 -r1.60
--- policy-20080710.patch	9 Oct 2008 10:48:56 -0000	1.59
+++ policy-20080710.patch	9 Oct 2008 11:58:31 -0000	1.60
@@ -1860,7 +1860,7 @@
  /var/run/vpnc(/.*)?		gen_context(system_u:object_r:vpnc_var_run_t,s0)
 diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/admin/vpn.te serefpolicy-3.5.11/policy/modules/admin/vpn.te
 --- nsaserefpolicy/policy/modules/admin/vpn.te	2008-10-08 19:00:27.000000000 -0400
-+++ serefpolicy-3.5.11/policy/modules/admin/vpn.te	2008-10-08 20:36:17.000000000 -0400
++++ serefpolicy-3.5.11/policy/modules/admin/vpn.te	2008-10-09 07:44:03.000000000 -0400
 @@ -23,7 +23,7 @@
  #
  
@@ -1870,16 +1870,15 @@
  allow vpnc_t self:fifo_file rw_fifo_file_perms;
  allow vpnc_t self:netlink_route_socket rw_netlink_socket_perms;
  allow vpnc_t self:tcp_socket create_stream_socket_perms;
-@@ -44,8 +44,7 @@
+@@ -44,7 +44,7 @@
  
  kernel_read_system_state(vpnc_t)
  kernel_read_network_state(vpnc_t)
 -kernel_read_kernel_sysctls(vpnc_t)
--kernel_rw_net_sysctls(vpnc_t)
 +kernel_read_all_sysctls(vpnc_t)
+ kernel_rw_net_sysctls(vpnc_t)
  
  corenet_all_recvfrom_unlabeled(vpnc_t)
- corenet_all_recvfrom_netlabel(vpnc_t)
 diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/apps/ethereal.fc serefpolicy-3.5.11/policy/modules/apps/ethereal.fc
 --- nsaserefpolicy/policy/modules/apps/ethereal.fc	2008-08-07 11:15:03.000000000 -0400
 +++ serefpolicy-3.5.11/policy/modules/apps/ethereal.fc	2008-10-08 20:36:17.000000000 -0400
@@ -15951,7 +15950,7 @@
 +/var/tmp/host_0			-- 	gen_context(system_u:object_r:krb5_host_rcache_t,s0)
 diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/kerberos.if serefpolicy-3.5.11/policy/modules/services/kerberos.if
 --- nsaserefpolicy/policy/modules/services/kerberos.if	2008-08-07 11:15:11.000000000 -0400
-+++ serefpolicy-3.5.11/policy/modules/services/kerberos.if	2008-10-08 21:22:20.000000000 -0400
++++ serefpolicy-3.5.11/policy/modules/services/kerberos.if	2008-10-09 07:56:36.000000000 -0400
 @@ -23,6 +23,43 @@
  
  ########################################
@@ -16122,7 +16121,7 @@
 +##	Domain allowed access.
 +##	</summary>
 +## </param>
-+ ## <param name="role">
++## <param name="role">
 +##	<summary>
 +##	The role to be allowed to manage the kerberos domain.
 +##	</summary>
@@ -27937,7 +27936,7 @@
 +')
 diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/modutils.te serefpolicy-3.5.11/policy/modules/system/modutils.te
 --- nsaserefpolicy/policy/modules/system/modutils.te	2008-09-12 10:48:05.000000000 -0400
-+++ serefpolicy-3.5.11/policy/modules/system/modutils.te	2008-10-08 20:36:17.000000000 -0400
++++ serefpolicy-3.5.11/policy/modules/system/modutils.te	2008-10-09 07:40:52.000000000 -0400
 @@ -42,7 +42,7 @@
  # insmod local policy
  #
@@ -28027,7 +28026,7 @@
  
  optional_policy(`
  	unconfined_dontaudit_rw_pipes(insmod_t)
-+	unconfined_dontaudit_use_terminals(insmod_t)
++	unconfined_dontaudit_use_terms(insmod_t)
  ')
  
  optional_policy(`
@@ -28057,7 +28056,7 @@
  optional_policy(`
  	# Read System.map from home directories.
 -	unconfined_read_home_content_files(depmod_t)
-+	unconfined_dontaudit_use_terminals(depmod_t)
++	unconfined_dontaudit_use_terms(depmod_t)
 +	unconfined_domain(depmod_t)
  ')

More information about the scm-commits mailing list