rpms/selinux-policy/devel modules-minimum.conf, 1.18, 1.19 modules-mls.conf, 1.52, 1.53 modules-targeted.conf, 1.120, 1.121 nsadiff, 1.2, 1.3 policy-20090105.patch, 1.65, 1.66 selinux-policy.spec, 1.808, 1.809
Daniel J Walsh
dwalsh at fedoraproject.org
Fri Mar 20 18:19:22 UTC 2009
Author: dwalsh
Update of /cvs/extras/rpms/selinux-policy/devel
In directory cvs1.fedora.phx.redhat.com:/tmp/cvs-serv31133
Modified Files:
modules-minimum.conf modules-mls.conf modules-targeted.conf
nsadiff policy-20090105.patch selinux-policy.spec
Log Message:
* Thu Mar 19 2009 Dan Walsh <dwalsh at redhat.com> 3.6.10-1
- Add xenner and wine fixes from mgrepl
Index: modules-minimum.conf
===================================================================
RCS file: /cvs/extras/rpms/selinux-policy/devel/modules-minimum.conf,v
retrieving revision 1.18
retrieving revision 1.19
diff -u -r1.18 -r1.19
--- modules-minimum.conf 9 Mar 2009 21:17:23 -0000 1.18
+++ modules-minimum.conf 20 Mar 2009 18:18:50 -0000 1.19
@@ -743,6 +743,13 @@
#
lpd = module
+# Layer: services
+# Module: lircd
+#
+# LIRC daemon - decodes infrared signals and provides them on a Unix domain socket.
+#
+lircd = module
+
# Layer: system
# Module: lvm
#
Index: modules-mls.conf
===================================================================
RCS file: /cvs/extras/rpms/selinux-policy/devel/modules-mls.conf,v
retrieving revision 1.52
retrieving revision 1.53
diff -u -r1.52 -r1.53
--- modules-mls.conf 9 Mar 2009 21:17:23 -0000 1.52
+++ modules-mls.conf 20 Mar 2009 18:18:50 -0000 1.53
@@ -674,6 +674,13 @@
# Layer: services
+# Module: lircd
+#
+# LIRC daemon - decodes infrared signals and provides them on a Unix domain socket.
+#
+lircd = module
+
+# Layer: services
# Module: ldap
#
# OpenLDAP directory server
Index: modules-targeted.conf
===================================================================
RCS file: /cvs/extras/rpms/selinux-policy/devel/modules-targeted.conf,v
retrieving revision 1.120
retrieving revision 1.121
diff -u -r1.120 -r1.121
--- modules-targeted.conf 9 Mar 2009 21:17:23 -0000 1.120
+++ modules-targeted.conf 20 Mar 2009 18:18:50 -0000 1.121
@@ -743,6 +743,13 @@
#
lpd = module
+# Layer: services
+# Module: lircd
+#
+# LIRC daemon - decodes infrared signals and provides them on a Unix domain socket.
+#
+lircd = module
+
# Layer: system
# Module: lvm
#
Index: nsadiff
===================================================================
RCS file: /cvs/extras/rpms/selinux-policy/devel/nsadiff,v
retrieving revision 1.2
retrieving revision 1.3
diff -u -r1.2 -r1.3
--- nsadiff 12 Mar 2009 15:33:12 -0000 1.2
+++ nsadiff 20 Mar 2009 18:18:50 -0000 1.3
@@ -1 +1 @@
-diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy serefpolicy-3.6.9 > /tmp/diff
+diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy serefpolicy-3.6.10 > /tmp/diff
policy-20090105.patch:
View full diff with command:
/usr/bin/cvs -f diff -kk -u -N -r 1.65 -r 1.66 policy-20090105.patch
Index: policy-20090105.patch
===================================================================
RCS file: /cvs/extras/rpms/selinux-policy/devel/policy-20090105.patch,v
retrieving revision 1.65
retrieving revision 1.66
diff -u -r1.65 -r1.66
--- policy-20090105.patch 18 Mar 2009 19:34:57 -0000 1.65
+++ policy-20090105.patch 20 Mar 2009 18:18:51 -0000 1.66
@@ -1,6 +1,6 @@
-diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/config/appconfig-mcs/default_contexts serefpolicy-3.6.9/config/appconfig-mcs/default_contexts
+diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/config/appconfig-mcs/default_contexts serefpolicy-3.6.10/config/appconfig-mcs/default_contexts
--- nsaserefpolicy/config/appconfig-mcs/default_contexts 2008-11-11 16:13:50.000000000 -0500
-+++ serefpolicy-3.6.9/config/appconfig-mcs/default_contexts 2009-03-12 13:35:00.000000000 -0400
++++ serefpolicy-3.6.10/config/appconfig-mcs/default_contexts 2009-03-20 12:49:56.000000000 -0400
@@ -1,15 +1,6 @@
-system_r:crond_t:s0 user_r:cronjob_t:s0 staff_r:cronjob_t:s0 sysadm_r:cronjob_t:s0 system_r:cronjob_t:s0 unconfined_r:unconfined_cronjob_t:s0
-system_r:local_login_t:s0 user_r:user_t:s0 staff_r:staff_t:s0 sysadm_r:sysadm_t:s0 unconfined_r:unconfined_t:s0
@@ -22,15 +22,15 @@
-user_r:user_su_t:s0 user_r:user_t:s0 staff_r:staff_t:s0 sysadm_r:sysadm_t:s0
-user_r:user_sudo_t:s0 sysadm_r:sysadm_t:s0 user_r:user_t:s0
+system_r:xdm_t:s0 user_r:user_t:s0
-diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/config/appconfig-mcs/failsafe_context serefpolicy-3.6.9/config/appconfig-mcs/failsafe_context
+diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/config/appconfig-mcs/failsafe_context serefpolicy-3.6.10/config/appconfig-mcs/failsafe_context
--- nsaserefpolicy/config/appconfig-mcs/failsafe_context 2008-08-07 11:15:14.000000000 -0400
-+++ serefpolicy-3.6.9/config/appconfig-mcs/failsafe_context 2009-03-12 13:35:00.000000000 -0400
++++ serefpolicy-3.6.10/config/appconfig-mcs/failsafe_context 2009-03-20 12:49:56.000000000 -0400
@@ -1 +1 @@
-sysadm_r:sysadm_t:s0
+system_r:unconfined_t:s0
-diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/config/appconfig-mcs/guest_u_default_contexts serefpolicy-3.6.9/config/appconfig-mcs/guest_u_default_contexts
+diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/config/appconfig-mcs/guest_u_default_contexts serefpolicy-3.6.10/config/appconfig-mcs/guest_u_default_contexts
--- nsaserefpolicy/config/appconfig-mcs/guest_u_default_contexts 1969-12-31 19:00:00.000000000 -0500
-+++ serefpolicy-3.6.9/config/appconfig-mcs/guest_u_default_contexts 2009-03-12 13:35:00.000000000 -0400
++++ serefpolicy-3.6.10/config/appconfig-mcs/guest_u_default_contexts 2009-03-20 12:49:56.000000000 -0400
@@ -0,0 +1,6 @@
+system_r:local_login_t:s0 guest_r:guest_t:s0
+system_r:remote_login_t:s0 guest_r:guest_t:s0
@@ -38,9 +38,9 @@
+system_r:crond_t:s0 guest_r:guest_t:s0
+system_r:initrc_su_t:s0 guest_r:guest_t:s0
+guest_r:guest_t:s0 guest_r:guest_t:s0
-diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/config/appconfig-mcs/root_default_contexts serefpolicy-3.6.9/config/appconfig-mcs/root_default_contexts
+diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/config/appconfig-mcs/root_default_contexts serefpolicy-3.6.10/config/appconfig-mcs/root_default_contexts
--- nsaserefpolicy/config/appconfig-mcs/root_default_contexts 2008-11-11 16:13:50.000000000 -0500
-+++ serefpolicy-3.6.9/config/appconfig-mcs/root_default_contexts 2009-03-12 13:35:00.000000000 -0400
++++ serefpolicy-3.6.10/config/appconfig-mcs/root_default_contexts 2009-03-20 12:49:56.000000000 -0400
@@ -1,11 +1,7 @@
-system_r:crond_t:s0 unconfined_r:unconfined_t:s0 sysadm_r:cronjob_t:s0 staff_r:cronjob_t:s0 user_r:cronjob_t:s0
+system_r:crond_t:s0 unconfined_r:unconfined_t:s0 sysadm_r:sysadm_t:s0 staff_r:staff_t:s0 user_r:user_t:s0
@@ -55,18 +55,18 @@
#
-#system_r:sshd_t:s0 unconfined_r:unconfined_t:s0 sysadm_r:sysadm_t:s0 staff_r:staff_t:s0 user_r:user_t:s0
+system_r:sshd_t:s0 unconfined_r:unconfined_t:s0 sysadm_r:sysadm_t:s0 staff_r:staff_t:s0 user_r:user_t:s0
-diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/config/appconfig-mcs/seusers serefpolicy-3.6.9/config/appconfig-mcs/seusers
+diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/config/appconfig-mcs/seusers serefpolicy-3.6.10/config/appconfig-mcs/seusers
--- nsaserefpolicy/config/appconfig-mcs/seusers 2008-08-07 11:15:14.000000000 -0400
-+++ serefpolicy-3.6.9/config/appconfig-mcs/seusers 2009-03-12 13:35:00.000000000 -0400
++++ serefpolicy-3.6.10/config/appconfig-mcs/seusers 2009-03-20 12:49:56.000000000 -0400
@@ -1,3 +1,3 @@
system_u:system_u:s0-mcs_systemhigh
-root:root:s0-mcs_systemhigh
-__default__:user_u:s0
+root:unconfined_u:s0-mcs_systemhigh
+__default__:unconfined_u:s0-mcs_systemhigh
-diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/config/appconfig-mcs/staff_u_default_contexts serefpolicy-3.6.9/config/appconfig-mcs/staff_u_default_contexts
+diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/config/appconfig-mcs/staff_u_default_contexts serefpolicy-3.6.10/config/appconfig-mcs/staff_u_default_contexts
--- nsaserefpolicy/config/appconfig-mcs/staff_u_default_contexts 2008-11-11 16:13:50.000000000 -0500
-+++ serefpolicy-3.6.9/config/appconfig-mcs/staff_u_default_contexts 2009-03-12 13:35:00.000000000 -0400
++++ serefpolicy-3.6.10/config/appconfig-mcs/staff_u_default_contexts 2009-03-20 12:49:56.000000000 -0400
@@ -1,10 +1,12 @@
system_r:local_login_t:s0 staff_r:staff_t:s0 sysadm_r:sysadm_t:s0
system_r:remote_login_t:s0 staff_r:staff_t:s0
@@ -81,9 +81,9 @@
sysadm_r:sysadm_su_t:s0 sysadm_r:sysadm_t:s0
sysadm_r:sysadm_sudo_t:s0 sysadm_r:sysadm_t:s0
-diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/config/appconfig-mcs/unconfined_u_default_contexts serefpolicy-3.6.9/config/appconfig-mcs/unconfined_u_default_contexts
+diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/config/appconfig-mcs/unconfined_u_default_contexts serefpolicy-3.6.10/config/appconfig-mcs/unconfined_u_default_contexts
--- nsaserefpolicy/config/appconfig-mcs/unconfined_u_default_contexts 2008-11-11 16:13:50.000000000 -0500
-+++ serefpolicy-3.6.9/config/appconfig-mcs/unconfined_u_default_contexts 2009-03-12 13:35:00.000000000 -0400
++++ serefpolicy-3.6.10/config/appconfig-mcs/unconfined_u_default_contexts 2009-03-20 12:49:56.000000000 -0400
@@ -1,4 +1,4 @@
-system_r:crond_t:s0 unconfined_r:unconfined_t:s0 unconfined_r:unconfined_cronjob_t:s0
+system_r:crond_t:s0 unconfined_r:unconfined_t:s0
@@ -97,15 +97,15 @@
+system_r:initrc_su_t:s0 unconfined_r:unconfined_t:s0
+unconfined_r:unconfined_t:s0 unconfined_r:unconfined_t:s0
system_r:xdm_t:s0 unconfined_r:unconfined_t:s0
-diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/config/appconfig-mcs/userhelper_context serefpolicy-3.6.9/config/appconfig-mcs/userhelper_context
+diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/config/appconfig-mcs/userhelper_context serefpolicy-3.6.10/config/appconfig-mcs/userhelper_context
--- nsaserefpolicy/config/appconfig-mcs/userhelper_context 2008-08-07 11:15:14.000000000 -0400
-+++ serefpolicy-3.6.9/config/appconfig-mcs/userhelper_context 2009-03-12 13:35:00.000000000 -0400
++++ serefpolicy-3.6.10/config/appconfig-mcs/userhelper_context 2009-03-20 12:49:56.000000000 -0400
@@ -1 +1 @@
-system_u:sysadm_r:sysadm_t:s0
+system_u:system_r:unconfined_t:s0
-diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/config/appconfig-mcs/user_u_default_contexts serefpolicy-3.6.9/config/appconfig-mcs/user_u_default_contexts
+diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/config/appconfig-mcs/user_u_default_contexts serefpolicy-3.6.10/config/appconfig-mcs/user_u_default_contexts
--- nsaserefpolicy/config/appconfig-mcs/user_u_default_contexts 2008-11-11 16:13:50.000000000 -0500
-+++ serefpolicy-3.6.9/config/appconfig-mcs/user_u_default_contexts 2009-03-12 13:35:00.000000000 -0400
++++ serefpolicy-3.6.10/config/appconfig-mcs/user_u_default_contexts 2009-03-20 12:49:56.000000000 -0400
@@ -1,8 +1,9 @@
system_r:local_login_t:s0 user_r:user_t:s0
system_r:remote_login_t:s0 user_r:user_t:s0
@@ -118,19 +118,19 @@
-
+system_r:initrc_su_t:s0 user_r:user_t:s0
+user_r:user_t:s0 user_r:user_t:s0
-diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/config/appconfig-mcs/virtual_domain_context serefpolicy-3.6.9/config/appconfig-mcs/virtual_domain_context
+diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/config/appconfig-mcs/virtual_domain_context serefpolicy-3.6.10/config/appconfig-mcs/virtual_domain_context
--- nsaserefpolicy/config/appconfig-mcs/virtual_domain_context 1969-12-31 19:00:00.000000000 -0500
-+++ serefpolicy-3.6.9/config/appconfig-mcs/virtual_domain_context 2009-03-12 13:35:00.000000000 -0400
++++ serefpolicy-3.6.10/config/appconfig-mcs/virtual_domain_context 2009-03-20 12:49:56.000000000 -0400
@@ -0,0 +1 @@
+system_u:system_r:svirt_t:s0
-diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/config/appconfig-mcs/virtual_image_context serefpolicy-3.6.9/config/appconfig-mcs/virtual_image_context
+diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/config/appconfig-mcs/virtual_image_context serefpolicy-3.6.10/config/appconfig-mcs/virtual_image_context
--- nsaserefpolicy/config/appconfig-mcs/virtual_image_context 1969-12-31 19:00:00.000000000 -0500
-+++ serefpolicy-3.6.9/config/appconfig-mcs/virtual_image_context 2009-03-16 14:03:57.000000000 -0400
++++ serefpolicy-3.6.10/config/appconfig-mcs/virtual_image_context 2009-03-20 12:49:56.000000000 -0400
@@ -0,0 +1 @@
+system_u:object_r:svirt_image_t:s0
-diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/config/appconfig-mcs/xguest_u_default_contexts serefpolicy-3.6.9/config/appconfig-mcs/xguest_u_default_contexts
+diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/config/appconfig-mcs/xguest_u_default_contexts serefpolicy-3.6.10/config/appconfig-mcs/xguest_u_default_contexts
--- nsaserefpolicy/config/appconfig-mcs/xguest_u_default_contexts 1969-12-31 19:00:00.000000000 -0500
-+++ serefpolicy-3.6.9/config/appconfig-mcs/xguest_u_default_contexts 2009-03-12 13:35:00.000000000 -0400
++++ serefpolicy-3.6.10/config/appconfig-mcs/xguest_u_default_contexts 2009-03-20 12:49:56.000000000 -0400
@@ -0,0 +1,7 @@
+system_r:local_login_t xguest_r:xguest_t:s0
+system_r:remote_login_t xguest_r:xguest_t:s0
@@ -139,9 +139,9 @@
+system_r:xdm_t xguest_r:xguest_t:s0
+system_r:initrc_su_t:s0 xguest_r:xguest_t:s0
+xguest_r:xguest_t:s0 xguest_r:xguest_t:s0
-diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/config/appconfig-mls/default_contexts serefpolicy-3.6.9/config/appconfig-mls/default_contexts
+diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/config/appconfig-mls/default_contexts serefpolicy-3.6.10/config/appconfig-mls/default_contexts
--- nsaserefpolicy/config/appconfig-mls/default_contexts 2008-11-11 16:13:50.000000000 -0500
-+++ serefpolicy-3.6.9/config/appconfig-mls/default_contexts 2009-03-12 13:35:00.000000000 -0400
++++ serefpolicy-3.6.10/config/appconfig-mls/default_contexts 2009-03-20 12:49:56.000000000 -0400
@@ -1,15 +1,6 @@
