more strict testing fixes

2006-08-23 19:36:04 +00:00 · 2006-08-23 19:36:04 +00:00 · 98de871cee
commit 98de871cee
parent d15dd5a739
7 changed files with 25 additions and 10 deletions
--- a/policy/modules/system/authlogin.if
+++ b/policy/modules/system/authlogin.if
@ -654,7 +654,7 @@ interface(`auth_rw_lastlog',`
 	')
 	logging_search_logs($1)
-	allow $1 lastlog_t:file { getattr read write setattr };
+	allow $1 lastlog_t:file { getattr read write lock setattr };
 ')
 ########################################
--- a/policy/modules/system/authlogin.te
+++ b/policy/modules/system/authlogin.te
@ -1,5 +1,5 @@
-policy_module(authlogin,1.3.11)
+policy_module(authlogin,1.3.12)
 ########################################
 #
--- a/policy/modules/system/init.fc
+++ b/policy/modules/system/init.fc
@ -9,7 +9,11 @@
 /etc/rc\.d/init\.d/.*	--	gen_context(system_u:object_r:initrc_exec_t,s0)
-ifdef(`targeted_policy', `', `
+ifdef(`distro_gentoo',`
 /etc/vmware/init\.d/vmware --	gen_context(system_u:object_r:initrc_exec_t,s0)
 ')
 ifdef(`strict_policy',`
 /etc/X11/prefdm		--	gen_context(system_u:object_r:initrc_exec_t,s0)
 ')
--- a/policy/modules/system/init.te
+++ b/policy/modules/system/init.te
@ -1,5 +1,5 @@
-policy_module(init,1.3.21)
+policy_module(init,1.3.22)
 gen_require(`
 	class passwd rootok;
@ -221,9 +221,10 @@ term_create_pty(initrc_t,initrc_devpts_t)
 can_exec(initrc_t,initrc_exec_t)
-allow initrc_t initrc_state_t:dir create_dir_perms;
+allow initrc_t initrc_state_t:dir manage_dir_perms;
-allow initrc_t initrc_state_t:file create_file_perms;
+allow initrc_t initrc_state_t:file manage_file_perms;
-allow initrc_t initrc_state_t:lnk_file { create read getattr setattr unlink rename };
+allow initrc_t initrc_state_t:fifo_file manage_file_perms;
 allow initrc_t initrc_state_t:lnk_file create_lnk_perms;
 allow initrc_t initrc_var_run_t:file create_file_perms;
 files_pid_filetrans(initrc_t,initrc_var_run_t,file)
@ -466,6 +467,10 @@ ifdef(`distro_redhat',`
 	miscfiles_read_fonts(initrc_t)
 	miscfiles_read_hwdata(initrc_t)
 	# for integrated run_init to read run_init_type.
 	# happens during boot (/sbin/rc execs init scripts)
 	seutil_read_default_contexts(initrc_t)
 	optional_policy(`
 		bind_manage_config_dirs(initrc_t)
 		bind_write_config(initrc_t)
--- a/policy/modules/system/selinuxutil.te
+++ b/policy/modules/system/selinuxutil.te
@ -1,5 +1,5 @@
-policy_module(selinuxutil,1.2.11)
+policy_module(selinuxutil,1.2.12)
 ifdef(`strict_policy',`
 	gen_require(`
@ -565,6 +565,8 @@ corecmd_exec_sbin(semanage_t)
 dev_read_urand(semanage_t)
 domain_use_interactive_fds(semanage_t)
 files_read_etc_files(semanage_t)
 files_read_usr_files(semanage_t)
 files_list_pids(semanage_t)
--- a/policy/modules/system/sysnetwork.fc
+++ b/policy/modules/system/sysnetwork.fc
@ -50,7 +50,11 @@ ifdef(`distro_redhat',`
 /var/lib/dhcp3?		-d	gen_context(system_u:object_r:dhcp_state_t,s0)
 /var/lib/dhcp3?/dhclient.*	gen_context(system_u:object_r:dhcpc_state_t,s0)
 /var/lib/dhcpcd(/.*)?		gen_context(system_u:object_r:dhcpc_state_t,s0)
 /var/lib/dhclient(/.*)?		gen_context(system_u:object_r:dhcpc_state_t,s0)
 /var/run/dhclient.*\.pid --	gen_context(system_u:object_r:dhcpc_var_run_t,s0)
 /var/run/dhclient.*\.leases --	gen_context(system_u:object_r:dhcpc_var_run_t,s0)
 ifdef(`distro_gentoo',`
 /var/lib/dhcpc(/.*)?		gen_context(system_u:object_r:dhcpc_state_t,s0)
 ')
--- a/policy/modules/system/sysnetwork.te
+++ b/policy/modules/system/sysnetwork.te
@ -1,5 +1,5 @@
-policy_module(sysnetwork,1.1.9)
+policy_module(sysnetwork,1.1.10)
 ########################################
 #