[selinux-policy: 2866/3172] Merge branches 'master', 'master' and 'master' of http://oss.tresys.com/git/refpolicy

[Daniel J Walsh]

commit cdda8feee002771a0fec76c5588aedec59edf92e
Merge: ef98a37 28d96f0
Author: Dan Walsh <dwalsh at redhat.com>
Date:   Fri Sep 3 17:16:08 2010 -0400

    Merge branches 'master', 'master' and 'master' of http://oss.tresys.com/git/refpolicy
    
    Conflicts:
    	policy/modules/admin/alsa.fc
    	policy/modules/admin/alsa.if
    	policy/modules/kernel/filesystem.fc

 policy/modules/admin/alsa.fc        |    2 -
 policy/modules/admin/alsa.if        |   47 +++++++++++++++++++++++++++++------
 policy/modules/admin/alsa.te        |    3 +-
 policy/modules/kernel/filesystem.fc |    1 +
 policy/modules/kernel/filesystem.if |    8 ++++++
 policy/modules/kernel/filesystem.te |    2 +-
 6 files changed, 50 insertions(+), 13 deletions(-)
---
diff --cc policy/modules/admin/alsa.if
index 090b5c9,69aa742..30bfb08
--- a/policy/modules/admin/alsa.if
+++ b/policy/modules/admin/alsa.if
@@@ -73,7 -74,10 +74,11 @@@ interface(`alsa_read_rw_config',
  	allow $1 alsa_etc_rw_t:dir list_dir_perms;
  	read_files_pattern($1, alsa_etc_rw_t, alsa_etc_rw_t)
  	read_lnk_files_pattern($1, alsa_etc_rw_t, alsa_etc_rw_t)
 +	files_search_etc($1)
+ 
+ 	ifdef(`distro_debian',`
+ 		files_search_usr($1)
+ 	')
  ')
  
  ########################################
@@@ -94,12 -99,34 +100,36 @@@ interface(`alsa_manage_rw_config',
  	allow $1 alsa_etc_rw_t:dir list_dir_perms;
  	manage_files_pattern($1, alsa_etc_rw_t, alsa_etc_rw_t)
  	read_lnk_files_pattern($1, alsa_etc_rw_t, alsa_etc_rw_t)
 +	files_search_etc($1)
+ 
+ 	ifdef(`distro_debian',`
+ 		files_search_usr($1)
+ 	')
  ')
  
  ########################################
  ## <summary>
- ##	Read alsa lib files.
+ ##	Read Alsa home files.
+ ## </summary>
+ ## <param name="domain">
+ ##	<summary>
+ ##	Domain allowed access.
+ ##	</summary>
+ ## </param>
+ #
+ interface(`alsa_read_home_files',`
+ 	gen_require(`
+ 		type alsa_home_t;
+ 	')
+ 
+ 	userdom_search_user_home_dirs($1)
+ 	allow $1 alsa_home_t:file read_file_perms;
++>>>>>>> .merge_file_D1FKe3
+ ')
+ 
+ ########################################
+ ## <summary>
+ ##	Read Alsa lib files.
  ## </summary>
  ## <param name="domain">
  ##	<summary>
@@@ -112,25 -139,6 +142,26 @@@ interface(`alsa_read_lib',
  		type alsa_var_lib_t;
  	')
  
+ 	files_search_var_lib($1)
  	read_files_pattern($1, alsa_var_lib_t, alsa_var_lib_t)
 +	files_search_var_lib($1)
 +')
 +
 +########################################
 +## <summary>
 +##	Read alsa home files.
 +## </summary>
 +## <param name="domain">
 +##	<summary>
 +##	Domain allowed access.
 +##	</summary>
 +## </param>
 +#
 +interface(`alsa_read_home_files',`
 +	gen_require(`
 +		type alsa_home_t;
 +	')
 +
 +	allow $1 alsa_home_t:file read_file_perms;
 +	userdom_search_user_home_dirs($1)
  ')
diff --cc policy/modules/kernel/filesystem.fc
index 41dfd80,59bae6a..e9a09e1
--- a/policy/modules/kernel/filesystem.fc
+++ b/policy/modules/kernel/filesystem.fc
@@@ -1,4 -1,6 +1,5 @@@
  /dev/shm	-d	gen_context(system_u:object_r:tmpfs_t,s0)
+ /dev/shm/.*		<<none>>
  
 -/cgroup		-d	gen_context(system_u:object_r:cgroup_t,s0)
 -
 -/sys/fs/cgroup(/.*)?	<<none>>
 +/cgroup(/.*)? 	 	gen_context(system_u:object_r:cgroup_t,s0)
 +/sys/fs/cgroup(/.*)?  	<<none>>