- Allow ifconfig_t to read dhcpc_state_t
This commit is contained in:
parent
510ac8a8e4
commit
7638e78556
@ -146,3 +146,4 @@ serefpolicy-3.5.1.tgz
|
|||||||
serefpolicy-3.5.2.tgz
|
serefpolicy-3.5.2.tgz
|
||||||
serefpolicy-3.5.3.tgz
|
serefpolicy-3.5.3.tgz
|
||||||
serefpolicy-3.5.4.tgz
|
serefpolicy-3.5.4.tgz
|
||||||
|
serefpolicy-3.5.5.tgz
|
||||||
|
@ -5964,7 +5964,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
|
|||||||
########################################
|
########################################
|
||||||
diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/kernel/corenetwork.te.in serefpolicy-3.5.5/policy/modules/kernel/corenetwork.te.in
|
diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/kernel/corenetwork.te.in serefpolicy-3.5.5/policy/modules/kernel/corenetwork.te.in
|
||||||
--- nsaserefpolicy/policy/modules/kernel/corenetwork.te.in 2008-08-11 11:23:34.000000000 -0400
|
--- nsaserefpolicy/policy/modules/kernel/corenetwork.te.in 2008-08-11 11:23:34.000000000 -0400
|
||||||
+++ serefpolicy-3.5.5/policy/modules/kernel/corenetwork.te.in 2008-08-25 13:35:01.000000000 -0400
|
+++ serefpolicy-3.5.5/policy/modules/kernel/corenetwork.te.in 2008-08-25 16:12:58.000000000 -0400
|
||||||
@@ -75,6 +75,7 @@
|
@@ -75,6 +75,7 @@
|
||||||
network_port(aol, udp,5190,s0, tcp,5190,s0, udp,5191,s0, tcp,5191,s0, udp,5192,s0, tcp,5192,s0, udp,5193,s0, tcp,5193,s0)
|
network_port(aol, udp,5190,s0, tcp,5190,s0, udp,5191,s0, tcp,5191,s0, udp,5192,s0, tcp,5192,s0, udp,5193,s0, tcp,5193,s0)
|
||||||
network_port(apcupsd, tcp,3551,s0, udp,3551,s0)
|
network_port(apcupsd, tcp,3551,s0, udp,3551,s0)
|
||||||
@ -6019,7 +6019,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
|
|||||||
network_port(printer, tcp,515,s0)
|
network_port(printer, tcp,515,s0)
|
||||||
network_port(ptal, tcp,5703,s0)
|
network_port(ptal, tcp,5703,s0)
|
||||||
network_port(pxe, udp,4011,s0)
|
network_port(pxe, udp,4011,s0)
|
||||||
@@ -149,11 +157,11 @@
|
@@ -149,13 +157,13 @@
|
||||||
network_port(ricci_modcluster, tcp,16851,s0, udp,16851,s0)
|
network_port(ricci_modcluster, tcp,16851,s0, udp,16851,s0)
|
||||||
network_port(rlogind, tcp,513,s0)
|
network_port(rlogind, tcp,513,s0)
|
||||||
network_port(rndc, tcp,953,s0)
|
network_port(rndc, tcp,953,s0)
|
||||||
@ -6031,8 +6031,11 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
|
|||||||
-network_port(smbd, tcp,139,s0, tcp,445,s0)
|
-network_port(smbd, tcp,139,s0, tcp,445,s0)
|
||||||
+network_port(smbd, tcp,137-139,s0, tcp,445,s0)
|
+network_port(smbd, tcp,137-139,s0, tcp,445,s0)
|
||||||
network_port(smtp, tcp,25,s0, tcp,465,s0, tcp,587,s0)
|
network_port(smtp, tcp,25,s0, tcp,465,s0, tcp,587,s0)
|
||||||
network_port(snmp, udp,161,s0, udp,162,s0, tcp,199,s0)
|
-network_port(snmp, udp,161,s0, udp,162,s0, tcp,199,s0)
|
||||||
|
+network_port(snmp, udp,161,s0, udp,162,s0, tcp,199,s0, tcp, 1161, s0)
|
||||||
network_port(spamd, tcp,783,s0)
|
network_port(spamd, tcp,783,s0)
|
||||||
|
network_port(ssh, tcp,22,s0)
|
||||||
|
network_port(soundd, tcp,8000,s0, tcp,9433,s0, tcp, 16001, s0)
|
||||||
@@ -166,12 +174,17 @@
|
@@ -166,12 +174,17 @@
|
||||||
network_port(syslogd, udp,514,s0)
|
network_port(syslogd, udp,514,s0)
|
||||||
network_port(telnetd, tcp,23,s0)
|
network_port(telnetd, tcp,23,s0)
|
||||||
@ -10273,7 +10276,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
|
|||||||
+')
|
+')
|
||||||
diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/apache.te serefpolicy-3.5.5/policy/modules/services/apache.te
|
diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/apache.te serefpolicy-3.5.5/policy/modules/services/apache.te
|
||||||
--- nsaserefpolicy/policy/modules/services/apache.te 2008-08-07 11:15:11.000000000 -0400
|
--- nsaserefpolicy/policy/modules/services/apache.te 2008-08-07 11:15:11.000000000 -0400
|
||||||
+++ serefpolicy-3.5.5/policy/modules/services/apache.te 2008-08-25 15:20:25.000000000 -0400
|
+++ serefpolicy-3.5.5/policy/modules/services/apache.te 2008-08-26 10:08:47.000000000 -0400
|
||||||
@@ -20,6 +20,8 @@
|
@@ -20,6 +20,8 @@
|
||||||
# Declarations
|
# Declarations
|
||||||
#
|
#
|
||||||
@ -13193,7 +13196,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
|
|||||||
-') dnl end TODO
|
-') dnl end TODO
|
||||||
diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/cups.fc serefpolicy-3.5.5/policy/modules/services/cups.fc
|
diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/cups.fc serefpolicy-3.5.5/policy/modules/services/cups.fc
|
||||||
--- nsaserefpolicy/policy/modules/services/cups.fc 2008-08-07 11:15:11.000000000 -0400
|
--- nsaserefpolicy/policy/modules/services/cups.fc 2008-08-07 11:15:11.000000000 -0400
|
||||||
+++ serefpolicy-3.5.5/policy/modules/services/cups.fc 2008-08-25 10:50:15.000000000 -0400
|
+++ serefpolicy-3.5.5/policy/modules/services/cups.fc 2008-08-25 16:25:00.000000000 -0400
|
||||||
@@ -8,6 +8,7 @@
|
@@ -8,6 +8,7 @@
|
||||||
/etc/cups/ppd/.* -- gen_context(system_u:object_r:cupsd_rw_etc_t,s0)
|
/etc/cups/ppd/.* -- gen_context(system_u:object_r:cupsd_rw_etc_t,s0)
|
||||||
/etc/cups/ppds\.dat -- gen_context(system_u:object_r:cupsd_rw_etc_t,s0)
|
/etc/cups/ppds\.dat -- gen_context(system_u:object_r:cupsd_rw_etc_t,s0)
|
||||||
@ -13236,7 +13239,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
|
|||||||
|
|
||||||
/var/cache/alchemist/printconf.* gen_context(system_u:object_r:cupsd_rw_etc_t,s0)
|
/var/cache/alchemist/printconf.* gen_context(system_u:object_r:cupsd_rw_etc_t,s0)
|
||||||
/var/cache/foomatic(/.*)? gen_context(system_u:object_r:cupsd_rw_etc_t,s0)
|
/var/cache/foomatic(/.*)? gen_context(system_u:object_r:cupsd_rw_etc_t,s0)
|
||||||
@@ -50,3 +56,13 @@
|
@@ -50,3 +56,14 @@
|
||||||
/var/run/hp.*\.port -- gen_context(system_u:object_r:hplip_var_run_t,s0)
|
/var/run/hp.*\.port -- gen_context(system_u:object_r:hplip_var_run_t,s0)
|
||||||
/var/run/ptal-printd(/.*)? gen_context(system_u:object_r:ptal_var_run_t,s0)
|
/var/run/ptal-printd(/.*)? gen_context(system_u:object_r:ptal_var_run_t,s0)
|
||||||
/var/run/ptal-mlcd(/.*)? gen_context(system_u:object_r:ptal_var_run_t,s0)
|
/var/run/ptal-mlcd(/.*)? gen_context(system_u:object_r:ptal_var_run_t,s0)
|
||||||
@ -13245,11 +13248,12 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
|
|||||||
+/usr/local/Brother/[^/]*/inf(/.*)? gen_context(system_u:object_r:cupsd_rw_etc_t,s0)
|
+/usr/local/Brother/[^/]*/inf(/.*)? gen_context(system_u:object_r:cupsd_rw_etc_t,s0)
|
||||||
+/usr/local/Printer/[^/]*/inf(/.*)? gen_context(system_u:object_r:cupsd_rw_etc_t,s0)
|
+/usr/local/Printer/[^/]*/inf(/.*)? gen_context(system_u:object_r:cupsd_rw_etc_t,s0)
|
||||||
+
|
+
|
||||||
+/etc/rc.d/init.d/cups -- gen_context(system_u:object_r:cups_script_exec_t,s0)
|
|
||||||
+
|
+
|
||||||
+/usr/local/linuxprinter/ppd(/.*)? gen_context(system_u:object_r:cupsd_rw_etc_t,s0)
