- Fix file context for MATLAB
- Fixes for xace
This commit is contained in:
parent
5ea3f10caf
commit
bf3d39e959
@ -3964,8 +3964,18 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/apps/irc.te s
|
||||
+
|
||||
diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/apps/java.fc serefpolicy-3.3.1/policy/modules/apps/java.fc
|
||||
--- nsaserefpolicy/policy/modules/apps/java.fc 2007-03-01 10:01:48.000000000 -0500
|
||||
+++ serefpolicy-3.3.1/policy/modules/apps/java.fc 2008-03-13 18:18:13.000000000 -0400
|
||||
@@ -11,6 +11,7 @@
|
||||
+++ serefpolicy-3.3.1/policy/modules/apps/java.fc 2008-03-21 06:52:02.000000000 -0400
|
||||
@@ -3,14 +3,15 @@
|
||||
#
|
||||
/opt/(.*/)?bin/java[^/]* -- gen_context(system_u:object_r:java_exec_t,s0)
|
||||
/opt/ibm/java2-ppc64-50/jre/(bin|javaws)(/.*)? -- gen_context(system_u:object_r:java_exec_t,s0)
|
||||
-/opt/local/matlab/bin/(.*/)?MATLAB. -- gen_context(system_u:object_r:java_exec_t,s0)
|
||||
-/opt/matlab/bin/(.*/)?MATLAB. -- gen_context(system_u:object_r:java_exec_t,s0)
|
||||
+/opt/local/matlab.*/bin.*/MATLAB.* -- gen_context(system_u:object_r:java_exec_t,s0)
|
||||
+/opt/matlab.*/bin.*/MATLAB.* -- gen_context(system_u:object_r:java_exec_t,s0)
|
||||
|
||||
#
|
||||
# /usr
|
||||
#
|
||||
/usr/(.*/)?bin/java.* -- gen_context(system_u:object_r:java_exec_t,s0)
|
||||
/usr/lib(.*/)?bin/java[^/]* -- gen_context(system_u:object_r:java_exec_t,s0)
|
||||
@ -3973,16 +3983,15 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/apps/java.fc
|
||||
/usr/bin/frysk -- gen_context(system_u:object_r:java_exec_t,s0)
|
||||
/usr/bin/gappletviewer -- gen_context(system_u:object_r:java_exec_t,s0)
|
||||
/usr/bin/gcj-dbtool -- gen_context(system_u:object_r:java_exec_t,s0)
|
||||
@@ -20,5 +21,11 @@
|
||||
@@ -20,5 +21,10 @@
|
||||
/usr/bin/grmic -- gen_context(system_u:object_r:java_exec_t,s0)
|
||||
/usr/bin/grmiregistry -- gen_context(system_u:object_r:java_exec_t,s0)
|
||||
/usr/bin/jv-convert -- gen_context(system_u:object_r:java_exec_t,s0)
|
||||
-/usr/local/matlab/bin/(.*/)?MATLAB. -- gen_context(system_u:object_r:java_exec_t,s0)
|
||||
-/usr/matlab/bin/(.*/)?MATLAB. -- gen_context(system_u:object_r:java_exec_t,s0)
|
||||
+/usr/bin/fastjar -- gen_context(system_u:object_r:java_exec_t,s0)
|
||||
+/usr/local/matlab/bin/(.*/)?MATLAB.* -- gen_context(system_u:object_r:java_exec_t,s0)
|
||||
+/usr/matlab(/.*)?/bin/(.*/)?MATLAB.* -- gen_context(system_u:object_r:java_exec_t,s0)
|
||||
+/opt/matlab(/.*)?/bin(/.*)?/MATLAB.* -- gen_context(system_u:object_r:java_exec_t,s0)
|
||||
+/usr/local/matlab.*/bin.*/MATLAB.* -- gen_context(system_u:object_r:java_exec_t,s0)
|
||||
+/usr/matlab.*/bin.*/MATLAB.* -- gen_context(system_u:object_r:java_exec_t,s0)
|
||||
+/usr/lib/jvm/java(.*/)bin(/.*)? -- gen_context(system_u:object_r:java_exec_t,s0)
|
||||
+/usr/lib64/jvm/java(.*/)bin(/.*)? -- gen_context(system_u:object_r:java_exec_t,s0)
|
||||
+
|
||||
@ -14704,7 +14713,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/gnom
|
||||
+
|
||||
diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/hal.fc serefpolicy-3.3.1/policy/modules/services/hal.fc
|
||||
--- nsaserefpolicy/policy/modules/services/hal.fc 2007-11-14 08:17:58.000000000 -0500
|
||||
+++ serefpolicy-3.3.1/policy/modules/services/hal.fc 2008-02-26 08:29:22.000000000 -0500
|
||||
+++ serefpolicy-3.3.1/policy/modules/services/hal.fc 2008-03-21 18:49:34.000000000 -0400
|
||||
@@ -8,6 +8,7 @@
|
||||
/usr/libexec/hal-hotplug-map -- gen_context(system_u:object_r:hald_exec_t,s0)
|
||||
/usr/libexec/hal-system-sonypic -- gen_context(system_u:object_r:hald_sonypic_exec_t,s0)
|
||||
@ -14713,13 +14722,14 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/hal.
