From 7b146db852ba379c7f2e1e107503ddee4e7646ab Mon Sep 17 00:00:00 2001 From: Daniel J Walsh Date: Jan 19 2009 14:28:24 +0000 Subject: - Define openoffice as an x_domain --- diff --git a/modules-mls.conf b/modules-mls.conf index aeefd89..9c88089 100644 --- a/modules-mls.conf +++ b/modules-mls.conf @@ -1692,13 +1692,6 @@ xguest = module # courier = module -# Layer: apps -# Module: livecd -# -# livecd creator -# -livecd = module - # Layer: services # Module: snort # diff --git a/policy-20090105.patch b/policy-20090105.patch index 4af6e1b..1dd97f9 100644 --- a/policy-20090105.patch +++ b/policy-20090105.patch @@ -2647,8 +2647,8 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol +') diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/apps/nsplugin.te serefpolicy-3.6.2/policy/modules/apps/nsplugin.te --- nsaserefpolicy/policy/modules/apps/nsplugin.te 1969-12-31 19:00:00.000000000 -0500 -+++ serefpolicy-3.6.2/policy/modules/apps/nsplugin.te 2009-01-05 17:54:58.000000000 -0500 -@@ -0,0 +1,275 @@ ++++ serefpolicy-3.6.2/policy/modules/apps/nsplugin.te 2009-01-19 08:44:01.000000000 -0500 +@@ -0,0 +1,277 @@ + +policy_module(nsplugin, 1.0.0) + @@ -2921,7 +2921,9 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol + allow nsplugin_t unconfined_mono_t:process signull; +') + -+unconfined_execmem_exec(nsplugin_t) ++optional_policy(` ++ unconfined_execmem_exec(nsplugin_t) ++') + + diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/apps/openoffice.fc serefpolicy-3.6.2/policy/modules/apps/openoffice.fc diff --git a/selinux-policy.spec b/selinux-policy.spec index edec78e..dee9c81 100644 --- a/selinux-policy.spec +++ b/selinux-policy.spec @@ -47,7 +47,7 @@ Source19: securetty_types-minimum Url: http://serefpolicy.sourceforge.net BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n) BuildArch: noarch -BuildRequires: python gawk checkpolicy >= %{CHECKPOLICYVER} m4 policycoreutils >= %{POLICYCOREUTILSVER} bzip2 +BuildRequires: python gawk checkpolicy >= %{CHECKPOLICYVER} m4 policycoreutils-python >= %{POLICYCOREUTILSVER} bzip2 Requires(pre): policycoreutils >= %{POLICYCOREUTILSVER} libsemanage >= 2.0.14-3 Requires(post): /usr/bin/bunzip2 /bin/mktemp Requires: checkpolicy >= %{CHECKPOLICYVER} m4