Navigation

← Previous Changeset
Next Changeset →

Changeset 73

Timestamp:

10/18/06 18:32:27 (2 years ago)

Author:

ccase

Message:

updated to upstream 2006-10-18

Files:

upstream/refpolicy/Changelog (modified) (2 diffs)
upstream/refpolicy/Makefile (modified) (3 diffs)
upstream/refpolicy/Rules.modular (modified) (1 diff)
upstream/refpolicy/Rules.monolithic (modified) (1 diff)
upstream/refpolicy/VERSION (modified) (1 diff)
upstream/refpolicy/policy/mls (modified) (2 diffs)
upstream/refpolicy/policy/modules/admin/amanda.te (modified) (1 diff)
upstream/refpolicy/policy/modules/admin/anaconda.te (modified) (1 diff)
upstream/refpolicy/policy/modules/admin/apt.te (modified) (1 diff)
upstream/refpolicy/policy/modules/admin/backup.te (modified) (1 diff)
upstream/refpolicy/policy/modules/admin/bootloader.te (modified) (1 diff)
upstream/refpolicy/policy/modules/admin/consoletype.te (modified) (1 diff)
upstream/refpolicy/policy/modules/admin/dmidecode.te (modified) (1 diff)
upstream/refpolicy/policy/modules/admin/dpkg.te (modified) (1 diff)
upstream/refpolicy/policy/modules/admin/firstboot.te (modified) (1 diff)
upstream/refpolicy/policy/modules/admin/kudzu.te (modified) (1 diff)
upstream/refpolicy/policy/modules/admin/logrotate.te (modified) (1 diff)
upstream/refpolicy/policy/modules/admin/logwatch.te (modified) (1 diff)
upstream/refpolicy/policy/modules/admin/mrtg.te (modified) (1 diff)
upstream/refpolicy/policy/modules/admin/netutils.te (modified) (1 diff)
upstream/refpolicy/policy/modules/admin/portage.if (modified) (2 diffs)
upstream/refpolicy/policy/modules/admin/portage.te (modified) (2 diffs)
upstream/refpolicy/policy/modules/admin/prelink.te (modified) (1 diff)
upstream/refpolicy/policy/modules/admin/readahead.te (modified) (1 diff)
upstream/refpolicy/policy/modules/admin/rpm.te (modified) (1 diff)
upstream/refpolicy/policy/modules/admin/su.te (modified) (1 diff)
upstream/refpolicy/policy/modules/admin/sxid.te (modified) (1 diff)
upstream/refpolicy/policy/modules/admin/updfstab.te (modified) (1 diff)
upstream/refpolicy/policy/modules/admin/usbmodules.te (modified) (1 diff)
upstream/refpolicy/policy/modules/admin/usermanage.te (modified) (1 diff)
upstream/refpolicy/policy/modules/admin/vbetool.te (modified) (1 diff)
upstream/refpolicy/policy/modules/admin/vpn.te (modified) (1 diff)
upstream/refpolicy/policy/modules/apps/calamaris.te (modified) (1 diff)
upstream/refpolicy/policy/modules/apps/cdrecord.te (modified) (1 diff)
upstream/refpolicy/policy/modules/apps/ethereal.te (modified) (1 diff)
upstream/refpolicy/policy/modules/apps/evolution.te (modified) (1 diff)
upstream/refpolicy/policy/modules/apps/games.te (modified) (1 diff)
upstream/refpolicy/policy/modules/apps/gpg.te (modified) (1 diff)
upstream/refpolicy/policy/modules/apps/irc.te (modified) (1 diff)
upstream/refpolicy/policy/modules/apps/java.te (modified) (1 diff)
upstream/refpolicy/policy/modules/apps/lockdev.te (modified) (1 diff)
upstream/refpolicy/policy/modules/apps/mono.te (modified) (1 diff)
upstream/refpolicy/policy/modules/apps/mozilla.te (modified) (1 diff)
upstream/refpolicy/policy/modules/apps/mplayer.fc (modified) (1 diff)
upstream/refpolicy/policy/modules/apps/mplayer.te (modified) (2 diffs)
upstream/refpolicy/policy/modules/apps/screen.te (modified) (1 diff)
upstream/refpolicy/policy/modules/apps/slocate.te (modified) (1 diff)
upstream/refpolicy/policy/modules/apps/thunderbird.te (modified) (1 diff)
upstream/refpolicy/policy/modules/apps/tvtime.te (modified) (1 diff)
upstream/refpolicy/policy/modules/apps/uml.te (modified) (1 diff)
upstream/refpolicy/policy/modules/apps/userhelper.te (modified) (1 diff)
upstream/refpolicy/policy/modules/apps/webalizer.te (modified) (1 diff)
upstream/refpolicy/policy/modules/apps/wine.te (modified) (1 diff)
upstream/refpolicy/policy/modules/kernel/corecommands.te (modified) (1 diff)
upstream/refpolicy/policy/modules/kernel/corenetwork.if.in (modified) (1 diff)