|
||||
|
||||
/usr/sbin/hald -- gen_context(system_u:object_r:hald_exec_t,s0)
|
||||
|
||||
@@ -16,10 +17,11 @@
|
||||
@@ -16,10 +17,12 @@
|
||||
/var/lib/hal(/.*)? gen_context(system_u:object_r:hald_var_lib_t,s0)
|
||||
|
||||
/var/log/pm-suspend\.log gen_context(system_u:object_r:hald_log_t,s0)
|
||||
+/var/log/pm(/.*)? gen_context(system_u:object_r:hald_log_t,s0)
|
||||
|
||||
+/var/run/pm(/.*)? gen_context(system_u:object_r:hald_var_run_t,s0)
|
||||
+/var/run/hald(/.*)? gen_context(system_u:object_r:hald_var_run_t,s0)
|
||||
/var/run/haldaemon\.pid -- gen_context(system_u:object_r:hald_var_run_t,s0)
|
||||
-/var/run/vbestate -- gen_context(system_u:object_r:hald_var_run_t,s0)
|
||||
-
|
||||
@ -14775,7 +14785,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/hal.
|
||||
+')
|
||||
diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/hal.te serefpolicy-3.3.1/policy/modules/services/hal.te
|
||||
--- nsaserefpolicy/policy/modules/services/hal.te 2007-12-19 05:32:17.000000000 -0500
|
||||
+++ serefpolicy-3.3.1/policy/modules/services/hal.te 2008-03-20 09:19:51.000000000 -0400
|
||||
+++ serefpolicy-3.3.1/policy/modules/services/hal.te 2008-03-21 18:50:19.000000000 -0400
|
||||
@@ -49,6 +49,9 @@
|
||||
type hald_var_lib_t;
|
||||
files_type(hald_var_lib_t)
|
||||
@ -14795,7 +14805,18 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/hal.
|
||||
logging_log_filetrans(hald_t,hald_log_t,file)
|
||||
|
||||
manage_dirs_pattern(hald_t,hald_tmp_t,hald_tmp_t)
|
||||
@@ -93,6 +96,7 @@
|
||||
@@ -82,8 +85,9 @@
|
||||
manage_files_pattern(hald_t,hald_var_lib_t,hald_var_lib_t)
|
||||
manage_sock_files_pattern(hald_t,hald_var_lib_t,hald_var_lib_t)
|
||||
|
||||
+manage_dirs_pattern(hald_t,hald_var_run_t,hald_var_run_t)
|
||||
manage_files_pattern(hald_t,hald_var_run_t,hald_var_run_t)
|
||||
-files_pid_filetrans(hald_t,hald_var_run_t,file)
|
||||
+files_pid_filetrans(hald_t,hald_var_run_t,{ dir file })
|
||||
|
||||
kernel_read_system_state(hald_t)
|
||||
kernel_read_network_state(hald_t)
|
||||
@@ -93,6 +97,7 @@
|
||||
kernel_rw_irq_sysctls(hald_t)
|
||||
kernel_rw_vm_sysctls(hald_t)
|
||||
kernel_write_proc_files(hald_t)
|
||||
@ -14803,7 +14824,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/hal.
|
||||
|
||||
auth_read_pam_console_data(hald_t)
|
||||
|
||||
@@ -155,6 +159,8 @@
|
||||
@@ -155,6 +160,8 @@
|
||||
selinux_compute_relabel_context(hald_t)
|
||||
selinux_compute_user_contexts(hald_t)
|
||||
|
||||
@ -14812,7 +14833,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/hal.
|
||||
storage_raw_read_removable_device(hald_t)
|
||||
storage_raw_write_removable_device(hald_t)
|
||||
storage_raw_read_fixed_disk(hald_t)
|
||||
@@ -172,6 +178,8 @@
|
||||
@@ -172,6 +179,8 @@
|
||||
init_rw_utmp(hald_t)
|
||||
init_telinit(hald_t)
|
||||
|
||||
@ -14821,7 +14842,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/hal.
