[selinux-policy: 1947/3172] trunk: fixes for gentoo targeted systems.
Daniel J Walsh
dwalsh at fedoraproject.org
Thu Oct 7 21:53:15 UTC 2010
commit d87efeec7310452d50790cb3dc2d22da0a0ffd3a
Author: Chris PeBenito <cpebenito at tresys.com>
Date: Tue May 27 12:07:03 2008 +0000
trunk: fixes for gentoo targeted systems.
policy/modules/system/selinuxutil.if | 4 ++++
policy/modules/system/selinuxutil.te | 2 +-
policy/modules/system/unconfined.te | 7 ++++++-
3 files changed, 11 insertions(+), 2 deletions(-)
---
diff --git a/policy/modules/system/selinuxutil.if b/policy/modules/system/selinuxutil.if
index 9ebb939..9db901c 100644
--- a/policy/modules/system/selinuxutil.if
+++ b/policy/modules/system/selinuxutil.if
@@ -430,6 +430,7 @@ interface(`seutil_run_runinit',`
role system_r;
')
+ auth_run_chk_passwd(run_init_t, $2, $3)
seutil_domtrans_runinit($1)
role $2 types run_init_t;
allow run_init_t $3:chr_file rw_term_perms;
@@ -474,6 +475,7 @@ interface(`seutil_init_script_run_runinit',`
role system_r;
')
+ auth_run_chk_passwd(run_init_t, $2, $3)
seutil_init_script_domtrans_runinit($1)
role $2 types run_init_t;
allow run_init_t $3:chr_file rw_term_perms;
@@ -1024,6 +1026,8 @@ interface(`seutil_run_semanage',`
')
seutil_domtrans_semanage($1)
+ seutil_run_setfiles(semanage_t, $2, $3)
+ seutil_run_loadpolicy(semanage_t, $2, $3)
role $2 types semanage_t;
allow semanage_t $3:chr_file rw_term_perms;
')
diff --git a/policy/modules/system/selinuxutil.te b/policy/modules/system/selinuxutil.te
index 9597607..09a33dc 100644
--- a/policy/modules/system/selinuxutil.te
+++ b/policy/modules/system/selinuxutil.te
@@ -1,5 +1,5 @@
-policy_module(selinuxutil,1.9.1)
+policy_module(selinuxutil, 1.9.2)
gen_require(`
bool secure_mode;
diff --git a/policy/modules/system/unconfined.te b/policy/modules/system/unconfined.te
index 96fa344..7dcc109 100644
--- a/policy/modules/system/unconfined.te
+++ b/policy/modules/system/unconfined.te
@@ -1,5 +1,5 @@
-policy_module(unconfined,2.2.0)
+policy_module(unconfined, 2.2.1)
########################################
#
@@ -50,6 +50,11 @@ unconfined_domain(unconfined_t)
userdom_priveleged_home_dir_manager(unconfined_t)
+ifdef(`distro_gentoo',`
+ seutil_run_runinit(unconfined_t, unconfined_r, { unconfined_tty_device_t unconfined_devpts_t })
+ seutil_init_script_run_runinit(unconfined_t, unconfined_r, { unconfined_tty_device_t unconfined_devpts_t })
+')
+
optional_policy(`
ada_domtrans(unconfined_t)
')
More information about the scm-commits
mailing list