-system_r:crond_t:s0 user_r:cronjob_t:s0 staff_r:cronjob_t:s0 sysadm_r:cronjob_t:s0 system_r:cronjob_t:s0 unconfined_r:unconfined_cronjob_t:s0
-system_r:local_login_t:s0 user_r:user_t:s0 staff_r:staff_t:s0 sysadm_r:sysadm_t:s0 unconfined_r:unconfined_t:s0
@@ -163,17 +163,17 @@
-user_r:user_su_t:s0 user_r:user_t:s0 staff_r:staff_t:s0 sysadm_r:sysadm_t:s0
-user_r:user_sudo_t:s0 sysadm_r:sysadm_t:s0 user_r:user_t:s0
+system_r:xdm_t:s0 user_r:user_t:s0
-diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/config/appconfig-mls/guest_u_default_contexts serefpolicy-3.6.9/config/appconfig-mls/guest_u_default_contexts
+diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/config/appconfig-mls/guest_u_default_contexts serefpolicy-3.6.10/config/appconfig-mls/guest_u_default_contexts
--- nsaserefpolicy/config/appconfig-mls/guest_u_default_contexts 1969-12-31 19:00:00.000000000 -0500
-+++ serefpolicy-3.6.9/config/appconfig-mls/guest_u_default_contexts 2009-03-12 13:35:00.000000000 -0400
++++ serefpolicy-3.6.10/config/appconfig-mls/guest_u_default_contexts 2009-03-20 12:49:56.000000000 -0400
@@ -0,0 +1,4 @@
+system_r:local_login_t:s0 guest_r:guest_t:s0
+system_r:remote_login_t:s0 guest_r:guest_t:s0
+system_r:sshd_t:s0 guest_r:guest_t:s0
+system_r:crond_t:s0 guest_r:guest_t:s0
-diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/config/appconfig-mls/root_default_contexts serefpolicy-3.6.9/config/appconfig-mls/root_default_contexts
+diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/config/appconfig-mls/root_default_contexts serefpolicy-3.6.10/config/appconfig-mls/root_default_contexts
--- nsaserefpolicy/config/appconfig-mls/root_default_contexts 2008-11-11 16:13:50.000000000 -0500
-+++ serefpolicy-3.6.9/config/appconfig-mls/root_default_contexts 2009-03-12 13:35:00.000000000 -0400
++++ serefpolicy-3.6.10/config/appconfig-mls/root_default_contexts 2009-03-20 12:49:56.000000000 -0400
@@ -1,11 +1,11 @@
-system_r:crond_t:s0 unconfined_r:unconfined_t:s0 sysadm_r:cronjob_t:s0 staff_r:cronjob_t:s0 user_r:cronjob_t:s0
-system_r:local_login_t:s0 unconfined_r:unconfined_t:s0 sysadm_r:sysadm_t:s0 staff_r:staff_t:s0 user_r:user_t:s0
@@ -192,19 +192,19 @@
#
-#system_r:sshd_t:s0 unconfined_r:unconfined_t:s0 sysadm_r:sysadm_t:s0 staff_r:staff_t:s0 user_r:user_t:s0
+#system_r:sshd_t:s0 sysadm_r:sysadm_t:s0 staff_r:staff_t:s0
-diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/config/appconfig-mls/virtual_domain_context serefpolicy-3.6.9/config/appconfig-mls/virtual_domain_context
+diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/config/appconfig-mls/virtual_domain_context serefpolicy-3.6.10/config/appconfig-mls/virtual_domain_context
--- nsaserefpolicy/config/appconfig-mls/virtual_domain_context 1969-12-31 19:00:00.000000000 -0500
-+++ serefpolicy-3.6.9/config/appconfig-mls/virtual_domain_context 2009-03-12 13:35:00.000000000 -0400
++++ serefpolicy-3.6.10/config/appconfig-mls/virtual_domain_context 2009-03-20 12:49:56.000000000 -0400
@@ -0,0 +1 @@
+system_u:system_r:qemu_t:s0
-diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/config/appconfig-mls/virtual_image_context serefpolicy-3.6.9/config/appconfig-mls/virtual_image_context
+diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/config/appconfig-mls/virtual_image_context serefpolicy-3.6.10/config/appconfig-mls/virtual_image_context
--- nsaserefpolicy/config/appconfig-mls/virtual_image_context 1969-12-31 19:00:00.000000000 -0500
-+++ serefpolicy-3.6.9/config/appconfig-mls/virtual_image_context 2009-03-12 13:35:00.000000000 -0400
