* Fri Feb 8 2008 Dan Walsh <dwalsh@redhat.com> 2.0.42-3
- Add messages for audit2allow DONTAUDIT
This commit is contained in:
parent
0568ee7f2d
commit
813c122421
@ -9976,7 +9976,7 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/etc_rw.py
|
|||||||
+"""
|
+"""
|
||||||
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/executable.py policycoreutils-2.0.42/gui/templates/executable.py
|
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/executable.py policycoreutils-2.0.42/gui/templates/executable.py
|
||||||
--- nsapolicycoreutils/gui/templates/executable.py 1969-12-31 19:00:00.000000000 -0500
|
--- nsapolicycoreutils/gui/templates/executable.py 1969-12-31 19:00:00.000000000 -0500
|
||||||
+++ policycoreutils-2.0.42/gui/templates/executable.py 2008-02-05 16:11:05.000000000 -0500
|
+++ policycoreutils-2.0.42/gui/templates/executable.py 2008-02-08 14:55:16.000000000 -0500
|
||||||
@@ -0,0 +1,328 @@
|
@@ -0,0 +1,328 @@
|
||||||
+# Copyright (C) 2007 Red Hat
|
+# Copyright (C) 2007 Red Hat
|
||||||
+# see file 'COPYING' for use and warranty information
|
+# see file 'COPYING' for use and warranty information
|
||||||
@ -10067,7 +10067,7 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/executable
|
|||||||
+# Init script handling
|
+# Init script handling
|
||||||
+domain_use_interactive_fds(TEMPLATETYPE_t)
|
+domain_use_interactive_fds(TEMPLATETYPE_t)
|
||||||
+
|
+
|
||||||
+## internal communication is often done using fifo and unix sockets.
|
+# internal communication is often done using fifo and unix sockets.
|
||||||
+allow TEMPLATETYPE_t self:fifo_file rw_file_perms;
|
+allow TEMPLATETYPE_t self:fifo_file rw_file_perms;
|
||||||
+allow TEMPLATETYPE_t self:unix_stream_socket create_stream_socket_perms;
|
+allow TEMPLATETYPE_t self:unix_stream_socket create_stream_socket_perms;
|
||||||
+
|
+
|
||||||
|
@ -1,15 +1,30 @@
|
|||||||
diff --exclude-from=exclude --exclude=sepolgen-1.0.11 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/Makefile policycoreutils-2.0.38/Makefile
|
diff --exclude-from=exclude --exclude=sepolgen-1.0.11 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/audit2allow/audit2allow policycoreutils-2.0.42/audit2allow/audit2allow
|
||||||
|
--- nsapolicycoreutils/audit2allow/audit2allow 2008-01-28 16:52:25.000000000 -0500
|
||||||
|
+++ policycoreutils-2.0.42/audit2allow/audit2allow 2008-02-08 10:43:47.000000000 -0500
|
||||||
|
@@ -247,6 +247,11 @@
|
||||||
|
print "\t\tPossible mismatch between this policy and the one under which the audit message was generated.\n"
|
||||||
|
print "\t\tPossible mismatch between current in-memory boolean settings vs. permanent ones.\n"
|
||||||
|
continue
|
||||||
|
+ if rc == audit2why.DONTAUDIT:
|
||||||
|
+ print "\t\tUnknown - should be dontaudit'd by active policy\n",
|
||||||
|
+ print "\t\tPossible mismatch between this policy and the one under which the audit message was generated.\n"
|
||||||
|
+ print "\t\tPossible mismatch between current in-memory boolean settings vs. permanent ones.\n"
|
||||||
|
+ continue
|
||||||
|
if rc == audit2why.BOOLEAN:
|
||||||
|
if len(bools) > 1:
|
||||||
|
print "\tOne of the following booleans was set incorrectly."
