Merge branch 'master' of ssh://pkgs.fedoraproject.org/selinux-policy

Conflicts: policy-F16.patch selinux-policy.spec
2011-11-04 13:34:59 -04:00 · 2011-11-04 13:34:59 -04:00 · 0b72d16e07
commit 0b72d16e07
parent 8872d3d2ac 76b2f513a3
2 changed files with 29 additions and 5 deletions
--- a/policy-F16.patch
+++ b/policy-F16.patch
@ -60965,7 +60965,7 @@ index 2124b6a..49c15d1 100644
 +# support for nova-stack
 +/usr/bin/nova-compute       --  gen_context(system_u:object_r:virtd_exec_t,s0)
 diff --git a/policy/modules/services/virt.if b/policy/modules/services/virt.if
-index 7c5d8d8..d711fd5 100644
+index 7c5d8d8..fc6beb9 100644
 --- a/policy/modules/services/virt.if
 +++ b/policy/modules/services/virt.if
@@ -13,39 +13,44 @@
@ -61232,7 +61232,15 @@ index 7c5d8d8..d711fd5 100644
 ## </param>
 #
 interface(`virt_append_log',`
-@@ -424,6 +520,24 @@ interface(`virt_read_images',`
+@@ -408,6 +504,7 @@ interface(`virt_read_images',`
 	read_files_pattern($1, virt_image_type, virt_image_type)
 	read_lnk_files_pattern($1, virt_image_type, virt_image_type)
 	read_blk_files_pattern($1, virt_image_type, virt_image_type)
 +	read_chr_files_pattern($1, virt_image_type, virt_image_type)
 	tunable_policy(`virt_use_nfs',`
 		fs_list_nfs($1)
@@ -424,6 +521,24 @@ interface(`virt_read_images',`
 ########################################
 ## <summary>
@ -61257,7 +61265,7 @@ index 7c5d8d8..d711fd5 100644
 ##	Create, read, write, and delete
 ##	svirt cache files.
 ## </summary>
-@@ -433,15 +547,15 @@ interface(`virt_read_images',`
+@@ -433,15 +548,15 @@ interface(`virt_read_images',`
 ##	</summary>
 ## </param>
 #
@ -61278,7 +61286,15 @@ index 7c5d8d8..d711fd5 100644
 ')
 ########################################
-@@ -500,11 +614,16 @@ interface(`virt_manage_images',`
+@@ -466,6 +581,7 @@ interface(`virt_manage_images',`
 	manage_files_pattern($1, virt_image_type, virt_image_type)
 	read_lnk_files_pattern($1, virt_image_type, virt_image_type)
 	rw_blk_files_pattern($1, virt_image_type, virt_image_type)
 +	rw_chr_files_pattern($1, virt_image_type, virt_image_type)
 	tunable_policy(`virt_use_nfs',`
 		fs_manage_nfs_dirs($1)
@@ -500,11 +616,16 @@ interface(`virt_manage_images',`
 interface(`virt_admin',`
 	gen_require(`
 		type virtd_t, virtd_initrc_exec_t;
@ -61295,7 +61311,7 @@ index 7c5d8d8..d711fd5 100644
 	init_labeled_script_domtrans($1, virtd_initrc_exec_t)
 	domain_system_change_exemption($1)
 	role_transition $2 virtd_initrc_exec_t system_r;
-@@ -515,4 +634,213 @@ interface(`virt_admin',`
+@@ -515,4 +636,213 @@ interface(`virt_admin',`
 	virt_manage_lib_files($1)
 	virt_manage_log($1)
--- a/selinux-policy.spec
+++ b/selinux-policy.spec
@ -485,6 +485,7 @@ SELinux Reference policy mls base module.
 %endif
 %changelog
 <<<<<<< HEAD
 * Fri Nov 4 2011 Miroslav Grepl <mgrepl@redhat.com> 3.10.0-54
 - MCS fixes
 - quota fixes
@ -492,6 +493,13 @@ SELinux Reference policy mls base module.
 * Thu Nov 4 2011 Dan Walsh <dwalsh@redhat.com> 3.10.0-53.1
 - Remove transitions to consoletype
 ||||||| merged common ancestors
 =======
 * Fri Nov 4 2011 Miroslav Grepl <mgrepl@redhat.com> 3.10.0-54
 - MCS fixes
 - quota fixes
 >>>>>>> 76b2f513a3b64cbd70fb9183587a6e2e5e56dbaa
 * Tue Nov 1 2011 Miroslav Grepl <mgrepl@redhat.com> 3.10.0-53
 - Make nvidia* to be labeled correctly
 - Fix abrt_manage_cache() interface