++++ serefpolicy-3.6.10/config/appconfig-mls/virtual_image_context 2009-03-20 12:49:56.000000000 -0400
@@ -0,0 +1 @@
+system_u:object_r:virt_image_t:s0
-diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/config/appconfig-mls/xguest_u_default_contexts serefpolicy-3.6.9/config/appconfig-mls/xguest_u_default_contexts
+diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/config/appconfig-mls/xguest_u_default_contexts serefpolicy-3.6.10/config/appconfig-mls/xguest_u_default_contexts
--- nsaserefpolicy/config/appconfig-mls/xguest_u_default_contexts 1969-12-31 19:00:00.000000000 -0500
-+++ serefpolicy-3.6.9/config/appconfig-mls/xguest_u_default_contexts 2009-03-12 13:35:00.000000000 -0400
++++ serefpolicy-3.6.10/config/appconfig-mls/xguest_u_default_contexts 2009-03-20 12:49:56.000000000 -0400
@@ -0,0 +1,7 @@
+system_r:local_login_t xguest_r:xguest_t:s0
+system_r:remote_login_t xguest_r:xguest_t:s0
@@ -213,9 +213,9 @@
+system_r:xdm_t xguest_r:xguest_t:s0
+system_r:initrc_su_t:s0 xguest_r:xguest_t:s0
+xguest_r:xguest_t:s0 xguest_r:xguest_t:s0
-diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/Makefile serefpolicy-3.6.9/Makefile
+diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/Makefile serefpolicy-3.6.10/Makefile
--- nsaserefpolicy/Makefile 2009-01-19 11:07:35.000000000 -0500
-+++ serefpolicy-3.6.9/Makefile 2009-03-12 13:35:00.000000000 -0400
++++ serefpolicy-3.6.10/Makefile 2009-03-20 12:49:56.000000000 -0400
@@ -241,7 +241,7 @@
[...5262 lines suppressed...]
# Declarations
#
@@ -30394,7 +30179,26 @@
role system_r types xenconsoled_t;
# pid files
-@@ -95,7 +108,7 @@
+@@ -72,6 +85,18 @@
+ domain_type(xm_t)
+ init_system_domain(xm_t, xm_exec_t)
+
++type evtchnd_t;
++type evtchnd_exec_t;
++init_daemon_domain(evtchnd_t, evtchnd_exec_t)
++
++# log files
++type evtchnd_var_log_t;
++logging_log_file(evtchnd_var_log_t)
++
++# pid files
++type evtchnd_var_run_t;
++files_pid_file(evtchnd_var_run_t)
++
+ ########################################
+ #
+ # xend local policy
+@@ -95,7 +120,7 @@
read_lnk_files_pattern(xend_t,xen_image_t,xen_image_t)
rw_blk_files_pattern(xend_t,xen_image_t,xen_image_t)
@@ -30403,7 +30207,7 @@
dev_filetrans(xend_t, xenctl_t, fifo_file)
manage_files_pattern(xend_t,xend_tmp_t,xend_tmp_t)
-@@ -103,14 +116,14 @@
+@@ -103,14 +128,14 @@
files_tmp_filetrans(xend_t, xend_tmp_t, { file dir })
# pid file
@@ -30421,7 +30225,7 @@
manage_files_pattern(xend_t,xend_var_log_t,xend_var_log_t)
manage_sock_files_pattern(xend_t,xend_var_log_t,xend_var_log_t)
logging_log_filetrans(xend_t,xend_var_log_t,{ sock_file file dir })
-@@ -122,12 +135,13 @@
+@@ -122,12 +147,13 @@
manage_fifo_files_pattern(xend_t,xend_var_lib_t,xend_var_lib_t)
files_var_lib_filetrans(xend_t,xend_var_lib_t,{ file dir })
@@ -30437,7 +30241,7 @@
kernel_read_kernel_sysctls(xend_t)
kernel_read_system_state(xend_t)
-@@ -173,6 +187,7 @@
+@@ -173,6 +199,7 @@
files_manage_etc_runtime_files(xend_t)
files_etc_filetrans_etc_runtime(xend_t,file)
files_read_usr_files(xend_t)
@@ -30445,7 +30249,7 @@
storage_raw_read_fixed_disk(xend_t)
storage_raw_write_fixed_disk(xend_t)
-@@ -208,6 +223,10 @@
+@@ -208,6 +235,10 @@
netutils_domtrans(xend_t)
optional_policy(`
@@ -30456,7 +30260,7 @@
consoletype_exec(xend_t)
')
-@@ -239,6 +258,8 @@
+@@ -239,6 +270,8 @@
files_read_usr_files(xenconsoled_t)
@@ -30465,7 +30269,7 @@
term_create_pty(xenconsoled_t,xen_devpts_t);
term_use_generic_ptys(xenconsoled_t)
term_use_console(xenconsoled_t)
-@@ -248,7 +269,7 @@
+@@ -248,7 +281,7 @@
miscfiles_read_localization(xenconsoled_t)
@@ -30474,7 +30278,7 @@
