[selinux-policy/f17] * Fri Jun 29 2012 Miroslav Grepl <mgrepl at redhat.com> 3.10.0-136 - Fixes to make minimal policy to be
Miroslav Grepl
mgrepl at fedoraproject.org
Fri Jun 29 15:17:19 UTC 2012
commit 63bda717fef8ab114fa47e1cfaf86446454b0857
Author: Miroslav Grepl <mgrepl at redhat.com>
Date: Fri Jun 29 17:17:02 2012 +0200
* Fri Jun 29 2012 Miroslav Grepl <mgrepl at redhat.com> 3.10.0-136
- Fixes to make minimal policy to be installed
policy-F16.patch | 20 +++++++++++++++-----
selinux-policy.spec | 5 ++++-
2 files changed, 19 insertions(+), 6 deletions(-)
---
diff --git a/policy-F16.patch b/policy-F16.patch
index e988fad..673c77e 100644
--- a/policy-F16.patch
+++ b/policy-F16.patch
@@ -84280,7 +84280,7 @@ index e5bfdd4..7e0ea58 100644
')
+
diff --git a/policy/modules/roles/webadm.te b/policy/modules/roles/webadm.te
-index 0ecc786..3e7e984 100644
+index 0ecc786..0143f70 100644
--- a/policy/modules/roles/webadm.te
+++ b/policy/modules/roles/webadm.te
@@ -28,7 +28,7 @@ userdom_base_user_template(webadm)
@@ -84292,7 +84292,7 @@ index 0ecc786..3e7e984 100644
files_dontaudit_search_all_dirs(webadm_t)
files_manage_generic_locks(webadm_t)
-@@ -38,6 +38,7 @@ selinux_get_enforce_mode(webadm_t)
+@@ -38,10 +38,13 @@ selinux_get_enforce_mode(webadm_t)
seutil_domtrans_setfiles(webadm_t)
logging_send_syslog_msg(webadm_t)
@@ -84300,6 +84300,13 @@ index 0ecc786..3e7e984 100644
userdom_dontaudit_search_user_home_dirs(webadm_t)
+-apache_admin(webadm_t, webadm_r)
++optional_policy(`
++ apache_admin(webadm_t, webadm_r)
++')
+
+ tunable_policy(`webadm_manage_user_files',`
+ userdom_manage_user_home_content_files(webadm_t)
diff --git a/policy/modules/roles/xguest.if b/policy/modules/roles/xguest.if
index d2234e3..030e845 100644
--- a/policy/modules/roles/xguest.if
@@ -151335,7 +151342,7 @@ index db75976..ce61aed 100644
+
+/var/run/user(/.*)? gen_context(system_u:object_r:user_tmp_t,s0)
diff --git a/policy/modules/system/userdomain.if b/policy/modules/system/userdomain.if
-index 4b2878a..c2d7c97 100644
+index 4b2878a..7ec3343 100644
--- a/policy/modules/system/userdomain.if
+++ b/policy/modules/system/userdomain.if
@@ -30,9 +30,11 @@ template(`userdom_base_user_template',`
@@ -153878,7 +153885,7 @@ index 4b2878a..c2d7c97 100644
## Create keys for all user domains.
## </summary>
## <param name="domain">
-@@ -3194,3 +4009,1282 @@ interface(`userdom_dbus_send_all_users',`
+@@ -3194,3 +4009,1285 @@ interface(`userdom_dbus_send_all_users',`
allow $1 userdomain:dbus send_msg;
')
@@ -155118,7 +155125,10 @@ index 4b2878a..c2d7c97 100644
+ userdom_user_home_dir_filetrans($1, home_cert_t, dir, ".cert")
+ userdom_user_home_dir_filetrans($1, home_cert_t, dir, ".pki")
+ userdom_user_home_dir_filetrans($1, home_cert_t, dir, "certificates")
-+ gnome_config_filetrans($1, home_cert_t, dir, "certificates")
++
++ optional_policy(`
++ gnome_config_filetrans($1, home_cert_t, dir, "certificates")
++ ')
+
+ #optional_policy(`
+ # gnome_admin_home_gconf_filetrans($1, home_bin_t, dir, "bin")
diff --git a/selinux-policy.spec b/selinux-policy.spec
index e623b71..d5fd845 100644
--- a/selinux-policy.spec
+++ b/selinux-policy.spec
@@ -19,7 +19,7 @@
Summary: SELinux policy configuration
Name: selinux-policy
Version: 3.10.0
-Release: 135%{?dist}
+Release: 136%{?dist}
License: GPLv2+
Group: System Environment/Base
Source: serefpolicy-%{version}.tgz
@@ -479,6 +479,9 @@ SELinux Reference policy mls base module.
%endif
%changelog
+* Fri Jun 29 2012 Miroslav Grepl <mgrepl at redhat.com> 3.10.0-136
+- Fixes to make minimal policy to be installed
+
* Thu Jun 27 2012 Miroslav Grepl <mgrepl at redhat.com> 3.10.0-135
- abrt_watch_log should be abrt_domain
- add ptrace_child access to process
More information about the scm-commits
mailing list