|
||||
libs_use_ld_so(hald_t)
|
||||
libs_use_shared_libs(hald_t)
|
||||
libs_exec_ld_so(hald_t)
|
||||
@@ -244,6 +252,10 @@
|
||||
@@ -244,6 +253,10 @@
|
||||
')
|
||||
|
||||
optional_policy(`
|
||||
@ -14832,7 +14853,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/hal.
|
||||
hotplug_read_config(hald_t)
|
||||
')
|
||||
|
||||
@@ -265,6 +277,11 @@
|
||||
@@ -265,6 +278,11 @@
|
||||
')
|
||||
|
||||
optional_policy(`
|
||||
@ -14844,7 +14865,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/hal.
|
||||
rpc_search_nfs_state_data(hald_t)
|
||||
')
|
||||
|
||||
@@ -291,7 +308,8 @@
|
||||
@@ -291,7 +309,8 @@
|
||||
#
|
||||
|
||||
allow hald_acl_t self:capability { dac_override fowner };
|
||||
@ -14854,7 +14875,14 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/hal.
|
||||
|
||||
domtrans_pattern(hald_t, hald_acl_exec_t, hald_acl_t)
|
||||
allow hald_t hald_acl_t:process signal;
|
||||
@@ -304,6 +322,7 @@
|
||||
@@ -301,9 +320,14 @@
|
||||
manage_files_pattern(hald_acl_t,hald_var_lib_t,hald_var_lib_t)
|
||||
files_search_var_lib(hald_acl_t)
|
||||
|
||||
+manage_dirs_pattern(hald_acl_t,hald_var_run_t,hald_var_run_t)
|
||||
+manage_files_pattern(hald_acl_t,hald_var_run_t,hald_var_run_t)
|
||||
+files_pid_filetrans(hald_acl_t,hald_var_run_t,{ dir file })
|
||||
+
|
||||
corecmd_exec_bin(hald_acl_t)
|
||||
|
||||
dev_getattr_all_chr_files(hald_acl_t)
|
||||
@ -14862,7 +14890,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/hal.
|
||||
dev_getattr_generic_usb_dev(hald_acl_t)
|
||||
dev_getattr_video_dev(hald_acl_t)
|
||||
dev_setattr_video_dev(hald_acl_t)
|
||||
@@ -325,6 +344,11 @@
|
||||
@@ -325,6 +349,11 @@
|
||||
|
||||
miscfiles_read_localization(hald_acl_t)
|
||||
|
||||
@ -14874,7 +14902,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/hal.
|
||||
########################################
|
||||
#
|
||||
# Local hald mac policy
|
||||
@@ -338,10 +362,14 @@
|
||||
@@ -338,10 +367,14 @@
|
||||
manage_files_pattern(hald_mac_t,hald_var_lib_t,hald_var_lib_t)
|
||||
files_search_var_lib(hald_mac_t)
|
||||
|
||||
@ -14889,7 +14917,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/hal.
|
||||
libs_use_ld_so(hald_mac_t)
|
||||
libs_use_shared_libs(hald_mac_t)
|
||||
|
||||
@@ -391,3 +419,7 @@
|
||||
@@ -391,3 +424,7 @@
|
||||
libs_use_shared_libs(hald_keymap_t)
|
||||
|
||||
miscfiles_read_localization(hald_keymap_t)
|
||||
@ -23952,7 +23980,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/xser
|
||||
/var/lib/pam_devperm/:0 -- gen_context(system_u:object_r:xdm_var_lib_t,s0)
|
||||
diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/xserver.if serefpolicy-3.3.1/policy/modules/services/xserver.if
|
||||
--- nsaserefpolicy/policy/modules/services/xserver.if 2007-12-04 11:02:50.000000000 -0500
|
||||
+++ serefpolicy-3.3.1/policy/modules/services/xserver.if 2008-03-14 11:14:49.000000000 -0400
|
||||
+++ serefpolicy-3.3.1/policy/modules/services/xserver.if 2008-03-20 16:09:38.000000000 -0400
|
||||
@@ -12,9 +12,15 @@
|
||||
## </summary>
|
||||
## </param>
|
||||
@ -24081,13 +24109,13 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/xser
|
||||
allow $1_xserver_t self:process { execmem execheap execstack };
|
||||
')
|
||||
|
||||
+ tunable_policy(`xserver_object_manager',`
|
||||
+ selinux_validate_context($1_xserver_t)
|
||||
+ selinux_compute_access_vector($1_xserver_t)
|
||||
+ selinux_compute_create_context($1_xserver_t)
|
||||
+ seutil_read_default_contexts($1_xserver_t)
|
||||
+ allow $1_xserver_t self:netlink_selinux_socket create_socket_perms;
|
||||
