diff --git a/policy-F14.patch b/policy-F14.patch index 06cd7c3..4ed629c 100644 --- a/policy-F14.patch +++ b/policy-F14.patch @@ -30066,7 +30066,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/init.i +') diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/init.te serefpolicy-3.8.8/policy/modules/system/init.te --- nsaserefpolicy/policy/modules/system/init.te 2010-07-27 16:06:06.000000000 -0400 -+++ serefpolicy-3.8.8/policy/modules/system/init.te 2010-08-17 06:09:36.000000000 -0400 ++++ serefpolicy-3.8.8/policy/modules/system/init.te 2010-08-17 09:55:08.000000000 -0400 @@ -16,6 +16,27 @@ ## gen_tunable(init_upstart, false) @@ -30178,7 +30178,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/init.t corecmd_shell_domtrans(init_t, initrc_t) ',` # Run the shell in the sysadm role for single-user mode. -@@ -185,15 +216,72 @@ +@@ -185,15 +216,68 @@ sysadm_shell_domtrans(init_t) ') @@ -30220,10 +30220,6 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/init.t + init_read_script_state(init_t) + + seutil_read_file_contexts(init_t) -+ -+ optional_policy(` -+ udev_read_db(init_t) -+ ') +') + optional_policy(` @@ -30251,6 +30247,17 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/init.t nscd_socket_use(init_t) ') +@@ -202,6 +286,10 @@ + ') + + optional_policy(` ++ udev_read_db(init_t) ++') ++ ++optional_policy(` + unconfined_domain(init_t) + ') + @@ -211,7 +299,7 @@ #