- Revert labeling back to /var/run/systemd/initctl/fifo

- geoclue dbus chats with modemmanger - Bluejeans wants to connect to port 5000 - geoclue dbus chats with modemmange
2014-07-21 09:07:57 +02:00 · 2014-07-21 09:07:57 +02:00 · 6683373910
commit 6683373910
parent ee1386c00c
3 changed files with 17 additions and 7 deletions
--- a/policy-rawhide-base.patch
+++ b/policy-rawhide-base.patch
@ -30819,7 +30819,7 @@ index b2097e7..0a49e14 100644
 ')
 diff --git a/policy/modules/system/init.fc b/policy/modules/system/init.fc
-index bc0ffc8..6fb2053 100644
+index bc0ffc8..7198bd9 100644
 --- a/policy/modules/system/init.fc
 +++ b/policy/modules/system/init.fc
@@ -1,6 +1,9 @@
@ -30871,7 +30871,7 @@ index bc0ffc8..6fb2053 100644
 #
 +/var/lib/systemd(/.*)?	gen_context(system_u:object_r:init_var_lib_t,s0)
 /var/run/initctl	-p	gen_context(system_u:object_r:initctl_t,s0)
-+/var/run/initctl/fifo	-p	gen_context(system_u:object_r:initctl_t,s0)
+/var/run/systemd/initctl/fifo	-p	gen_context(system_u:object_r:initctl_t,s0)
 /var/run/utmp		--	gen_context(system_u:object_r:initrc_var_run_t,s0)
 /var/run/runlevel\.dir		gen_context(system_u:object_r:initrc_var_run_t,s0)
 /var/run/random-seed	--	gen_context(system_u:object_r:initrc_var_run_t,s0)
--- a/policy-rawhide-contrib.patch
+++ b/policy-rawhide-contrib.patch
@ -28999,10 +28999,10 @@ index 0000000..9e17d3e
 +')
 diff --git a/geoclue.te b/geoclue.te
 new file mode 100644
-index 0000000..204995f
+index 0000000..baa5492
 --- /dev/null
 +++ b/geoclue.te
-@@ -0,0 +1,54 @@
+@@ -0,0 +1,57 @@
 +policy_module(geoclue, 1.0.0)
 +
 +########################################
@ -29054,6 +29054,9 @@ index 0000000..204995f
 +	dbus_system_domain(geoclue_t, geoclue_exec_t)
 +
 +	optional_policy(`
 +		modemmanager_dbus_chat(geoclue_t)
 +	')
 +	optional_policy(`
 +		networkmanager_dbus_chat(geoclue_t)
 +	')
 +')
@ -46386,7 +46389,7 @@ index 6194b80..7490fe3 100644
 ')
 +
 diff --git a/mozilla.te b/mozilla.te
-index 11ac8e4..1025b89 100644
+index 11ac8e4..07b06e1 100644
 --- a/mozilla.te
 +++ b/mozilla.te
@@ -6,17 +6,48 @@ policy_module(mozilla, 2.8.0)
@ -47240,7 +47243,7 @@ index 11ac8e4..1025b89 100644
 ')
 optional_policy(`
-@@ -568,108 +593,136 @@ optional_policy(`
+@@ -568,108 +593,137 @@ optional_policy(`
 ')
 optional_policy(`
@ -47435,6 +47438,7 @@ index 11ac8e4..1025b89 100644
 +tunable_policy(`mozilla_plugin_use_bluejeans',`
 +    corenet_tcp_bind_unreserved_ports(mozilla_plugin_t)
 +    corenet_dontaudit_tcp_bind_all_defined_ports(mozilla_plugin_t)
 +    corenet_tcp_connect_commplex_main_port(mozilla_plugin_t)
 ')
 diff --git a/mpd.fc b/mpd.fc
 index 313ce52..ae93e07 100644
--- a/selinux-policy.spec
+++ b/selinux-policy.spec
@ -19,7 +19,7 @@
 Summary: SELinux policy configuration
 Name: selinux-policy
 Version: 3.13.1
-Release: 65%{?dist}
+Release: 66%{?dist}
 License: GPLv2+
 Group: System Environment/Base
 Source: serefpolicy-%{version}.tgz
@ -600,6 +600,12 @@ SELinux Reference policy mls base module.
 %endif
 %changelog
 * Mon Jul 21 2014 Miroslav Grepl <mgrepl@redhat.com> 3.13.1-66
 - Revert labeling back to /var/run/systemd/initctl/fifo
 - geoclue dbus chats with modemmanger
 - Bluejeans wants to connect to port 5000
 - geoclue dbus chats with modemmange
 * Fri Jul 18 2014 Lukas Vrabec <lvrabec@redhat.com> 3.13.1-65
 - Allow sysadm to dbus chat with systemd
 - Add logging_dontaudit_search_audit_logs()