|
||||||
|
diff --exclude-from=exclude --exclude=sepolgen-1.0.11 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/Makefile policycoreutils-2.0.42/Makefile
|
||||||
--- nsapolicycoreutils/Makefile 2007-12-19 06:02:52.000000000 -0500
|
--- nsapolicycoreutils/Makefile 2007-12-19 06:02:52.000000000 -0500
|
||||||
+++ policycoreutils-2.0.38/Makefile 2008-01-24 15:31:27.000000000 -0500
|
+++ policycoreutils-2.0.42/Makefile 2008-02-05 16:09:43.000000000 -0500
|
||||||
@@ -1,4 +1,4 @@
|
@@ -1,4 +1,4 @@
|
||||||
-SUBDIRS = setfiles semanage load_policy newrole run_init secon audit2allow audit2why scripts sestatus semodule_package semodule semodule_link semodule_expand semodule_deps setsebool po
|
-SUBDIRS = setfiles semanage load_policy newrole run_init secon audit2allow audit2why scripts sestatus semodule_package semodule semodule_link semodule_expand semodule_deps setsebool po
|
||||||
+SUBDIRS = setfiles semanage load_policy newrole run_init secon audit2allow audit2why scripts sestatus semodule_package semodule semodule_link semodule_expand semodule_deps setsebool po gui
|
+SUBDIRS = setfiles semanage load_policy newrole run_init secon audit2allow audit2why scripts sestatus semodule_package semodule semodule_link semodule_expand semodule_deps setsebool po gui
|
||||||
|
|
||||||
INOTIFYH = $(shell ls /usr/include/sys/inotify.h 2>/dev/null)
|
INOTIFYH = $(shell ls /usr/include/sys/inotify.h 2>/dev/null)
|
||||||
|
|
||||||
diff --exclude-from=exclude --exclude=sepolgen-1.0.11 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/restorecond/restorecond.c policycoreutils-2.0.38/restorecond/restorecond.c
|
diff --exclude-from=exclude --exclude=sepolgen-1.0.11 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/restorecond/restorecond.c policycoreutils-2.0.42/restorecond/restorecond.c
|
||||||
--- nsapolicycoreutils/restorecond/restorecond.c 2007-07-16 14:20:41.000000000 -0400
|
--- nsapolicycoreutils/restorecond/restorecond.c 2007-07-16 14:20:41.000000000 -0400
|
||||||
+++ policycoreutils-2.0.38/restorecond/restorecond.c 2008-01-24 15:31:27.000000000 -0500
|
+++ policycoreutils-2.0.42/restorecond/restorecond.c 2008-02-05 16:09:43.000000000 -0500
|
||||||
@@ -210,9 +210,10 @@
|
@@ -210,9 +210,10 @@
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -6,7 +6,7 @@
|
|||||||
Summary: SELinux policy core utilities
|
Summary: SELinux policy core utilities
|
||||||
Name: policycoreutils
|
Name: policycoreutils
|
||||||
Version: 2.0.42
|
Version: 2.0.42
|
||||||
Release: 2%{?dist}
|
Release: 3%{?dist}
|
||||||
License: GPLv2+
|
License: GPLv2+
|
||||||
Group: System Environment/Base
|
Group: System Environment/Base
|
||||||
Source: http://www.nsa.gov/selinux/archives/policycoreutils-%{version}.tgz
|
Source: http://www.nsa.gov/selinux/archives/policycoreutils-%{version}.tgz
|
||||||
@ -192,6 +192,9 @@ if [ "$1" -ge "1" ]; then
|
|||||||
fi
|
fi
|
||||||
|
|
||||||
%changelog
|
%changelog
|
||||||
|
* Fri Feb 8 2008 Dan Walsh <dwalsh@redhat.com> 2.0.42-3
|
||||||
|
- Add messages for audit2allow DONTAUDIT
|
||||||
|
|
||||||
* Tue Feb 5 2008 Dan Walsh <dwalsh@redhat.com> 2.0.42-2
|
* Tue Feb 5 2008 Dan Walsh <dwalsh@redhat.com> 2.0.42-2
|
||||||
- Add ability to transition to roles via polgengui
|
- Add ability to transition to roles via polgengui
|
||||||
|
|
||||||
|
Loading…
Reference in New Issue
Block a user