upstream/refpolicy/policy/modules/kernel/corenetwork.te.in (modified) (1 diff)
upstream/refpolicy/policy/modules/kernel/devices.te (modified) (1 diff)
upstream/refpolicy/policy/modules/kernel/domain.te (modified) (1 diff)
upstream/refpolicy/policy/modules/kernel/files.te (modified) (1 diff)
upstream/refpolicy/policy/modules/kernel/filesystem.te (modified) (1 diff)
upstream/refpolicy/policy/modules/kernel/kernel.if (modified) (1 diff)
upstream/refpolicy/policy/modules/kernel/kernel.te (modified) (1 diff)
upstream/refpolicy/policy/modules/kernel/mcs.te (modified) (1 diff)
upstream/refpolicy/policy/modules/kernel/mls.te (modified) (1 diff)
upstream/refpolicy/policy/modules/kernel/selinux.te (modified) (1 diff)
upstream/refpolicy/policy/modules/kernel/storage.te (modified) (1 diff)
upstream/refpolicy/policy/modules/kernel/terminal.if (modified) (2 diffs)
upstream/refpolicy/policy/modules/kernel/terminal.te (modified) (1 diff)
upstream/refpolicy/policy/modules/services/afs.te (modified) (1 diff)
upstream/refpolicy/policy/modules/services/amavis.te (modified) (1 diff)
upstream/refpolicy/policy/modules/services/apache.te (modified) (1 diff)
upstream/refpolicy/policy/modules/services/apm.te (modified) (1 diff)
upstream/refpolicy/policy/modules/services/arpwatch.te (modified) (1 diff)
upstream/refpolicy/policy/modules/services/asterisk.te (modified) (1 diff)
upstream/refpolicy/policy/modules/services/automount.te (modified) (1 diff)
upstream/refpolicy/policy/modules/services/avahi.te (modified) (1 diff)
upstream/refpolicy/policy/modules/services/bind.te (modified) (1 diff)
upstream/refpolicy/policy/modules/services/bluetooth.te (modified) (1 diff)
upstream/refpolicy/policy/modules/services/canna.te (modified) (1 diff)
upstream/refpolicy/policy/modules/services/cipe.te (modified) (1 diff)
upstream/refpolicy/policy/modules/services/clamav.te (modified) (1 diff)
upstream/refpolicy/policy/modules/services/clockspeed.te (modified) (1 diff)
upstream/refpolicy/policy/modules/services/comsat.te (modified) (1 diff)
upstream/refpolicy/policy/modules/services/courier.te (modified) (1 diff)
upstream/refpolicy/policy/modules/services/cpucontrol.te (modified) (1 diff)
upstream/refpolicy/policy/modules/services/cron.fc (modified) (1 diff)
upstream/refpolicy/policy/modules/services/cron.te (modified) (2 diffs)
upstream/refpolicy/policy/modules/services/cups.te (modified) (1 diff)
upstream/refpolicy/policy/modules/services/cvs.te (modified) (1 diff)
upstream/refpolicy/policy/modules/services/cyrus.te (modified) (1 diff)
upstream/refpolicy/policy/modules/services/dante.te (modified) (1 diff)
upstream/refpolicy/policy/modules/services/dbskk.te (modified) (1 diff)
upstream/refpolicy/policy/modules/services/dbus.te (modified) (1 diff)
upstream/refpolicy/policy/modules/services/dcc.te (modified) (1 diff)
upstream/refpolicy/policy/modules/services/ddclient.te (modified) (1 diff)
upstream/refpolicy/policy/modules/services/dhcp.te (modified) (1 diff)
upstream/refpolicy/policy/modules/services/dictd.te (modified) (1 diff)
upstream/refpolicy/policy/modules/services/distcc.te (modified) (1 diff)
upstream/refpolicy/policy/modules/services/djbdns.te (modified) (1 diff)
upstream/refpolicy/policy/modules/services/dnsmasq.te (modified) (1 diff)
upstream/refpolicy/policy/modules/services/dovecot.te (modified) (1 diff)
upstream/refpolicy/policy/modules/services/fetchmail.te (modified) (1 diff)
upstream/refpolicy/policy/modules/services/finger.te (modified) (1 diff)
upstream/refpolicy/policy/modules/services/ftp.te (modified) (1 diff)
upstream/refpolicy/policy/modules/services/gatekeeper.te (modified) (1 diff)
upstream/refpolicy/policy/modules/services/gpm.te (modified) (1 diff)
upstream/refpolicy/policy/modules/services/hal.te (modified) (1 diff)
upstream/refpolicy/policy/modules/services/howl.te (modified) (1 diff)
upstream/refpolicy/policy/modules/services/i18n_input.te (modified) (1 diff)
