From 89c9c9ae6a6cfa7d41eaa432d3ccc33ee6d80115 Mon Sep 17 00:00:00 2001 From: Daniel J Walsh Date: Fri, 24 Apr 2009 19:28:35 +0000 Subject: [PATCH] - Allow initrc_t to delete dev_null - Allow readahead to configure auditing - Fix milter policy - Add /var/lib/readahead --- policy-20090105.patch | 11 +++++------ selinux-policy.spec | 4 ++-- 2 files changed, 7 insertions(+), 8 deletions(-) diff --git a/policy-20090105.patch b/policy-20090105.patch index 2a8bd5a8..94db5ca0 100644 --- a/policy-20090105.patch +++ b/policy-20090105.patch @@ -770,16 +770,15 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol +') diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/admin/readahead.fc serefpolicy-3.6.12/policy/modules/admin/readahead.fc --- nsaserefpolicy/policy/modules/admin/readahead.fc 2008-08-07 11:15:13.000000000 -0400 -+++ serefpolicy-3.6.12/policy/modules/admin/readahead.fc 2009-04-24 13:03:55.000000000 -0400 -@@ -1,3 +1,7 @@ - /etc/readahead.d(/.*)? gen_context(system_u:object_r:readahead_etc_rw_t,s0) - --/usr/sbin/readahead -- gen_context(system_u:object_r:readahead_exec_t,s0) ++++ serefpolicy-3.6.12/policy/modules/admin/readahead.fc 2009-04-24 15:26:39.000000000 -0400 +@@ -1,3 +1,5 @@ +-/etc/readahead.d(/.*)? gen_context(system_u:object_r:readahead_etc_rw_t,s0) +/usr/sbin/readahead.* -- gen_context(system_u:object_r:readahead_exec_t,s0) +/sbin/readahead.* -- gen_context(system_u:object_r:readahead_exec_t,s0) + +/var/lib/readahead(/.*)? gen_context(system_u:object_r:readahead_var_lib_t,s0) -+ + +-/usr/sbin/readahead -- gen_context(system_u:object_r:readahead_exec_t,s0) diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/admin/readahead.te serefpolicy-3.6.12/policy/modules/admin/readahead.te --- nsaserefpolicy/policy/modules/admin/readahead.te 2009-01-05 15:39:44.000000000 -0500 +++ serefpolicy-3.6.12/policy/modules/admin/readahead.te 2009-04-24 13:45:16.000000000 -0400 diff --git a/selinux-policy.spec b/selinux-policy.spec index b32bae0d..7c3e4f7f 100644 --- a/selinux-policy.spec +++ b/selinux-policy.spec @@ -20,7 +20,7 @@ Summary: SELinux policy configuration Name: selinux-policy Version: 3.6.12 -Release: 18%{?dist} +Release: 19%{?dist} License: GPLv2+ Group: System Environment/Base Source: serefpolicy-%{version}.tgz @@ -446,7 +446,7 @@ exit 0 %endif %changelog -* Fri Apr 24 2009 Dan Walsh 3.6.12-18 +* Fri Apr 24 2009 Dan Walsh 3.6.12-19 - Allow initrc_t to delete dev_null - Allow readahead to configure auditing - Fix milter policy