From aadcb968f9a848f3ee9e1bb8f995e7f603e1c4f5 Mon Sep 17 00:00:00 2001
From: Chris PeBenito <pebenito@gentoo.org>
Date: Feb 18 2010 01:28:59 +0000
Subject: Move netlink route sockets from nsswitch to DNS name resolve.


---

diff --git a/policy/modules/system/authlogin.if b/policy/modules/system/authlogin.if
index 8d1d529..8a89f59 100644
--- a/policy/modules/system/authlogin.if
+++ b/policy/modules/system/authlogin.if
@@ -1378,8 +1378,6 @@ interface(`auth_manage_login_records',`
 #
 interface(`auth_use_nsswitch',`
 
-	allow $1 self:netlink_route_socket r_netlink_socket_perms;
-
 	files_list_var_lib($1)
 
 	# read /etc/nsswitch.conf
diff --git a/policy/modules/system/authlogin.te b/policy/modules/system/authlogin.te
index bd629c2..b883897 100644
--- a/policy/modules/system/authlogin.te
+++ b/policy/modules/system/authlogin.te
@@ -1,5 +1,5 @@
 
-policy_module(authlogin, 2.1.0)
+policy_module(authlogin, 2.1.1)
 
 ########################################
 #
diff --git a/policy/modules/system/sysnetwork.if b/policy/modules/system/sysnetwork.if
index a0cd508..43fc19b 100644
--- a/policy/modules/system/sysnetwork.if
+++ b/policy/modules/system/sysnetwork.if
@@ -543,6 +543,7 @@ interface(`sysnet_dns_name_resolve',`
 
 	allow $1 self:tcp_socket create_socket_perms;
 	allow $1 self:udp_socket create_socket_perms;
+	allow $1 self:netlink_route_socket r_netlink_socket_perms;
 
 	corenet_all_recvfrom_unlabeled($1)
 	corenet_all_recvfrom_netlabel($1)
diff --git a/policy/modules/system/sysnetwork.te b/policy/modules/system/sysnetwork.te
index ab083b9..90e8bc7 100644
--- a/policy/modules/system/sysnetwork.te
+++ b/policy/modules/system/sysnetwork.te
@@ -1,5 +1,5 @@
 
-policy_module(sysnetwork, 1.10.1)
+policy_module(sysnetwork, 1.10.2)
 
 ########################################
 #