[selinux-policy/f15] - Backport ABRT changes - Make tmux working with scree policy - Allow root cron jobs can't run witho
Miroslav Grepl
mgrepl at fedoraproject.org
Wed Jul 27 13:01:38 UTC 2011
commit 85a292efc2e7ef5bf50dd557cecfdbe92a35a69d
Author: Miroslav Grepl <mgrepl at redhat.com>
Date: Wed Jul 27 15:00:22 2011 +0200
- Backport ABRT changes
- Make tmux working with scree policy
- Allow root cron jobs can't run without unconfined
- add interface to dontaudit writes to urand, needed by libra
- Add label for /var/cache/krb5rcache directory
policy-F15.patch | 187 +++++++++++++++++++++++++++++++++++++++------------
selinux-policy.spec | 9 ++-
2 files changed, 152 insertions(+), 44 deletions(-)
---
diff --git a/policy-F15.patch b/policy-F15.patch
index 772f19f..651fdc7 100644
--- a/policy-F15.patch
+++ b/policy-F15.patch
@@ -8913,10 +8913,10 @@ index 0000000..74ce3e2
+ mozilla_plugin_dontaudit_leaks(sandbox_x_domain)
+')
diff --git a/policy/modules/apps/screen.fc b/policy/modules/apps/screen.fc
-index 1f2cde4..7227631 100644
+index 1f2cde4..b73334e 100644
--- a/policy/modules/apps/screen.fc
+++ b/policy/modules/apps/screen.fc
-@@ -2,6 +2,9 @@
+@@ -2,13 +2,18 @@
# /home
#
HOME_DIR/\.screenrc -- gen_context(system_u:object_r:screen_home_t,s0)
@@ -8926,8 +8926,17 @@ index 1f2cde4..7227631 100644
#
# /usr
+ #
+ /usr/bin/screen -- gen_context(system_u:object_r:screen_exec_t,s0)
++/usr/bin/tmux -- gen_context(system_u:object_r:screen_exec_t,s0)
+
+ #
+ # /var
+ #
+ /var/run/screen(/.*)? gen_context(system_u:object_r:screen_var_run_t,s0)
++/var/run/tmux(/.*)? gen_context(system_u:object_r:screen_var_run_t,s0)
diff --git a/policy/modules/apps/screen.if b/policy/modules/apps/screen.if
-index 320df26..0def31c 100644
+index 320df26..9889ff2 100644
--- a/policy/modules/apps/screen.if
+++ b/policy/modules/apps/screen.if
@@ -50,7 +50,7 @@ template(`screen_role_template',`
@@ -8939,7 +8948,7 @@ index 320df26..0def31c 100644
allow $1_screen_t self:unix_dgram_socket create_socket_perms;
manage_dirs_pattern($1_screen_t, screen_tmp_t, screen_tmp_t)
-@@ -61,9 +61,15 @@ template(`screen_role_template',`
+@@ -61,18 +61,26 @@ template(`screen_role_template',`
# Create fifo
manage_fifo_files_pattern($1_screen_t, screen_var_run_t, screen_var_run_t)
manage_dirs_pattern($1_screen_t, screen_var_run_t, screen_var_run_t)
@@ -8955,12 +8964,14 @@ index 320df26..0def31c 100644
read_files_pattern($1_screen_t, screen_home_t, screen_home_t)
read_lnk_files_pattern($1_screen_t, screen_home_t, screen_home_t)
-@@ -71,8 +77,10 @@ template(`screen_role_template',`
-
+- allow $1_screen_t $3:process signal;
+-
domtrans_pattern($3, screen_exec_t, $1_screen_t)
allow $3 $1_screen_t:process { signal sigchld };
+ dontaudit $3 $1_screen_t:unix_stream_socket { read write };
++ allow $1_screen_t $3:unix_stream_socket { connectto };
allow $1_screen_t $3:process signal;
++ ps_process_pattern($1_screen_t, $3)
+ manage_fifo_files_pattern($3, screen_home_t, screen_home_t)
manage_dirs_pattern($3, screen_home_t, screen_home_t)
@@ -11646,7 +11657,7 @@ index 6cf8784..e244a9d 100644
+#
+/sys(/.*)? gen_context(system_u:object_r:sysfs_t,s0)