xen_stream_connect_xenstore(xenconsoled_t)
########################################
-@@ -256,15 +277,25 @@
+@@ -256,21 +289,34 @@
# Xen store local policy
#
@@ -30501,7 +30305,16 @@
# var/lib files for xenstored
manage_dirs_pattern(xenstored_t,xenstored_var_lib_t,xenstored_var_lib_t)
manage_files_pattern(xenstored_t,xenstored_var_lib_t,xenstored_var_lib_t)
-@@ -312,18 +343,21 @@
+ manage_sock_files_pattern(xenstored_t,xenstored_var_lib_t,xenstored_var_lib_t)
+ files_var_lib_filetrans(xenstored_t,xenstored_var_lib_t,{ file dir sock_file })
+
++# write and connect to evtchnd socket
++evtchnd_stream_connect(xenstored_t)
++
+ kernel_write_xen_state(xenstored_t)
+ kernel_read_xen_state(xenstored_t)
+
+@@ -312,18 +358,21 @@
manage_files_pattern(xm_t,xend_var_lib_t,xend_var_lib_t)
manage_fifo_files_pattern(xm_t,xend_var_lib_t,xend_var_lib_t)
@@ -30524,7 +30337,7 @@
corenet_tcp_sendrecv_generic_if(xm_t)
corenet_tcp_sendrecv_generic_node(xm_t)
-@@ -339,15 +373,38 @@
+@@ -339,15 +388,58 @@
storage_raw_read_fixed_disk(xm_t)
@@ -30564,9 +30377,29 @@
+optional_policy(`
+ unconfined_domain(xend_t)
+')
-diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/support/ipc_patterns.spt serefpolicy-3.6.9/policy/support/ipc_patterns.spt
++
++#######################################
++#
++# evtchnd local policy
++#
++
++# pid file
++manage_dirs_pattern(evtchnd_t, evtchnd_var_run_t, evtchnd_var_run_t)
++manage_files_pattern(evtchnd_t,evtchnd_var_run_t,evtchnd_var_run_t)
++manage_sock_files_pattern(evtchnd_t,evtchnd_var_run_t,evtchnd_var_run_t)
++files_pid_filetrans(evtchnd_t, evtchnd_var_run_t, { file sock_file dir })
++
++# log files
++manage_dirs_pattern(evtchnd_t, evtchnd_var_log_t, evtchnd_var_log_t)
++manage_files_pattern(evtchnd_t,evtchnd_var_log_t,evtchnd_var_log_t)
++logging_log_filetrans(evtchnd_t,evtchnd_var_log_t,{ file dir })
++
++libs_use_ld_so(evtchnd_t)
++libs_use_shared_libs(evtchnd_t)
++
+diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/support/ipc_patterns.spt serefpolicy-3.6.10/policy/support/ipc_patterns.spt
--- nsaserefpolicy/policy/support/ipc_patterns.spt 2009-03-12 11:16:47.000000000 -0400
-+++ serefpolicy-3.6.9/policy/support/ipc_patterns.spt 2009-03-12 13:35:00.000000000 -0400
++++ serefpolicy-3.6.10/policy/support/ipc_patterns.spt 2009-03-20 12:49:57.000000000 -0400
@@ -3,12 +3,12 @@
#
define(`stream_connect_pattern',`
@@ -30582,9 +30415,9 @@
+ allow $1 $3:sock_file { getattr write };
allow $1 $4:unix_dgram_socket sendto;
')
-diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/support/obj_perm_sets.spt serefpolicy-3.6.9/policy/support/obj_perm_sets.spt
+diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/support/obj_perm_sets.spt serefpolicy-3.6.10/policy/support/obj_perm_sets.spt
--- nsaserefpolicy/policy/support/obj_perm_sets.spt 2009-03-12 11:16:47.000000000 -0400
-+++ serefpolicy-3.6.9/policy/support/obj_perm_sets.spt 2009-03-12 13:35:00.000000000 -0400
++++ serefpolicy-3.6.10/policy/support/obj_perm_sets.spt 2009-03-20 12:49:57.000000000 -0400
@@ -225,7 +225,7 @@
define(`create_lnk_file_perms',`{ create getattr }')
define(`rename_lnk_file_perms',`{ getattr rename }')
@@ -30608,9 +30441,9 @@
+define(`all_association_perms', `{ sendto recvfrom setcontext polmatch } ')
+
+define(`manage_key_perms', `{ create link read search setattr view write } ')
-diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/users serefpolicy-3.6.9/policy/users
+diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/users serefpolicy-3.6.10/policy/users
