* Wed May 7 2014 Miroslav Grepl<mgrepl@redhat.com> 3.13.1-51

- Add gear fixes from dwalsh
2014-05-07 15:30:41 +02:00 · 2014-05-07 15:30:41 +02:00 · 4c682c4ccf
parent 9d0057f462
commit 4c682c4ccf
2 changed files with 17 additions and 4 deletions
--- a/policy-rawhide-contrib.patch
+++ b/policy-rawhide-contrib.patch
@ -28271,10 +28271,10 @@ index 0000000..04e159f
 +')
 diff --git a/gear.te b/gear.te
 new file mode 100644
-index 0000000..7f1639a
+index 0000000..45141fc
 --- /dev/null
 +++ b/gear.te
-@@ -0,0 +1,105 @@
+@@ -0,0 +1,115 @@
 +policy_module(gear, 1.0.0)
 +
 +########################################
@ -28346,6 +28346,11 @@ index 0000000..7f1639a
 +corenet_tcp_sendrecv_generic_port(gear_t)
 +corenet_tcp_bind_gear_port(gear_t)
 +
+dev_mounton_sysfs(gear_t)
+dev_mount_sysfs_fs(gear_t)
+dev_unmount_sysfs_fs(gear_t)
+
+files_mounton_rootfs(gear_t)
 +files_read_etc_files(gear_t)
 +
 +fs_read_cgroup_files(gear_t)
@ -28369,11 +28374,16 @@ index 0000000..7f1639a
 +
 +sysnet_dns_name_resolve(gear_t)
 +
-+sysnet_domtrans_ifconfig(gear_t)
+sysnet_exec_ifconfig(gear_t)
+sysnet_manage_ifconfig_run(gear_t)
 +
 +systemd_manage_all_unit_files(gear_t)
 +
 +optional_policy(`
+	hostname_exec(gear_t)
+')
+
+optional_policy(`
 +	docker_stream_connect(gear_t)
 +')
 +
--- a/selinux-policy.spec
+++ b/selinux-policy.spec
@ -19,7 +19,7 @@
 Summary: SELinux policy configuration
 Name: selinux-policy
 Version: 3.13.1
-Release: 50%{?dist}
+Release: 51%{?dist}
 License: GPLv2+
 Group: System Environment/Base
 Source: serefpolicy-%{version}.tgz
@ -588,6 +588,9 @@ SELinux Reference policy mls base module.
 %endif

 %changelog
+* Wed May 7 2014 Miroslav Grepl<mgrepl@redhat.com> 3.13.1-51
+- Add gear fixes from dwalsh
+
 * Tue May 6 2014 Miroslav Grepl<mgrepl@redhat.com> 3.13.1-50
 - selinux_unconfined_type should not be able to set booleans if the securemode is set
 - Update sandbox_transition() to call sandbox_dyntrasition(). #885288.