diff --git a/policy/modules/kernel/devices.if b/policy/modules/kernel/devices.if
-index e9313fb..8ce76cc 100644
+index e9313fb..97fbf5b 100644
--- a/policy/modules/kernel/devices.if
+++ b/policy/modules/kernel/devices.if
@@ -146,14 +146,33 @@ interface(`dev_relabel_all_dev_nodes',`
@@ -11996,7 +12007,33 @@ index e9313fb..8ce76cc 100644
## Read and write the TPM device.
## </summary>
## <param name="domain">
-@@ -4514,6 +4641,24 @@ interface(`dev_rwx_vmware',`
+@@ -4051,6 +4178,25 @@ interface(`dev_write_urand',`
+
+ ########################################
+ ## <summary>
++## Do not audit attempts to write to pseudo
++## random devices (e.g., /dev/urandom)
++## </summary>
++## <param name="domain">
++## <summary>
++## Domain to not audit.
++## </summary>
++## </param>
++#
++interface(`dev_dontaudit_write_urand',`
++ gen_require(`
++ type urandom_device_t;
++ ')
++
++ dontaudit $1 urandom_device_t:chr_file write;
++')
++
++########################################
++## <summary>
+ ## Getattr generic the USB devices.
+ ## </summary>
+ ## <param name="domain">
+@@ -4514,6 +4660,24 @@ interface(`dev_rwx_vmware',`
########################################
## <summary>
@@ -12021,7 +12058,7 @@ index e9313fb..8ce76cc 100644
## Write to watchdog devices.
## </summary>
## <param name="domain">
-@@ -4748,3 +4893,22 @@ interface(`dev_unconfined',`
+@@ -4748,3 +4912,22 @@ interface(`dev_unconfined',`
typeattribute $1 devices_unconfined_type;
')
@@ -17971,7 +18008,7 @@ index 0b827c5..7382308 100644
+ read_lnk_files_pattern($1, abrt_retrace_cache_t, abrt_retrace_cache_t)
+')
diff --git a/policy/modules/services/abrt.te b/policy/modules/services/abrt.te
-index 30861ec..f3f9354 100644
+index 30861ec..5d66681 100644
--- a/policy/modules/services/abrt.te
+++ b/policy/modules/services/abrt.te
@@ -5,6 +5,14 @@ policy_module(abrt, 1.2.0)
@@ -17989,14 +18026,20 @@ index 30861ec..f3f9354 100644
type abrt_t;
type abrt_exec_t;
init_daemon_domain(abrt_t, abrt_exec_t)
-@@ -37,20 +45,44 @@ files_pid_file(abrt_var_run_t)
- type abrt_helper_t;
- type abrt_helper_exec_t;
- application_domain(abrt_helper_t, abrt_helper_exec_t)
-+#init_system_domain(abrt_helper_t, abrt_helper_exec_t)
- role system_r types abrt_helper_t;
+@@ -32,6 +40,12 @@ files_type(abrt_var_cache_t)
+ type abrt_var_run_t;
+ files_pid_file(abrt_var_run_t)
- ifdef(`enable_mcs',`
++type abrt_dump_oops_t;
++type abrt_dump_oops_exec_t;
++init_system_domain(abrt_dump_oops_t, abrt_dump_oops_exec_t)
++
++permissive abrt_dump_oops_t;
++
+ # type needed to allow all domains
+ # to handle /var/cache/abrt
+ type abrt_helper_t;
+@@ -43,14 +57,37 @@ ifdef(`enable_mcs',`
init_ranged_daemon_domain(abrt_t, abrt_exec_t, s0 - mcs_systemhigh)
')
@@ -18036,7 +18079,7 @@ index 30861ec..f3f9354 100644
allow abrt_t self:fifo_file rw_fifo_file_perms;
allow abrt_t self:tcp_socket create_stream_socket_perms;
-@@ -59,6 +91,7 @@ allow abrt_t self:unix_dgram_socket create_socket_perms;
+@@ -59,6 +96,7 @@ allow abrt_t self:unix_dgram_socket create_socket_perms;
allow abrt_t self:netlink_route_socket r_netlink_socket_perms;
