rpms
/
selinux-policy
7
0
Fork 0
Code Issues Pull Requests Releases Activity

- Allow initrc_t to delete dev_null 

- Allow readahead to configure auditing
- Fix milter policy
- Add /var/lib/readahead
This commit is contained in:
Daniel J Walsh 2009-04-24 19:28:35 +00:00
parent eaaf2ab923
commit 89c9c9ae6a
2 changed files with 7 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
policy-20090105.patch
View File

@ -770,16 +770,15 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
+') +')
diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/admin/readahead.fc serefpolicy-3.6.12/policy/modules/admin/readahead.fc diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/admin/readahead.fc serefpolicy-3.6.12/policy/modules/admin/readahead.fc
--- nsaserefpolicy/policy/modules/admin/readahead.fc 2008-08-07 11:15:13.000000000 -0400 --- nsaserefpolicy/policy/modules/admin/readahead.fc 2008-08-07 11:15:13.000000000 -0400
+++ serefpolicy-3.6.12/policy/modules/admin/readahead.fc 2009-04-24 13:03:55.000000000 -0400 +++ serefpolicy-3.6.12/policy/modules/admin/readahead.fc 2009-04-24 15:26:39.000000000 -0400
@@ -1,3 +1,7 @@ @@ -1,3 +1,5 @@
/etc/readahead.d(/.*)? gen_context(system_u:object_r:readahead_etc_rw_t,s0) -/etc/readahead.d(/.*)? gen_context(system_u:object_r:readahead_etc_rw_t,s0)
-/usr/sbin/readahead -- gen_context(system_u:object_r:readahead_exec_t,s0)
+/usr/sbin/readahead.* -- gen_context(system_u:object_r:readahead_exec_t,s0) +/usr/sbin/readahead.* -- gen_context(system_u:object_r:readahead_exec_t,s0)
+/sbin/readahead.* -- gen_context(system_u:object_r:readahead_exec_t,s0) +/sbin/readahead.* -- gen_context(system_u:object_r:readahead_exec_t,s0)
+ +
+/var/lib/readahead(/.*)? gen_context(system_u:object_r:readahead_var_lib_t,s0) +/var/lib/readahead(/.*)? gen_context(system_u:object_r:readahead_var_lib_t,s0)
+
-/usr/sbin/readahead -- gen_context(system_u:object_r:readahead_exec_t,s0)
diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/admin/readahead.te serefpolicy-3.6.12/policy/modules/admin/readahead.te diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/admin/readahead.te serefpolicy-3.6.12/policy/modules/admin/readahead.te
--- nsaserefpolicy/policy/modules/admin/readahead.te 2009-01-05 15:39:44.000000000 -0500 --- nsaserefpolicy/policy/modules/admin/readahead.te 2009-01-05 15:39:44.000000000 -0500
+++ serefpolicy-3.6.12/policy/modules/admin/readahead.te 2009-04-24 13:45:16.000000000 -0400 +++ serefpolicy-3.6.12/policy/modules/admin/readahead.te 2009-04-24 13:45:16.000000000 -0400

4
selinux-policy.spec
View File

@ -20,7 +20,7 @@
Summary: SELinux policy configuration Summary: SELinux policy configuration
Name: selinux-policy Name: selinux-policy
Version: 3.6.12 Version: 3.6.12
Release: 18%{?dist} Release: 19%{?dist}
License: GPLv2+ License: GPLv2+
Group: System Environment/Base Group: System Environment/Base
Source: serefpolicy-%{version}.tgz Source: serefpolicy-%{version}.tgz
@ -446,7 +446,7 @@ exit 0
%endif %endif
%changelog %changelog
* Fri Apr 24 2009 Dan Walsh <dwalsh@redhat.com> 3.6.12-18 * Fri Apr 24 2009 Dan Walsh <dwalsh@redhat.com> 3.6.12-19
- Allow initrc_t to delete dev_null - Allow initrc_t to delete dev_null
- Allow readahead to configure auditing - Allow readahead to configure auditing
- Fix milter policy - Fix milter policy