From 4816e90c52154e21deceafc64cf05decca9390df Mon Sep 17 00:00:00 2001 From: Daniel J Walsh Date: Wed, 5 Aug 2009 20:37:39 +0000 Subject: [PATCH] - Allow svirt images to create sock_file in svirt_var_run_t --- policy-F12.patch | 4 ++-- selinux-policy.spec | 5 ++++- 2 files changed, 6 insertions(+), 3 deletions(-) diff --git a/policy-F12.patch b/policy-F12.patch index cc57782f..386e8c8e 100644 --- a/policy-F12.patch +++ b/policy-F12.patch @@ -3958,12 +3958,12 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol +') diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/apps/screen.if serefpolicy-3.6.26/policy/modules/apps/screen.if --- nsaserefpolicy/policy/modules/apps/screen.if 2009-07-23 14:11:04.000000000 -0400 -+++ serefpolicy-3.6.26/policy/modules/apps/screen.if 2009-08-05 07:38:57.000000000 -0400 ++++ serefpolicy-3.6.26/policy/modules/apps/screen.if 2009-08-05 16:33:49.000000000 -0400 @@ -61,6 +61,8 @@ manage_fifo_files_pattern($1_screen_t, screen_dir_t, screen_var_run_t) manage_dirs_pattern($1_screen_t, screen_dir_t, screen_dir_t) filetrans_pattern($1_screen_t, screen_dir_t, screen_var_run_t, fifo_file) -+ dontaudit $3 $1_var_run_t:fifo_file read; ++ dontaudit $3 screen_var_run_t:fifo_file read; + files_pid_filetrans($1_screen_t, screen_dir_t, dir) diff --git a/selinux-policy.spec b/selinux-policy.spec index e12b0212..a0a9a210 100644 --- a/selinux-policy.spec +++ b/selinux-policy.spec @@ -20,7 +20,7 @@ Summary: SELinux policy configuration Name: selinux-policy Version: 3.6.26 -Release: 4%{?dist} +Release: 5%{?dist} License: GPLv2+ Group: System Environment/Base Source: serefpolicy-%{version}.tgz @@ -475,6 +475,9 @@ exit 0 %endif %changelog +* Wed Aug 5 2009 Dan Walsh 3.6.26-5 +- Allow svirt images to create sock_file in svirt_var_run_t + * Tue Aug 4 2009 Dan Walsh 3.6.26-4 - Allow exim to getattr on mountpoints - Fixes for pulseaudio