[selinux-policy: 1947/3172] trunk: fixes for gentoo targeted systems.

Daniel J Walsh dwalsh at fedoraproject.org
Thu Oct 7 21:53:15 UTC 2010 

commit d87efeec7310452d50790cb3dc2d22da0a0ffd3a
Author: Chris PeBenito <cpebenito at tresys.com>
Date:   Tue May 27 12:07:03 2008 +0000

    trunk: fixes for gentoo targeted systems.

 policy/modules/system/selinuxutil.if |    4 ++++
 policy/modules/system/selinuxutil.te |    2 +-
 policy/modules/system/unconfined.te  |    7 ++++++-
 3 files changed, 11 insertions(+), 2 deletions(-)
---
diff --git a/policy/modules/system/selinuxutil.if b/policy/modules/system/selinuxutil.if
index 9ebb939..9db901c 100644
--- a/policy/modules/system/selinuxutil.if
+++ b/policy/modules/system/selinuxutil.if
@@ -430,6 +430,7 @@ interface(`seutil_run_runinit',`
 		role system_r;
 	')
 
+	auth_run_chk_passwd(run_init_t, $2, $3)
 	seutil_domtrans_runinit($1)
 	role $2 types run_init_t;
 	allow run_init_t $3:chr_file rw_term_perms;
@@ -474,6 +475,7 @@ interface(`seutil_init_script_run_runinit',`
 		role system_r;
 	')
 
+	auth_run_chk_passwd(run_init_t, $2, $3)
 	seutil_init_script_domtrans_runinit($1)
 	role $2 types run_init_t;
 	allow run_init_t $3:chr_file rw_term_perms;
@@ -1024,6 +1026,8 @@ interface(`seutil_run_semanage',`
 	')
 
 	seutil_domtrans_semanage($1)
+	seutil_run_setfiles(semanage_t, $2, $3)
+	seutil_run_loadpolicy(semanage_t, $2, $3)
 	role $2 types semanage_t;
 	allow semanage_t $3:chr_file rw_term_perms;
 ')
diff --git a/policy/modules/system/selinuxutil.te b/policy/modules/system/selinuxutil.te
index 9597607..09a33dc 100644
--- a/policy/modules/system/selinuxutil.te
+++ b/policy/modules/system/selinuxutil.te
@@ -1,5 +1,5 @@
 
-policy_module(selinuxutil,1.9.1)
+policy_module(selinuxutil, 1.9.2)
 
 gen_require(`
 	bool secure_mode;
diff --git a/policy/modules/system/unconfined.te b/policy/modules/system/unconfined.te
index 96fa344..7dcc109 100644
--- a/policy/modules/system/unconfined.te
+++ b/policy/modules/system/unconfined.te
@@ -1,5 +1,5 @@
 
-policy_module(unconfined,2.2.0)
+policy_module(unconfined, 2.2.1)
 
 ########################################
 #
@@ -50,6 +50,11 @@ unconfined_domain(unconfined_t)
 
 userdom_priveleged_home_dir_manager(unconfined_t)
 
+ifdef(`distro_gentoo',`
+	seutil_run_runinit(unconfined_t, unconfined_r, { unconfined_tty_device_t unconfined_devpts_t })
+	seutil_init_script_run_runinit(unconfined_t, unconfined_r, { unconfined_tty_device_t unconfined_devpts_t })
+')
+
 optional_policy(`
 	ada_domtrans(unconfined_t)
 ')

More information about the scm-commits mailing list