@@ -16087,6 +16097,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/cgro
+ type cgred_t, cgconfigparser_t, cgred_var_run_t;
+ type cgconfig_etc_t, cgconfig_initrc_exec_t, cgred_initrc_exec_t;
+ type cgroup_t, cgroupfs_t;
++ type cgrules_etc_t;
+ ')
+
+ allow $1 cgconfigparser_t:process { ptrace signal_perms getattr };
@@ -16100,6 +16111,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/cgro
+
+ files_search_etc($1)
+ admin_pattern($1, cgconfig_etc_t)
++ admin_pattern($1, cgrules_etc_t)
+
+ files_list_var($1)
+ admin_pattern($1, cgred_var_run_t)
@@ -19818,7 +19830,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/ftp.
+')
diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/git.fc serefpolicy-3.7.19/policy/modules/services/git.fc
--- nsaserefpolicy/policy/modules/services/git.fc 2010-04-13 20:44:37.000000000 +0200
-+++ serefpolicy-3.7.19/policy/modules/services/git.fc 2010-05-28 09:42:00.112610839 +0200
++++ serefpolicy-3.7.19/policy/modules/services/git.fc 2010-06-30 13:03:56.351618002 +0200
@@ -1,3 +1,12 @@
+HOME_DIR/public_git(/.*)? gen_context(system_u:object_r:git_session_content_t, s0)
+HOME_DIR/\.gitconfig -- gen_context(system_u:object_r:git_session_content_t, s0)
@@ -19828,7 +19840,8 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/git.
+/usr/libexec/git-core/git-daemon -- gen_context(system_u:object_r:gitd_exec_t, s0)
+
/var/cache/cgit(/.*)? gen_context(system_u:object_r:httpd_git_rw_content_t,s0)
- /var/lib/git(/.*)? gen_context(system_u:object_r:httpd_git_content_t,s0)
+-/var/lib/git(/.*)? gen_context(system_u:object_r:httpd_git_content_t,s0)
++/var/lib/git(/.*)? gen_context(system_u:object_r:git_system_content_t,s0)
/var/www/cgi-bin/cgit -- gen_context(system_u:object_r:httpd_git_script_exec_t,s0)
+/var/www/git(/.*)? gen_context(system_u:object_r:httpd_git_content_t,s0)
+/var/www/git/gitweb.cgi gen_context(system_u:object_r:httpd_git_script_exec_t,s0)
diff --git a/selinux-policy.spec b/selinux-policy.spec
index a3d8785..1a5f2d5 100644
--- a/selinux-policy.spec
+++ b/selinux-policy.spec
@@ -20,7 +20,7 @@
Summary: SELinux policy configuration
Name: selinux-policy
Version: 3.7.19
-Release: 32%{?dist}
+Release: 33%{?dist}
License: GPLv2+
Group: System Environment/Base
Source: serefpolicy-%{version}.tgz
@@ -469,6 +469,11 @@ exit 0
%endif
%changelog
+* Wed Jun 30 2010 Miroslav Grepl