From 1a12c251ca3ce76c37b7267d5d5dead16311c816 Mon Sep 17 00:00:00 2001
From: Daniel J Walsh <dwalsh@fedoraproject.org>
Date: Aug 06 2007 21:33:36 +0000
Subject: - Fixes for ldconfig


---

diff --git a/policy-20070703.patch b/policy-20070703.patch
index 0132110..9a20abd 100644
--- a/policy-20070703.patch
+++ b/policy-20070703.patch
@@ -4094,14 +4094,15 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/avah
  
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/bind.fc serefpolicy-3.0.5/policy/modules/services/bind.fc
 --- nsaserefpolicy/policy/modules/services/bind.fc	2007-05-29 14:10:57.000000000 -0400
-+++ serefpolicy-3.0.5/policy/modules/services/bind.fc	2007-08-03 14:06:26.000000000 -0400
-@@ -45,4 +45,6 @@
++++ serefpolicy-3.0.5/policy/modules/services/bind.fc	2007-08-05 07:24:05.000000000 -0400
+@@ -45,4 +45,7 @@
  /var/named/chroot/var/named/slaves(/.*)? gen_context(system_u:object_r:named_cache_t,s0)
  /var/named/chroot/var/named/data(/.*)? gen_context(system_u:object_r:named_cache_t,s0)
  /var/named/chroot/var/named/named\.ca -- gen_context(system_u:object_r:named_conf_t,s0)
 +/var/named/dynamic(/.*)?		gen_context(system_u:object_r:named_cache_t,s0)
 +/var/named/chroot/var/named/dynamic(/.*)?	gen_context(system_u:object_r:named_cache_t,s0)
  ')
++/var/named/chroot/var/log/named.*	--	gen_context(system_u:object_r:named_log_t,s0)
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/bind.te serefpolicy-3.0.5/policy/modules/services/bind.te
 --- nsaserefpolicy/policy/modules/services/bind.te	2007-07-25 10:37:42.000000000 -0400
 +++ serefpolicy-3.0.5/policy/modules/services/bind.te	2007-08-03 14:06:26.000000000 -0400
@@ -5794,8 +5795,16 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/mta.
  
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/mta.te serefpolicy-3.0.5/policy/modules/services/mta.te
 --- nsaserefpolicy/policy/modules/services/mta.te	2007-07-25 10:37:42.000000000 -0400
-+++ serefpolicy-3.0.5/policy/modules/services/mta.te	2007-08-03 14:06:26.000000000 -0400
-@@ -52,15 +52,44 @@
++++ serefpolicy-3.0.5/policy/modules/services/mta.te	2007-08-05 07:28:01.000000000 -0400
+@@ -44,6 +44,7 @@
+ kernel_read_system_state(system_mail_t)
+ kernel_read_network_state(system_mail_t)
+ 
++dev_read_sysfs(system_mail_t)
+ dev_read_rand(system_mail_t)
+ dev_read_urand(system_mail_t)
+ 
+@@ -52,15 +53,44 @@
  userdom_use_sysadm_terms(system_mail_t)
  userdom_dontaudit_search_sysadm_home_dirs(system_mail_t)
  
@@ -5840,7 +5849,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/mta.
  ')
  
  optional_policy(`
-@@ -73,6 +102,7 @@
+@@ -73,6 +103,7 @@
  
  optional_policy(`
  	cron_read_system_job_tmp_files(system_mail_t)
@@ -9308,7 +9317,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/locall
  # Sulogin local policy
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/logging.fc serefpolicy-3.0.5/policy/modules/system/logging.fc
 --- nsaserefpolicy/policy/modules/system/logging.fc	2007-05-29 14:10:58.000000000 -0400
-+++ serefpolicy-3.0.5/policy/modules/system/logging.fc	2007-08-03 14:06:26.000000000 -0400
++++ serefpolicy-3.0.5/policy/modules/system/logging.fc	2007-08-05 07:26:06.000000000 -0400
 @@ -1,12 +1,15 @@
 -
  /dev/log		-s	gen_context(system_u:object_r:devlog_t,s0)
@@ -9326,7 +9335,16 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/loggin
  /sbin/syslogd		--	gen_context(system_u:object_r:syslogd_exec_t,s0)
  /sbin/syslog-ng		--	gen_context(system_u:object_r:syslogd_exec_t,s0)
  
-@@ -43,3 +46,5 @@
+@@ -32,6 +35,8 @@
+ /var/log/audit\.log	--	gen_context(system_u:object_r:auditd_log_t,mls_systemhigh)
+ ')
+ 
++/var/named/chroot/var/log	-d	gen_context(system_u:object_r:var_log_t,s0)
++
+ /var/run/audit_events	-s	gen_context(system_u:object_r:auditd_var_run_t,s0)
+ /var/run/auditd\.pid	--	gen_context(system_u:object_r:auditd_var_run_t,s0)
+ /var/run/auditd_sock	-s	gen_context(system_u:object_r:auditd_var_run_t,s0)
+@@ -43,3 +48,5 @@
  /var/spool/postfix/pid	-d	gen_context(system_u:object_r:var_run_t,s0)
  
  /var/tinydns/log/main(/.*)?	gen_context(system_u:object_r:var_log_t,s0)
diff --git a/selinux-policy.spec b/selinux-policy.spec
index 5fdafb7..e763d17 100644
--- a/selinux-policy.spec
+++ b/selinux-policy.spec
@@ -17,7 +17,7 @@
 Summary: SELinux policy configuration
 Name: selinux-policy
 Version: 3.0.5
-Release: 1%{?dist}
+Release: 2%{?dist}
 License: GPL
 Group: System Environment/Base
 Source: serefpolicy-%{version}.tgz
@@ -360,6 +360,9 @@ exit 0
 %endif
 
 %changelog
+* Mon Aug 6 2007 Dan Walsh <dwalsh@redhat.com> 3.0.5-2
+- Fixes for ldconfig
+
 * Thu Aug 2 2007 Dan Walsh <dwalsh@redhat.com> 3.0.5-1
 - Update from upstream