diff --git a/policy-20070703.patch b/policy-20070703.patch index 4c2170a..ed36058 100644 --- a/policy-20070703.patch +++ b/policy-20070703.patch @@ -6342,7 +6342,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/apac +') diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/apache.te serefpolicy-3.0.8/policy/modules/services/apache.te --- nsaserefpolicy/policy/modules/services/apache.te 2007-10-22 13:21:39.000000000 -0400 -+++ serefpolicy-3.0.8/policy/modules/services/apache.te 2008-01-31 13:44:19.000000000 -0500 ++++ serefpolicy-3.0.8/policy/modules/services/apache.te 2008-01-31 14:31:52.000000000 -0500 @@ -1,5 +1,5 @@ -policy_module(apache,1.7.1) @@ -6543,7 +6543,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/apac tunable_policy(`allow_httpd_mod_auth_pam',` - auth_domtrans_chk_passwd(httpd_t) -') -+ auth_domtrans_chk_pwd(httpd_t) ++ auth_domtrans_chkpwd(httpd_t) ') tunable_policy(`httpd_can_network_connect',` @@ -12470,7 +12470,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/post +/var/spool/postfix/postgrey(/.*)? gen_context(system_u:object_r:postgrey_spool_t,s0) diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/postgrey.te serefpolicy-3.0.8/policy/modules/services/postgrey.te --- nsaserefpolicy/policy/modules/services/postgrey.te 2007-10-22 13:21:36.000000000 -0400 -+++ serefpolicy-3.0.8/policy/modules/services/postgrey.te 2008-01-30 11:30:51.000000000 -0500 ++++ serefpolicy-3.0.8/policy/modules/services/postgrey.te 2008-01-31 14:33:15.000000000 -0500 @@ -13,6 +13,9 @@ type postgrey_etc_t; files_config_file(postgrey_etc_t) @@ -12496,9 +12496,9 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/post read_files_pattern(postgrey_t,postgrey_etc_t,postgrey_etc_t) read_lnk_files_pattern(postgrey_t,postgrey_etc_t,postgrey_etc_t) -+manage_dirs_pattern(postgrey_master_t,postgrey_spool_t,postgrey_spool_t) -+manage_files_pattern(postgrey_master_t,postgrey_spool_t,postgrey_spool_t) -+manage_fifo_files_pattern(postgrey_master_t,postgrey_spool_t,postgrey_spool_t) ++manage_dirs_pattern(postgrey_t,postgrey_spool_t,postgrey_spool_t) ++manage_files_pattern(postgrey_t,postgrey_spool_t,postgrey_spool_t) ++manage_fifo_files_pattern(postgrey_t,postgrey_spool_t,postgrey_spool_t) + manage_files_pattern(postgrey_t,postgrey_var_lib_t,postgrey_var_lib_t) files_var_lib_filetrans(postgrey_t,postgrey_var_lib_t,file) diff --git a/selinux-policy.spec b/selinux-policy.spec index 2905620..e0f59a2 100644 --- a/selinux-policy.spec +++ b/selinux-policy.spec @@ -17,7 +17,7 @@ Summary: SELinux policy configuration Name: selinux-policy Version: 3.0.8 -Release: 81%{?dist} +Release: 82%{?dist} License: GPLv2+ Group: System Environment/Base Source: serefpolicy-%{version}.tgz @@ -381,6 +381,9 @@ exit 0 %endif %changelog +* Thu Jan 22 2008 Dan Walsh 3.0.8-82 +- Allow xdm to sys_ptrace + * Tue Jan 22 2008 Dan Walsh 3.0.8-81 - Allow zebra to listen on port 521