rpms/selinux-policy
5
0
Fork 0
Code Issues Pull Requests Releases Activity

- Allow unconfined_t to setfcap

Browse Source
This commit is contained in:
Daniel J Walsh 2008-07-08 20:14:39 +00:00
parent 273a44c689
commit 43f9fcec3e
2 changed files with 8 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
policy-20080509.patch
View File

@ -1584,7 +1584,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/admin/sudo.if
')
diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/admin/tmpreaper.te serefpolicy-3.4.2/policy/modules/admin/tmpreaper.te
--- nsaserefpolicy/policy/modules/admin/tmpreaper.te 2008-06-12 23:25:08.000000000 -0400
+++ serefpolicy-3.4.2/policy/modules/admin/tmpreaper.te 2008-07-02 08:47:04.000000000 -0400
+++ serefpolicy-3.4.2/policy/modules/admin/tmpreaper.te 2008-07-08 15:18:50.000000000 -0400
@@ -22,12 +22,14 @@
dev_read_urand(tmpreaper_t)
@ -1608,7 +1608,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/admin/tmpreap
+userdom_delete_all_users_home_content_files(tmpreaper_t)
+userdom_delete_all_users_home_content_symlinks(tmpreaper_t)
+
+files_delete_isid_type_dirs(tmpreaper_t)
+files_manage_isid_type_dirs(tmpreaper_t)
+files_delete_isid_type_files(tmpreaper_t)
+
+optional_policy(`
@ -6632,7 +6632,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/kernel/files.
# /emul
diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/kernel/files.if serefpolicy-3.4.2/policy/modules/kernel/files.if
--- nsaserefpolicy/policy/modules/kernel/files.if 2008-06-12 23:25:02.000000000 -0400
+++ serefpolicy-3.4.2/policy/modules/kernel/files.if 2008-07-02 14:59:18.000000000 -0400
+++ serefpolicy-3.4.2/policy/modules/kernel/files.if 2008-07-08 15:17:08.000000000 -0400
@@ -110,6 +110,11 @@
## </param>
#
@ -33478,7 +33478,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/userdo
+/root(/.*)? gen_context(system_u:object_r:admin_home_t,s0)
diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/userdomain.if serefpolicy-3.4.2/policy/modules/system/userdomain.if
--- nsaserefpolicy/policy/modules/system/userdomain.if 2008-06-12 23:25:07.000000000 -0400
+++ serefpolicy-3.4.2/policy/modules/system/userdomain.if 2008-07-07 11:47:08.000000000 -0400
+++ serefpolicy-3.4.2/policy/modules/system/userdomain.if 2008-07-08 15:19:54.000000000 -0400
@@ -28,10 +28,14 @@
class context contains;
')

5
selinux-policy.spec
View File

@ -17,7 +17,7 @@
Summary: SELinux policy configuration
Name: selinux-policy
Version: 3.4.2
Release: 12%{?dist}
Release: 13%{?dist}
License: GPLv2+
Group: System Environment/Base
Source: serefpolicy-%{version}.tgz
@ -375,6 +375,9 @@ exit 0
%endif
%changelog
* Tue Jul 8 2008 Dan Walsh <dwalsh@redhat.com> 3.4.2-13
- Allow unconfined_t to setfcap
* Mon Jul 7 2008 Dan Walsh <dwalsh@redhat.com> 3.4.2-12
- Allow amanda to read tape
- Allow prewikka cgi to use syslog, allow audisp_t to signal cgi