- Allow rpm to chat with networkmanager

policy-20070703.patch

@@ -751,8 +751,8 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/global_tunables seref
 +
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/admin/alsa.fc serefpolicy-3.0.8/policy/modules/admin/alsa.fc
 --- nsaserefpolicy/policy/modules/admin/alsa.fc	2007-05-29 14:10:59.000000000 -0400
-+++ serefpolicy-3.0.8/policy/modules/admin/alsa.fc	2007-10-03 11:10:24.000000000 -0400
++++ serefpolicy-3.0.8/policy/modules/admin/alsa.fc	2007-10-16 23:50:36.000000000 -0400
-@@ -1,4 +1,10 @@
+@@ -1,4 +1,11 @@
  
 +/etc/alsa/asound\.state --	gen_context(system_u:object_r:alsa_etc_rw_t,s0)
  /etc/alsa/pcm(/.*)?		gen_context(system_u:object_r:alsa_etc_rw_t,s0)
@@ -763,6 +763,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/admin/alsa.fc
 +/sbin/alsactl 		--	gen_context(system_u:object_r:alsa_exec_t,s0)
 +/sbin/salsa 		--	gen_context(system_u:object_r:alsa_exec_t,s0)
 +/var/lib/alsa(/.*)?		gen_context(system_u:object_r:alsa_var_lib_t,s0)
++/bin/alsaunmute		--	gen_context(system_u:object_r:alsa_exec_t,s0)
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/admin/alsa.if serefpolicy-3.0.8/policy/modules/admin/alsa.if
 --- nsaserefpolicy/policy/modules/admin/alsa.if	2007-05-29 14:10:59.000000000 -0400
 +++ serefpolicy-3.0.8/policy/modules/admin/alsa.if	2007-10-03 11:10:24.000000000 -0400
@@ -808,7 +809,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/admin/alsa.if
 +')
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/admin/alsa.te serefpolicy-3.0.8/policy/modules/admin/alsa.te
 --- nsaserefpolicy/policy/modules/admin/alsa.te	2007-07-25 10:37:43.000000000 -0400
-+++ serefpolicy-3.0.8/policy/modules/admin/alsa.te	2007-10-11 10:45:18.000000000 -0400
++++ serefpolicy-3.0.8/policy/modules/admin/alsa.te	2007-10-16 23:47:06.000000000 -0400
 @@ -8,31 +8,47 @@
  
  type alsa_t;
@@ -847,7 +848,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/admin/alsa.te
 +manage_dirs_pattern(alsa_t,alsa_var_lib_t,alsa_var_lib_t)
 +manage_files_pattern(alsa_t,alsa_var_lib_t,alsa_var_lib_t)
 +
-+corecmd_search_bin(alsa_t)
++corecmd_exec_bin(alsa_t)
 +can_exec(alsa_t, alsa_exec_t)
 +
 +files_search_home(alsa_t)

selinux-policy.spec

@@ -17,7 +17,7 @@
 Summary: SELinux policy configuration
 Name: selinux-policy
 Version: 3.0.8
-Release: 22%{?dist}
+Release: 24%{?dist}
 License: GPLv2+
 Group: System Environment/Base
 Source: serefpolicy-%{version}.tgz
@@ -288,10 +288,12 @@ semodule -s targeted -r moilscanner 2>/dev/null
 %loadpolicy targeted
 
 if [ $1 = 1 ]; then
-semanage login -m -s "system_u" __default__ 2> /dev/null
 semanage user -a -P unconfined -R "unconfined_r system_r" unconfined_u 
+semanage login -m -s "unconfined_u" __default__ 2> /dev/null
+semanage login -m -s "system_u" root 2> /dev/null
 semanage user -a -P guest -R guest_r guest_u
 semanage user -a -P xguest -R xguest_r xguest_u 
+restorecon -R /root /var/log /var/run 2> /dev/null
 else
 %relabel targeted
 fi
@@ -371,6 +373,13 @@ exit 0
 %endif
 
 %changelog
+* Tue Oct 16 2007 Dan Walsh <dwalsh@redhat.com> 3.0.8-24
+- Allow rpm to chat with networkmanager
+
+* Mon Oct 15 2007 Dan Walsh <dwalsh@redhat.com> 3.0.8-23
+- Fixes for ipsec and exim mail
+- Change default to unconfined user
+
 * Fri Oct 12 2007 Dan Walsh <dwalsh@redhat.com> 3.0.8-22
 - Pass the UNK_PERMS param to makefile
 - Fix gdm location