diff --git a/selinux-policy.spec b/selinux-policy.spec index b30e9f90..0f5f2faf 100644 --- a/selinux-policy.spec +++ b/selinux-policy.spec @@ -16,7 +16,7 @@ Summary: SELinux policy configuration Name: selinux-policy Version: 2.3.14 -Release: 3 +Release: 4 License: GPL Group: System Environment/Base Source: serefpolicy-%{version}.tgz @@ -348,6 +348,10 @@ semodule -b base.pp -r bootloader -r clock -r dpkg -r fstools -r hotplug -r init %endif %changelog +* Mon Sep 18 2006 Dan Walsh 2.3.14-4 +- Multiple policy fixes +- Change max categories to 1023 + * Sat Sep 16 2006 Dan Walsh 2.3.14-3 - Fix transition on mcstransd diff --git a/setrans-mls.conf b/setrans-mls.conf index b54ff875..eb181d2f 100644 --- a/setrans-mls.conf +++ b/setrans-mls.conf @@ -4,7 +4,7 @@ # Uncomment the following to disable translation libary # disable=1 # -# Objects can be labeled with one of 16 levels and be categorized with 0-256 +# Objects can be labeled with one of 16 levels and be categorized with 0-1023 # categories defined by the admin. # Objects can be in more than one category at a time. # Users can modify this table to translate the MLS labels for different purpose. @@ -17,8 +17,8 @@ # # SystemLow and SystemHigh s0=SystemLow -s15:c0.c255=SystemHigh -s0-s15:c0.c255=SystemLow-SystemHigh +s15:c0.c1023=SystemHigh +s0-s15:c0.c1023=SystemLow-SystemHigh # Unclassified level s1=Unclassified @@ -31,7 +31,7 @@ s2:c1=B # ranges for Unclassified s0-s1=SystemLow-Unclassified s1-s2=Unclassified-Secret -s1-s15:c0.c255=Unclassified-SystemHigh +s1-s15:c0.c1023=Unclassified-SystemHigh # ranges for Secret with compartments s0-s2=SystemLow-Secret @@ -44,9 +44,9 @@ s1-s2:c0,c1=Unclassified-Secret:AB s2-s2:c0=Secret-Secret:A s2-s2:c1=Secret-Secret:B s2-s2:c0,c1=Secret-Secret:AB -s2-s15:c0.c255=Secret-SystemHigh +s2-s15:c0.c1023=Secret-SystemHigh s2:c0-s2:c0,c1=Secret:A-Secret:AB -s2:c0-s15:c0.c255=Secret:A-SystemHigh +s2:c0-s15:c0.c1023=Secret:A-SystemHigh s2:c1-s2:c0,c1=Secret:B-Secret:AB -s2:c1-s15:c0.c255=Secret:B-SystemHigh -s2:c0,c1-s15:c0.c255=Secret:AB-SystemHigh +s2:c1-s15:c0.c1023=Secret:B-SystemHigh +s2:c0,c1-s15:c0.c1023=Secret:AB-SystemHigh diff --git a/setrans-strict.conf b/setrans-strict.conf index 0d8aaebe..9b46bbd9 100644 --- a/setrans-strict.conf +++ b/setrans-strict.conf @@ -4,9 +4,9 @@ # Uncomment the following to disable translation libary # disable=1 # -# Objects can be categorized with 0-256 categories defined by the admin. +# Objects can be categorized with 0-1023 categories defined by the admin. # Objects can be in more than one category at a time. -# Categories are stored in the system as c0-c255. Users can use this +# Categories are stored in the system as c0-c1023. Users can use this # table to translate the categories into a more meaningful output. # Examples: # s0:c0=CompanyConfidential @@ -15,5 +15,5 @@ # s0:c3=TopSecret # s0:c1,c3=CompanyConfidentialRedHat s0= -s0-s0:c0.c255=SystemLow-SystemHigh -s0:c0.c255=SystemHigh +s0-s0:c0.c1023=SystemLow-SystemHigh +s0:c0.c1023=SystemHigh diff --git a/setrans-targeted.conf b/setrans-targeted.conf index 0d8aaebe..9b46bbd9 100644 --- a/setrans-targeted.conf +++ b/setrans-targeted.conf @@ -4,9 +4,9 @@ # Uncomment the following to disable translation libary # disable=1 # -# Objects can be categorized with 0-256 categories defined by the admin. +# Objects can be categorized with 0-1023 categories defined by the admin. # Objects can be in more than one category at a time. -# Categories are stored in the system as c0-c255. Users can use this +# Categories are stored in the system as c0-c1023. Users can use this # table to translate the categories into a more meaningful output. # Examples: # s0:c0=CompanyConfidential @@ -15,5 +15,5 @@ # s0:c3=TopSecret # s0:c1,c3=CompanyConfidentialRedHat s0= -s0-s0:c0.c255=SystemLow-SystemHigh -s0:c0.c255=SystemHigh +s0-s0:c0.c1023=SystemLow-SystemHigh +s0:c0.c1023=SystemHigh diff --git a/setrans.conf b/setrans.conf index 0d8aaebe..9b46bbd9 100644 --- a/setrans.conf +++ b/setrans.conf @@ -4,9 +4,9 @@ # Uncomment the following to disable translation libary # disable=1 # -# Objects can be categorized with 0-256 categories defined by the admin. +# Objects can be categorized with 0-1023 categories defined by the admin. # Objects can be in more than one category at a time. -# Categories are stored in the system as c0-c255. Users can use this +# Categories are stored in the system as c0-c1023. Users can use this # table to translate the categories into a more meaningful output. # Examples: # s0:c0=CompanyConfidential @@ -15,5 +15,5 @@ # s0:c3=TopSecret # s0:c1,c3=CompanyConfidentialRedHat s0= -s0-s0:c0.c255=SystemLow-SystemHigh -s0:c0.c255=SystemHigh +s0-s0:c0.c1023=SystemLow-SystemHigh +s0:c0.c1023=SystemHigh diff --git a/seusers b/seusers index c400c79d..c1f934c1 100644 --- a/seusers +++ b/seusers @@ -1,2 +1,2 @@ -root:root:s0-s0:c0.c255 +root:root:s0-s0:c0.c1023 __default__:user_u:s0 diff --git a/seusers-mls b/seusers-mls index 1412753d..a3fd7c08 100644 --- a/seusers-mls +++ b/seusers-mls @@ -1,3 +1,3 @@ -system_u:system_u:s0-s15:c0.c255 -root:root:s0-s15:c0.c255 +system_u:system_u:s0-s15:c0.c1023 +root:root:s0-s15:c0.c1023 __default__:user_u:s0 diff --git a/seusers-strict b/seusers-strict index 9e4b4c77..4494f878 100644 --- a/seusers-strict +++ b/seusers-strict @@ -1,3 +1,3 @@ -system_u:system_u:s0-s0:c0.c255 -root:root:s0-s0:c0.c255 +system_u:system_u:s0-s0:c0.c1023 +root:root:s0-s0:c0.c1023 __default__:user_u:s0 diff --git a/seusers-targeted b/seusers-targeted index c400c79d..c1f934c1 100644 --- a/seusers-targeted +++ b/seusers-targeted @@ -1,2 +1,2 @@ -root:root:s0-s0:c0.c255 +root:root:s0-s0:c0.c1023 __default__:user_u:s0