From c22932e040d2bc7d8c3caac68b38d6e782f93f78 Mon Sep 17 00:00:00 2001
From: Miroslav Grepl <mgrepl@fedoraproject.org>
Date: Feb 23 2009 14:09:26 +0000
Subject: - Allow rpcd_t to send signal to mount_t


---

diff --git a/policy-20080710.patch b/policy-20080710.patch
index 6560815..26d9bd8 100644
--- a/policy-20080710.patch
+++ b/policy-20080710.patch
@@ -9443,6 +9443,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/roles/staff.t
 +optional_policy(`
 +	unprivuser_role_change_template(staff)
 +')
+Binary files nsaserefpolicy/policy/modules/roles/.staff.te.swp and serefpolicy-3.5.13/policy/modules/roles/.staff.te.swp differ
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/roles/sysadm.if serefpolicy-3.5.13/policy/modules/roles/sysadm.if
 --- nsaserefpolicy/policy/modules/roles/sysadm.if	2008-10-17 14:49:14.000000000 +0200
 +++ serefpolicy-3.5.13/policy/modules/roles/sysadm.if	2009-02-18 10:14:24.000000000 +0100
@@ -24748,7 +24749,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/rpc.
  /usr/sbin/rpc\.nfsd	--	gen_context(system_u:object_r:nfsd_exec_t,s0)
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/rpc.if serefpolicy-3.5.13/policy/modules/services/rpc.if
 --- nsaserefpolicy/policy/modules/services/rpc.if	2008-10-17 14:49:13.000000000 +0200
-+++ serefpolicy-3.5.13/policy/modules/services/rpc.if	2009-02-10 15:07:15.000000000 +0100
++++ serefpolicy-3.5.13/policy/modules/services/rpc.if	2009-02-23 15:03:51.000000000 +0100
 @@ -88,8 +88,11 @@
  	# bind to arbitary unused ports
  	corenet_tcp_bind_generic_port($1_t)
@@ -24762,7 +24763,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/rpc.
  
  	fs_rw_rpc_named_pipes($1_t) 
  	fs_search_auto_mountpoints($1_t)
-@@ -208,6 +211,24 @@
+@@ -208,6 +211,25 @@
  
  ########################################
  ## <summary>
@@ -24780,6 +24781,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/rpc.
 +	')
 +
 +	domtrans_pattern($1, rpcd_exec_t, rpcd_t)
++	allow rpcd_t $1:process signal;
 +')
 +
 +########################################
@@ -24787,7 +24789,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/rpc.
  ##      Read NFS exported content.
  ## </summary>
  ## <param name="domain">
-@@ -338,3 +359,22 @@
+@@ -338,3 +360,22 @@
  	files_search_var_lib($1)
  	read_files_pattern($1, var_lib_nfs_t, var_lib_nfs_t)
  ')