upstream/refpolicy/policy/modules/services/imaze.te (modified) (1 diff)
upstream/refpolicy/policy/modules/services/inetd.te (modified) (1 diff)
upstream/refpolicy/policy/modules/services/inn.te (modified) (1 diff)
upstream/refpolicy/policy/modules/services/ircd.te (modified) (1 diff)
upstream/refpolicy/policy/modules/services/jabber.te (modified) (1 diff)
upstream/refpolicy/policy/modules/services/kerberos.te (modified) (1 diff)
upstream/refpolicy/policy/modules/services/ktalk.te (modified) (1 diff)
upstream/refpolicy/policy/modules/services/ldap.te (modified) (1 diff)
upstream/refpolicy/policy/modules/services/lpd.te (modified) (1 diff)
upstream/refpolicy/policy/modules/services/mailman.te (modified) (1 diff)
upstream/refpolicy/policy/modules/services/monop.te (modified) (1 diff)
upstream/refpolicy/policy/modules/services/mta.te (modified) (1 diff)
upstream/refpolicy/policy/modules/services/munin.te (modified) (1 diff)
upstream/refpolicy/policy/modules/services/mysql.te (modified) (1 diff)
upstream/refpolicy/policy/modules/services/nagios.te (modified) (1 diff)
upstream/refpolicy/policy/modules/services/nessus.te (modified) (1 diff)
upstream/refpolicy/policy/modules/services/networkmanager.te (modified) (1 diff)
upstream/refpolicy/policy/modules/services/nis.te (modified) (1 diff)
upstream/refpolicy/policy/modules/services/nscd.te (modified) (1 diff)
upstream/refpolicy/policy/modules/services/nsd.te (modified) (1 diff)
upstream/refpolicy/policy/modules/services/ntop.te (modified) (1 diff)
upstream/refpolicy/policy/modules/services/ntp.te (modified) (1 diff)
upstream/refpolicy/policy/modules/services/nx.te (modified) (1 diff)
upstream/refpolicy/policy/modules/services/oav.te (modified) (1 diff)
upstream/refpolicy/policy/modules/services/openvpn.te (modified) (1 diff)
upstream/refpolicy/policy/modules/services/pegasus.te (modified) (1 diff)
upstream/refpolicy/policy/modules/services/perdition.te (modified) (1 diff)
upstream/refpolicy/policy/modules/services/portmap.te (modified) (1 diff)
upstream/refpolicy/policy/modules/services/portslave.te (modified) (1 diff)
upstream/refpolicy/policy/modules/services/postfix.te (modified) (1 diff)
upstream/refpolicy/policy/modules/services/postgresql.te (modified) (1 diff)
upstream/refpolicy/policy/modules/services/postgrey.te (modified) (1 diff)
upstream/refpolicy/policy/modules/services/ppp.te (modified) (1 diff)
upstream/refpolicy/policy/modules/services/privoxy.te (modified) (1 diff)
upstream/refpolicy/policy/modules/services/procmail.te (modified) (1 diff)
upstream/refpolicy/policy/modules/services/pyzor.te (modified) (1 diff)
upstream/refpolicy/policy/modules/services/qmail.te (modified) (1 diff)
upstream/refpolicy/policy/modules/services/radius.te (modified) (1 diff)
upstream/refpolicy/policy/modules/services/radvd.te (modified) (1 diff)
upstream/refpolicy/policy/modules/services/razor.te (modified) (1 diff)
upstream/refpolicy/policy/modules/services/rdisc.te (modified) (1 diff)
upstream/refpolicy/policy/modules/services/remotelogin.te (modified) (1 diff)
upstream/refpolicy/policy/modules/services/rhgb.te (modified) (1 diff)
upstream/refpolicy/policy/modules/services/rlogin.te (modified) (1 diff)
upstream/refpolicy/policy/modules/services/roundup.te (modified) (1 diff)
upstream/refpolicy/policy/modules/services/rpc.te (modified) (1 diff)
upstream/refpolicy/policy/modules/services/rshd.te (modified) (1 diff)
upstream/refpolicy/policy/modules/services/rsync.te (modified) (1 diff)
upstream/refpolicy/policy/modules/services/samba.te (modified) (3 diffs)
upstream/refpolicy/policy/modules/services/sasl.te (modified) (1 diff)
upstream/refpolicy/policy/modules/services/sendmail.te (modified) (1 diff)
upstream/refpolicy/policy/modules/services/setroubleshoot.te (modified) (1 diff)
upstream/refpolicy/policy/modules/services/smartmon.te (modified) (1 diff)
upstream/refpolicy/policy/modules/services/snmp.te (modified) (1 diff)
