- Fix root login to include system_r

2007-07-06 19:23:20 +00:00 · 2007-07-06 19:23:20 +00:00 · 501a17b8b2
commit 501a17b8b2
parent 35e7f77fea
2 changed files with 20 additions and 1 deletions
--- a/policy-20070703.patch
+++ b/policy-20070703.patch
@ -52,6 +52,22 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/config/appconfig-targeted-mc
@@ -1 +1 @@
 -user_u:system_r:initrc_t:s0
 +system_u:system_r:initrc_t:s0
+diff --exclude-from=exclude -N -u -r nsaserefpolicy/config/appconfig-targeted-mcs/root_default_contexts serefpolicy-3.0.2/config/appconfig-targeted-mcs/root_default_contexts
+--- nsaserefpolicy/config/appconfig-targeted-mcs/root_default_contexts	2007-05-25 09:09:09.000000000 -0400
+++ serefpolicy-3.0.2/config/appconfig-targeted-mcs/root_default_contexts	2007-07-06 15:14:25.000000000 -0400
+@@ -1,2 +1,10 @@
+-system_r:unconfined_t:s0	system_r:unconfined_t:s0
+-system_r:initrc_t:s0	system_r:unconfined_t:s0
+system_r:local_login_t:s0  system_r:unconfined_t:s0 sysadm_r:sysadm_t:s0 staff_r:staff_t:s0 user_r:user_t:s0
+system_r:crond_t:s0	system_r:unconfined_t:s0 sysadm_r:sysadm_crond_t:s0 staff_r:staff_crond_t:s0 user_r:user_crond_t:s0
+staff_r:staff_su_t:s0	system_r:unconfined_t:s0 sysadm_r:sysadm_t:s0 staff_r:staff_t:s0 user_r:user_t:s0
+sysadm_r:sysadm_su_t:s0	system_r:unconfined_t:s0 sysadm_r:sysadm_t:s0 staff_r:staff_t:s0 user_r:user_t:s0
+user_r:user_su_t:s0	system_r:unconfined_t:s0 sysadm_r:sysadm_t:s0 staff_r:staff_t:s0 user_r:user_t:s0
+#
+# Uncomment if you want to automatically login as sysadm_r
+#
+#system_r:sshd_t:s0 sysadm_r:sysadm_t:s0 staff_r:staff_t:s0 user_r:user_t:s0
+
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/config/appconfig-targeted-mcs/seusers serefpolicy-3.0.2/config/appconfig-targeted-mcs/seusers
 --- nsaserefpolicy/config/appconfig-targeted-mcs/seusers	2007-05-31 15:35:39.000000000 -0400
 +++ serefpolicy-3.0.2/config/appconfig-targeted-mcs/seusers	2007-07-03 14:38:10.000000000 -0400
--- a/selinux-policy.spec
+++ b/selinux-policy.spec
@ -17,7 +17,7 @@
 Summary: SELinux policy configuration
 Name: selinux-policy
 Version: 3.0.2
-Release: 2%{?dist}
+Release: 3%{?dist}
 License: GPL
 Group: System Environment/Base
 Source: serefpolicy-%{version}.tgz
@ -356,6 +356,9 @@ exit 0
 %endif

 %changelog
+* Fri Jul 6 2007 Dan Walsh <dwalsh@redhat.com> 3.0.2-3
+- Fix root login to include system_r
+
 * Fri Jul 6 2007 Dan Walsh <dwalsh@redhat.com> 3.0.2-2
 - Allow prelink to read kernel sysctls