|
+/usr/local/linuxprinter/ppd(/.*)? gen_context(system_u:object_r:cupsd_rw_etc_t,s0)
|
||||||
+
|
+
|
||||||
+/usr/lib/cups/backend/cups-pdf -- gen_context(system_u:object_r:cups_pdf_exec_t,s0)
|
+/usr/lib/cups/backend/cups-pdf -- gen_context(system_u:object_r:cups_pdf_exec_t,s0)
|
||||||
|
+
|
||||||
|
+/etc/rc.d/init.d/cups -- gen_context(system_u:object_r:cups_script_exec_t,s0)
|
||||||
diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/cups.if serefpolicy-3.5.5/policy/modules/services/cups.if
|
diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/cups.if serefpolicy-3.5.5/policy/modules/services/cups.if
|
||||||
--- nsaserefpolicy/policy/modules/services/cups.if 2008-08-07 11:15:11.000000000 -0400
|
--- nsaserefpolicy/policy/modules/services/cups.if 2008-08-07 11:15:11.000000000 -0400
|
||||||
+++ serefpolicy-3.5.5/policy/modules/services/cups.if 2008-08-25 10:50:15.000000000 -0400
|
+++ serefpolicy-3.5.5/policy/modules/services/cups.if 2008-08-25 10:50:15.000000000 -0400
|
||||||
@ -21438,7 +21442,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
|
|||||||
')
|
')
|
||||||
diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/prelude.te serefpolicy-3.5.5/policy/modules/services/prelude.te
|
diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/prelude.te serefpolicy-3.5.5/policy/modules/services/prelude.te
|
||||||
--- nsaserefpolicy/policy/modules/services/prelude.te 2008-08-07 11:15:11.000000000 -0400
|
--- nsaserefpolicy/policy/modules/services/prelude.te 2008-08-07 11:15:11.000000000 -0400
|
||||||
+++ serefpolicy-3.5.5/policy/modules/services/prelude.te 2008-08-25 10:50:15.000000000 -0400
|
+++ serefpolicy-3.5.5/policy/modules/services/prelude.te 2008-08-26 10:38:12.000000000 -0400
|
||||||
@@ -13,18 +13,40 @@
|
@@ -13,18 +13,40 @@
|
||||||
type prelude_spool_t;
|
type prelude_spool_t;
|
||||||
files_type(prelude_spool_t)
|
files_type(prelude_spool_t)
|
||||||
@ -21522,7 +21526,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
|
|||||||
libs_use_shared_libs(prelude_audisp_t)
|
libs_use_shared_libs(prelude_audisp_t)
|
||||||
|
|
||||||
logging_send_syslog_msg(prelude_audisp_t)
|
logging_send_syslog_msg(prelude_audisp_t)
|
||||||
+logging_audisp_system_domain(prelude_audisp_t, prelude_audisp_exec_t)
|
+logging_dispatcher_domain(prelude_audisp_t, prelude_audisp_exec_t)
|
||||||
|
|
||||||
miscfiles_read_localization(prelude_audisp_t)
|
miscfiles_read_localization(prelude_audisp_t)
|
||||||
|
|
||||||
|
@ -16,8 +16,8 @@
|
|||||||
%define CHECKPOLICYVER 2.0.16-1
|
%define CHECKPOLICYVER 2.0.16-1
|
||||||
Summary: SELinux policy configuration
|
Summary: SELinux policy configuration
|
||||||
Name: selinux-policy
|
Name: selinux-policy
|
||||||
Version: 3.5.4
|
Version: 3.5.5
|
||||||
Release: 2%{?dist}
|
Release: 1%{?dist}
|
||||||
License: GPLv2+
|
License: GPLv2+
|
||||||
Group: System Environment/Base
|
Group: System Environment/Base
|
||||||
Source: serefpolicy-%{version}.tgz
|
Source: serefpolicy-%{version}.tgz
|
||||||
@ -159,7 +159,7 @@ fi;
|
|||||||
|
|
||||||
%description
|
%description
|
||||||
SELinux Reference Policy - modular.
|
SELinux Reference Policy - modular.
|
||||||
Based off of reference policy: Checked out revision 2771.
|
Based off of reference policy: Checked out revision 2778.
|
||||||
|
|
||||||
%build
|
%build
|
||||||
|
|
||||||
|
Loading…
Reference in New Issue
Block a user