# abrt etc files
@@ -18044,7 +18087,7 @@ index 30861ec..f3f9354 100644
rw_files_pattern(abrt_t, abrt_etc_t, abrt_etc_t)
# log file
-@@ -69,6 +102,7 @@ logging_log_filetrans(abrt_t, abrt_var_log_t, file)
+@@ -69,6 +107,7 @@ logging_log_filetrans(abrt_t, abrt_var_log_t, file)
manage_dirs_pattern(abrt_t, abrt_tmp_t, abrt_tmp_t)
manage_files_pattern(abrt_t, abrt_tmp_t, abrt_tmp_t)
files_tmp_filetrans(abrt_t, abrt_tmp_t, { file dir })
@@ -18052,7 +18095,7 @@ index 30861ec..f3f9354 100644
# abrt var/cache files
manage_files_pattern(abrt_t, abrt_var_cache_t, abrt_var_cache_t)
-@@ -82,7 +116,7 @@ manage_files_pattern(abrt_t, abrt_var_run_t, abrt_var_run_t)
+@@ -82,7 +121,7 @@ manage_files_pattern(abrt_t, abrt_var_run_t, abrt_var_run_t)
manage_dirs_pattern(abrt_t, abrt_var_run_t, abrt_var_run_t)
manage_sock_files_pattern(abrt_t, abrt_var_run_t, abrt_var_run_t)
manage_lnk_files_pattern(abrt_t, abrt_var_run_t, abrt_var_run_t)
@@ -18061,7 +18104,7 @@ index 30861ec..f3f9354 100644
kernel_read_ring_buffer(abrt_t)
kernel_read_system_state(abrt_t)
-@@ -104,6 +138,7 @@ corenet_tcp_connect_all_ports(abrt_t)
+@@ -104,6 +143,7 @@ corenet_tcp_connect_all_ports(abrt_t)
corenet_sendrecv_http_client_packets(abrt_t)
dev_getattr_all_chr_files(abrt_t)
@@ -18069,7 +18112,7 @@ index 30861ec..f3f9354 100644
dev_read_urand(abrt_t)
dev_rw_sysfs(abrt_t)
dev_dontaudit_read_raw_memory(abrt_t)
-@@ -113,7 +148,8 @@ domain_read_all_domains_state(abrt_t)
+@@ -113,7 +153,8 @@ domain_read_all_domains_state(abrt_t)
domain_signull_all_domains(abrt_t)
files_getattr_all_files(abrt_t)
@@ -18079,7 +18122,7 @@ index 30861ec..f3f9354 100644
files_read_var_symlinks(abrt_t)
files_read_var_lib_files(abrt_t)
files_read_usr_files(abrt_t)
-@@ -121,6 +157,8 @@ files_read_generic_tmp_files(abrt_t)
+@@ -121,6 +162,8 @@ files_read_generic_tmp_files(abrt_t)
files_read_kernel_modules(abrt_t)
files_dontaudit_list_default(abrt_t)
files_dontaudit_read_default_files(abrt_t)
@@ -18088,7 +18131,7 @@ index 30861ec..f3f9354 100644
fs_list_inotifyfs(abrt_t)
fs_getattr_all_fs(abrt_t)
-@@ -131,7 +169,7 @@ fs_read_nfs_files(abrt_t)
+@@ -131,7 +174,7 @@ fs_read_nfs_files(abrt_t)
fs_read_nfs_symlinks(abrt_t)
fs_search_all(abrt_t)
@@ -18097,7 +18140,7 @@ index 30861ec..f3f9354 100644
logging_read_generic_logs(abrt_t)
logging_send_syslog_msg(abrt_t)
-@@ -140,6 +178,16 @@ miscfiles_read_generic_certs(abrt_t)
+@@ -140,6 +183,16 @@ miscfiles_read_generic_certs(abrt_t)
miscfiles_read_localization(abrt_t)
userdom_dontaudit_read_user_home_content_files(abrt_t)
@@ -18114,7 +18157,7 @@ index 30861ec..f3f9354 100644
optional_policy(`
dbus_system_domain(abrt_t, abrt_exec_t)
-@@ -150,6 +198,11 @@ optional_policy(`
+@@ -150,6 +203,11 @@ optional_policy(`
')
optional_policy(`
@@ -18126,7 +18169,7 @@ index 30861ec..f3f9354 100644
policykit_dbus_chat(abrt_t)
policykit_domtrans_auth(abrt_t)
policykit_read_lib(abrt_t)
-@@ -167,6 +220,7 @@ optional_policy(`
+@@ -167,6 +225,7 @@ optional_policy(`
rpm_exec(abrt_t)
rpm_dontaudit_manage_db(abrt_t)
rpm_manage_cache(abrt_t)
@@ -18134,7 +18177,7 @@ index 30861ec..f3f9354 100644
