rpms/selinux-policy
7
0
Fork 0
Code Issues Pull Requests Releases Activity

Fixed typo mistakes.

Browse Source
This commit is contained in:
Lukas Vrabec 2014-09-10 16:09:24 +02:00
parent ae5a648040
commit 2ac2d93920
2 changed files with 12 additions and 11 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
policy-rawhide-base.patch
View File

@ -29903,7 +29903,7 @@ index 3efd5b6..12dca57 100644
+ allow $1 login_pgm:key manage_key_perms; + allow $1 login_pgm:key manage_key_perms;
+') +')
diff --git a/policy/modules/system/authlogin.te b/policy/modules/system/authlogin.te diff --git a/policy/modules/system/authlogin.te b/policy/modules/system/authlogin.te
index 09b791d..49d8c47 100644 index 09b791d..dbf639e 100644
--- a/policy/modules/system/authlogin.te --- a/policy/modules/system/authlogin.te
+++ b/policy/modules/system/authlogin.te +++ b/policy/modules/system/authlogin.te
@@ -5,6 +5,19 @@ policy_module(authlogin, 2.5.1) @@ -5,6 +5,19 @@ policy_module(authlogin, 2.5.1)
@ -30233,14 +30233,14 @@ index 09b791d..49d8c47 100644
sssd_stream_connect(nsswitch_domain) sssd_stream_connect(nsswitch_domain)
+ sssd_read_public_files(nsswitch_domain) + sssd_read_public_files(nsswitch_domain)
+ sssd_read_lib_files(nsswitch_domain) + sssd_read_lib_files(nsswitch_domain)
') +')
+
+#1134389 +#1134389
+userdom_manage_all_users_keys(nsswitch_domain) +userdom_manage_all_users_keys(nsswitch_domain)
+optional_policy(` +optional_policy(`
+ sssd_manage_keys(nsswitch_domain) + sssd_manage_keys(nsswitch_domain)
+") ')
+
optional_policy(` optional_policy(`
samba_stream_connect_winbind(nsswitch_domain) samba_stream_connect_winbind(nsswitch_domain)
+ samba_stream_connect_nmbd(nsswitch_domain) + samba_stream_connect_nmbd(nsswitch_domain)

13
policy-rawhide-contrib.patch
View File

@ -103971,7 +103971,7 @@ index facdee8..c43ef2e 100644
+ typeattribute $1 sandbox_caps_domain; + typeattribute $1 sandbox_caps_domain;
') ')
diff --git a/virt.te b/virt.te diff --git a/virt.te b/virt.te
index f03dcf5..7b38f46 100644 index f03dcf5..b1e7d75 100644
--- a/virt.te --- a/virt.te
+++ b/virt.te +++ b/virt.te
@@ -1,150 +1,227 @@ @@ -1,150 +1,227 @@
@ -105458,7 +105458,7 @@ index f03dcf5..7b38f46 100644
selinux_get_enforce_mode(virtd_lxc_t) selinux_get_enforce_mode(virtd_lxc_t)
selinux_get_fs_mount(virtd_lxc_t) selinux_get_fs_mount(virtd_lxc_t)
selinux_validate_context(virtd_lxc_t) selinux_validate_context(virtd_lxc_t)
@@ -974,194 +1155,316 @@ selinux_compute_create_context(virtd_lxc_t) @@ -974,194 +1155,317 @@ selinux_compute_create_context(virtd_lxc_t)
selinux_compute_relabel_context(virtd_lxc_t) selinux_compute_relabel_context(virtd_lxc_t)
selinux_compute_user_contexts(virtd_lxc_t) selinux_compute_user_contexts(virtd_lxc_t)
@ -105737,7 +105737,8 @@ index f03dcf5..7b38f46 100644
+virt_sandbox_domain_template(svirt_lxc_net) +virt_sandbox_domain_template(svirt_lxc_net)
+virt_default_capabilities(svirt_lxc_net_t) +virt_default_capabilities(svirt_lxc_net_t)
+typeattribute svirt_lxc_net_t sandbox_net_domain; +typeattribute svirt_lxc_net_t sandbox_net_domain;
+dontaudit svirt_lxc_net_t self:capability2 {fsetid block_suspend }; +dontaudit svirt_lxc_net_t self:capability fsetid;
+dontaudit svirt_lxc_net_t self:capability2 block_suspend ;
+allow svirt_lxc_net_t self:process { execstack execmem }; +allow svirt_lxc_net_t self:process { execstack execmem };
+manage_chr_files_pattern(svirt_lxc_net_t, svirt_sandbox_file_t, svirt_sandbox_file_t) +manage_chr_files_pattern(svirt_lxc_net_t, svirt_sandbox_file_t, svirt_sandbox_file_t)
+ +
@ -105913,7 +105914,7 @@ index f03dcf5..7b38f46 100644
allow virt_qmf_t self:tcp_socket create_stream_socket_perms; allow virt_qmf_t self:tcp_socket create_stream_socket_perms;
allow virt_qmf_t self:netlink_route_socket create_netlink_socket_perms; allow virt_qmf_t self:netlink_route_socket create_netlink_socket_perms;
@@ -1174,12 +1477,12 @@ dev_read_sysfs(virt_qmf_t) @@ -1174,12 +1478,12 @@ dev_read_sysfs(virt_qmf_t)
dev_read_rand(virt_qmf_t) dev_read_rand(virt_qmf_t)
dev_read_urand(virt_qmf_t) dev_read_urand(virt_qmf_t)
@ -105928,7 +105929,7 @@ index f03dcf5..7b38f46 100644
sysnet_read_config(virt_qmf_t) sysnet_read_config(virt_qmf_t)
optional_policy(` optional_policy(`
@@ -1192,9 +1495,8 @@ optional_policy(` @@ -1192,9 +1496,8 @@ optional_policy(`
######################################## ########################################
# #
@ -105939,7 +105940,7 @@ index f03dcf5..7b38f46 100644
allow virt_bridgehelper_t self:process { setcap getcap }; allow virt_bridgehelper_t self:process { setcap getcap };
allow virt_bridgehelper_t self:capability { setpcap setgid setuid net_admin }; allow virt_bridgehelper_t self:capability { setpcap setgid setuid net_admin };
allow virt_bridgehelper_t self:tcp_socket create_stream_socket_perms; allow virt_bridgehelper_t self:tcp_socket create_stream_socket_perms;
@@ -1207,5 +1509,219 @@ kernel_read_network_state(virt_bridgehelper_t) @@ -1207,5 +1510,219 @@ kernel_read_network_state(virt_bridgehelper_t)
corenet_rw_tun_tap_dev(virt_bridgehelper_t) corenet_rw_tun_tap_dev(virt_bridgehelper_t)