rpms/selinux-policy/F-9 policy-20071130.patch, 1.252, 1.253 selinux-policy.spec, 1.738, 1.739
Miroslav Grepl
mgrepl at fedoraproject.org
Fri Feb 13 14:09:59 UTC 2009
- Previous message: rpms/html2text/devel 200-close-files-inside-main-loop.patch, NONE, 1.1 400-remove-builtin-http-support.patch, NONE, 1.1 500-utf8-support.patch, NONE, 1.1 510-disable-backspaces.patch, NONE, 1.1 600-multiple-meta-tags.patch, NONE, 1.1 611-recognize-input-encoding.patch, NONE, 1.1 630-recode-output-to-locale-charset.patch, NONE, 1.1 800-replace-zeroes-with-null.patch, NONE, 1.1 810-fix-deprecated-conversion-warnings.patch, NONE, 1.1 html2text.spec, NONE, 1.1 import.log, NONE, 1.1 .cvsignore, 1.1, 1.2 sources, 1.1, 1.2
- Next message: rpms/dwarves/devel .cvsignore, 1.4, 1.5 dwarves.spec, 1.3, 1.4 sources, 1.4, 1.5
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
Author: mgrepl
Update of /cvs/extras/rpms/selinux-policy/F-9
In directory cvs1.fedora.phx.redhat.com:/tmp/cvs-serv30271
Modified Files:
policy-20071130.patch selinux-policy.spec
Log Message:
- Allow cron read/write to system job pipes
policy-20071130.patch:
Index: policy-20071130.patch
===================================================================
RCS file: /cvs/extras/rpms/selinux-policy/F-9/policy-20071130.patch,v
retrieving revision 1.252
retrieving revision 1.253
diff -u -r1.252 -r1.253
--- policy-20071130.patch 13 Feb 2009 13:04:06 -0000 1.252
+++ policy-20071130.patch 13 Feb 2009 14:09:56 -0000 1.253
@@ -642246,7 +642246,7 @@
## all protocols (TCP, UDP, etc)
diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/kernel/domain.te serefpolicy-3.3.1/policy/modules/kernel/domain.te
--- nsaserefpolicy/policy/modules/kernel/domain.te 2008-02-26 14:23:11.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/kernel/domain.te 2009-02-12 22:21:57.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/kernel/domain.te 2009-02-13 14:52:09.000000000 +0100
@@ -5,6 +5,13 @@
#
# Declarations
@@ -642278,7 +642278,7 @@
allow unconfined_domain_type domain:lnk_file { read_lnk_file_perms ioctl lock };
# act on all domains keys
-@@ -148,3 +156,40 @@
+@@ -148,3 +156,41 @@
# receive from all domains over labeled networking
domain_all_recvfrom_all_domains(unconfined_domain_type)
@@ -642291,6 +642291,7 @@
+optional_policy(`
+ cron_dontaudit_write_system_job_tmp_files(domain)
+ cron_rw_pipes(domain)
++ cron_rw_system_job_pipes(domain)
+ifdef(`hide_broken_symptoms', `
+ cron_dontaudit_rw_tcp_sockets(domain)
+ allow domain domain:key { link search };
Index: selinux-policy.spec
===================================================================
RCS file: /cvs/extras/rpms/selinux-policy/F-9/selinux-policy.spec,v
retrieving revision 1.738
retrieving revision 1.739
diff -u -r1.738 -r1.739
--- selinux-policy.spec 13 Feb 2009 13:04:08 -0000 1.738
+++ selinux-policy.spec 13 Feb 2009 14:09:57 -0000 1.739
@@ -20,7 +20,7 @@
Summary: SELinux policy configuration
Name: selinux-policy
Version: 3.3.1
-Release: 122%{?dist}
+Release: 123%{?dist}
License: GPLv2+
Group: System Environment/Base
Source: serefpolicy-%{version}.tgz
@@ -444,6 +444,9 @@
%endif
%changelog
+* Fri Feb 13 2009 Miroslav Grepl <mgrepl at redhat.com> 3.3.1-123
+- Allow cron read/write to system job pipes
+
* Fri Feb 13 2009 Miroslav Grepl <mgrepl at redhat.com> 3.3.1-122
- Fix mysql policy
- Fix qemu policy
- Previous message: rpms/html2text/devel 200-close-files-inside-main-loop.patch, NONE, 1.1 400-remove-builtin-http-support.patch, NONE, 1.1 500-utf8-support.patch, NONE, 1.1 510-disable-backspaces.patch, NONE, 1.1 600-multiple-meta-tags.patch, NONE, 1.1 611-recognize-input-encoding.patch, NONE, 1.1 630-recode-output-to-locale-charset.patch, NONE, 1.1 800-replace-zeroes-with-null.patch, NONE, 1.1 810-fix-deprecated-conversion-warnings.patch, NONE, 1.1 html2text.spec, NONE, 1.1 import.log, NONE, 1.1 .cvsignore, 1.1, 1.2 sources, 1.1, 1.2
- Next message: rpms/dwarves/devel .cvsignore, 1.4, 1.5 dwarves.spec, 1.3, 1.4 sources, 1.4, 1.5
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
More information about the scm-commits
mailing list