[selinux-policy/f16] * Fri Nov 1 2012 Miroslav Grepl <mgrepl at redhat.com> 3.10.0-95 - Add support for OpenShift sbin label

[Miroslav Grepl]

commit c6beb7e907799e8fd38f2dd49062ae6da06c93a2
Author: Miroslav Grepl <mgrepl at redhat.com>
Date:   Fri Nov 2 09:26:09 2012 +0100

    * Fri Nov 1 2012 Miroslav Grepl <mgrepl at redhat.com> 3.10.0-95
    - Add support for OpenShift sbin labeling

 policy-F16.patch    |   12 ++++++------
 selinux-policy.spec |    5 ++++-
 2 files changed, 10 insertions(+), 7 deletions(-)
---
diff --git a/policy-F16.patch b/policy-F16.patch
index 054953e..dcb3be5 100644
--- a/policy-F16.patch
+++ b/policy-F16.patch
@@ -49994,7 +49994,7 @@ index 0000000..a437f80
 +files_read_config_files(openshift_domain)
 diff --git a/policy/modules/services/openshift.fc b/policy/modules/services/openshift.fc
 new file mode 100644
-index 0000000..fbadaba
+index 0000000..c9a5f74
 --- /dev/null
 +++ b/policy/modules/services/openshift.fc
 @@ -0,0 +1,24 @@
@@ -50013,12 +50013,12 @@ index 0000000..fbadaba
 +
 +/var/log/mcollective\.log        --    gen_context(system_u:object_r:openshift_log_t,s0)
 +
-+/usr/bin/(oo|rhc)-cgroup-read        --    gen_context(system_u:object_r:openshift_cgroup_read_exec_t,s0)
++/usr/s?bin/(oo|rhc)-cgroup-read        --    gen_context(system_u:object_r:openshift_cgroup_read_exec_t,s0)
 +
-+/usr/bin/(oo|rhc)-restorer           --    gen_context(system_u:object_r:openshift_initrc_exec_t,s0)
-+/usr/bin/(oo|rhc)-restorer-wrapper.sh    --  gen_context(unconfined_u:object_r:httpd_openshift_script_exec_t,s0)
-+/usr/bin/oo-admin-ctl-gears	--	gen_context(system_u:object_r:openshift_initrc_exec_t,s0)
-+/usr/sbin/mcollectived			--		gen_context(system_u:object_r:openshift_initrc_exec_t,s0)
++/usr/s?bin/(oo|rhc)-restorer           --    gen_context(system_u:object_r:openshift_initrc_exec_t,s0)
++/usr/s?bin/(oo|rhc)-restorer-wrapper.sh    --  gen_context(unconfined_u:object_r:httpd_openshift_script_exec_t,s0)
++/usr/s?bin/oo-admin-ctl-gears	--	gen_context(system_u:object_r:openshift_initrc_exec_t,s0)
++/usr/s?bin/mcollectived			--		gen_context(system_u:object_r:openshift_initrc_exec_t,s0)
 +
 +/var/run/stickshift(/.*)?		    	gen_context(system_u:object_r:openshift_var_run_t,s0)
 +/var/run/openshift(/.*)?               gen_context(system_u:object_r:openshift_var_run_t,s0)
diff --git a/selinux-policy.spec b/selinux-policy.spec
index 2c8b14a..9605a00 100644
--- a/selinux-policy.spec
+++ b/selinux-policy.spec
@@ -17,7 +17,7 @@
 Summary: SELinux policy configuration
 Name: selinux-policy
 Version: 3.10.0
-Release: 94%{?dist}
+Release: 95%{?dist}
 License: GPLv2+
 Group: System Environment/Base
 Source: serefpolicy-%{version}.tgz
@@ -466,6 +466,9 @@ SELinux Reference policy mls base module.
 %endif
 
 %changelog
+* Fri Nov 1 2012 Miroslav Grepl <mgrepl at redhat.com> 3.10.0-95
+- Add support for OpenShift sbin labeling
+
 * Wed Oct 31 2012 Miroslav Grepl <mgrepl at redhat.com> 3.10.0-94
 - Add httpd_verify_dns boolean
 - Add label for log directory under /var/www/stickshift