From 02d888c7660d346999076ab9df7a9ba252df9f66 Mon Sep 17 00:00:00 2001 From: Daniel J Walsh Date: Nov 25 2008 19:18:01 +0000 Subject: - Fix labeling on /var/spool/rsyslog --- diff --git a/.cvsignore b/.cvsignore index f897339..e07146d 100644 --- a/.cvsignore +++ b/.cvsignore @@ -155,3 +155,4 @@ serefpolicy-3.5.10.tgz serefpolicy-3.5.11.tgz serefpolicy-3.5.12.tgz serefpolicy-3.5.13.tgz +serefpolicy-3.6.1.tgz diff --git a/modules-minimum.conf b/modules-minimum.conf index 8776a41..f017e02 100644 --- a/modules-minimum.conf +++ b/modules-minimum.conf @@ -139,6 +139,14 @@ dnsmasq = module bluetooth = module # Layer: kernel +# Module: ubac +# +# +# +ubac = base + +# +# Layer: kernel # Module: bootloader # # Policy for the kernel modules, kernel image, and bootloader. @@ -1705,3 +1713,21 @@ netlabel = module # zosremote = module +# Layer: services +# Module: pki +# +# +pki = module + +# Layer: services +# Module: pingd +# +# +pingd = module + +# Layer: services +# Module: milter +# +# +# +milter = module diff --git a/modules-mls.conf b/modules-mls.conf index a38608f..38a8db0 100644 --- a/modules-mls.conf +++ b/modules-mls.conf @@ -1173,3 +1173,9 @@ brctl = base # zosremote = module +# Layer: kernel +# Module: ubac +# +# +# +ubac = base diff --git a/modules-targeted.conf b/modules-targeted.conf index 8776a41..f017e02 100644 --- a/modules-targeted.conf +++ b/modules-targeted.conf @@ -139,6 +139,14 @@ dnsmasq = module bluetooth = module # Layer: kernel +# Module: ubac +# +# +# +ubac = base + +# +# Layer: kernel # Module: bootloader # # Policy for the kernel modules, kernel image, and bootloader. @@ -1705,3 +1713,21 @@ netlabel = module # zosremote = module +# Layer: services +# Module: pki +# +# +pki = module + +# Layer: services +# Module: pingd +# +# +pingd = module + +# Layer: services +# Module: milter +# +# +# +milter = module diff --git a/selinux-policy.spec b/selinux-policy.spec index a63710f..d3bf453 100644 --- a/selinux-policy.spec +++ b/selinux-policy.spec @@ -15,16 +15,16 @@ %endif %define POLICYVER 23 %define libsepolver 2.0.20-1 -%define POLICYCOREUTILSVER 2.0.54-2 +%define POLICYCOREUTILSVER 2.0.57-12 %define CHECKPOLICYVER 2.0.16-3 Summary: SELinux policy configuration Name: selinux-policy -Version: 3.5.13 -Release: 18%{?dist} +Version: 3.6.1 +Release: 1%{?dist} License: GPLv2+ Group: System Environment/Base Source: serefpolicy-%{version}.tgz -patch: policy-20080710.patch +patch: policy-20081111.patch Source1: modules-targeted.conf Source2: booleans-targeted.conf Source3: Makefile.devel @@ -93,10 +93,7 @@ cp -f $RPM_SOURCE_DIR/modules-%1.conf ./policy/modules.conf \ cp -f $RPM_SOURCE_DIR/booleans-%1.conf ./policy/booleans.conf \ %define moduleList() %([ -f %{_sourcedir}/modules-%{1}.conf ] && \ -awk '$1 !~ "/^#/" && $2 == "=" && $3 == "module" { printf "-i %%s.pp ", $1 }' %{_sourcedir}/modules-%{1}.conf ) - -%define bzmoduleList() %([ -f %{_sourcedir}/modules-%{1}.conf ] && \ -awk '$1 !~ "/^#/" && $2 == "=" && $3 == "module" { printf " ../%%s.pp.bz2 ", $1 }' %{_sourcedir}/modules-%{1}.conf ) +awk '$1 !~ "/^#/" && $2 == "=" && $3 == "module" { printf "%%s.pp.bz2 ", $1 }' %{_sourcedir}/modules-%{1}.conf ) %define installCmds() \ make UNK_PERMS=%5 NAME=%1 TYPE=%2 DISTRO=%{distro} DIRECT_INITRC=%3 MONOLITHIC=%{monolithic} POLY=%4 MLS_CATS=1024 MCS_CATS=1024 base.pp \ @@ -166,22 +163,14 @@ if [ -s /etc/selinux/config ]; then \ fi %define loadminpolicy() \ -tempdir=`mktemp -d /usr/share/selinux/%1/tmpXXXX`; \ -( cd $tempdir; \ -cp ../base.pp.bz2 ../unconfined.pp.bz2 .; \ -bunzip2 *; \ -semodule -b base.pp -i unconfined.pp -s %1; \ +( cd /usr/share/selinux/%1; \ +semodule -b base.pp.bz2 -i unconfined.pp.bz2 -s %1; \ ); \ -rm -rf $tempdir; \ %define loadpolicy() \ -tempdir=`mktemp -d /usr/share/selinux/%1/tmpXXXX`; \ -( cd $tempdir; \ -cp ../base.pp.bz2 %{expand:%%bzmoduleList %1} .; \ -bunzip2 *; \ -semodule -b base.pp %{expand:%%moduleList %1} -s %1; \ +( cd /usr/share/selinux/%1; \ +semodule -b base.pp.bz2 -i %{expand:%%moduleList %1} -s %1; \ ); \ -rm -rf $tempdir; \ %define relabel() \ . %{_sysconfdir}/selinux/config; \ @@ -195,7 +184,7 @@ fi; %description SELinux Reference Policy - modular. -Based off of reference policy: Checked out revision 2837. +Based off of reference policy: Checked out revision 2882. %build @@ -457,6 +446,9 @@ exit 0 %endif %changelog +* Fri Nov 5 2008 Dan Walsh 3.5.13-19 +- Fix labeling on /var/spool/rsyslog + * Thu Nov 5 2008 Dan Walsh 3.5.13-18 - Allow postgresl to bind to udp nodes diff --git a/sources b/sources index c102fa1..cc70b20 100644 --- a/sources +++ b/sources @@ -1 +1 @@ -7220cccf7e77363dbceb48dc3a7fa2ef serefpolicy-3.5.13.tgz +fd3f6b4a0e07610d374363d3370df36c serefpolicy-3.6.1.tgz