[selinux-policy/f17] Fix config.tgz

Miroslav Grepl mgrepl at fedoraproject.org
Sun Apr 22 23:05:56 UTC 2012 

commit 7e9a43c910b6e19c18799ce197ea3203c6b3e276
Author: Miroslav Grepl <mgrepl at redhat.com>
Date:   Mon Apr 23 01:05:27 2012 +0200

    Fix config.tgz

 config.tgz       |  Bin 3460 -> 3450 bytes
 policy-F16.patch |   31 ++++++++++++++++++++++---------
 2 files changed, 22 insertions(+), 9 deletions(-)
---
diff --git a/config.tgz b/config.tgz
index 5e0daac..4c3507d 100644
Binary files a/config.tgz and b/config.tgz differ
diff --git a/policy-F16.patch b/policy-F16.patch
index 81156f2..9adbb51 100644
--- a/policy-F16.patch
+++ b/policy-F16.patch
@@ -59751,11 +59751,10 @@ index 7090dae..51123b2 100644
 +logging_read_all_logs(logrotate_mail_t)
 +manage_files_pattern(logrotate_mail_t, logrotate_tmp_t, logrotate_tmp_t)
 diff --git a/policy/modules/admin/logwatch.fc b/policy/modules/admin/logwatch.fc
-index 3c7b1e8..084a576 100644
+index 3c7b1e8..1e155f5 100644
 --- a/policy/modules/admin/logwatch.fc
 +++ b/policy/modules/admin/logwatch.fc
-@@ -1,7 +1,12 @@
-+/usr/bin/abrt-watch-log	--	gen_context(system_u:object_r:logwatch_exec_t,s0)
+@@ -1,7 +1,11 @@
  /usr/sbin/logcheck	--	gen_context(system_u:object_r:logwatch_exec_t,s0)
 +/usr/sbin/epylog	--	gen_context(system_u:object_r:logwatch_exec_t,s0)
  
@@ -99423,7 +99422,7 @@ index 9bd812b..6572368 100644
 +	allow $1 dnsmasq_unit_file_t:service all_service_perms;
  ')
 diff --git a/policy/modules/services/dnsmasq.te b/policy/modules/services/dnsmasq.te
-index fdaeeba..b1ea136 100644
+index fdaeeba..1a2a666 100644
 --- a/policy/modules/services/dnsmasq.te
 +++ b/policy/modules/services/dnsmasq.te
 @@ -24,6 +24,9 @@ logging_log_file(dnsmasq_var_log_t)
@@ -99482,9 +99481,11 @@ index fdaeeba..b1ea136 100644
  ')
  
  optional_policy(`
-@@ -114,4 +135,5 @@ optional_policy(`
+@@ -113,5 +134,7 @@ optional_policy(`
+ 
  optional_policy(`
  	virt_manage_lib_files(dnsmasq_t)
++	virt_read_lib_files(dnsmasq_t)
  	virt_read_pid_files(dnsmasq_t)
 +	virt_pid_filetrans(dnsmasq_t, dnsmasq_var_run_t, { dir file })
  ')
@@ -106202,10 +106203,10 @@ index 0000000..2021c49
 +')
 diff --git a/policy/modules/services/l2tpd.te b/policy/modules/services/l2tpd.te
 new file mode 100644
-index 0000000..ab62151
+index 0000000..ebef23f
 --- /dev/null
 +++ b/policy/modules/services/l2tpd.te
-@@ -0,0 +1,93 @@
+@@ -0,0 +1,96 @@
 +policy_module(l2tpd, 1.0.0)
 +
 +########################################
@@ -106268,6 +106269,7 @@ index 0000000..ab62151
 +corenet_udp_sendrecv_generic_node(l2tpd_t)
 +
 +corenet_tcp_bind_all_rpc_ports(l2tpd_t)
++corenet_udp_bind_all_rpc_ports(l2tpd_t)
 +corenet_udp_bind_generic_port(l2tpd_t)
 +
 +corenet_udp_bind_l2tp_port(l2tpd_t)
@@ -106289,6 +106291,8 @@ index 0000000..ab62151
 +
 +files_read_etc_files(l2tpd_t)
 +
++term_use_ptmx(l2tpd_t)
++
 +logging_send_syslog_msg(l2tpd_t)
 +
 +miscfiles_read_localization(l2tpd_t)
@@ -111424,7 +111428,7 @@ index 386543b..0f1f9c4 100644
  /var/run/wpa_supplicant(/.*)?		gen_context(system_u:object_r:NetworkManager_var_run_t,s0)
  /var/run/wpa_supplicant-global	-s	gen_context(system_u:object_r:NetworkManager_var_run_t,s0)
 diff --git a/policy/modules/services/networkmanager.if b/policy/modules/services/networkmanager.if
-index 2324d9e..69db955 100644
+index 2324d9e..da61d01 100644
 --- a/policy/modules/services/networkmanager.if
 +++ b/policy/modules/services/networkmanager.if
 @@ -43,9 +43,9 @@ interface(`networkmanager_rw_packet_sockets',`
@@ -111499,7 +111503,7 @@ index 2324d9e..69db955 100644
  ##	Send a generic signal to NetworkManager
  ## </summary>
  ## <param name="domain">
-@@ -191,3 +236,81 @@ interface(`networkmanager_read_pid_files',`
+@@ -191,3 +236,90 @@ interface(`networkmanager_read_pid_files',`
  	files_search_pids($1)
  	allow $1 NetworkManager_var_run_t:file read_file_perms;
  ')
@@ -111577,6 +111581,15 @@ index 2324d9e..69db955 100644
 +	files_pid_filetrans($1, NetworkManager_var_run_t, file, "nm-dhclient.-eth7.conf")
 +	files_pid_filetrans($1, NetworkManager_var_run_t, file, "nm-dhclient.-eth8.conf")
 +	files_pid_filetrans($1, NetworkManager_var_run_t, file, "nm-dhclient.-eth9.conf")
++	files_pid_filetrans($1, NetworkManager_var_run_t, file, "nm-dhclient-em0.conf")
++	files_pid_filetrans($1, NetworkManager_var_run_t, file, "nm-dhclient-em1.conf")
++	files_pid_filetrans($1, NetworkManager_var_run_t, file, "nm-dhclient-em2.conf")
++	files_pid_filetrans($1, NetworkManager_var_run_t, file, "nm-dhclient-em3.conf")
++	files_pid_filetrans($1, NetworkManager_var_run_t, file, "nm-dhclient-em4.conf")
++	files_pid_filetrans($1, NetworkManager_var_run_t, file, "nm-dhclient-em5.conf")
++	files_pid_filetrans($1, NetworkManager_var_run_t, file, "nm-dhclient-em6.conf")
++	files_pid_filetrans($1, NetworkManager_var_run_t, file, "nm-dhclient-em7.conf")
++	files_pid_filetrans($1, NetworkManager_var_run_t, file, "nm-dhclient-em8.conf")
 +	files_etc_filetrans($1, NetworkManager_var_lib_t, file, "manager-settings.conf")
 +	files_etc_filetrans($1, NetworkManager_var_lib_t, file, "wireless-settings.conf")
 +	files_etc_filetrans($1, NetworkManager_var_lib_t, file, "wireed-settings.conf")

More information about the scm-commits mailing list