+ selinux_validate_context($1_xserver_t)
|
||||
+ selinux_compute_access_vector($1_xserver_t)
|
||||
+ selinux_compute_create_context($1_xserver_t)
|
||||
+ seutil_read_default_contexts($1_xserver_t)
|
||||
+ allow $1_xserver_t self:netlink_selinux_socket create_socket_perms;
|
||||
+
|
||||
+ tunable_policy(`xserver_object_manager',`
|
||||
+ allow $1_xserver_t input_xevent_t:x_event send;
|
||||
+ allow $1_xserver_t x_rootwindow_t:x_drawable send;
|
||||
+ allow $1_xserver_t xdm_t:x_event send;
|
||||
@ -25321,7 +25349,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/xser
|
||||
+
|
||||
diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/xserver.te serefpolicy-3.3.1/policy/modules/services/xserver.te
|
||||
--- nsaserefpolicy/policy/modules/services/xserver.te 2007-12-19 05:32:17.000000000 -0500
|
||||
+++ serefpolicy-3.3.1/policy/modules/services/xserver.te 2008-03-18 15:08:05.000000000 -0400
|
||||
+++ serefpolicy-3.3.1/policy/modules/services/xserver.te 2008-03-21 18:46:59.000000000 -0400
|
||||
@@ -8,6 +8,14 @@
|
||||
|
||||
## <desc>
|
||||
@ -25567,7 +25595,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/xser
|
||||
dev_getattr_power_mgmt_dev(xdm_t)
|
||||
dev_setattr_power_mgmt_dev(xdm_t)
|
||||
|
||||
@@ -226,6 +344,7 @@
|
||||
@@ -226,9 +344,11 @@
|
||||
files_read_usr_files(xdm_t)
|
||||
# Poweroff wants to create the /poweroff file when run from xdm
|
||||
files_create_boot_flag(xdm_t)
|
||||
@ -25575,7 +25603,11 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/xser
|
||||
|
||||
fs_getattr_all_fs(xdm_t)
|
||||
fs_search_auto_mountpoints(xdm_t)
|
||||
@@ -237,6 +356,7 @@
|
||||
+fs_rw_anon_inodefs_files(xdm_t)
|
||||
|
||||
storage_dontaudit_read_fixed_disk(xdm_t)
|
||||
storage_dontaudit_write_fixed_disk(xdm_t)
|
||||
@@ -237,6 +357,7 @@
|
||||
storage_dontaudit_raw_write_removable_device(xdm_t)
|
||||
storage_dontaudit_setattr_removable_dev(xdm_t)
|
||||
storage_dontaudit_rw_scsi_generic(xdm_t)
|
||||
@ -25583,7 +25615,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/xser
|
||||
|
||||
term_setattr_console(xdm_t)
|
||||
term_use_unallocated_ttys(xdm_t)
|
||||
@@ -245,6 +365,7 @@
|
||||
@@ -245,6 +366,7 @@
|
||||
auth_domtrans_pam_console(xdm_t)
|
||||
auth_manage_pam_pid(xdm_t)
|
||||
auth_manage_pam_console_data(xdm_t)
|
||||
@ -25591,7 +25623,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/xser
|
||||
auth_rw_faillog(xdm_t)
|
||||
auth_write_login_records(xdm_t)
|
||||
|
||||
@@ -256,12 +377,11 @@
|
||||
@@ -256,12 +378,11 @@
|
||||
libs_exec_lib_files(xdm_t)
|
||||
|
||||
logging_read_generic_logs(xdm_t)
|
||||
@ -25605,7 +25637,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/xser
|
||||
userdom_dontaudit_use_unpriv_user_fds(xdm_t)
|
||||
userdom_dontaudit_search_sysadm_home_dirs(xdm_t)
|
||||
userdom_create_all_users_keys(xdm_t)
|
||||
@@ -270,8 +390,13 @@
|
||||
@@ -270,8 +391,13 @@
|
||||
# Search /proc for any user domain processes.
|
||||
userdom_read_all_users_state(xdm_t)
|
||||
userdom_signal_all_users(xdm_t)
|
||||
@ -25619,7 +25651,11 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/xser
|
||||
|
||||
tunable_policy(`use_nfs_home_dirs',`
|
||||
fs_manage_nfs_dirs(xdm_t)
|
||||
@@ -304,7 +429,11 @@
|
||||
@@ -301,10 +427,15 @@
|
||||
|
||||
optional_policy(`
|
||||
alsa_domtrans(xdm_t)
|
||||
+ alsa_read_rw_config(xdm_t)
|
||||
')
|
||||
|
||||
optional_policy(`
|
||||
@ -25632,7 +25668,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/xser
|
||||
')
|
||||
|
||||
optional_policy(`
|
||||
@@ -312,6 +441,23 @@
|
||||
@@ -312,6 +443,23 @@
|
||||
')
