From 1c9fc5f39725fba2ecb75a22cab7989b6a6e67f4 Mon Sep 17 00:00:00 2001 From: Daniel J Walsh Date: Aug 06 2007 15:40:39 +0000 Subject: - Allow mount to execute modprobe for ntfs mounts --- diff --git a/policy-20070501.patch b/policy-20070501.patch index bb4dde0..2fce2be 100644 --- a/policy-20070501.patch +++ b/policy-20070501.patch @@ -9767,7 +9767,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/mount. -/usr/bin/fusermount -- gen_context(system_u:object_r:mount_exec_t,s0) diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/mount.te serefpolicy-2.6.4/policy/modules/system/mount.te --- nsaserefpolicy/policy/modules/system/mount.te 2007-05-07 14:51:02.000000000 -0400 -+++ serefpolicy-2.6.4/policy/modules/system/mount.te 2007-08-03 14:22:02.000000000 -0400 ++++ serefpolicy-2.6.4/policy/modules/system/mount.te 2007-08-06 11:39:32.000000000 -0400 @@ -9,6 +9,13 @@ ifdef(`targeted_policy',` ## @@ -9895,7 +9895,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/mount. +fusermount_domtrans(mount_t) +fusermount_use_fds(mount_t) + -+modutils_exec_insmod(mount_t) ++modutils_domtrans_insmod(mount_t) + +optional_policy(` + hal_write_log(mount_t) diff --git a/selinux-policy.spec b/selinux-policy.spec index 959283d..f6fbc61 100644 --- a/selinux-policy.spec +++ b/selinux-policy.spec @@ -17,7 +17,7 @@ Summary: SELinux policy configuration Name: selinux-policy Version: 2.6.4 -Release: 32%{?dist} +Release: 33%{?dist} License: GPL Group: System Environment/Base Source: serefpolicy-%{version}.tgz @@ -361,6 +361,9 @@ semodule -b base.pp -r bootloader -r clock -r dpkg -r fstools -r hotplug -r init %endif %changelog +* Mon Aug 6 2007 Dan Walsh 2.6.4-33 +- Allow mount to execute modprobe for ntfs mounts + * Fri Aug 3 2007 Dan Walsh 2.6.4-32 - Allow ping to bind to rawip_socket