From 6959e0bb76ab6e971dbb9a2bc85ded2ceabc6323 Mon Sep 17 00:00:00 2001
From: Daniel J Walsh <dwalsh@fedoraproject.org>
Date: Jun 23 2008 00:55:21 +0000
Subject: - Fix prelude file context


---

diff --git a/policy-20080509.patch b/policy-20080509.patch
index 60da170..e7c67e2 100644
--- a/policy-20080509.patch
+++ b/policy-20080509.patch
@@ -13930,7 +13930,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/dbus
  /var/run/dbus(/.*)?		gen_context(system_u:object_r:system_dbusd_var_run_t,s0)
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/dbus.if serefpolicy-3.4.2/policy/modules/services/dbus.if
 --- nsaserefpolicy/policy/modules/services/dbus.if	2008-06-12 23:25:05.000000000 -0400
-+++ serefpolicy-3.4.2/policy/modules/services/dbus.if	2008-06-17 06:44:48.000000000 -0400
++++ serefpolicy-3.4.2/policy/modules/services/dbus.if	2008-06-22 20:49:35.000000000 -0400
 @@ -53,6 +53,7 @@
  	gen_require(`
  		type system_dbusd_exec_t, system_dbusd_t, dbusd_etc_t;
@@ -14203,7 +14203,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/dbus
 +')
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/dbus.te serefpolicy-3.4.2/policy/modules/services/dbus.te
 --- nsaserefpolicy/policy/modules/services/dbus.te	2008-06-12 23:25:05.000000000 -0400
-+++ serefpolicy-3.4.2/policy/modules/services/dbus.te	2008-06-17 06:44:05.000000000 -0400
++++ serefpolicy-3.4.2/policy/modules/services/dbus.te	2008-06-22 20:51:20.000000000 -0400
 @@ -9,9 +9,10 @@
  #
  # Delcarations
@@ -14285,7 +14285,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/dbus
  
  libs_use_ld_so(system_dbusd_t)
  libs_use_shared_libs(system_dbusd_t)
-@@ -122,9 +140,39 @@
+@@ -122,9 +140,40 @@
  ')
  
  optional_policy(`
@@ -14320,6 +14320,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/dbus
 +	')
 +	unconfined_domain(unconfined_dbusd_t)
 +	allow dbusd_unconfined domain:dbus send_msg;
++	unconfined_execmem_domtrans(unconfined_dbusd_t)
 +
 +	optional_policy(`
 +		xserver_xdm_rw_shm(unconfined_dbusd_t)
@@ -21000,8 +21001,8 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/ppp.
  
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/prelude.fc serefpolicy-3.4.2/policy/modules/services/prelude.fc
 --- nsaserefpolicy/policy/modules/services/prelude.fc	2008-06-12 23:25:06.000000000 -0400
-+++ serefpolicy-3.4.2/policy/modules/services/prelude.fc	2008-06-22 07:54:41.000000000 -0400
-@@ -1,11 +1,19 @@
++++ serefpolicy-3.4.2/policy/modules/services/prelude.fc	2008-06-22 20:41:32.000000000 -0400
+@@ -1,11 +1,17 @@
 -/sbin/audisp-prelude		--	gen_context(system_u:object_r:prelude_audisp_exec_t,s0)
 +
 +/sbin/audisp-prelude		--	gen_context(system_u:object_r:audisp_prelude_exec_t,s0)
@@ -21020,12 +21021,10 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/prel
 -/var/spool/prelude(/.*)?		gen_context(system_u:object_r:prelude_spool_t,s0)
 +/var/spool/prelude(/.*)?	gen_context(system_u:object_r:prelude_spool_t,s0)
 +/usr/share/prewikka/cgi-bin(/.*)?	gen_context(system_u:object_r:httpd_prewikka_script_exec_t,s0)
-+/usr/bin/prelude-lml   --      gen_context(system_u:object_r:prelude_lml_exec_t
-+,s0)
-+/var/run/prelude-lml.pid       --      gen_context(system_u:object_r:prelude_lm
-+l_var_run_t,s0)
-+/etc/rc\.d/init\.d/prelude-lml --      gen_context(system_u:object_r:prelude_lm
-+l_script_exec_t,s0)
++/usr/bin/prelude-lml   --      gen_context(system_u:object_r:prelude_lml_exec_t,s0)
++/var/run/prelude-lml.pid       --      gen_context(system_u:object_r:prelude_lml_var_run_t,s0)
++
++/etc/rc\.d/init\.d/prelude-lml --      gen_context(system_u:object_r:prelude_lml_script_exec_t,s0)
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/prelude.if serefpolicy-3.4.2/policy/modules/services/prelude.if
 --- nsaserefpolicy/policy/modules/services/prelude.if	2008-06-12 23:25:06.000000000 -0400
 +++ serefpolicy-3.4.2/policy/modules/services/prelude.if	2008-06-12 23:37:52.000000000 -0400
@@ -32144,7 +32143,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/unconf
 +/usr/lib/erlang/erts-[^/]+/bin/beam.smp --	gen_context(system_u:object_r:unconfined_execmem_exec_t,s0)
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/unconfined.if serefpolicy-3.4.2/policy/modules/system/unconfined.if
 --- nsaserefpolicy/policy/modules/system/unconfined.if	2008-06-12 23:25:07.000000000 -0400
-+++ serefpolicy-3.4.2/policy/modules/system/unconfined.if	2008-06-12 23:37:53.000000000 -0400
++++ serefpolicy-3.4.2/policy/modules/system/unconfined.if	2008-06-22 20:50:34.000000000 -0400
 @@ -12,14 +12,13 @@
  #
  interface(`unconfined_domain_noaudit',`
diff --git a/selinux-policy.spec b/selinux-policy.spec
index 7465f1a..42e8b97 100644
--- a/selinux-policy.spec
+++ b/selinux-policy.spec
@@ -17,7 +17,7 @@
 Summary: SELinux policy configuration
 Name: selinux-policy
 Version: 3.4.2
-Release: 4%{?dist}
+Release: 5%{?dist}
 License: GPLv2+
 Group: System Environment/Base
 Source: serefpolicy-%{version}.tgz
@@ -375,6 +375,9 @@ exit 0
 %endif
 
 %changelog
+* Sun Jun 22 2008 Dan Walsh <dwalsh@redhat.com> 3.4.2-5
+- Fix prelude file context
+
 * Fri Jun 12 2008 Dan Walsh <dwalsh@redhat.com> 3.4.2-4
 - allow hplip to talk dbus
 - Fix context on ~/.local dir