- Add tgtd policy

modules-minimum.conf

@@ -1576,6 +1576,13 @@ tgtd = module
 # 
 udev = base
 
+# Layer: services
+# Module: udisks
+#
+# Policy for udisk
+# 
+udisks = base
+
 # Layer: system
 # Module: userdomain
 #

modules-mls.conf

@@ -1386,6 +1386,13 @@ tgtd = module
 # 
 udev = base
 
+# Layer: services
+# Module: udisks
+#
+# Policy for udisk
+# 
+udisks = base
+
 # Layer: system
 # Module: userdomain
 #

modules-targeted.conf

@@ -1576,6 +1576,13 @@ tgtd = module
 # 
 udev = base
 
+# Layer: services
+# Module: udisks
+#
+# Policy for udisk
+# 
+udisks = base
+
 # Layer: system
 # Module: userdomain
 #

policy-F13.patch

@@ -16719,7 +16719,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
  ')
 diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/nagios.te serefpolicy-3.7.4/policy/modules/services/nagios.te
 --- nsaserefpolicy/policy/modules/services/nagios.te	2009-08-14 16:14:31.000000000 -0400
-+++ serefpolicy-3.7.4/policy/modules/services/nagios.te	2009-12-15 15:35:42.000000000 -0500
++++ serefpolicy-3.7.4/policy/modules/services/nagios.te	2009-12-16 08:29:49.000000000 -0500
 @@ -6,17 +6,23 @@
  # Declarations
  #
@@ -16758,7 +16758,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
  type nrpe_t;
  type nrpe_exec_t;
  init_daemon_domain(nrpe_t, nrpe_exec_t)
-@@ -33,6 +42,31 @@
+@@ -33,6 +42,33 @@
  type nrpe_etc_t;
  files_config_file(nrpe_etc_t)
  
@@ -16781,7 +16781,9 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
 +files_tmp_file(nagios_system_plugin_tmp_t)
 +
 +nagios_plugin_template(unconfined)
-+unconfined_domain(nagios_unconfined_plugin_t)
++optional_policy(`
++	unconfined_domain(nagios_unconfined_plugin_t)
++')
 +
 +permissive nagios_checkdisk_plugin_t;
 +permissive nagios_services_plugin_t;
@@ -16790,7 +16792,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
  ########################################
  #
  # Nagios local policy
-@@ -45,6 +79,9 @@
+@@ -45,6 +81,9 @@
  allow nagios_t self:tcp_socket create_stream_socket_perms;
  allow nagios_t self:udp_socket create_socket_perms;
  
@@ -16800,7 +16802,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
  read_files_pattern(nagios_t, nagios_etc_t, nagios_etc_t)
  read_lnk_files_pattern(nagios_t, nagios_etc_t, nagios_etc_t)
  allow nagios_t nagios_etc_t:dir list_dir_perms;
-@@ -60,6 +97,8 @@
+@@ -60,6 +99,8 @@
  manage_files_pattern(nagios_t, nagios_var_run_t, nagios_var_run_t)
  files_pid_filetrans(nagios_t, nagios_var_run_t, file)
  
@@ -16809,7 +16811,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
  kernel_read_system_state(nagios_t)
  kernel_read_kernel_sysctls(nagios_t)
  
-@@ -86,6 +125,7 @@
+@@ -86,6 +127,7 @@
  files_read_etc_files(nagios_t)
  files_read_etc_runtime_files(nagios_t)
  files_read_kernel_symbol_table(nagios_t)
@@ -16817,7 +16819,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
  
  fs_getattr_all_fs(nagios_t)
  fs_search_auto_mountpoints(nagios_t)
-@@ -127,52 +167,59 @@
+@@ -127,52 +169,59 @@
  #
  # Nagios CGI local policy
  #
@@ -16902,7 +16904,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
  kernel_read_system_state(nrpe_t)
  kernel_read_kernel_sysctls(nrpe_t)
  
-@@ -183,15 +230,19 @@
+@@ -183,15 +232,19 @@
  dev_read_urand(nrpe_t)
  
  domain_use_interactive_fds(nrpe_t)
@@ -16922,7 +16924,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
  userdom_dontaudit_use_unpriv_user_fds(nrpe_t)
  
  optional_policy(`
-@@ -209,3 +260,84 @@
+@@ -209,3 +262,84 @@
  optional_policy(`
  	udev_read_db(nrpe_t)
  ')

selinux-policy.spec

@@ -15,7 +15,7 @@
 %endif
 %define POLICYVER 24
 %define libsepolver 2.0.41-1
-%define POLICYCOREUTILSVER 2.0.78-3
+%define POLICYCOREUTILSVER 2.0.78-1
 %define CHECKPOLICYVER 2.0.21-1
 Summary: SELinux policy configuration
 Name: selinux-policy