upstream/refpolicy/policy/modules/services/snort.te (modified) (1 diff)
upstream/refpolicy/policy/modules/services/soundserver.te (modified) (1 diff)
upstream/refpolicy/policy/modules/services/spamassassin.te (modified) (1 diff)
upstream/refpolicy/policy/modules/services/squid.te (modified) (1 diff)
upstream/refpolicy/policy/modules/services/ssh.te (modified) (1 diff)
upstream/refpolicy/policy/modules/services/stunnel.te (modified) (1 diff)
upstream/refpolicy/policy/modules/services/sysstat.te (modified) (1 diff)
upstream/refpolicy/policy/modules/services/tcpd.te (modified) (1 diff)
upstream/refpolicy/policy/modules/services/telnet.te (modified) (1 diff)
upstream/refpolicy/policy/modules/services/tftp.te (modified) (3 diffs)
upstream/refpolicy/policy/modules/services/timidity.te (modified) (1 diff)
upstream/refpolicy/policy/modules/services/tor.te (modified) (1 diff)
upstream/refpolicy/policy/modules/services/transproxy.te (modified) (1 diff)
upstream/refpolicy/policy/modules/services/ucspitcp.te (modified) (1 diff)
upstream/refpolicy/policy/modules/services/uucp.te (modified) (1 diff)
upstream/refpolicy/policy/modules/services/uwimap.te (modified) (1 diff)
upstream/refpolicy/policy/modules/services/watchdog.te (modified) (1 diff)
upstream/refpolicy/policy/modules/services/xfs.te (modified) (1 diff)
upstream/refpolicy/policy/modules/services/xprint.te (modified) (1 diff)
upstream/refpolicy/policy/modules/services/xserver.te (modified) (1 diff)
upstream/refpolicy/policy/modules/services/zebra.te (modified) (1 diff)
upstream/refpolicy/policy/modules/system/authlogin.te (modified) (1 diff)
upstream/refpolicy/policy/modules/system/clock.te (modified) (1 diff)
upstream/refpolicy/policy/modules/system/daemontools.te (modified) (1 diff)
upstream/refpolicy/policy/modules/system/fstools.te (modified) (1 diff)
upstream/refpolicy/policy/modules/system/getty.te (modified) (1 diff)
upstream/refpolicy/policy/modules/system/hostname.te (modified) (1 diff)
upstream/refpolicy/policy/modules/system/hotplug.te (modified) (1 diff)
upstream/refpolicy/policy/modules/system/init.if (modified) (1 diff)
upstream/refpolicy/policy/modules/system/init.te (modified) (3 diffs)
upstream/refpolicy/policy/modules/system/ipsec.te (modified) (1 diff)
upstream/refpolicy/policy/modules/system/libraries.fc (modified) (1 diff)
upstream/refpolicy/policy/modules/system/libraries.te (modified) (1 diff)
upstream/refpolicy/policy/modules/system/locallogin.te (modified) (1 diff)
upstream/refpolicy/policy/modules/system/logging.fc (modified) (1 diff)
upstream/refpolicy/policy/modules/system/logging.te (modified) (1 diff)
upstream/refpolicy/policy/modules/system/lvm.te (modified) (1 diff)
upstream/refpolicy/policy/modules/system/miscfiles.te (modified) (1 diff)
upstream/refpolicy/policy/modules/system/modutils.te (modified) (2 diffs)
upstream/refpolicy/policy/modules/system/mount.te (modified) (1 diff)
upstream/refpolicy/policy/modules/system/pcmcia.te (modified) (1 diff)
upstream/refpolicy/policy/modules/system/raid.te (modified) (1 diff)
upstream/refpolicy/policy/modules/system/selinuxutil.te (modified) (4 diffs)
upstream/refpolicy/policy/modules/system/setrans.te (modified) (1 diff)
upstream/refpolicy/policy/modules/system/sysnetwork.te (modified) (1 diff)
upstream/refpolicy/policy/modules/system/udev.te (modified) (1 diff)
upstream/refpolicy/policy/modules/system/unconfined.fc (modified) (1 diff)
upstream/refpolicy/policy/modules/system/unconfined.if (modified) (1 diff)
upstream/refpolicy/policy/modules/system/unconfined.te (modified) (1 diff)
upstream/refpolicy/policy/modules/system/userdomain.if (modified) (2 diffs)
upstream/refpolicy/policy/modules/system/userdomain.te (modified) (2 diffs)
upstream/refpolicy/policy/modules/system/xen.te (modified) (1 diff)
upstream/refpolicy/support/Makefile.devel (modified) (2 diffs)
upstream/refpolicy/support/selinux-refpolicy-sources.spec.skel (modified) (1 diff)

