rpms/selinux-policy/devel policy-20080710.patch,1.59,1.60
Daniel J Walsh
dwalsh at fedoraproject.org
Thu Oct 9 11:58:32 UTC 2008
- Previous message: rpms/squid/devel squid.logrotate,1.1,1.2 squid.spec,1.105,1.106
- Next message: rpms/selinux-policy/devel booleans-minimum.conf, NONE, 1.1 modules-minimum.conf, NONE, 1.1 securetty_types-minimum, NONE, 1.1 setrans-minimum.conf, NONE, 1.1
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
Author: dwalsh
Update of /cvs/extras/rpms/selinux-policy/devel
In directory cvs1.fedora.phx.redhat.com:/tmp/cvs-serv9440
Modified Files:
policy-20080710.patch
Log Message:
* Wed Oct 8 2008 Dan Walsh <dwalsh at redhat.com> 3.5.11-1
- Update to upstream policy
policy-20080710.patch:
Index: policy-20080710.patch
===================================================================
RCS file: /cvs/extras/rpms/selinux-policy/devel/policy-20080710.patch,v
retrieving revision 1.59
retrieving revision 1.60
diff -u -r1.59 -r1.60
--- policy-20080710.patch 9 Oct 2008 10:48:56 -0000 1.59
+++ policy-20080710.patch 9 Oct 2008 11:58:31 -0000 1.60
@@ -1860,7 +1860,7 @@
/var/run/vpnc(/.*)? gen_context(system_u:object_r:vpnc_var_run_t,s0)
diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/admin/vpn.te serefpolicy-3.5.11/policy/modules/admin/vpn.te
--- nsaserefpolicy/policy/modules/admin/vpn.te 2008-10-08 19:00:27.000000000 -0400
-+++ serefpolicy-3.5.11/policy/modules/admin/vpn.te 2008-10-08 20:36:17.000000000 -0400
++++ serefpolicy-3.5.11/policy/modules/admin/vpn.te 2008-10-09 07:44:03.000000000 -0400
@@ -23,7 +23,7 @@
#
@@ -1870,16 +1870,15 @@
allow vpnc_t self:fifo_file rw_fifo_file_perms;
allow vpnc_t self:netlink_route_socket rw_netlink_socket_perms;
allow vpnc_t self:tcp_socket create_stream_socket_perms;
-@@ -44,8 +44,7 @@
+@@ -44,7 +44,7 @@
kernel_read_system_state(vpnc_t)
kernel_read_network_state(vpnc_t)
-kernel_read_kernel_sysctls(vpnc_t)
--kernel_rw_net_sysctls(vpnc_t)
+kernel_read_all_sysctls(vpnc_t)
+ kernel_rw_net_sysctls(vpnc_t)
corenet_all_recvfrom_unlabeled(vpnc_t)
- corenet_all_recvfrom_netlabel(vpnc_t)
diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/apps/ethereal.fc serefpolicy-3.5.11/policy/modules/apps/ethereal.fc
--- nsaserefpolicy/policy/modules/apps/ethereal.fc 2008-08-07 11:15:03.000000000 -0400
+++ serefpolicy-3.5.11/policy/modules/apps/ethereal.fc 2008-10-08 20:36:17.000000000 -0400
@@ -15951,7 +15950,7 @@
+/var/tmp/host_0 -- gen_context(system_u:object_r:krb5_host_rcache_t,s0)
diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/kerberos.if serefpolicy-3.5.11/policy/modules/services/kerberos.if
--- nsaserefpolicy/policy/modules/services/kerberos.if 2008-08-07 11:15:11.000000000 -0400
-+++ serefpolicy-3.5.11/policy/modules/services/kerberos.if 2008-10-08 21:22:20.000000000 -0400
++++ serefpolicy-3.5.11/policy/modules/services/kerberos.if 2008-10-09 07:56:36.000000000 -0400
@@ -23,6 +23,43 @@
########################################
@@ -16122,7 +16121,7 @@
+## Domain allowed access.
+## </summary>
+## </param>
-+ ## <param name="role">
++## <param name="role">
+## <summary>
+## The role to be allowed to manage the kerberos domain.
+## </summary>
@@ -27937,7 +27936,7 @@
+')
diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/modutils.te serefpolicy-3.5.11/policy/modules/system/modutils.te
--- nsaserefpolicy/policy/modules/system/modutils.te 2008-09-12 10:48:05.000000000 -0400
-+++ serefpolicy-3.5.11/policy/modules/system/modutils.te 2008-10-08 20:36:17.000000000 -0400
++++ serefpolicy-3.5.11/policy/modules/system/modutils.te 2008-10-09 07:40:52.000000000 -0400
@@ -42,7 +42,7 @@
# insmod local policy
#
@@ -28027,7 +28026,7 @@
optional_policy(`
unconfined_dontaudit_rw_pipes(insmod_t)
-+ unconfined_dontaudit_use_terminals(insmod_t)
++ unconfined_dontaudit_use_terms(insmod_t)
')
optional_policy(`
@@ -28057,7 +28056,7 @@
optional_policy(`
# Read System.map from home directories.
- unconfined_read_home_content_files(depmod_t)
-+ unconfined_dontaudit_use_terminals(depmod_t)
++ unconfined_dontaudit_use_terms(depmod_t)
+ unconfined_domain(depmod_t)
')
- Previous message: rpms/squid/devel squid.logrotate,1.1,1.2 squid.spec,1.105,1.106
- Next message: rpms/selinux-policy/devel booleans-minimum.conf, NONE, 1.1 modules-minimum.conf, NONE, 1.1 securetty_types-minimum, NONE, 1.1 setrans-minimum.conf, NONE, 1.1
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
More information about the scm-commits
mailing list