rpm_manage_pid_files(abrt_t)
rpm_read_db(abrt_t)
rpm_signull(abrt_t)
-@@ -178,12 +232,18 @@ optional_policy(`
+@@ -178,12 +237,18 @@ optional_policy(`
')
optional_policy(`
@@ -18154,7 +18197,7 @@ index 30861ec..f3f9354 100644
#
allow abrt_helper_t self:capability { chown setgid sys_nice };
-@@ -200,9 +260,12 @@ files_var_filetrans(abrt_helper_t, abrt_var_cache_t, { file dir })
+@@ -200,9 +265,12 @@ files_var_filetrans(abrt_helper_t, abrt_var_cache_t, { file dir })
read_files_pattern(abrt_helper_t, abrt_var_run_t, abrt_var_run_t)
read_lnk_files_pattern(abrt_helper_t, abrt_var_run_t, abrt_var_run_t)
@@ -18167,7 +18210,7 @@ index 30861ec..f3f9354 100644
fs_list_inotifyfs(abrt_helper_t)
fs_getattr_all_fs(abrt_helper_t)
-@@ -216,7 +279,8 @@ miscfiles_read_localization(abrt_helper_t)
+@@ -216,7 +284,8 @@ miscfiles_read_localization(abrt_helper_t)
term_dontaudit_use_all_ttys(abrt_helper_t)
term_dontaudit_use_all_ptys(abrt_helper_t)
@@ -18177,7 +18220,7 @@ index 30861ec..f3f9354 100644
userdom_dontaudit_read_user_home_content_files(abrt_helper_t)
userdom_dontaudit_read_user_tmp_files(abrt_helper_t)
dev_dontaudit_read_all_blk_files(abrt_helper_t)
-@@ -224,4 +288,100 @@ ifdef(`hide_broken_symptoms', `
+@@ -224,4 +293,131 @@ ifdef(`hide_broken_symptoms', `
dev_dontaudit_write_all_chr_files(abrt_helper_t)
dev_dontaudit_write_all_blk_files(abrt_helper_t)
fs_dontaudit_rw_anon_inodefs_files(abrt_helper_t)
@@ -18185,7 +18228,7 @@ index 30861ec..f3f9354 100644
+ optional_policy(`
+ rpm_dontaudit_leaks(abrt_helper_t)
+ ')
-+')
+ ')
+
+ifdef(`hide_broken_symptoms',`
+ gen_require(`
@@ -18277,7 +18320,38 @@ index 30861ec..f3f9354 100644
+
+optional_policy(`
+ mock_domtrans(abrt_retrace_worker_t)
- ')
++')
++
++########################################
++#
++# abrt_dump_oops local policy
++#
++
++allow abrt_dump_oops_t self:capability dac_override;
++allow abrt_dump_oops_t self:fifo_file rw_fifo_file_perms;
++allow abrt_dump_oops_t self:unix_stream_socket create_stream_socket_perms;
++
++files_search_spool(abrt_dump_oops_t)
++manage_dirs_pattern(abrt_dump_oops_t, abrt_var_cache_t, abrt_var_cache_t)
++manage_files_pattern(abrt_dump_oops_t, abrt_var_cache_t, abrt_var_cache_t)
++manage_lnk_files_pattern(abrt_dump_oops_t, abrt_var_cache_t, abrt_var_cache_t)
++files_var_filetrans(abrt_dump_oops_t, abrt_var_cache_t, { file dir })
++
++read_files_pattern(abrt_dump_oops_t, abrt_var_run_t, abrt_var_run_t)
++read_lnk_files_pattern(abrt_dump_oops_t, abrt_var_run_t, abrt_var_run_t)
++
++kernel_read_kernel_sysctls(abrt_dump_oops_t)
++kernel_read_ring_buffer(abrt_dump_oops_t)
++kernel_read_system_state(abrt_dump_oops_t)
++
++domain_use_interactive_fds(abrt_dump_oops_t)
++
++files_read_etc_files(abrt_dump_oops_t)
++
++logging_read_generic_logs(abrt_dump_oops_t)
++logging_send_syslog_msg(abrt_dump_oops_t)
++
++miscfiles_read_localization(abrt_dump_oops_t)
diff --git a/policy/modules/services/accountsd.if b/policy/modules/services/accountsd.if
index c0f858d..d639ae0 100644
--- a/policy/modules/services/accountsd.if
@@ -24507,7 +24581,7 @@ index 35241ed..a75e22c 100644
