From 01348a20721f79768d641bf439d54dca4a16ae89 Mon Sep 17 00:00:00 2001
From: Daniel J Walsh <dwalsh@fedoraproject.org>
Date: Jun 02 2008 19:04:10 +0000
Subject: - Allow policykit_resolve to ptrace all levels


---

diff --git a/policy-20071130.patch b/policy-20071130.patch
index b3ff457..a0f043f 100644
--- a/policy-20071130.patch
+++ b/policy-20071130.patch
@@ -19888,8 +19888,8 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/polk
 +
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/polkit.te serefpolicy-3.3.1/policy/modules/services/polkit.te
 --- nsaserefpolicy/policy/modules/services/polkit.te	1969-12-31 19:00:00.000000000 -0500
-+++ serefpolicy-3.3.1/policy/modules/services/polkit.te	2008-06-02 13:30:12.704569000 -0400
-@@ -0,0 +1,217 @@
++++ serefpolicy-3.3.1/policy/modules/services/polkit.te	2008-06-02 14:54:27.962625000 -0400
+@@ -0,0 +1,218 @@
 +policy_module(polkit_auth,1.0.0)
 +
 +########################################
@@ -20091,6 +20091,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/polk
 +logging_send_syslog_msg(polkit_resolve_t)
 +userdom_read_all_users_state(polkit_resolve_t)
 +userdom_ptrace_all_users(polkit_resolve_t)
++mcs_ptrace_all(polkit_resolve_t)
 +
 +optional_policy(`
 +	dbus_system_bus_client_template(polkit_resolve, polkit_resolve_t)
diff --git a/selinux-policy.spec b/selinux-policy.spec
index c77325e..4b3bc31 100644
--- a/selinux-policy.spec
+++ b/selinux-policy.spec
@@ -17,7 +17,7 @@
 Summary: SELinux policy configuration
 Name: selinux-policy
 Version: 3.3.1
-Release: 63%{?dist}
+Release: 64%{?dist}
 License: GPLv2+
 Group: System Environment/Base
 Source: serefpolicy-%{version}.tgz
@@ -385,6 +385,9 @@ exit 0
 %endif
 
 %changelog
+* Mon Jun 2 2008 Dan Walsh <dwalsh@redhat.com> 3.3.1-64
+- Allow policykit_resolve to ptrace all levels
+
 * Fri May 30 2008 Dan Walsh <dwalsh@redhat.com> 3.3.1-63
 - Allow policykit_resolve to ptrace user processes