[selinux-policy/f13/master] - Add unconfined_mmap_zero_ignore boolean
Miroslav Grepl
mgrepl at fedoraproject.org
Thu Sep 9 15:08:50 UTC 2010
commit 75920ac635ace12b80ff65ac4e9c4c8b7e017a35
Author: Miroslav Grepl <mgrepl at redhat.com>
Date: Thu Sep 9 17:08:48 2010 +0200
- Add unconfined_mmap_zero_ignore boolean
policy-F13.patch | 4 ++--
selinux-policy.spec | 5 ++++-
2 files changed, 6 insertions(+), 3 deletions(-)
---
diff --git a/policy-F13.patch b/policy-F13.patch
index 8cdf510..ee29a30 100644
--- a/policy-F13.patch
+++ b/policy-F13.patch
@@ -13070,7 +13070,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/roles/unconfi
+
diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/roles/unconfineduser.te serefpolicy-3.7.19/policy/modules/roles/unconfineduser.te
--- nsaserefpolicy/policy/modules/roles/unconfineduser.te 1970-01-01 01:00:00.000000000 +0100
-+++ serefpolicy-3.7.19/policy/modules/roles/unconfineduser.te 2010-09-09 14:20:14.370335617 +0200
++++ serefpolicy-3.7.19/policy/modules/roles/unconfineduser.te 2010-09-09 16:58:48.150084581 +0200
@@ -0,0 +1,455 @@
+policy_module(unconfineduser, 1.0.0)
+
@@ -13197,7 +13197,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/roles/unconfi
+ allow unconfined_t unconfined_login_domain:process sigchld;
+')
+
-+tunable_policy(`wine_mmap_zero_ignore',`
++tunable_policy(`unconfined_mmap_zero_ignore',`
+ dontaudit unconfined_usertype self:memprotect mmap_zero;
+')
+
diff --git a/selinux-policy.spec b/selinux-policy.spec
index e252a7f..02d5772 100644
--- a/selinux-policy.spec
+++ b/selinux-policy.spec
@@ -20,7 +20,7 @@
Summary: SELinux policy configuration
Name: selinux-policy
Version: 3.7.19
-Release: 55%{?dist}
+Release: 56%{?dist}
License: GPLv2+
Group: System Environment/Base
Source: serefpolicy-%{version}.tgz
@@ -469,6 +469,9 @@ exit 0
%endif
%changelog
+* Thu Sep 9 2010 Miroslav Grepl <mgrepl at redhat.com> 3.7.19-56
+- Add unconfined_mmap_zero_ignore boolean
+
* Thu Sep 9 2010 Miroslav Grepl <mgrepl at redhat.com> 3.7.19-55
- Allow virt domains execute qemu_exec_t
- Add support for dkim-milter
More information about the scm-commits
mailing list