From 5f7c1692e3ecff757d53122917bf26e827fcd2f0 Mon Sep 17 00:00:00 2001 From: Daniel J Walsh Date: Apr 24 2009 19:28:42 +0000 Subject: - Allow initrc_t to delete dev_null - Allow readahead to configure auditing - Fix milter policy - Add /var/lib/readahead --- diff --git a/policy-20090105.patch b/policy-20090105.patch index 2a8bd5a..94db5ca 100644 --- a/policy-20090105.patch +++ b/policy-20090105.patch @@ -770,16 +770,15 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol +') diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/admin/readahead.fc serefpolicy-3.6.12/policy/modules/admin/readahead.fc --- nsaserefpolicy/policy/modules/admin/readahead.fc 2008-08-07 11:15:13.000000000 -0400 -+++ serefpolicy-3.6.12/policy/modules/admin/readahead.fc 2009-04-24 13:03:55.000000000 -0400 -@@ -1,3 +1,7 @@ - /etc/readahead.d(/.*)? gen_context(system_u:object_r:readahead_etc_rw_t,s0) - --/usr/sbin/readahead -- gen_context(system_u:object_r:readahead_exec_t,s0) ++++ serefpolicy-3.6.12/policy/modules/admin/readahead.fc 2009-04-24 15:26:39.000000000 -0400 +@@ -1,3 +1,5 @@ +-/etc/readahead.d(/.*)? gen_context(system_u:object_r:readahead_etc_rw_t,s0) +/usr/sbin/readahead.* -- gen_context(system_u:object_r:readahead_exec_t,s0) +/sbin/readahead.* -- gen_context(system_u:object_r:readahead_exec_t,s0) + +/var/lib/readahead(/.*)? gen_context(system_u:object_r:readahead_var_lib_t,s0) -+ + +-/usr/sbin/readahead -- gen_context(system_u:object_r:readahead_exec_t,s0) diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/admin/readahead.te serefpolicy-3.6.12/policy/modules/admin/readahead.te --- nsaserefpolicy/policy/modules/admin/readahead.te 2009-01-05 15:39:44.000000000 -0500 +++ serefpolicy-3.6.12/policy/modules/admin/readahead.te 2009-04-24 13:45:16.000000000 -0400 diff --git a/selinux-policy.spec b/selinux-policy.spec index b32bae0..7c3e4f7 100644 --- a/selinux-policy.spec +++ b/selinux-policy.spec @@ -20,7 +20,7 @@ Summary: SELinux policy configuration Name: selinux-policy Version: 3.6.12 -Release: 18%{?dist} +Release: 19%{?dist} License: GPLv2+ Group: System Environment/Base Source: serefpolicy-%{version}.tgz @@ -446,7 +446,7 @@ exit 0 %endif %changelog -* Fri Apr 24 2009 Dan Walsh 3.6.12-18 +* Fri Apr 24 2009 Dan Walsh 3.6.12-19 - Allow initrc_t to delete dev_null - Allow readahead to configure auditing - Fix milter policy