- Cleanup policy

This commit is contained in:
Daniel J Walsh 2008-12-03 23:40:18 +00:00
parent 739db21a4a
commit bcb1922de7
2 changed files with 33 additions and 6 deletions

View File

@ -9705,7 +9705,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
+')
diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/cron.te serefpolicy-3.6.1/policy/modules/services/cron.te
--- nsaserefpolicy/policy/modules/services/cron.te 2008-11-11 16:13:46.000000000 -0500
+++ serefpolicy-3.6.1/policy/modules/services/cron.te 2008-12-03 14:11:06.000000000 -0500
+++ serefpolicy-3.6.1/policy/modules/services/cron.te 2008-12-03 18:26:44.000000000 -0500
@@ -38,6 +38,10 @@
type cron_var_lib_t;
files_type(cron_var_lib_t)
@ -9726,6 +9726,15 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
type crond_var_run_t;
files_pid_file(crond_var_run_t)
@@ -70,7 +76,7 @@
typealias admin_crontab_tmp_t alias sysadm_crontab_tmp_t;
cron_common_crontab_template(crontab)
-typealias crontab_t alias { user_crontab_t staff_crontab_t };
+typealias crontab_t alias { user_crontab_t staff_crontab_t unconfined_crontab_t };
typealias crontab_t alias { auditadm_crontab_t secadm_crontab_t };
typealias crontab_tmp_t alias { user_crontab_tmp_t staff_crontab_tmp_t };
typealias crontab_tmp_t alias { auditadm_crontab_tmp_t secadm_crontab_tmp_t };
@@ -103,6 +109,13 @@
files_type(user_cron_spool_t)
ubac_constrained(user_cron_spool_t)
@ -20859,7 +20868,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
+
diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/xserver.te serefpolicy-3.6.1/policy/modules/services/xserver.te
--- nsaserefpolicy/policy/modules/services/xserver.te 2008-11-18 18:57:20.000000000 -0500
+++ serefpolicy-3.6.1/policy/modules/services/xserver.te 2008-12-03 16:48:20.000000000 -0500
+++ serefpolicy-3.6.1/policy/modules/services/xserver.te 2008-12-03 18:27:33.000000000 -0500
@@ -34,6 +34,13 @@
## <desc>
@ -20969,6 +20978,15 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
# type for /var/lib/xkb
type xkb_var_lib_t;
files_type(xkb_var_lib_t)
@@ -189,7 +208,7 @@
type xserver_t;
type xserver_exec_t;
typealias xserver_t alias { user_xserver_t staff_xserver_t sysadm_xserver_t };
-typealias xserver_t alias { auditadm_xserver_t secadm_xserver_t };
+typealias xserver_t alias { auditadm_xserver_t secadm_xserver_t xdm_xserver_t };
xserver_object_types_template(xdm)
xserver_common_x_domain_template(xdm,xdm_t)
init_system_domain(xserver_t, xserver_exec_t)
@@ -197,12 +216,12 @@
type xserver_tmp_t;
@ -20980,7 +20998,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
type xserver_tmpfs_t;
-typealias xserver_tmpfs_t alias { user_xserver_tmpfs_t staff_xserver_tmpfs_t sysadm_xserver_tmpfs_t };
+typealias xserver_tmpfs_t alias { user_xserver_tmpfs_t staff_xserver_tmpfs_t sysadm_xserver_tmpfs_t xguest_xserver_tmpfs_t unconfined_xserver_tmpfs_t };
+typealias xserver_tmpfs_t alias { user_xserver_tmpfs_t staff_xserver_tmpfs_t sysadm_xserver_tmpfs_t xguest_xserver_tmpfs_t unconfined_xserver_tmpfs_t xdm_xserver_tmpfs_t };
typealias xserver_tmpfs_t alias { auditadm_xserver_tmpfs_t secadm_xserver_tmpfs_t };
files_tmpfs_file(xserver_tmpfs_t)
ubac_constrained(xserver_tmpfs_t)
@ -21768,7 +21786,16 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
+
diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/authlogin.te serefpolicy-3.6.1/policy/modules/system/authlogin.te
--- nsaserefpolicy/policy/modules/system/authlogin.te 2008-11-11 16:13:48.000000000 -0500
+++ serefpolicy-3.6.1/policy/modules/system/authlogin.te 2008-11-25 09:45:43.000000000 -0500
+++ serefpolicy-3.6.1/policy/modules/system/authlogin.te 2008-12-03 18:25:28.000000000 -0500
@@ -12,7 +12,7 @@
type chkpwd_t, can_read_shadow_passwords;
type chkpwd_exec_t;
-typealias chkpwd_t alias { user_chkpwd_t staff_chkpwd_t sysadm_chkpwd_t };
+typealias chkpwd_t alias { user_chkpwd_t staff_chkpwd_t sysadm_chkpwd_t system_chkpwd_t };
typealias chkpwd_t alias { auditadm_chkpwd_t secadm_chkpwd_t };
application_domain(chkpwd_t, chkpwd_exec_t)
role system_r types chkpwd_t;
@@ -63,6 +63,9 @@
type utempter_exec_t;
application_domain(utempter_t,utempter_exec_t)

View File

@ -20,7 +20,7 @@
Summary: SELinux policy configuration
Name: selinux-policy
Version: 3.6.1
Release: 3%{?dist}
Release: 4%{?dist}
License: GPLv2+
Group: System Environment/Base
Source: serefpolicy-%{version}.tgz
@ -446,7 +446,7 @@ exit 0
%endif
%changelog
* Wed Dec 3 2008 Dan Walsh <dwalsh@redhat.com> 3.6.1-3
* Wed Dec 3 2008 Dan Walsh <dwalsh@redhat.com> 3.6.1-4
- Cleanup policy
* Mon Dec 01 2008 Ignacio Vazquez-Abrams <ivazqueznet+rpm@gmail.com> - 3.6.1-2