diff --git a/booleans-targeted.conf b/booleans-targeted.conf index d05e129..e53e82d 100644 --- a/booleans-targeted.conf +++ b/booleans-targeted.conf @@ -216,8 +216,13 @@ write_untrusted_content = false # Allow all domains to talk to ttys # -allow_domains_use_tty = false +allow_daemons_use_tty = false # Allow login domains to polyinstatiate directories # allow_polyinstantiation = false + +# Allow all domains to talk to ttys +# +allow_daemons_dump_core = true + diff --git a/modules-targeted.conf b/modules-targeted.conf index 1c218f3..f86a8ca 100644 --- a/modules-targeted.conf +++ b/modules-targeted.conf @@ -964,7 +964,7 @@ locallogin = base # # Policy for iptables. # -iptables = off +iptables = base # Layer: system # Module: mount diff --git a/selinux-policy.spec b/selinux-policy.spec index 455611c..60a777e 100644 --- a/selinux-policy.spec +++ b/selinux-policy.spec @@ -17,7 +17,7 @@ Summary: SELinux policy configuration Name: selinux-policy Version: 2.4.2 -Release: 2 +Release: 3 License: GPL Group: System Environment/Base Source: serefpolicy-%{version}.tgz @@ -297,6 +297,7 @@ Summary: SELinux mls base policy Group: System Environment/Base Provides: selinux-policy-base Obsoletes: selinux-policy-mls-sources +Requires: policycoreutils-newrole >= %{POLICYCOREUTILSVER} Prereq: policycoreutils >= %{POLICYCOREUTILSVER} Prereq: coreutils Prereq: selinux-policy = %{version}-%{release} @@ -326,6 +327,7 @@ Obsoletes: selinux-policy-strict-sources Prereq: policycoreutils >= %{POLICYCOREUTILSVER} Prereq: coreutils Prereq: selinux-policy = %{version}-%{release} +Requires: policycoreutils-newrole >= %{POLICYCOREUTILSVER} %description strict SELinux Reference policy strict base module. @@ -351,6 +353,9 @@ semodule -b base.pp -r bootloader -r clock -r dpkg -r fstools -r hotplug -r init %endif %changelog +* Mon Oct 30 2006 Dan Walsh 2.4.2-3 +- Allow daemons to dump core files to / + * Fri Oct 27 2006 Dan Walsh 2.4.2-2 - Fixes for ricci