Legend:

: Unmodified
: Added
: Removed
: Modified
: Copied
: Moved

upstream/refpolicy/Changelog

r48	r73
	1	* Wed Oct 18 2006 Chris PeBenito <selinux@tresys.com> - 20061018
1	2	- Patch from Russell Coker Thu, 5 Oct 2006
2	3	- Move range transitions to modules.
…	…
110	111	nagios
111	112	nessus
	113	netlabel (Paul Moore)
112	114	nsd
113	115	ntop

upstream/refpolicy/Makefile

r48	r73
149	149	srcpath = $(installdir)/src
150	150	userpath = $(installdir)/users
	151	policypath = $(installdir)/policy
151	152	contextpath = $(installdir)/contexts
	153	homedirpath = $(contextpath)/files/homedir_template
152	154	fcpath = $(contextpath)/files/file_contexts
153	155	ncpath = $(contextpath)/netfilter_contexts
…	…
240	242	seusers := $(appconf)/seusers
241	243	appdir := $(contextpath)
242		appfiles := $(addprefix $(appdir)/,default_contexts default_type initrc_context failsafe_context userhelper_context removable_context dbus_contexts customizable_types) $(contextpath)/files/media
	244	user_default_contexts := $(wildcard config/appconfig-$(TYPE)/*_default_contexts)
	245	user_default_contexts_names := $(addprefix $(contextpath)/users/,$(subst _default_contexts,,$(notdir $(user_default_contexts))))
	246	appfiles := $(addprefix $(appdir)/,default_contexts default_type initrc_context failsafe_context userhelper_context removable_context dbus_contexts customizable_types) $(contextpath)/files/media $(user_default_contexts_names)
243	247	net_contexts := $(builddir)net_contexts
244	248
…	…
511	515	$(verbose) $(INSTALL) -m 644 $< $@
512	516
513		$(~~appdir)/users/root: $(appconf)/root~~_default_contexts
	517	$(contextpath)/users/%: $(appconf)/%_default_contexts
514	518	@mkdir -p $(appdir)/users
515		$(verbose) $(INSTALL) -m 644 $< $@
	519	$(verbose) $(INSTALL) -m 644 $^ $@
516	520
517	521	########################################

upstream/refpolicy/Rules.modular

r48	r73
53	53	#
54	54	load: $(instpkg) $(appfiles)
	55	# make sure two directories exist since they are not
	56	# created by semanage
	57	@mkdir -p $(policypath) $(dir $(fcpath))
55	58	@echo "Loading configured modules."
56	59	$(verbose) $(SEMODULE) -s $(NAME) -b $(modpkgdir)/$(notdir $(base_pkg)) $(foreach mod,$(mod_pkgs),-i $(modpkgdir)/$(mod))

upstream/refpolicy/Rules.monolithic

r48	r73
22	22
23	23	# install paths
24		~~policypath = $(installdir)/policy~~
25	24	loadpath = $(policypath)/$(notdir $(polver))
26		~~homedirpath = $(contextpath)/files/homedir_template~~
27	25
28	26	appfiles += $(installdir)/booleans $(userpath)/local.users