+ manage_files_pattern($1, system_cronjob_var_lib_t, system_cronjob_var_lib_t)
')
diff --git a/policy/modules/services/cron.te b/policy/modules/services/cron.te
-index f7583ab..e6ddde9 100644
+index f7583ab..80426f1 100644
--- a/policy/modules/services/cron.te
+++ b/policy/modules/services/cron.te
@@ -10,18 +10,18 @@ gen_require(`
@@ -24670,9 +24744,12 @@ index f7583ab..e6ddde9 100644
logging_send_syslog_msg(crond_t)
logging_set_loginuid(crond_t)
-@@ -220,8 +243,10 @@ miscfiles_read_localization(crond_t)
+@@ -218,10 +241,12 @@ seutil_sigchld_newrole(crond_t)
+ miscfiles_read_localization(crond_t)
+
userdom_use_unpriv_users_fds(crond_t)
- # Not sure why this is needed
+-# Not sure why this is needed
++userdom_list_admin_dir(crond_t)
userdom_list_user_home_dirs(crond_t)
+userdom_create_all_users_keys(crond_t)
@@ -30475,7 +30552,7 @@ index da2127e..10197f7 100644
+
+sysnet_read_config(jabberd_domain)
diff --git a/policy/modules/services/kerberos.fc b/policy/modules/services/kerberos.fc
-index 3525d24..923e979 100644
+index 3525d24..d50a883 100644
--- a/policy/modules/services/kerberos.fc
+++ b/policy/modules/services/kerberos.fc
@@ -8,7 +8,7 @@ HOME_DIR/\.k5login -- gen_context(system_u:object_r:krb5_home_t,s0)
@@ -30487,7 +30564,15 @@ index 3525d24..923e979 100644
/etc/rc\.d/init\.d/kprop -- gen_context(system_u:object_r:kerberos_initrc_exec_t,s0)
/etc/rc\.d/init\.d/krb524d -- gen_context(system_u:object_r:kerberos_initrc_exec_t,s0)
/etc/rc\.d/init\.d/krb5kdc -- gen_context(system_u:object_r:kerberos_initrc_exec_t,s0)
-@@ -31,3 +31,4 @@ HOME_DIR/\.k5login -- gen_context(system_u:object_r:krb5_home_t,s0)
+@@ -21,6 +21,7 @@ HOME_DIR/\.k5login -- gen_context(system_u:object_r:krb5_home_t,s0)
+ /usr/local/var/krb5kdc(/.*)? gen_context(system_u:object_r:krb5kdc_conf_t,s0)
+ /usr/local/var/krb5kdc/principal.* gen_context(system_u:object_r:krb5kdc_principal_t,s0)
+
++/var/cache/krb5rcache(/.*)? gen_context(system_u:object_r:krb5_host_rcache_t,s0)
+ /var/kerberos/krb5kdc(/.*)? gen_context(system_u:object_r:krb5kdc_conf_t,s0)
+ /var/kerberos/krb5kdc/from_master.* gen_context(system_u:object_r:krb5kdc_lock_t,s0)
+ /var/kerberos/krb5kdc/kadm5\.keytab -- gen_context(system_u:object_r:krb5_keytab_t,s0)
+@@ -31,3 +32,4 @@ HOME_DIR/\.k5login -- gen_context(system_u:object_r:krb5_home_t,s0)
/var/log/kadmin(d)?\.log gen_context(system_u:object_r:kadmind_log_t,s0)
/var/tmp/host_0 -- gen_context(system_u:object_r:krb5_host_rcache_t,s0)
@@ -37495,7 +37580,7 @@ index 55e62d2..f2674e8 100644
/var/spool/postfix/pid/.* gen_context(system_u:object_r:postfix_var_run_t,s0)
/var/spool/postfix/private(/.*)? gen_context(system_u:object_r:postfix_private_t,s0)
diff --git a/policy/modules/services/postfix.if b/policy/modules/services/postfix.if
-index 46bee12..83cb270 100644
+index 46bee12..fc18bf2 100644
--- a/policy/modules/services/postfix.if
+++ b/policy/modules/services/postfix.if
@@ -34,8 +34,9 @@ template(`postfix_domain_template',`
@@ -37712,7 +37797,7 @@ index 46bee12..83cb270 100644
')
########################################
