diff --git a/policy-F15.patch b/policy-F15.patch index 9fcff4df..ae8d5e91 100644 --- a/policy-F15.patch +++ b/policy-F15.patch @@ -43754,7 +43754,7 @@ index aa2b0a6..304fbba 100644 ') diff --git a/policy/modules/system/lvm.fc b/policy/modules/system/lvm.fc -index 879bb1e..31efcb2 100644 +index 879bb1e..5ce52c0 100644 --- a/policy/modules/system/lvm.fc +++ b/policy/modules/system/lvm.fc @@ -28,10 +28,12 @@ ifdef(`distro_gentoo',` @@ -43770,6 +43770,14 @@ index 879bb1e..31efcb2 100644 /sbin/cryptsetup -- gen_context(system_u:object_r:lvm_exec_t,s0) /sbin/dmraid -- gen_context(system_u:object_r:lvm_exec_t,s0) /sbin/dmsetup -- gen_context(system_u:object_r:lvm_exec_t,s0) +@@ -97,5 +99,7 @@ ifdef(`distro_gentoo',` + /var/cache/multipathd(/.*)? gen_context(system_u:object_r:lvm_metadata_t,s0) + /var/lib/multipath(/.*)? gen_context(system_u:object_r:lvm_var_lib_t,s0) + /var/lock/lvm(/.*)? gen_context(system_u:object_r:lvm_lock_t,s0) ++/var/run/lvm(/.*)? gen_context(system_u:object_r:lvm_var_run_t,s0) + /var/run/multipathd\.sock -s gen_context(system_u:object_r:lvm_var_run_t,s0) ++/var/run/clvmd\.pid -- gen_context(system_u:object_r:clvmd_var_run_t,s0) + /var/run/dmevent.* gen_context(system_u:object_r:lvm_var_run_t,s0) diff --git a/policy/modules/system/lvm.if b/policy/modules/system/lvm.if index 58bc27f..b4f0663 100644 --- a/policy/modules/system/lvm.if @@ -43797,7 +43805,7 @@ index 58bc27f..b4f0663 100644 + allow $1 clvmd_tmpfs_t:file rw_file_perms; +') diff --git a/policy/modules/system/lvm.te b/policy/modules/system/lvm.te -index 86ef2da..17aeb3e 100644 +index 86ef2da..a251276 100644 --- a/policy/modules/system/lvm.te +++ b/policy/modules/system/lvm.te @@ -12,6 +12,9 @@ init_daemon_domain(clvmd_t, clvmd_exec_t) @@ -43861,6 +43869,15 @@ index 86ef2da..17aeb3e 100644 manage_dirs_pattern(lvm_t, lvm_var_lib_t, lvm_var_lib_t) manage_files_pattern(lvm_t, lvm_var_lib_t, lvm_var_lib_t) +@@ -200,7 +214,7 @@ files_var_lib_filetrans(lvm_t, lvm_var_lib_t, { dir file }) + manage_dirs_pattern(lvm_t, lvm_var_run_t, lvm_var_run_t) + manage_files_pattern(lvm_t, lvm_var_run_t, lvm_var_run_t) + manage_sock_files_pattern(lvm_t, lvm_var_run_t, lvm_var_run_t) +-files_pid_filetrans(lvm_t, lvm_var_run_t, { file sock_file }) ++files_pid_filetrans(lvm_t, lvm_var_run_t, { dir file sock_file }) + + read_files_pattern(lvm_t, lvm_etc_t, lvm_etc_t) + read_lnk_files_pattern(lvm_t, lvm_etc_t, lvm_etc_t) @@ -210,12 +224,15 @@ filetrans_pattern(lvm_t, lvm_etc_t, lvm_metadata_t, file) files_etc_filetrans(lvm_t, lvm_metadata_t, file) files_search_mnt(lvm_t) @@ -47269,7 +47286,7 @@ index db75976..392d1ee 100644 +HOME_DIR/\.gvfs(/.*)? <> +HOME_DIR/\.debug(/.*)? <> diff --git a/policy/modules/system/userdomain.if b/policy/modules/system/userdomain.if -index 35f1476..d74e327 100644 +index 35f1476..1571559 100644 --- a/policy/modules/system/userdomain.if +++ b/policy/modules/system/userdomain.if @@ -30,8 +30,9 @@ template(`userdom_base_user_template',` @@ -49473,7 +49490,7 @@ index 35f1476..d74e327 100644 + type home_cert_t; + ') + -+ userdom_search_user_home_dirs($1) ++ userdom_search_user_home_content($1) + allow $1 home_cert_t:dir list_dir_perms; + read_files_pattern($1, home_cert_t, home_cert_t) + read_lnk_files_pattern($1, home_cert_t, home_cert_t) diff --git a/selinux-policy.spec b/selinux-policy.spec index 5802923e..625f0b63 100644 --- a/selinux-policy.spec +++ b/selinux-policy.spec @@ -21,7 +21,7 @@ Summary: SELinux policy configuration Name: selinux-policy Version: 3.9.10 -Release: 7%{?dist} +Release: 8%{?dist} License: GPLv2+ Group: System Environment/Base Source: serefpolicy-%{version}.tgz @@ -471,6 +471,9 @@ exit 0 %endif %changelog +* Tue Dec 7 2010 Miroslav Grepl 3.9.9-8 +- Fixes for lvm to work with systemd + * Mon Dec 6 2010 Miroslav Grepl 3.9.9-7 - Fix the label for wicd log - plymouthd creates force-display-on-active-vt file