diff --git a/.cvsignore b/.cvsignore index faafbf4..b11d307 100644 --- a/.cvsignore +++ b/.cvsignore @@ -180,3 +180,4 @@ setroubleshoot-2.2.11.tar.gz serefpolicy-3.6.22.tgz serefpolicy-3.6.23.tgz serefpolicy-3.6.24.tgz +serefpolicy-3.6.25.tgz diff --git a/modules-minimum.conf b/modules-minimum.conf index 7e300ae..6a94e6b 100644 --- a/modules-minimum.conf +++ b/modules-minimum.conf @@ -850,6 +850,13 @@ nslcd = module # nsplugin = module +# Layer: services +# Module: modemmanager +# +# Manager for dynamically switching between modems. +# +modemmanager = module + # Layer: apps # Module: mplayer # @@ -1491,13 +1498,6 @@ varnishd = module # virt = module -# Layer: system -# Module: virtual -# -# Virtualization libraries -# -virtual = base - # Layer: apps # Module: qemu # diff --git a/modules-mls.conf b/modules-mls.conf index 3c09b62..d45f04a 100644 --- a/modules-mls.conf +++ b/modules-mls.conf @@ -787,6 +787,13 @@ miscfiles = base # mls = base +# Layer: services +# Module: modemmanager +# +# Manager for dynamically switching between modems. +# +modemmanager = module + # Layer: system # Module: modutils # @@ -1428,13 +1435,6 @@ xen = module # virt = module -# Layer: system -# Module: virtual -# -# Virtualization libraries -# -virtual = base - # Layer: apps # Module: qemu # diff --git a/modules-targeted.conf b/modules-targeted.conf index 7e300ae..6a94e6b 100644 --- a/modules-targeted.conf +++ b/modules-targeted.conf @@ -850,6 +850,13 @@ nslcd = module # nsplugin = module +# Layer: services +# Module: modemmanager +# +# Manager for dynamically switching between modems. +# +modemmanager = module + # Layer: apps # Module: mplayer # @@ -1491,13 +1498,6 @@ varnishd = module # virt = module -# Layer: system -# Module: virtual -# -# Virtualization libraries -# -virtual = base - # Layer: apps # Module: qemu # diff --git a/nsadiff b/nsadiff index c8f2765..73e7f7e 100755 --- a/nsadiff +++ b/nsadiff @@ -1 +1 @@ -diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy serefpolicy-3.6.24 > /tmp/diff +diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy serefpolicy-3.6.25 > /tmp/diff diff --git a/policy-F12.patch b/policy-F12.patch index 95fdb51..1de6d5b 100644 --- a/policy-F12.patch +++ b/policy-F12.patch @@ -12593,7 +12593,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol ') diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/policykit.te serefpolicy-3.6.25/policy/modules/services/policykit.te --- nsaserefpolicy/policy/modules/services/policykit.te 2009-07-23 14:11:04.000000000 -0400 -+++ serefpolicy-3.6.25/policy/modules/services/policykit.te 2009-07-29 21:34:35.000000000 -0400 ++++ serefpolicy-3.6.25/policy/modules/services/policykit.te 2009-07-30 00:28:51.000000000 -0400 @@ -38,9 +38,10 @@ allow policykit_t self:capability { setgid setuid }; @@ -12607,7 +12607,15 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol policykit_domtrans_auth(policykit_t) -@@ -68,8 +69,17 @@ +@@ -62,14 +63,25 @@ + files_read_etc_files(policykit_t) + files_read_usr_files(policykit_t) + ++fs_list_inotifyfs(policykit_t) ++ + auth_use_nsswitch(policykit_t) + + logging_send_syslog_msg(policykit_t) miscfiles_read_localization(policykit_t) @@ -12625,7 +12633,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol ######################################## # # polkit_auth local policy -@@ -77,7 +87,8 @@ +@@ -77,7 +89,8 @@ allow policykit_auth_t self:capability setgid; allow policykit_auth_t self:process getattr; @@ -12635,7 +12643,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol allow policykit_auth_t self:unix_dgram_socket create_socket_perms; allow policykit_auth_t self:unix_stream_socket create_stream_socket_perms; -@@ -104,6 +115,8 @@ +@@ -104,6 +117,8 @@ userdom_dontaudit_read_user_home_content_files(policykit_auth_t) optional_policy(` @@ -12644,7 +12652,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol dbus_session_bus_client(policykit_auth_t) optional_policy(` -@@ -116,6 +129,10 @@ +@@ -116,6 +131,10 @@ hal_read_state(policykit_auth_t) ') @@ -12655,7 +12663,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol ######################################## # # polkit_grant local policy -@@ -123,7 +140,8 @@ +@@ -123,7 +142,8 @@ allow policykit_grant_t self:capability setuid; allow policykit_grant_t self:process getattr; @@ -12665,7 +12673,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol allow policykit_grant_t self:unix_dgram_socket create_socket_perms; allow policykit_grant_t self:unix_stream_socket create_stream_socket_perms; -@@ -153,9 +171,12 @@ +@@ -153,9 +173,12 @@ userdom_read_all_users_state(policykit_grant_t) optional_policy(` @@ -12679,7 +12687,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol consolekit_dbus_chat(policykit_grant_t) ') ') -@@ -167,7 +188,8 @@ +@@ -167,7 +190,8 @@ allow policykit_resolve_t self:capability { setuid sys_nice sys_ptrace }; allow policykit_resolve_t self:process getattr; diff --git a/selinux-policy.spec b/selinux-policy.spec index b0b0b2f..9b6891f 100644 --- a/selinux-policy.spec +++ b/selinux-policy.spec @@ -19,7 +19,7 @@ %define CHECKPOLICYVER 2.0.16-3 Summary: SELinux policy configuration Name: selinux-policy -Version: 3.6.24 +Version: 3.6.25 Release: 1%{?dist} License: GPLv2+ Group: System Environment/Base @@ -475,6 +475,13 @@ exit 0 %endif %changelog +* Tue Jul 28 2009 Dan Walsh 3.6.25-1 +- Fix polkit label +- Remove hidebrokensymptoms for nss_ldap fix +- Add modemmanager policy +- Lots of merges from upstream +- Begin removing textrel_shlib_t labels, from fixed libraries + * Tue Jul 28 2009 Dan Walsh 3.6.24-1 - Update to upstream diff --git a/sources b/sources index 24a820d..c4060e7 100644 --- a/sources +++ b/sources @@ -1 +1 @@ -4d74666892956fc2b2a50158e740174e serefpolicy-3.6.24.tgz +1bf047937d814f33c84b5fb13f55b620 serefpolicy-3.6.25.tgz