|
||||
|
||||
optional_policy(`
|
||||
@ -25656,7 +25692,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/xser
|
||||
# Talk to the console mouse server.
|
||||
gpm_stream_connect(xdm_t)
|
||||
gpm_setattr_gpmctl(xdm_t)
|
||||
@@ -322,6 +468,10 @@
|
||||
@@ -322,6 +470,10 @@
|
||||
')
|
||||
|
||||
optional_policy(`
|
||||
@ -25667,7 +25703,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/xser
|
||||
loadkeys_exec(xdm_t)
|
||||
')
|
||||
|
||||
@@ -335,6 +485,11 @@
|
||||
@@ -335,6 +487,11 @@
|
||||
')
|
||||
|
||||
optional_policy(`
|
||||
@ -25679,7 +25715,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/xser
|
||||
seutil_sigchld_newrole(xdm_t)
|
||||
')
|
||||
|
||||
@@ -343,8 +498,8 @@
|
||||
@@ -343,8 +500,8 @@
|
||||
')
|
||||
|
||||
optional_policy(`
|
||||
@ -25689,7 +25725,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/xser
|
||||
|
||||
ifndef(`distro_redhat',`
|
||||
allow xdm_t self:process { execheap execmem };
|
||||
@@ -380,7 +535,7 @@
|
||||
@@ -380,7 +537,7 @@
|
||||
allow xdm_xserver_t xdm_var_lib_t:file { getattr read };
|
||||
dontaudit xdm_xserver_t xdm_var_lib_t:dir search;
|
||||
|
||||
@ -25698,7 +25734,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/xser
|
||||
|
||||
# Label pid and temporary files with derived types.
|
||||
manage_files_pattern(xdm_xserver_t,xdm_tmp_t,xdm_tmp_t)
|
||||
@@ -392,6 +547,15 @@
|
||||
@@ -392,6 +549,15 @@
|
||||
can_exec(xdm_xserver_t, xkb_var_lib_t)
|
||||
files_search_var_lib(xdm_xserver_t)
|
||||
|
||||
@ -25714,7 +25750,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/xser
|
||||
# VNC v4 module in X server
|
||||
corenet_tcp_bind_vnc_port(xdm_xserver_t)
|
||||
|
||||
@@ -404,9 +568,17 @@
|
||||
@@ -404,9 +570,17 @@
|
||||
# to read ROLE_home_t - examine this in more detail
|
||||
# (xauth?)
|
||||
userdom_read_unpriv_users_home_content_files(xdm_xserver_t)
|
||||
@ -25732,7 +25768,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/xser
|
||||
tunable_policy(`use_nfs_home_dirs',`
|
||||
fs_manage_nfs_dirs(xdm_xserver_t)
|
||||
fs_manage_nfs_files(xdm_xserver_t)
|
||||
@@ -420,6 +592,22 @@
|
||||
@@ -420,6 +594,22 @@
|
||||
')
|
||||
|
||||
optional_policy(`
|
||||
@ -25755,7 +25791,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/xser
|
||||
resmgr_stream_connect(xdm_t)
|
||||
')
|
||||
|
||||
@@ -429,47 +617,139 @@
|
||||
@@ -429,47 +619,139 @@
|
||||
')
|
||||
|
||||
optional_policy(`
|
||||
|
@ -17,7 +17,7 @@
|
||||
Summary: SELinux policy configuration
|
||||
Name: selinux-policy
|
||||
Version: 3.3.1
|
||||
Release: 22%{?dist}
|
||||
Release: 23%{?dist}
|
||||
License: GPLv2+
|
||||
Group: System Environment/Base
|
||||
Source: serefpolicy-%{version}.tgz
|
||||
@ -387,6 +387,10 @@ exit 0
|
||||
%endif
|
||||
|
||||
%changelog
|
||||
* Fri Mar 18 2008 Dan Walsh <dwalsh@redhat.com> 3.3.1-23
|
||||
- Fix file context for MATLAB
|
||||
- Fixes for xace
|
||||
|
||||
* Tue Mar 18 2008 Dan Walsh <dwalsh@redhat.com> 3.3.1-22
|
||||
- Allow stunnel to transition to inetd children domains
|
||||
- Make unconfined_dbusd_t an unconfined domain
|
||||
|
Loading…
Reference in New Issue
Block a user