diff --git a/.cvsignore b/.cvsignore index a5684e7..f09593d 100644 --- a/.cvsignore +++ b/.cvsignore @@ -140,3 +140,4 @@ serefpolicy-3.2.8.tgz serefpolicy-3.2.9.tgz serefpolicy-3.3.0.tgz serefpolicy-3.3.1.tgz +serefpolicy-3.4.1.tgz diff --git a/modules-mls.conf b/modules-mls.conf index 625aee3..8741d52 100644 --- a/modules-mls.conf +++ b/modules-mls.conf @@ -1060,20 +1060,6 @@ tzdata = base # amtu = module -# Layer: users -# Module: staff -# -# Fully Privledged user. with su/sudo/newrole -# -staff = base - -# Layer: users -# Module: user -# -# Fully Privledged user. without su/sudo/newrole -# -user = base - # Layer: services # Module: prelude # @@ -1081,16 +1067,52 @@ user = base # prelude = module -# Layer: users +# Layer: role # Module: secadm # # Root role used to manage selinux # secadm = module -# Layer: users +# Layer: role # Module: auditadm # # Root role used to manage audit system # auditadm = module + +# Layer:role +# Module: staff +# +# admin account +# +staff = base + +# Layer:role +# Module: sysadm +# +# System Administrator +# +sysadm = base + +# Layer: role +# Module: unprivuser +# +# user account +# +unprivuser = base + +# Layer: role +# Module: guest +# +# Minimally privs guest account on tty logins +# +guest = module + +# Layer: role +# Module: xguest +# +# Minimally privs guest account on X Windows logins +# +xguest = module + diff --git a/modules-targeted.conf b/modules-targeted.conf index cadf2fa..b4e76aa 100644 --- a/modules-targeted.conf +++ b/modules-targeted.conf @@ -1548,28 +1548,14 @@ rpcbind = module # vmware = module -# Layer: users -# Module: guest -# -# Minimally privs guest account on tty logins -# -guest = module - -# Layer: users -# Module: xguest -# -# Minimally privs guest account on X Windows logins -# -xguest = module - -# Layer: users +# Layer: role # Module: logadm # # Minimally prived root role for managing logging system # logadm = module -# Layer: users +# Layer: role # Module: webadm # # Minimally prived root role for managing apache @@ -1613,19 +1599,26 @@ bitlbee = module # soundserver = module -# Layer: users +# Layer:role # Module: staff # -# Minimally privs guest account on tty logins +# admin account # staff = base -# Layer: users -# Module: user +# Layer:role +# Module: sysadm +# +# System Administrator +# +sysadm = base + +# Layer: role +# Module: unprivuser # # Minimally privs guest account on tty logins # -user = base +unprivuser = base # Layer: services # Module: prelude @@ -1655,3 +1648,17 @@ openoffice = base # podsleuth = module +# Layer: role +# Module: guest +# +# Minimally privs guest account on tty logins +# +guest = module + +# Layer: role +# Module: xguest +# +# Minimally privs guest account on X Windows logins +# +xguest = module + diff --git a/selinux-policy.spec b/selinux-policy.spec index 2c44272..26d6ff7 100644 --- a/selinux-policy.spec +++ b/selinux-policy.spec @@ -16,12 +16,12 @@ %define CHECKPOLICYVER 2.0.3-1 Summary: SELinux policy configuration Name: selinux-policy -Version: 3.3.1 -Release: 48%{?dist} +Version: 3.4.1 +Release: 1%{?dist} License: GPLv2+ Group: System Environment/Base Source: serefpolicy-%{version}.tgz -patch: policy-20071130.patch +patch: policy-20080509.patch Source1: modules-targeted.conf Source2: booleans-targeted.conf Source3: Makefile.devel @@ -171,7 +171,7 @@ fi; %description SELinux Reference Policy - modular. -Based off of reference policy: Checked out revision 2624. +Based off of reference policy: Checked out revision 2682. %build @@ -385,6 +385,9 @@ exit 0 %endif %changelog +* Fri May 9 2008 Dan Walsh 3.4.1-1 +- Merge Upstream + * Wed May 7 2008 Dan Walsh 3.3.1-48 - Allow amanada to create data files diff --git a/sources b/sources index e69de29..2f79c06 100644 --- a/sources +++ b/sources @@ -0,0 +1 @@ +910f96dc0a866f959fa290115a52a7cc serefpolicy-3.4.1.tgz