From dbb7dd94843f37dc257658607b8ace7e669f9702 Mon Sep 17 00:00:00 2001
From: Chris PeBenito <cpebenito@tresys.com>
Date: Aug 25 2009 13:44:28 +0000
Subject: Merge branch 'master' of ssh://oss.tresys.com/home/git/refpolicy


---

diff --git a/Changelog b/Changelog
index c291c28..28115b8 100644
--- a/Changelog
+++ b/Changelog
@@ -1,3 +1,4 @@
+- Misc Gentoo fixes from Corentin Labbe.
 - Debian policykit fixes from Martin Orr.
 - Fix unconfined_r use of unconfined_java_t.
 - Add missing x_device rules for XI2 functions, from Eamon Walsh.
diff --git a/policy/modules/admin/portage.te b/policy/modules/admin/portage.te
index 26b2572..c3154d1 100644
--- a/policy/modules/admin/portage.te
+++ b/policy/modules/admin/portage.te
@@ -1,5 +1,5 @@
 
-policy_module(portage, 1.8.0)
+policy_module(portage, 1.8.1)
 
 ########################################
 #
@@ -119,6 +119,7 @@ optional_policy(`
 # - setfscreate for merging to live fs
 # - setexec to run portage fetch
 allow portage_t self:process { setfscreate setexec };
+allow portage_t self:capability sys_nice;
 
 allow portage_t portage_log_t:file manage_file_perms;
 logging_log_filetrans(portage_t, portage_log_t, file)
diff --git a/policy/modules/services/dbus.fc b/policy/modules/services/dbus.fc
index a88652f..81eba14 100644
--- a/policy/modules/services/dbus.fc
+++ b/policy/modules/services/dbus.fc
@@ -1,12 +1,13 @@
 /etc/dbus-1(/.*)?		gen_context(system_u:object_r:dbusd_etc_t,s0)
 
-# Sorting does not work correctly if I combine these next two roles
-/usr/bin/dbus-daemon(-1)? --	gen_context(system_u:object_r:dbusd_exec_t,s0)
 /bin/dbus-daemon 	--	gen_context(system_u:object_r:dbusd_exec_t,s0)
 
 /lib/dbus-1/dbus-daemon-launch-helper -- gen_context(system_u:object_r:dbusd_exec_t,s0)
 /lib64/dbus-1/dbus-daemon-launch-helper -- gen_context(system_u:object_r:dbusd_exec_t,s0)
 
+/usr/bin/dbus-daemon(-1)? --	gen_context(system_u:object_r:dbusd_exec_t,s0)
+/usr/libexec/dbus-daemon-launch-helper -- gen_context(system_u:object_r:dbusd_exec_t,s0)
+
 /var/lib/dbus(/.*)?		gen_context(system_u:object_r:system_dbusd_var_lib_t,s0)
 
 /var/run/dbus(/.*)?		gen_context(system_u:object_r:system_dbusd_var_run_t,s0)
diff --git a/policy/modules/services/dbus.te b/policy/modules/services/dbus.te
index 8c8395a..aa857cb 100644
--- a/policy/modules/services/dbus.te
+++ b/policy/modules/services/dbus.te
@@ -1,5 +1,5 @@
 
-policy_module(dbus, 1.11.0)
+policy_module(dbus, 1.11.1)
 
 gen_require(`
 	class dbus all_dbus_perms;
diff --git a/policy/modules/services/policykit.if b/policy/modules/services/policykit.if
index 1ade306..4dbbc70 100644
--- a/policy/modules/services/policykit.if
+++ b/policy/modules/services/policykit.if
@@ -167,7 +167,7 @@ interface(`policykit_domtrans_resolve',`
 
 	domtrans_pattern($1, policykit_resolve_exec_t, policykit_resolve_t)
 
-	ps_process_pattern(policykit_resolve_t $1)
+	ps_process_pattern(policykit_resolve_t, $1)
 ')
 
 ########################################