Merge branch 'master' of ssh://oss.tresys.com/home/git/refpolicy

2009-08-25 09:44:28 -04:00 · 2009-08-25 09:44:28 -04:00 · dbb7dd9484
commit dbb7dd9484
parent 69347451fd 0484277038
5 changed files with 8 additions and 5 deletions
--- a/1
+++ b/1
@ -1,3 +1,4 @@
+- Misc Gentoo fixes from Corentin Labbe.
 - Debian policykit fixes from Martin Orr.
 - Fix unconfined_r use of unconfined_java_t.
 - Add missing x_device rules for XI2 functions, from Eamon Walsh.
--- a/policy/modules/admin/portage.te
+++ b/policy/modules/admin/portage.te
@ -1,5 +1,5 @@

-policy_module(portage, 1.8.0)
+policy_module(portage, 1.8.1)

 ########################################
 #
@ -119,6 +119,7 @@ optional_policy(`
 # - setfscreate for merging to live fs
 # - setexec to run portage fetch
 allow portage_t self:process { setfscreate setexec };
+allow portage_t self:capability sys_nice;

 allow portage_t portage_log_t:file manage_file_perms;
 logging_log_filetrans(portage_t, portage_log_t, file)
--- a/policy/modules/services/dbus.fc
+++ b/policy/modules/services/dbus.fc
@ -1,12 +1,13 @@
 /etc/dbus-1(/.*)?		gen_context(system_u:object_r:dbusd_etc_t,s0)

-# Sorting does not work correctly if I combine these next two roles
-/usr/bin/dbus-daemon(-1)? --	gen_context(system_u:object_r:dbusd_exec_t,s0)
 /bin/dbus-daemon 	--	gen_context(system_u:object_r:dbusd_exec_t,s0)

 /lib/dbus-1/dbus-daemon-launch-helper -- gen_context(system_u:object_r:dbusd_exec_t,s0)
 /lib64/dbus-1/dbus-daemon-launch-helper -- gen_context(system_u:object_r:dbusd_exec_t,s0)

+/usr/bin/dbus-daemon(-1)? --	gen_context(system_u:object_r:dbusd_exec_t,s0)
+/usr/libexec/dbus-daemon-launch-helper -- gen_context(system_u:object_r:dbusd_exec_t,s0)
+
 /var/lib/dbus(/.*)?		gen_context(system_u:object_r:system_dbusd_var_lib_t,s0)

 /var/run/dbus(/.*)?		gen_context(system_u:object_r:system_dbusd_var_run_t,s0)
--- a/policy/modules/services/dbus.te
+++ b/policy/modules/services/dbus.te
@ -1,5 +1,5 @@

-policy_module(dbus, 1.11.0)
+policy_module(dbus, 1.11.1)

 gen_require(`
 	class dbus all_dbus_perms;
--- a/policy/modules/services/policykit.if
+++ b/policy/modules/services/policykit.if
@ -167,7 +167,7 @@ interface(`policykit_domtrans_resolve',`

 	domtrans_pattern($1, policykit_resolve_exec_t, policykit_resolve_t)

-	ps_process_pattern(policykit_resolve_t $1)
+	ps_process_pattern(policykit_resolve_t, $1)
 ')

 ########################################