- Cleanup policy
This commit is contained in:
parent
739db21a4a
commit
bcb1922de7
@ -9705,7 +9705,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
|
||||
+')
|
||||
diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/cron.te serefpolicy-3.6.1/policy/modules/services/cron.te
|
||||
--- nsaserefpolicy/policy/modules/services/cron.te 2008-11-11 16:13:46.000000000 -0500
|
||||
+++ serefpolicy-3.6.1/policy/modules/services/cron.te 2008-12-03 14:11:06.000000000 -0500
|
||||
+++ serefpolicy-3.6.1/policy/modules/services/cron.te 2008-12-03 18:26:44.000000000 -0500
|
||||
@@ -38,6 +38,10 @@
|
||||
type cron_var_lib_t;
|
||||
files_type(cron_var_lib_t)
|
||||
@ -9726,6 +9726,15 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
|
||||
|
||||
type crond_var_run_t;
|
||||
files_pid_file(crond_var_run_t)
|
||||
@@ -70,7 +76,7 @@
|
||||
typealias admin_crontab_tmp_t alias sysadm_crontab_tmp_t;
|
||||
|
||||
cron_common_crontab_template(crontab)
|
||||
-typealias crontab_t alias { user_crontab_t staff_crontab_t };
|
||||
+typealias crontab_t alias { user_crontab_t staff_crontab_t unconfined_crontab_t };
|
||||
typealias crontab_t alias { auditadm_crontab_t secadm_crontab_t };
|
||||
typealias crontab_tmp_t alias { user_crontab_tmp_t staff_crontab_tmp_t };
|
||||
typealias crontab_tmp_t alias { auditadm_crontab_tmp_t secadm_crontab_tmp_t };
|
||||
@@ -103,6 +109,13 @@
|
||||
files_type(user_cron_spool_t)
|
||||
ubac_constrained(user_cron_spool_t)
|
||||
@ -20859,7 +20868,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
|
||||
+
|
||||
diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/xserver.te serefpolicy-3.6.1/policy/modules/services/xserver.te
|
||||
--- nsaserefpolicy/policy/modules/services/xserver.te 2008-11-18 18:57:20.000000000 -0500
|
||||
+++ serefpolicy-3.6.1/policy/modules/services/xserver.te 2008-12-03 16:48:20.000000000 -0500
|
||||
+++ serefpolicy-3.6.1/policy/modules/services/xserver.te 2008-12-03 18:27:33.000000000 -0500
|
||||
@@ -34,6 +34,13 @@
|
||||
|
||||
## <desc>
|
||||
@ -20969,6 +20978,15 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
|
||||
# type for /var/lib/xkb
|
||||
type xkb_var_lib_t;
|
||||
files_type(xkb_var_lib_t)
|
||||
@@ -189,7 +208,7 @@
|
||||
type xserver_t;
|
||||
type xserver_exec_t;
|
||||
typealias xserver_t alias { user_xserver_t staff_xserver_t sysadm_xserver_t };
|
||||
-typealias xserver_t alias { auditadm_xserver_t secadm_xserver_t };
|
||||
+typealias xserver_t alias { auditadm_xserver_t secadm_xserver_t xdm_xserver_t };
|
||||
xserver_object_types_template(xdm)
|
||||
xserver_common_x_domain_template(xdm,xdm_t)
|
||||
init_system_domain(xserver_t, xserver_exec_t)
|
||||
@@ -197,12 +216,12 @@
|
||||
|
||||
type xserver_tmp_t;
|
||||
@ -20980,7 +20998,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
|
||||
|
||||
type xserver_tmpfs_t;
|
||||
-typealias xserver_tmpfs_t alias { user_xserver_tmpfs_t staff_xserver_tmpfs_t sysadm_xserver_tmpfs_t };
|
||||
+typealias xserver_tmpfs_t alias { user_xserver_tmpfs_t staff_xserver_tmpfs_t sysadm_xserver_tmpfs_t xguest_xserver_tmpfs_t unconfined_xserver_tmpfs_t };
|
||||
+typealias xserver_tmpfs_t alias { user_xserver_tmpfs_t staff_xserver_tmpfs_t sysadm_xserver_tmpfs_t xguest_xserver_tmpfs_t unconfined_xserver_tmpfs_t xdm_xserver_tmpfs_t };
|
||||
typealias xserver_tmpfs_t alias { auditadm_xserver_tmpfs_t secadm_xserver_tmpfs_t };
|
||||
files_tmpfs_file(xserver_tmpfs_t)
|
||||
ubac_constrained(xserver_tmpfs_t)
|
||||
@ -21768,7 +21786,16 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
|
||||
+
|
||||
diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/authlogin.te serefpolicy-3.6.1/policy/modules/system/authlogin.te
|
||||
--- nsaserefpolicy/policy/modules/system/authlogin.te 2008-11-11 16:13:48.000000000 -0500
|
||||
+++ serefpolicy-3.6.1/policy/modules/system/authlogin.te 2008-11-25 09:45:43.000000000 -0500
|
||||
+++ serefpolicy-3.6.1/policy/modules/system/authlogin.te 2008-12-03 18:25:28.000000000 -0500
|
||||
@@ -12,7 +12,7 @@
|
||||
|
||||
type chkpwd_t, can_read_shadow_passwords;
|
||||
type chkpwd_exec_t;
|
||||
-typealias chkpwd_t alias { user_chkpwd_t staff_chkpwd_t sysadm_chkpwd_t };
|
||||
+typealias chkpwd_t alias { user_chkpwd_t staff_chkpwd_t sysadm_chkpwd_t system_chkpwd_t };
|
||||
typealias chkpwd_t alias { auditadm_chkpwd_t secadm_chkpwd_t };
|
||||
application_domain(chkpwd_t, chkpwd_exec_t)
|
||||
role system_r types chkpwd_t;
|
||||
@@ -63,6 +63,9 @@
|
||||
type utempter_exec_t;
|
||||
application_domain(utempter_t,utempter_exec_t)
|
||||
|
@ -20,7 +20,7 @@
|
||||
Summary: SELinux policy configuration
|
||||
Name: selinux-policy
|
||||
Version: 3.6.1
|
||||
Release: 3%{?dist}
|
||||
Release: 4%{?dist}
|
||||
License: GPLv2+
|
||||
Group: System Environment/Base
|
||||
Source: serefpolicy-%{version}.tgz
|
||||
@ -446,7 +446,7 @@ exit 0
|
||||
%endif
|
||||
|
||||
%changelog
|
||||
* Wed Dec 3 2008 Dan Walsh <dwalsh@redhat.com> 3.6.1-3
|
||||
* Wed Dec 3 2008 Dan Walsh <dwalsh@redhat.com> 3.6.1-4
|
||||
- Cleanup policy
|
||||
|
||||
* Mon Dec 01 2008 Ignacio Vazquez-Abrams <ivazqueznet+rpm@gmail.com> - 3.6.1-2
|
||||
|
Loading…
Reference in New Issue
Block a user