- Fix prelink to handle execmod

2007-07-24 20:47:24 +00:00 · 2007-07-24 20:47:24 +00:00 · 24acabce75
commit 24acabce75
parent fc4c7497a7
2 changed files with 5 additions and 5 deletions
--- a/policy-20070703.patch
+++ b/policy-20070703.patch
@ -4394,7 +4394,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/cups
 +/usr/local/Brother/inf(/.*)?	gen_context(system_u:object_r:cupsd_rw_etc_t,mls_systemhigh)
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/cups.te serefpolicy-3.0.3/policy/modules/services/cups.te
 --- nsaserefpolicy/policy/modules/services/cups.te	2007-07-03 07:06:27.000000000 -0400
-+++ serefpolicy-3.0.3/policy/modules/services/cups.te	2007-07-24 15:38:39.000000000 -0400
+++ serefpolicy-3.0.3/policy/modules/services/cups.te	2007-07-24 16:22:33.000000000 -0400
@@ -81,12 +81,11 @@
 # /usr/lib/cups/backend/serial needs sys_admin(?!)
 allow cupsd_t self:capability { sys_admin dac_override dac_read_search kill setgid setuid fsetid net_bind_service fowner chown dac_override sys_resource sys_tty_config };
@ -4441,7 +4441,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/cups
 files_read_usr_files(cupsd_t)
 # for /var/lib/defoma
 -files_search_var_lib(cupsd_t)
-+files_read_var_lib(cupsd_t)
+files_read_var_lib_files(cupsd_t)
 files_list_world_readable(cupsd_t)
 files_read_world_readable_files(cupsd_t)
 files_read_world_readable_symlinks(cupsd_t)
@ -9748,7 +9748,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/selinu
 +')
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/selinuxutil.te serefpolicy-3.0.3/policy/modules/system/selinuxutil.te
 --- nsaserefpolicy/policy/modules/system/selinuxutil.te	2007-05-30 11:47:29.000000000 -0400
-+++ serefpolicy-3.0.3/policy/modules/system/selinuxutil.te	2007-07-17 15:46:25.000000000 -0400
+++ serefpolicy-3.0.3/policy/modules/system/selinuxutil.te	2007-07-24 16:27:49.000000000 -0400
@@ -24,11 +24,9 @@
 files_type(selinux_config_t)
@ -9791,7 +9791,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/selinu
 role system_r types semanage_t;
 +type setsebool_exec_t;
-+application_domain(semanage_t, setsebool_exec_t)
+init_system_domain(semanage_t, setsebool_exec_t)
 +domain_interactive_fd(semanage_t)
 +
 type semanage_store_t;
--- a/selinux-policy.spec
+++ b/selinux-policy.spec
@ -293,7 +293,7 @@ semodule -r moilscanner 2>/dev/null
 %relabel targeted
 exit 0
-%triggerpostun targeted -- selinux-policy-targeted <= 3.0.3-4
+%triggerpostun targeted -- selinux-policy-targeted <= 3.0.3-5
 setsebool -P use_nfs_home_dirs=1
 restorecon -R /root /etc/selinux/targeted 2> /dev/null
 semanage login -m -s "system_u" __default__ 2> /dev/null