[selinux-policy/f17: 1/3] Move permissivedomains out of source, add pacemaker

[Daniel J Walsh]

commit 2b395609df62b845aa0c0df932ded10f366684d5
Author: Dan Walsh <dwalsh at redhat.com>
Date:   Thu Mar 8 15:01:02 2012 -0500

    Move permissivedomains out of source, add pacemaker

 modules-targeted.conf |    7 ++++
 permissivedomains.fc  |    1 +
 permissivedomains.if  |    1 +
 permissivedomains.pp  |  Bin 0 -> 78004 bytes
 permissivedomains.te  |   82 +++++++++++++++++++++++++++++++++++++++++++++++++
 selinux-policy.spec   |    5 +++
 6 files changed, 96 insertions(+), 0 deletions(-)
---
diff --git a/modules-targeted.conf b/modules-targeted.conf
index 701cbb4..033569e 100644
--- a/modules-targeted.conf
+++ b/modules-targeted.conf
@@ -2447,6 +2447,13 @@ sblim = module
 cfengine = module
 
 # Layer: services
+# Module: pacemaker
+#
+# pacemaker
+#
+pacemaker = module
+
+# Layer: services
 # Module: polipo
 #
 # polipo
diff --git a/permissivedomains.fc b/permissivedomains.fc
new file mode 100644
index 0000000..6e6a8fc
--- /dev/null
+++ b/permissivedomains.fc
@@ -0,0 +1 @@
+# No file contexts 
diff --git a/permissivedomains.if b/permissivedomains.if
new file mode 100644
index 0000000..bd83148
--- /dev/null
+++ b/permissivedomains.if
@@ -0,0 +1 @@
+## <summary>No Interfaces</summary>
diff --git a/permissivedomains.pp b/permissivedomains.pp
new file mode 100644
index 0000000..759d8b3
Binary files /dev/null and b/permissivedomains.pp differ
diff --git a/permissivedomains.te b/permissivedomains.te
new file mode 100644
index 0000000..921cfa7
--- /dev/null
+++ b/permissivedomains.te
@@ -0,0 +1,82 @@
+policy_module(permissivedomains,17)
+
+
+optional_policy(`
+	gen_require(`
+		type blueman_t;
+	')
+
+	permissive blueman_t;
+')
+
+optional_policy(`
+	gen_require(`
+		type httpd_zoneminder_script_t, zoneminder_t;
+	')
+
+	permissive httpd_zoneminder_script_t;
+	permissive zoneminder_t;
+')
+
+optional_policy(`
+    gen_require(`
+        type selinux_munin_plugin_t;
+    ')
+
+	permissive selinux_munin_plugin_t;
+')
+
+optional_policy(`
+    gen_require(`
+        type dnssec_trigger_t;
+    ')
+
+    permissive dnssec_trigger_t;
+')
+
+
+optional_policy(`
+    gen_require(`
+        type obex_t;
+    ')
+
+    permissive obex_t;
+')
+
+optional_policy(`
+    gen_require(`
+        type sge_shepherd_t;
+		type sge_execd_t;
+		type sge_job_t;
+    ')
+
+	permissive sge_shepherd_t;
+	permissive sge_execd_t;
+	permissive sge_job_t;
+
+')
+
+optional_policy(`
+    gen_require(`
+		type matahari_rpcd_t;
+	')
+
+	permissive matahari_rpcd_t;
+
+')
+
+optional_policy(`
+    gen_require(`
+		type keystone_t;
+	')
+
+	permissive keystone_t;
+')
+
+optional_policy(`
+    gen_require(`
+		type pacemaker_t;
+	')
+
+	permissive pacemaker_t;
+')
diff --git a/selinux-policy.spec b/selinux-policy.spec
index aa85f0d..79890a6 100644
--- a/selinux-policy.spec
+++ b/selinux-policy.spec
@@ -44,6 +44,7 @@ Source23: users-targeted
 Source25: users-minimum
 Source26: file_contexts.subs_dist
 Source27: selinux-policy.conf
+Source28: permissivedomains.pp
 
 Url: http://oss.tresys.com/repos/refpolicy/
 BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
@@ -264,6 +265,8 @@ make clean
 %if %{BUILD_TARGETED}
 # Build targeted policy
 # Commented out because only targeted ref policy currently builds
+mkdir -p %{buildroot}%{_usr}/share/selinux/targeted
+cp %{SOURCE28} %{buildroot}/%{_usr}/share/selinux/targeted
 %makeCmds targeted mcs n allow
 %installCmds targeted mcs n allow
 %endif
@@ -271,6 +274,8 @@ make clean
 %if %{BUILD_MINIMUM}
 # Build minimum policy
 # Commented out because only minimum ref policy currently builds
+mkdir -p %{buildroot}%{_usr}/share/selinux/minimum
+cp %{SOURCE28} %{buildroot}/%{_usr}/share/selinux/minimum
 %makeCmds minimum mcs n allow
 %installCmds minimum mcs n allow
 %modulesList minimum