From 4ce75b7cd5b68085add4c34054d48c4e76716681 Mon Sep 17 00:00:00 2001 From: Daniel J Walsh Date: Aug 01 2007 17:13:35 +0000 Subject: - Fix new usb devices and dmfm --- diff --git a/policy-20070703.patch b/policy-20070703.patch index 60a61c1..06a01f5 100644 --- a/policy-20070703.patch +++ b/policy-20070703.patch @@ -2830,7 +2830,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/kernel/filesy # filesystem SID to label inodes in the following filesystem types, diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/kernel/kernel.if serefpolicy-3.0.4/policy/modules/kernel/kernel.if --- nsaserefpolicy/policy/modules/kernel/kernel.if 2007-07-03 07:05:38.000000000 -0400 -+++ serefpolicy-3.0.4/policy/modules/kernel/kernel.if 2007-08-01 11:26:14.000000000 -0400 ++++ serefpolicy-3.0.4/policy/modules/kernel/kernel.if 2007-08-01 13:05:42.000000000 -0400 @@ -108,6 +108,24 @@ ######################################## @@ -4463,7 +4463,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/cron ## diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/cron.te serefpolicy-3.0.4/policy/modules/services/cron.te --- nsaserefpolicy/policy/modules/services/cron.te 2007-07-25 10:37:42.000000000 -0400 -+++ serefpolicy-3.0.4/policy/modules/services/cron.te 2007-07-25 14:02:38.000000000 -0400 ++++ serefpolicy-3.0.4/policy/modules/services/cron.te 2007-08-01 13:12:46.000000000 -0400 @@ -50,6 +50,7 @@ type crond_tmp_t; @@ -4673,7 +4673,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/cron # cjp: why? squid_domtrans(system_crond_t) ') -@@ -433,9 +498,14 @@ +@@ -433,9 +498,17 @@ ') optional_policy(` @@ -4684,6 +4684,9 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/cron +optional_policy(` + unconfined_dbus_send(crond_t) + unconfined_shell_domtrans(crond_t) ++') ++ ++optional_policy(` userdom_priveleged_home_dir_manager(system_crond_t) + unconfined_domain(system_crond_t) ') @@ -6836,7 +6839,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/rpc. fs_search_auto_mountpoints($1_t) diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/rpc.te serefpolicy-3.0.4/policy/modules/services/rpc.te --- nsaserefpolicy/policy/modules/services/rpc.te 2007-07-25 10:37:42.000000000 -0400 -+++ serefpolicy-3.0.4/policy/modules/services/rpc.te 2007-08-01 11:35:43.000000000 -0400 ++++ serefpolicy-3.0.4/policy/modules/services/rpc.te 2007-08-01 13:05:49.000000000 -0400 @@ -59,10 +59,14 @@ manage_files_pattern(rpcd_t,rpcd_var_run_t,rpcd_var_run_t) files_pid_filetrans(rpcd_t,rpcd_var_run_t,file) @@ -6847,7 +6850,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/rpc. kernel_search_network_state(rpcd_t) # for rpc.rquotad kernel_read_sysctl(rpcd_t) -+kernel_read_fs_sysctl(rpcd_t) ++kernel_read_fs_sysctls(rpcd_t) +kernel_getattr_core_if(nfsd_t) fs_list_rpc(rpcd_t) diff --git a/selinux-policy.spec b/selinux-policy.spec index d159a52..ffe140e 100644 --- a/selinux-policy.spec +++ b/selinux-policy.spec @@ -12,7 +12,7 @@ %endif %define POLICYVER 21 %define libsepolver 2.0.3-2 -%define POLICYCOREUTILSVER 2.0.22-11 +%define POLICYCOREUTILSVER 2.0.22-10 %define CHECKPOLICYVER 2.0.3-1 Summary: SELinux policy configuration Name: selinux-policy