From d8c160273bc7cd224e99c015fd4e52506ecad35e Mon Sep 17 00:00:00 2001
From: Daniel J Walsh <dwalsh@fedoraproject.org>
Date: Fri, 29 Feb 2008 22:33:22 +0000
Subject: [PATCH] - More xselinux rules

---
 policy-20071130.patch | 12 ++++++------
 selinux-policy.spec   |  5 ++++-
 2 files changed, 10 insertions(+), 7 deletions(-)

diff --git a/policy-20071130.patch b/policy-20071130.patch
index 98b7a1d6..dbef2720 100644
--- a/policy-20071130.patch
+++ b/policy-20071130.patch
@@ -22901,7 +22901,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/xser
  /var/lib/pam_devperm/:0	--	gen_context(system_u:object_r:xdm_var_lib_t,s0)
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/xserver.if serefpolicy-3.3.1/policy/modules/services/xserver.if
 --- nsaserefpolicy/policy/modules/services/xserver.if	2007-12-04 11:02:50.000000000 -0500
-+++ serefpolicy-3.3.1/policy/modules/services/xserver.if	2008-02-29 17:16:49.000000000 -0500
++++ serefpolicy-3.3.1/policy/modules/services/xserver.if	2008-02-29 17:24:22.000000000 -0500
 @@ -15,6 +15,11 @@
  template(`xserver_common_domain_template',`
  	gen_require(`
@@ -23568,22 +23568,22 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/xser
 +	# can receive own events
 +	allow $3 $2_input_xevent_t:{ x_event x_synthetic_event } receive;
 +	allow $3 input_xevent_t:{ x_event x_synthetic_event } receive;
-+	allow $1_t $2_input_xevent_t:{ x_event x_synthetic_event } receive;
++	allow $1_t $2_input_xevent_t:{ x_event x_synthetic_event } { send receive };
 +
 +	allow $3 $2_property_xevent_t:{ x_event x_synthetic_event } receive;
-+	allow $1_t $2_property_xevent_t:{ x_event x_synthetic_event } receive;
++	allow $1_t $2_property_xevent_t:{ x_event x_synthetic_event } { send receive };
 +
 +	allow $3 $2_focus_xevent_t:{ x_event x_synthetic_event } receive;
-+	allow $1_t $2_focus_xevent_t:{ x_event x_synthetic_event } receive;
++	allow $1_t $2_focus_xevent_t:{ x_event x_synthetic_event } { send receive };
 +
 +	allow $3 $2_manage_xevent_t:{ x_event x_synthetic_event } receive;
 +	allow $1_t $2_manage_xevent_t:{ x_event x_synthetic_event } { send receive };
 +
 +	allow $3 $2_default_xevent_t:{ x_event x_synthetic_event } receive;
-+	allow $1_t $2_default_xevent_t:{ x_event x_synthetic_event } receive;
++	allow $1_t $2_default_xevent_t:{ x_event x_synthetic_event } {send receive };
 +	
 +	allow $3 $2_client_xevent_t:{ x_event x_synthetic_event } { send receive };
-+	allow $1_t $2_client_xevent_t:{ x_event x_synthetic_event } { send };
++	allow $1_t $2_client_xevent_t:{ x_event x_synthetic_event } { send receive };
 +	type_transition $2_t input_xevent_t:x_event $2_input_xevent_t;
 +	type_transition $2_t property_xevent_t:x_event $2_property_xevent_t;
 +	type_transition $2_t focus_xevent_t:x_event $2_focus_xevent_t;
diff --git a/selinux-policy.spec b/selinux-policy.spec
index 201b8e2c..fa46cda5 100644
--- a/selinux-policy.spec
+++ b/selinux-policy.spec
@@ -17,7 +17,7 @@
 Summary: SELinux policy configuration
 Name: selinux-policy
 Version: 3.3.1
-Release: 8%{?dist}
+Release: 9%{?dist}
 License: GPLv2+
 Group: System Environment/Base
 Source: serefpolicy-%{version}.tgz
@@ -388,6 +388,9 @@ exit 0
 %endif
 
 %changelog
+* Fri Feb 29 2008 Dan Walsh <dwalsh@redhat.com> 3.3.1-9
+- More xselinux rules
+
 * Thu Feb 28 2008 Dan Walsh <dwalsh@redhat.com> 3.3.1-8
 - Change httpd_$1_script_r*_t to httpd_$1_content_r*_t