- Fix syslog declaration

2007-06-27 19:48:33 +00:00 · 2007-06-27 19:48:33 +00:00 · b786a2b04a
commit b786a2b04a
parent 7f44213c00
2 changed files with 19 additions and 19 deletions
--- a/policy-20070525.patch
+++ b/policy-20070525.patch
@ -6602,7 +6602,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/samb
 +
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/samba.te serefpolicy-3.0.1/policy/modules/services/samba.te
 --- nsaserefpolicy/policy/modules/services/samba.te	2007-06-19 16:23:35.000000000 -0400
-+++ serefpolicy-3.0.1/policy/modules/services/samba.te	2007-06-27 11:39:37.000000000 -0400
+++ serefpolicy-3.0.1/policy/modules/services/samba.te	2007-06-27 14:15:13.000000000 -0400
@@ -189,6 +189,8 @@
 
 miscfiles_read_localization(samba_net_t) 
@ -6670,7 +6670,16 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/samb
 
 libs_use_ld_so(swat_t)
 libs_use_shared_libs(swat_t)
-@@ -728,6 +742,7 @@
+@@ -704,6 +718,8 @@
+ manage_sock_files_pattern(winbind_t,winbind_var_run_t,winbind_var_run_t)
+ files_pid_filetrans(winbind_t,winbind_var_run_t,file)
+ 
+corecmd_exec_bin(winbind_t)
+
+ kernel_read_kernel_sysctls(winbind_t)
+ kernel_list_proc(winbind_t)
+ kernel_read_proc_symlinks(winbind_t)
+@@ -728,6 +744,7 @@
 fs_search_auto_mountpoints(winbind_t)
 
 auth_domtrans_chk_passwd(winbind_t)
@ -6678,14 +6687,6 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/samb
 
 domain_use_interactive_fds(winbind_t)
 
-@@ -767,6 +782,7 @@
- #
- # Winbind helper local policy
- #
-+corecmd_exec_bin(winbind_t)
- 
- allow winbind_helper_t self:unix_dgram_socket create_socket_perms;
- allow winbind_helper_t self:unix_stream_socket create_stream_socket_perms;
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/sasl.te serefpolicy-3.0.1/policy/modules/services/sasl.te
 --- nsaserefpolicy/policy/modules/services/sasl.te	2007-05-29 14:10:57.000000000 -0400
 +++ serefpolicy-3.0.1/policy/modules/services/sasl.te	2007-06-19 17:06:27.000000000 -0400
@ -8343,7 +8344,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/loggin
 +/var/log/syslog-ng(/.*)?	--	gen_context(system_u:object_r:syslogd_var_run_t,s0)
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/logging.if serefpolicy-3.0.1/policy/modules/system/logging.if
 --- nsaserefpolicy/policy/modules/system/logging.if	2007-06-15 14:54:34.000000000 -0400
-+++ serefpolicy-3.0.1/policy/modules/system/logging.if	2007-06-27 10:20:58.000000000 -0400
+++ serefpolicy-3.0.1/policy/modules/system/logging.if	2007-06-27 15:41:00.000000000 -0400
@@ -33,8 +33,13 @@
 ## </param>
 #
@ -8374,7 +8375,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/loggin
 +#
 +interface(`logging_manage_syslog_config',`
 +	gen_require(`
-+		type syslogd_etc_t;
+		type syslog_conf_t;
 +	')
 +
 +	files_search_etc($1)
@ -10980,18 +10981,14 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/users/logadm.
 +## <summary>Policy for logadm user</summary>
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/users/logadm.te serefpolicy-3.0.1/policy/modules/users/logadm.te
 --- nsaserefpolicy/policy/modules/users/logadm.te	1969-12-31 19:00:00.000000000 -0500
-+++ serefpolicy-3.0.1/policy/modules/users/logadm.te	2007-06-27 10:21:24.000000000 -0400
-@@ -0,0 +1,37 @@
+++ serefpolicy-3.0.1/policy/modules/users/logadm.te	2007-06-27 15:31:15.000000000 -0400
+@@ -0,0 +1,33 @@
 +policy_module(logadm,1.0.0)
 +
 +########################################
 +#
 +# logadmin local policy
 +#
-+
-+type syslog_conf_t;
-+files_type(syslog_conf_t)
-+
 +userdom_base_user_template(logadm)
 +
 +allow logadm_t self:capability { dac_override dac_read_search kill sys_ptrace sys_nice };
--- a/selinux-policy.spec
+++ b/selinux-policy.spec
@ -17,7 +17,7 @@
 Summary: SELinux policy configuration
 Name: selinux-policy
 Version: 3.0.1
-Release: 2%{?dist}
+Release: 3%{?dist}
 License: GPL
 Group: System Environment/Base
 Source: serefpolicy-%{version}.tgz
@ -355,6 +355,9 @@ exit 0
 %endif

 %changelog
+* Wed Jun 26 2007 Dan Walsh <dwalsh@redhat.com> 3.0.1-3
+- Fix syslog declaration
+
 * Wed Jun 26 2007 Dan Walsh <dwalsh@redhat.com> 3.0.1-2
 - Allow avahi to access inotify
 - Remove a lot of bogus security_t:filesystem avcs