- Add virt_content_ro_t and labeling for isos directory
This commit is contained in:
parent
a1833512de
commit
ab3e55d79a
@ -3686,7 +3686,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
|
|||||||
')
|
')
|
||||||
diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/apps/qemu.te serefpolicy-3.6.3/policy/modules/apps/qemu.te
|
diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/apps/qemu.te serefpolicy-3.6.3/policy/modules/apps/qemu.te
|
||||||
--- nsaserefpolicy/policy/modules/apps/qemu.te 2009-01-19 11:03:28.000000000 -0500
|
--- nsaserefpolicy/policy/modules/apps/qemu.te 2009-01-19 11:03:28.000000000 -0500
|
||||||
+++ serefpolicy-3.6.3/policy/modules/apps/qemu.te 2009-01-30 09:22:46.000000000 -0500
|
+++ serefpolicy-3.6.3/policy/modules/apps/qemu.te 2009-01-30 09:57:15.000000000 -0500
|
||||||
@@ -6,6 +6,8 @@
|
@@ -6,6 +6,8 @@
|
||||||
# Declarations
|
# Declarations
|
||||||
#
|
#
|
||||||
@ -3784,7 +3784,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
|
|||||||
+optional_policy(`
|
+optional_policy(`
|
||||||
+ virt_read_config(qemutype)
|
+ virt_read_config(qemutype)
|
||||||
+ virt_read_lib_files(qemutype)
|
+ virt_read_lib_files(qemutype)
|
||||||
+ virt_read_content(qemu_type)
|
+ virt_read_content(qemutype)
|
||||||
+')
|
+')
|
||||||
+
|
+
|
||||||
+optional_policy(`
|
+optional_policy(`
|
||||||
@ -17625,7 +17625,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
|
|||||||
/usr/sbin/postkick -- gen_context(system_u:object_r:postfix_master_exec_t,s0)
|
/usr/sbin/postkick -- gen_context(system_u:object_r:postfix_master_exec_t,s0)
|
||||||
diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/postfix.if serefpolicy-3.6.3/policy/modules/services/postfix.if
|
diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/postfix.if serefpolicy-3.6.3/policy/modules/services/postfix.if
|
||||||
--- nsaserefpolicy/policy/modules/services/postfix.if 2009-01-19 11:06:49.000000000 -0500
|
--- nsaserefpolicy/policy/modules/services/postfix.if 2009-01-19 11:06:49.000000000 -0500
|
||||||
+++ serefpolicy-3.6.3/policy/modules/services/postfix.if 2009-01-30 08:30:01.000000000 -0500
|
+++ serefpolicy-3.6.3/policy/modules/services/postfix.if 2009-01-30 09:59:52.000000000 -0500
|
||||||
@@ -46,6 +46,7 @@
|
@@ -46,6 +46,7 @@
|
||||||
|
|
||||||
allow postfix_$1_t postfix_etc_t:dir list_dir_perms;
|
allow postfix_$1_t postfix_etc_t:dir list_dir_perms;
|
||||||
@ -17664,7 +17664,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
|
|||||||
+ type postfix_local_t;
|
+ type postfix_local_t;
|
||||||
+ ')
|
+ ')
|
||||||
+
|
+
|
||||||
+ allow $1 postfix_local_t:fifo rw_fifo_file_perms;
|
+ allow $1 postfix_local_t:fifo_file rw_fifo_file_perms;
|
||||||
+')
|
+')
|
||||||
+
|
+
|
||||||
+########################################
|
+########################################
|
||||||
@ -22450,7 +22450,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
|
|||||||
## </summary>
|
## </summary>
|
||||||
diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/virt.te serefpolicy-3.6.3/policy/modules/services/virt.te
|
diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/virt.te serefpolicy-3.6.3/policy/modules/services/virt.te
|
||||||
--- nsaserefpolicy/policy/modules/services/virt.te 2009-01-19 11:06:49.000000000 -0500
|
--- nsaserefpolicy/policy/modules/services/virt.te 2009-01-19 11:06:49.000000000 -0500
|
||||||
+++ serefpolicy-3.6.3/policy/modules/services/virt.te 2009-01-30 09:24:00.000000000 -0500
|
+++ serefpolicy-3.6.3/policy/modules/services/virt.te 2009-01-30 10:02:15.000000000 -0500
|
||||||
@@ -32,6 +32,10 @@
|
@@ -32,6 +32,10 @@
|
||||||
type virt_image_t, virt_image_type; # customizable
|
type virt_image_t, virt_image_type; # customizable
|
||||||
virt_image(virt_image_t)
|
virt_image(virt_image_t)
|
||||||
@ -22476,7 +22476,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
|
|||||||
manage_files_pattern(virtd_t, virt_image_type, virt_image_type)
|
manage_files_pattern(virtd_t, virt_image_type, virt_image_type)
|
||||||
|
|
||||||
+manage_dirs_pattern(virtd_t, virt_content_t, virt_content_t)
|
+manage_dirs_pattern(virtd_t, virt_content_t, virt_content_t)
|
||||||
+manage_files_pattern(virtd_t, virt_content_t virt_content_t)
|
+manage_files_pattern(virtd_t, virt_content_t, virt_content_t)
|
||||||
+
|
+
|
||||||
manage_dirs_pattern(virtd_t, virt_log_t, virt_log_t)
|
manage_dirs_pattern(virtd_t, virt_log_t, virt_log_t)
|
||||||
manage_files_pattern(virtd_t, virt_log_t, virt_log_t)
|
manage_files_pattern(virtd_t, virt_log_t, virt_log_t)
|
||||||
|
@ -20,7 +20,7 @@
|
|||||||
Summary: SELinux policy configuration
|
Summary: SELinux policy configuration
|
||||||
Name: selinux-policy
|
Name: selinux-policy
|
||||||
Version: 3.6.3
|
Version: 3.6.3
|
||||||
Release: 10%{?dist}
|
Release: 11%{?dist}
|
||||||
License: GPLv2+
|
License: GPLv2+
|
||||||
Group: System Environment/Base
|
Group: System Environment/Base
|
||||||
Source: serefpolicy-%{version}.tgz
|
Source: serefpolicy-%{version}.tgz
|
||||||
@ -444,6 +444,9 @@ exit 0
|
|||||||
%endif
|
%endif
|
||||||
|
|
||||||
%changelog
|
%changelog
|
||||||
|
* Fri Jan 30 2009 Dan Walsh <dwalsh@redhat.com> 3.6.3-11
|
||||||
|
- Add virt_content_ro_t and labeling for isos directory
|
||||||
|
|
||||||
* Tue Jan 27 2009 Dan Walsh <dwalsh@redhat.com> 3.6.3-10
|
* Tue Jan 27 2009 Dan Walsh <dwalsh@redhat.com> 3.6.3-10
|
||||||
- Fixes for wicd daemon
|
- Fixes for wicd daemon
|
||||||
|
|
||||||
|
Loading…
Reference in New Issue
Block a user