-@@ -621,3 +682,103 @@ interface(`postfix_domtrans_user_mail_handler',`
+@@ -621,3 +682,108 @@ interface(`postfix_domtrans_user_mail_handler',`
typeattribute $1 postfix_user_domtrans;
')
@@ -37815,6 +37900,11 @@ index 46bee12..83cb270 100644
+
+ postfix_domtrans_postdrop($1)
+ role $2 types postfix_postdrop_t;
++
++ ifdef(`hide_broken_symptoms', `
++ dontaudit postfix_postdrop_t $1:socket_class_set { getattr read write };
++ ')
++
+')
diff --git a/policy/modules/services/postfix.te b/policy/modules/services/postfix.te
index 06e37d4..b4d7354 100644
@@ -39016,7 +39106,7 @@ index bc329d1..0589f97 100644
admin_pattern($1, psad_tmp_t)
')
diff --git a/policy/modules/services/psad.te b/policy/modules/services/psad.te
-index d4000e0..f1e983e 100644
+index d4000e0..f35afa4 100644
--- a/policy/modules/services/psad.te
+++ b/policy/modules/services/psad.te
@@ -11,7 +11,7 @@ init_daemon_domain(psad_t, psad_exec_t)
@@ -39033,7 +39123,7 @@ index d4000e0..f1e983e 100644
allow psad_t self:capability { net_admin net_raw setuid setgid dac_override };
dontaudit psad_t self:capability sys_tty_config;
-allow psad_t self:process signull;
-+allow psad_t self:process { signal signull };
++allow psad_t self:process signal_perms;
allow psad_t self:fifo_file rw_fifo_file_perms;
allow psad_t self:rawip_socket create_socket_perms;
@@ -43145,7 +43235,7 @@ index adea9f9..d5b2d93 100644
init_labeled_script_domtrans($1, fsdaemon_initrc_exec_t)
diff --git a/policy/modules/services/smartmon.te b/policy/modules/services/smartmon.te
-index 606a098..14535da 100644
+index 606a098..7cff55a 100644
--- a/policy/modules/services/smartmon.te
+++ b/policy/modules/services/smartmon.te
@@ -73,19 +73,26 @@ files_read_etc_runtime_files(fsdaemon_t)
@@ -43175,6 +43265,17 @@ index 606a098..14535da 100644
libs_exec_ld_so(fsdaemon_t)
libs_exec_lib_files(fsdaemon_t)
+@@ -113,6 +120,10 @@ tunable_policy(`smartmon_3ware',`
+ ')
+
+ optional_policy(`
++ application_signull(fsdaemon_t)
++')
++
++optional_policy(`
+ mta_send_mail(fsdaemon_t)
+ ')
+
diff --git a/policy/modules/services/smokeping.te b/policy/modules/services/smokeping.te
index 740994a..a92ba26 100644
--- a/policy/modules/services/smokeping.te
diff --git a/selinux-policy.spec b/selinux-policy.spec
index ba9ac82..458b848 100644
--- a/selinux-policy.spec
+++ b/selinux-policy.spec
@@ -21,7 +21,7 @@
Summary: SELinux policy configuration
Name: selinux-policy
Version: 3.9.16
-Release: 35%{?dist}
+Release: 36%{?dist}
License: GPLv2+
Group: System Environment/Base
Source: serefpolicy-%{version}.tgz
@@ -471,6 +471,13 @@ exit 0
%endif
%changelog
+* Wed Jul 27 2011 Miroslav Grepl <mgrepl at redhat.com> 3.9.16-36
+- Backport ABRT changes
+- Make tmux working with scree policy
+- Allow root cron jobs can't run without unconfined
+- add interface to dontaudit writes to urand, needed by libra
+- Add label for /var/cache/krb5rcache directory
+
* Wed Jul 20 2011 Miroslav Grepl <mgrepl at redhat.com> 3.9.16-35
- Allow jabberd_router_t to read system state
- Rename oracledb_port to oracle_port
More information about the scm-commits
mailing list