Allow stream sock_files to be stored in /tmp and etc_rw_t directories by sepolgen

- Trigger on selinux-policy needs to change to selinux-policy-devel
- Update translations
- Fix semanage dontaudit off/on exception

policycoreutils-rhat.patch

@@ -12227,10 +12227,10 @@ index 0000000..f7af4d8
 +
 diff --git a/policycoreutils/gui/templates/etc_rw.py b/policycoreutils/gui/templates/etc_rw.py
 new file mode 100644
-index 0000000..0d3dbfe
+index 0000000..1cea8b1
 --- /dev/null
 +++ b/policycoreutils/gui/templates/etc_rw.py
-@@ -0,0 +1,112 @@
+@@ -0,0 +1,138 @@
 +# Copyright (C) 2007-2012 Red Hat
 +# see file 'COPYING' for use and warranty information
 +#
@@ -12265,6 +12265,11 @@ index 0000000..0d3dbfe
 +files_etc_filetrans(TEMPLATETYPE_t, TEMPLATETYPE_etc_rw_t, { dir file })
 +"""
 +
++te_stream_rules="""
++allow TEMPLATETYPE_t TEMPLATETYPE_etc_rw_t:sock_file manage_sock_file_perms;
++files_pid_filetrans(TEMPLATETYPE_t, TEMPLATETYPE_etc_rw_t, sock_file)
++"""
++
 +########################### Interface File #############################
 +if_rules="""
 +########################################
@@ -12327,6 +12332,27 @@ index 0000000..0d3dbfe
 +
 +"""
 +
++if_stream_rules="""\
++########################################
++## <summary>
++##	Connect to TEMPLATETYPE over a unix stream socket.
++## </summary>
++## <param name="domain">
++##	<summary>
++##	Domain allowed access.
++##	</summary>
++## </param>
++#
++interface(`TEMPLATETYPE_stream_connect',`
++	gen_require(`
++		type TEMPLATETYPE_t, TEMPLATETYPE_etc_rw_t;
++	')
++
++	files_search_pids($1)
++	stream_connect_pattern($1, TEMPLATETYPE_etc_rw_t, TEMPLATETYPE_etc_rw_t, TEMPLATETYPE_t)
++')
++"""
++
 +if_admin_types="""
 +		type TEMPLATETYPE_etc_rw_t;"""
 +
@@ -13218,10 +13244,10 @@ index 0000000..194fb2c
 +
 diff --git a/policycoreutils/gui/templates/tmp.py b/policycoreutils/gui/templates/tmp.py
 new file mode 100644
-index 0000000..d2adaa4
+index 0000000..33d4340
 --- /dev/null
 +++ b/policycoreutils/gui/templates/tmp.py
-@@ -0,0 +1,102 @@
+@@ -0,0 +1,128 @@
 +# Copyright (C) 2007-2012 Red Hat
 +# see file 'COPYING' for use and warranty information
 +#
@@ -13256,6 +13282,11 @@ index 0000000..d2adaa4
 +files_tmp_filetrans(TEMPLATETYPE_t, TEMPLATETYPE_tmp_t, { dir file })
 +"""
 +
++te_stream_rules="""
++allow TEMPLATETYPE_t TEMPLATETYPE_tmp_t:sock_file manage_sock_file_perms;
++files_pid_filetrans(TEMPLATETYPE_t, TEMPLATETYPE_tmp_t, sock_file)
++"""
++
 +if_rules="""
 +########################################
 +## <summary>
@@ -13317,6 +13348,27 @@ index 0000000..d2adaa4
 +')
 +"""
 +
++if_stream_rules="""\
++########################################
++## <summary>
++##	Connect to TEMPLATETYPE over a unix stream socket.
++## </summary>
++## <param name="domain">
++##	<summary>
++##	Domain allowed access.
++##	</summary>
++## </param>
++#
++interface(`TEMPLATETYPE_stream_connect',`
++	gen_require(`
++		type TEMPLATETYPE_t, TEMPLATETYPE_tmp_t;
++	')
++
++	files_search_pids($1)
++	stream_connect_pattern($1, TEMPLATETYPE_tmp_t, TEMPLATETYPE_tmp_t, TEMPLATETYPE_t)
++')
++"""
++
 +if_admin_types="""
 +		type TEMPLATETYPE_tmp_t;"""
 +

policycoreutils.spec

@@ -7,7 +7,7 @@
 Summary: SELinux policy core utilities
 Name:	 policycoreutils
 Version: 2.1.11
-Release: 14%{?dist}
+Release: 15%{?dist}
 License: GPLv2
 Group:	 System Environment/Base
 # Based on git repository with tag 20101221
@@ -340,10 +340,9 @@ fi
 %{_bindir}/systemctl try-restart restorecond.service >/dev/null 2>&1 || :
 
 %changelog
-* Fri May 18 2012 Dan Walsh <dwalsh@redhat.com> - 2.1.11-14
+* Fri May 18 2012 Dan Walsh <dwalsh@redhat.com> - 2.1.11-15
+- Allow stream sock_files to be stored in /tmp and etc_rw_t directories by sepolgen
 - Trigger on selinux-policy needs to change to selinux-policy-devel
-
-* Fri May 18 2012 Dan Walsh <dwalsh@redhat.com> - 2.1.11-13
 - Update translations
 - Fix semanage dontaudit off/on exception