From c51b1c5026fde4426362a5b1a5aecbf4d2e3a124 Mon Sep 17 00:00:00 2001 From: Daniel J Walsh Date: Nov 24 2009 23:53:22 +0000 Subject: - Allow modemmanager sys_admin --- diff --git a/policy-F12.patch b/policy-F12.patch index 3313e3b..48ae1fd 100644 --- a/policy-F12.patch +++ b/policy-F12.patch @@ -14346,7 +14346,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol optional_policy(` diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/dbus.if serefpolicy-3.6.32/policy/modules/services/dbus.if --- nsaserefpolicy/policy/modules/services/dbus.if 2009-09-16 10:01:19.000000000 -0400 -+++ serefpolicy-3.6.32/policy/modules/services/dbus.if 2009-10-05 08:30:03.000000000 -0400 ++++ serefpolicy-3.6.32/policy/modules/services/dbus.if 2009-11-24 18:22:22.000000000 -0500 @@ -42,8 +42,10 @@ gen_require(` class dbus { send_msg acquire_svc }; @@ -14412,8 +14412,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol ') # SE-DBus specific permissions -- allow $1 { system_dbusd_t self }:dbus send_msg; -+ allow $1 { system_dbusd_t self dbusd_unconfined }:dbus send_msg; + allow $1 { system_dbusd_t self }:dbus send_msg; + allow { system_dbusd_t dbusd_unconfined } $1:dbus send_msg; read_files_pattern($1, system_dbusd_var_lib_t, system_dbusd_var_lib_t) diff --git a/selinux-policy.spec b/selinux-policy.spec index 02c2cb9..9eda1c4 100644 --- a/selinux-policy.spec +++ b/selinux-policy.spec @@ -20,7 +20,7 @@ Summary: SELinux policy configuration Name: selinux-policy Version: 3.6.32 -Release: 49%{?dist} +Release: 50%{?dist} License: GPLv2+ Group: System Environment/Base Source: serefpolicy-%{version}.tgz @@ -445,6 +445,9 @@ exit 0 %endif %changelog +* Tue Nov 24 2009 Dan Walsh 3.6.32-50 +- Allow modemmanager sys_admin + * Mon Nov 23 2009 Dan Walsh 3.6.32-49 - Allow sssd to read all processes domain