- Fixes for suspend resume.

- insmod domtrans to alsactl
- insmod writes to hal log
This commit is contained in:
Daniel J Walsh 2007-05-16 21:09:41 +00:00
parent 7c3dcb3584
commit cf806ebda9
2 changed files with 39 additions and 7 deletions

View File

@ -173,6 +173,18 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/admin/alsa.fc
+/etc/asound(/.*)? gen_context(system_u:object_r:alsa_etc_rw_t,s0)
/usr/bin/ainit -- gen_context(system_u:object_r:alsa_exec_t,s0)
diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/admin/alsa.te serefpolicy-2.6.4/policy/modules/admin/alsa.te
--- nsaserefpolicy/policy/modules/admin/alsa.te 2007-01-02 12:57:51.000000000 -0500
+++ serefpolicy-2.6.4/policy/modules/admin/alsa.te 2007-05-16 17:09:24.000000000 -0400
@@ -48,3 +48,8 @@
optional_policy(`
nscd_socket_use(alsa_t)
')
+
+optional_policy(`
+ hal_write_log(alsa_t)
+')
+
diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/admin/amtu.fc serefpolicy-2.6.4/policy/modules/admin/amtu.fc
--- nsaserefpolicy/policy/modules/admin/amtu.fc 1969-12-31 19:00:00.000000000 -0500
+++ serefpolicy-2.6.4/policy/modules/admin/amtu.fc 2007-05-08 09:59:33.000000000 -0400
@ -411,7 +423,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/admin/logwatc
fs_dontaudit_list_auto_mountpoints(logwatch_t)
diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/admin/netutils.te serefpolicy-2.6.4/policy/modules/admin/netutils.te
--- nsaserefpolicy/policy/modules/admin/netutils.te 2007-04-30 10:41:38.000000000 -0400
+++ serefpolicy-2.6.4/policy/modules/admin/netutils.te 2007-05-08 09:59:33.000000000 -0400
+++ serefpolicy-2.6.4/policy/modules/admin/netutils.te 2007-05-16 13:16:15.000000000 -0400
@@ -31,6 +31,7 @@
type traceroute_t;
type traceroute_exec_t;
@ -1658,7 +1670,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/kernel/filesy
+')
diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/kernel/filesystem.te serefpolicy-2.6.4/policy/modules/kernel/filesystem.te
--- nsaserefpolicy/policy/modules/kernel/filesystem.te 2007-04-23 09:35:56.000000000 -0400
+++ serefpolicy-2.6.4/policy/modules/kernel/filesystem.te 2007-05-16 09:21:57.000000000 -0400
+++ serefpolicy-2.6.4/policy/modules/kernel/filesystem.te 2007-05-16 11:07:59.000000000 -0400
@@ -54,17 +54,29 @@
type capifs_t;
@ -6801,7 +6813,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/lvm.te
+')
diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/modutils.te serefpolicy-2.6.4/policy/modules/system/modutils.te
--- nsaserefpolicy/policy/modules/system/modutils.te 2007-05-02 15:04:46.000000000 -0400
+++ serefpolicy-2.6.4/policy/modules/system/modutils.te 2007-05-08 09:59:33.000000000 -0400
+++ serefpolicy-2.6.4/policy/modules/system/modutils.te 2007-05-16 17:09:16.000000000 -0400
@@ -102,6 +102,7 @@
init_use_fds(insmod_t)
init_use_script_fds(insmod_t)
@ -6810,7 +6822,22 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/moduti
libs_use_ld_so(insmod_t)
libs_use_shared_libs(insmod_t)
@@ -155,6 +156,7 @@
@@ -123,6 +124,14 @@
')
optional_policy(`
+ alsa_domtrans(insmod_t)
+')
+
+optional_policy(`
+ hal_write_log(insmod_t)
+')
+
+optional_policy(`
hotplug_search_config(insmod_t)
')
@@ -155,6 +164,7 @@
optional_policy(`
rpm_rw_pipes(insmod_t)
@ -6818,7 +6845,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/moduti
')
optional_policy(`
@@ -185,6 +187,7 @@
@@ -185,6 +195,7 @@
files_read_kernel_symbol_table(depmod_t)
files_read_kernel_modules(depmod_t)
@ -8418,7 +8445,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/support/misc_patterns
allow $1 $2:{ file lnk_file } { read getattr };
diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/support/obj_perm_sets.spt serefpolicy-2.6.4/policy/support/obj_perm_sets.spt
--- nsaserefpolicy/policy/support/obj_perm_sets.spt 2007-05-04 12:19:23.000000000 -0400
+++ serefpolicy-2.6.4/policy/support/obj_perm_sets.spt 2007-05-08 09:59:33.000000000 -0400
+++ serefpolicy-2.6.4/policy/support/obj_perm_sets.spt 2007-05-16 14:13:26.000000000 -0400
@@ -203,7 +203,6 @@
define(`add_entry_dir_perms',`{ getattr search lock ioctl write add_name }')
define(`del_entry_dir_perms',`{ getattr search lock ioctl write remove_name }')

View File

@ -17,7 +17,7 @@
Summary: SELinux policy configuration
Name: selinux-policy
Version: 2.6.4
Release: 2%{?dist}
Release: 3%{?dist}
License: GPL
Group: System Environment/Base
Source: serefpolicy-%{version}.tgz
@ -359,6 +359,11 @@ semodule -b base.pp -r bootloader -r clock -r dpkg -r fstools -r hotplug -r init
%endif
%changelog
* Wed May 16 2007 Dan Walsh <dwalsh@redhat.com> 2.6.4-3
- Fixes for suspend resume.
- insmod domtrans to alsactl
- insmod writes to hal log
* Wed May 16 2007 Dan Walsh <dwalsh@redhat.com> 2.6.4-2
- Allow unconfined_t to transition to NetworkManager_t
- Fix netlabel policy