--- nsaserefpolicy/policy/users 2008-08-07 11:15:13.000000000 -0400
-+++ serefpolicy-3.6.9/policy/users 2009-03-12 13:35:00.000000000 -0400
++++ serefpolicy-3.6.10/policy/users 2009-03-20 12:49:57.000000000 -0400
@@ -25,11 +25,8 @@
# permit any access to such users, then remove this entry.
#
@@ -30635,9 +30468,9 @@
- gen_user(root, sysadm, sysadm_r staff_r ifdef(`enable_mls',`secadm_r auditadm_r'), s0, s0 - mls_systemhigh, mcs_allcats)
-')
+gen_user(root, user, unconfined_r sysadm_r staff_r ifdef(`enable_mls',`secadm_r auditadm_r') system_r, s0, s0 - mls_systemhigh, mcs_allcats)
-diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/Rules.modular serefpolicy-3.6.9/Rules.modular
+diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/Rules.modular serefpolicy-3.6.10/Rules.modular
--- nsaserefpolicy/Rules.modular 2008-11-11 16:13:50.000000000 -0500
-+++ serefpolicy-3.6.9/Rules.modular 2009-03-12 13:35:00.000000000 -0400
++++ serefpolicy-3.6.10/Rules.modular 2009-03-20 12:49:57.000000000 -0400
@@ -73,8 +73,8 @@
$(tmpdir)/%.mod: $(m4support) $(tmpdir)/generated_definitions.conf $(tmpdir)/all_interfaces.conf %.te
@echo "Compliling $(NAME) $(@F) module"
@@ -30667,9 +30500,9 @@
$(tmpdir)/all_te_files.conf: M4PARAM += -D self_contained_policy
$(tmpdir)/all_te_files.conf: $(m4support) $(tmpdir)/generated_definitions.conf $(tmpdir)/all_interfaces.conf $(base_te_files) $(tmpdir)/rolemap.conf
-diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/support/Makefile.devel serefpolicy-3.6.9/support/Makefile.devel
+diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/support/Makefile.devel serefpolicy-3.6.10/support/Makefile.devel
--- nsaserefpolicy/support/Makefile.devel 2008-11-11 16:13:50.000000000 -0500
-+++ serefpolicy-3.6.9/support/Makefile.devel 2009-03-12 13:35:00.000000000 -0400
++++ serefpolicy-3.6.10/support/Makefile.devel 2009-03-20 12:49:57.000000000 -0400
@@ -185,8 +185,7 @@
tmp/%.mod: $(m4support) tmp/all_interfaces.conf %.te
@$(EINFO) "Compiling $(NAME) $(basename $(@F)) module"
Index: selinux-policy.spec
===================================================================
RCS file: /cvs/extras/rpms/selinux-policy/devel/selinux-policy.spec,v
retrieving revision 1.808
retrieving revision 1.809
diff -u -r1.808 -r1.809
--- selinux-policy.spec 18 Mar 2009 19:34:57 -0000 1.808
+++ selinux-policy.spec 20 Mar 2009 18:18:51 -0000 1.809
@@ -19,8 +19,8 @@
%define CHECKPOLICYVER 2.0.16-3
Summary: SELinux policy configuration
Name: selinux-policy
-Version: 3.6.9
-Release: 4%{?dist}
+Version: 3.6.10
+Release: 1%{?dist}
License: GPLv2+
Group: System Environment/Base
Source: serefpolicy-%{version}.tgz
@@ -186,7 +186,7 @@
%description
SELinux Reference Policy - modular.
-Based off of reference policy: Checked out revision 2925.
+Based off of reference policy: Checked out revision 2931.
%build
@@ -444,6 +444,9 @@
%endif
%changelog
+* Thu Mar 19 2009 Dan Walsh <dwalsh at redhat.com> 3.6.10-1
+- Add xenner and wine fixes from mgrepl
+
* Wed Mar 18 2009 Dan Walsh <dwalsh at redhat.com> 3.6.9-4
- Allow mdadm to read/write mls override
More information about the scm-commits
mailing list