[selinux-policy/f17: 1/3] Move permissivedomains out of source, add pacemaker
Daniel J Walsh
dwalsh at fedoraproject.org
Mon Mar 12 13:24:24 UTC 2012
commit 2b395609df62b845aa0c0df932ded10f366684d5
Author: Dan Walsh <dwalsh at redhat.com>
Date: Thu Mar 8 15:01:02 2012 -0500
Move permissivedomains out of source, add pacemaker
modules-targeted.conf | 7 ++++
permissivedomains.fc | 1 +
permissivedomains.if | 1 +
permissivedomains.pp | Bin 0 -> 78004 bytes
permissivedomains.te | 82 +++++++++++++++++++++++++++++++++++++++++++++++++
selinux-policy.spec | 5 +++
6 files changed, 96 insertions(+), 0 deletions(-)
---
diff --git a/modules-targeted.conf b/modules-targeted.conf
index 701cbb4..033569e 100644
--- a/modules-targeted.conf
+++ b/modules-targeted.conf
@@ -2447,6 +2447,13 @@ sblim = module
cfengine = module
# Layer: services
+# Module: pacemaker
+#
+# pacemaker
+#
+pacemaker = module
+
+# Layer: services
# Module: polipo
#
# polipo
diff --git a/permissivedomains.fc b/permissivedomains.fc
new file mode 100644
index 0000000..6e6a8fc
--- /dev/null
+++ b/permissivedomains.fc
@@ -0,0 +1 @@
+# No file contexts
diff --git a/permissivedomains.if b/permissivedomains.if
new file mode 100644
index 0000000..bd83148
--- /dev/null
+++ b/permissivedomains.if
@@ -0,0 +1 @@
+## <summary>No Interfaces</summary>
diff --git a/permissivedomains.pp b/permissivedomains.pp
new file mode 100644
index 0000000..759d8b3
Binary files /dev/null and b/permissivedomains.pp differ
diff --git a/permissivedomains.te b/permissivedomains.te
new file mode 100644
index 0000000..921cfa7
--- /dev/null
+++ b/permissivedomains.te
@@ -0,0 +1,82 @@
+policy_module(permissivedomains,17)
+
+
+optional_policy(`
+ gen_require(`
+ type blueman_t;
+ ')
+
+ permissive blueman_t;
+')
+
+optional_policy(`
+ gen_require(`
+ type httpd_zoneminder_script_t, zoneminder_t;
+ ')
+
+ permissive httpd_zoneminder_script_t;
+ permissive zoneminder_t;
+')
+
+optional_policy(`
+ gen_require(`
+ type selinux_munin_plugin_t;
+ ')
+
+ permissive selinux_munin_plugin_t;
+')
+
+optional_policy(`
+ gen_require(`
+ type dnssec_trigger_t;
+ ')
+
+ permissive dnssec_trigger_t;
+')
+
+
+optional_policy(`
+ gen_require(`
+ type obex_t;
+ ')
+
+ permissive obex_t;
+')
+
+optional_policy(`
+ gen_require(`
+ type sge_shepherd_t;
+ type sge_execd_t;
+ type sge_job_t;
+ ')
+
+ permissive sge_shepherd_t;
+ permissive sge_execd_t;
+ permissive sge_job_t;
+
+')
+
+optional_policy(`
+ gen_require(`
+ type matahari_rpcd_t;
+ ')
+
+ permissive matahari_rpcd_t;
+
+')
+
+optional_policy(`
+ gen_require(`
+ type keystone_t;
+ ')
+
+ permissive keystone_t;
+')
+
+optional_policy(`
+ gen_require(`
+ type pacemaker_t;
+ ')
+
+ permissive pacemaker_t;
+')
diff --git a/selinux-policy.spec b/selinux-policy.spec
index aa85f0d..79890a6 100644
--- a/selinux-policy.spec
+++ b/selinux-policy.spec
@@ -44,6 +44,7 @@ Source23: users-targeted
Source25: users-minimum
Source26: file_contexts.subs_dist
Source27: selinux-policy.conf
+Source28: permissivedomains.pp
Url: http://oss.tresys.com/repos/refpolicy/
BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
@@ -264,6 +265,8 @@ make clean
%if %{BUILD_TARGETED}
# Build targeted policy
# Commented out because only targeted ref policy currently builds
+mkdir -p %{buildroot}%{_usr}/share/selinux/targeted
+cp %{SOURCE28} %{buildroot}/%{_usr}/share/selinux/targeted
%makeCmds targeted mcs n allow
%installCmds targeted mcs n allow
%endif
@@ -271,6 +274,8 @@ make clean
%if %{BUILD_MINIMUM}
# Build minimum policy
# Commented out because only minimum ref policy currently builds
+mkdir -p %{buildroot}%{_usr}/share/selinux/minimum
+cp %{SOURCE28} %{buildroot}/%{_usr}/share/selinux/minimum
%makeCmds minimum mcs n allow
%installCmds minimum mcs n allow
%modulesList minimum
More information about the scm-commits
mailing list