- Add customizable_types for svirt

customizable_types

@@ -0,0 +1,2 @@
+svirt_image_t
+virt_content_t

policy-20090105.patch

@@ -125,9 +125,10 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/con
 +system_u:system_r:svirt_t:s0
 diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/config/appconfig-mcs/virtual_image_context serefpolicy-3.6.10/config/appconfig-mcs/virtual_image_context
 --- nsaserefpolicy/config/appconfig-mcs/virtual_image_context	1969-12-31 19:00:00.000000000 -0500
-+++ serefpolicy-3.6.10/config/appconfig-mcs/virtual_image_context	2009-03-30 10:09:41.000000000 -0400
-@@ -0,0 +1 @@
++++ serefpolicy-3.6.10/config/appconfig-mcs/virtual_image_context	2009-04-03 14:55:45.000000000 -0400
+@@ -0,0 +1,2 @@
 +system_u:object_r:svirt_image_t:s0
++system_u:object_r:virt_content_t:s0
 diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/config/appconfig-mcs/xguest_u_default_contexts serefpolicy-3.6.10/config/appconfig-mcs/xguest_u_default_contexts
 --- nsaserefpolicy/config/appconfig-mcs/xguest_u_default_contexts	1969-12-31 19:00:00.000000000 -0500
 +++ serefpolicy-3.6.10/config/appconfig-mcs/xguest_u_default_contexts	2009-03-30 10:09:41.000000000 -0400
@@ -199,9 +200,10 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/con
 +system_u:system_r:qemu_t:s0
 diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/config/appconfig-mls/virtual_image_context serefpolicy-3.6.10/config/appconfig-mls/virtual_image_context
 --- nsaserefpolicy/config/appconfig-mls/virtual_image_context	1969-12-31 19:00:00.000000000 -0500
-+++ serefpolicy-3.6.10/config/appconfig-mls/virtual_image_context	2009-03-30 10:09:41.000000000 -0400
-@@ -0,0 +1 @@
++++ serefpolicy-3.6.10/config/appconfig-mls/virtual_image_context	2009-04-03 14:56:16.000000000 -0400
+@@ -0,0 +1,2 @@
 +system_u:object_r:virt_image_t:s0
++system_u:object_r:virt_content_t:s0
 diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/config/appconfig-mls/xguest_u_default_contexts serefpolicy-3.6.10/config/appconfig-mls/xguest_u_default_contexts
 --- nsaserefpolicy/config/appconfig-mls/xguest_u_default_contexts	1969-12-31 19:00:00.000000000 -0500
 +++ serefpolicy-3.6.10/config/appconfig-mls/xguest_u_default_contexts	2009-03-30 10:09:41.000000000 -0400
@@ -10769,15 +10771,16 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
 +allow session_bus_type dbusd_unconfined:dbus send_msg;
 diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/dcc.fc serefpolicy-3.6.10/policy/modules/services/dcc.fc
 --- nsaserefpolicy/policy/modules/services/dcc.fc	2008-08-07 11:15:11.000000000 -0400
-+++ serefpolicy-3.6.10/policy/modules/services/dcc.fc	2009-03-30 10:09:41.000000000 -0400
-@@ -11,6 +11,7 @@
- /usr/libexec/dcc/dccm		--	gen_context(system_u:object_r:dccm_exec_t,s0)
++++ serefpolicy-3.6.10/policy/modules/services/dcc.fc	2009-04-03 11:39:16.000000000 -0400
+@@ -12,6 +12,8 @@
  
  /var/dcc(/.*)?				gen_context(system_u:object_r:dcc_var_t,s0)
-+/var/lib/dcc(/.*)?			gen_context(system_u:object_r:dcc_var_t,s0)
  /var/dcc/map			--	gen_context(system_u:object_r:dcc_client_map_t,s0)
++/var/lib/dcc(/.*)?			gen_context(system_u:object_r:dcc_var_t,s0)
++/var/lib/dcc/map		--	gen_context(system_u:object_r:dcc_client_map_t,s0)
  
  /var/run/dcc(/.*)?			gen_context(system_u:object_r:dcc_var_run_t,s0)
+ /var/run/dcc/map		--	gen_context(system_u:object_r:dcc_client_map_t,s0)
 diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/dcc.te serefpolicy-3.6.10/policy/modules/services/dcc.te
 --- nsaserefpolicy/policy/modules/services/dcc.te	2009-01-19 11:06:49.000000000 -0500
 +++ serefpolicy-3.6.10/policy/modules/services/dcc.te	2009-03-30 10:09:41.000000000 -0400

selinux-policy.spec

@@ -20,7 +20,7 @@
 Summary: SELinux policy configuration
 Name: selinux-policy
 Version: 3.6.10
-Release: 7%{?dist}
+Release: 8%{?dist}
 License: GPLv2+
 Group: System Environment/Base
 Source: serefpolicy-%{version}.tgz
@@ -43,6 +43,7 @@ Source16: modules-minimum.conf
 Source17: booleans-minimum.conf
 Source18: setrans-minimum.conf
 Source19: securetty_types-minimum
+Source20: customizable_types
 
 Url: http://oss.tresys.com/repos/refpolicy/
 BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
@@ -113,7 +114,7 @@ touch %{buildroot}%{_sysconfdir}/selinux/%1/contexts/files/file_contexts \
 touch %{buildroot}%{_sysconfdir}/selinux/%1/contexts/files/file_contexts.homedirs \
 install -m0644 $RPM_SOURCE_DIR/securetty_types-%1 %{buildroot}%{_sysconfdir}/selinux/%1/contexts/securetty_types \
 install -m0644 $RPM_SOURCE_DIR/setrans-%1.conf %{buildroot}%{_sysconfdir}/selinux/%1/setrans.conf \
-echo -n > %{buildroot}%{_sysconfdir}/selinux/%1/contexts/customizable_types \
+install -m0644 $RPM_SOURCE_DIR/customizable_types %{buildroot}%{_sysconfdir}/selinux/%1/contexts/customizable_types \
 bzip2 %{buildroot}/%{_usr}/share/selinux/%1/*.pp
 %nil
 
@@ -246,7 +247,6 @@ install -m 644 doc/policy.* %{buildroot}%{_usr}/share/selinux/devel/
 echo  "xdg-open file:///usr/share/doc/selinux-policy-%{version}/html/index.html"> %{buildroot}%{_usr}/share/selinux/devel/policyhelp
 chmod +x %{buildroot}%{_usr}/share/selinux/devel/policyhelp
 
-
 %clean
 %{__rm} -fR %{buildroot}
 
@@ -444,6 +444,9 @@ exit 0
 %endif
 
 %changelog
+* Fri Apr 3 2009 Dan Walsh <dwalsh@redhat.com> 3.6.10-8
+- Add customizable_types for svirt
+
 * Fri Apr 3 2009 Dan Walsh <dwalsh@redhat.com> 3.6.10-7
 - Allow setroubelshoot exec* privs to prevent crash from bad libraries
 - add cpufreqselector