diff --git a/policy-20071130.patch b/policy-20071130.patch index 8328b45..709d107 100644 --- a/policy-20071130.patch +++ b/policy-20071130.patch @@ -3878,7 +3878,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/apps/java.fc +/usr/bin/octave-[^/]* -- gen_context(system_u:object_r:java_exec_t,s0) diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/apps/java.if serefpolicy-3.3.1/policy/modules/apps/java.if --- nsaserefpolicy/policy/modules/apps/java.if 2007-10-12 08:56:02.000000000 -0400 -+++ serefpolicy-3.3.1/policy/modules/apps/java.if 2008-02-26 16:14:55.000000000 -0500 ++++ serefpolicy-3.3.1/policy/modules/apps/java.if 2008-02-26 21:21:39.000000000 -0500 @@ -32,7 +32,7 @@ ## ## @@ -4029,7 +4029,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/apps/java.if + allow $1_java_t self:process { getsched sigkill execheap execmem execstack }; + + allow $2 $1_java_t:process { getattr ptrace signal_perms noatsecure siginh rlimitinh }; -+ allow $1_javaplugin_t $2:tcp_socket { read write }; ++ allow $1_java_t $2:tcp_socket { read write }; + + domtrans_pattern($2, java_exec_t, $1_java_t) + @@ -19282,7 +19282,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/samb +/etc/rc.d/init.d/smb -- gen_context(system_u:object_r:samba_script_exec_t,s0) diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/samba.if serefpolicy-3.3.1/policy/modules/services/samba.if --- nsaserefpolicy/policy/modules/services/samba.if 2007-10-12 08:56:07.000000000 -0400 -+++ serefpolicy-3.3.1/policy/modules/services/samba.if 2008-02-26 17:31:18.000000000 -0500 ++++ serefpolicy-3.3.1/policy/modules/services/samba.if 2008-02-26 21:19:09.000000000 -0500 @@ -63,6 +63,25 @@ ######################################## @@ -19333,7 +19333,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/samb +## +## +# -+interface(`samba_run_net',` ++interface(`samba_run_unconfined_net',` + gen_require(` + type samba_unconfined_net_t; + ')