upstream/refpolicy/VERSION

r48 r73

1 2006~~0307~~
1 20061018

upstream/refpolicy/policy/mls

r48	r73
166	166
167	167	# the socket "read" ops (note the check is dominance of the low level)
168		mlsconstrain { socket tcp_socket udp_socket rawip_socket netlink_socket packet_socket key_socket unix_stream_socket unix_dgram_socket netlink_route_socket netlink_firewall_socket netlink_tcpdiag_socket netlink_nflog_socket netlink_xfrm_socket netlink_selinux_socket netlink_audit_socket netlink_ip6fw_socket netlink_dnrt_socket } { read getattr listen accept getopt recv~~from recv~~_msg }
	168	mlsconstrain { socket tcp_socket udp_socket rawip_socket netlink_socket packet_socket key_socket unix_stream_socket unix_dgram_socket netlink_route_socket netlink_firewall_socket netlink_tcpdiag_socket netlink_nflog_socket netlink_xfrm_socket netlink_selinux_socket netlink_audit_socket netlink_ip6fw_socket netlink_dnrt_socket } { read getattr listen accept getopt recv_msg }
169	169	(( l1 dom l2 ) or
170	170	(( t1 == mlsnetreadtoclr ) and ( h1 dom l2 )) or
…	…
181	181	(( t1 == mlsnetwritetoclr ) and ( h1 dom l2 ) and ( l1 domby l2 )) or
182	182	( t1 == mlsnetwrite ));
	183
	184	# used by netlabel to restrict normal domains to same level connections
	185	mlsconstrain { tcp_socket udp_socket } recvfrom
	186	(( l1 eq l2 ) or
	187	(( t1 == mlsnetreadtoclr ) and ( h1 dom l2 )) or
	188	( t1 == mlsnetread ));
183	189
184	190	# these access vectors have no MLS restrictions

upstream/refpolicy/policy/modules/admin/amanda.te

r48 r73

1 1
2 policy_module(amanda,1.~~3.7~~)
2 policy_module(amanda,1.4.0)
3 3
4 4 #######################################
upstream/refpolicy/policy/modules/admin/anaconda.te

r48 r73

1 1
2 policy_module(anaconda,1.~~0.1~~)
2 policy_module(anaconda,1.1.0)
3 3
4 4 ########################################
upstream/refpolicy/policy/modules/admin/apt.te

r48 r73

1 1
2 policy_module(apt,1.~~0.3~~)
2 policy_module(apt,1.1.0)
3 3
4 4 ########################################
upstream/refpolicy/policy/modules/admin/backup.te

r48 r73

1 1
2 policy_module(backup,1.~~0.1~~)
2 policy_module(backup,1.1.0)
3 3
4 4 ########################################
upstream/refpolicy/policy/modules/admin/bootloader.te

r48 r73

1 1
2 policy_module(bootloader,1.~~2.7~~)
2 policy_module(bootloader,1.3.0)
3 3
4 4 ########################################
upstream/refpolicy/policy/modules/admin/consoletype.te

r48 r73

1 1
2 policy_module(consoletype,1.~~0.2~~)
2 policy_module(consoletype,1.1.0)
3 3
4 4 ########################################
upstream/refpolicy/policy/modules/admin/dmidecode.te

r48 r73

1 1
2 policy_module(dmidecode,1.~~0.1~~)
2 policy_module(dmidecode,1.1.0)
3 3
4 4 ########################################
upstream/refpolicy/policy/modules/admin/dpkg.te

r48 r73

1 1
2 policy_module(dpkg,1.~~0.3~~)
2 policy_module(dpkg,1.1.0)
3 3
4 4 ########################################
upstream/refpolicy/policy/modules/admin/firstboot.te

r48 r73

1 1
2 policy_module(firstboot,1.~~1.5~~)
2 policy_module(firstboot,1.2.0)
3 3
4 4 gen_require(`
upstream/refpolicy/policy/modules/admin/kudzu.te

r48 r73

1 1
2 policy_module(kudzu,1.~~2.1~~)
2 policy_module(kudzu,1.3.0)
3 3
4 4 ########################################
upstream/refpolicy/policy/modules/admin/logrotate.te

r48 r73

1 1
2 policy_module(logrotate,1.~~2.2~~)
2 policy_module(logrotate,1.3.0)
3 3
4 4 ########################################
upstream/refpolicy/policy/modules/admin/logwatch.te

r48 r73

1 1
2 policy_module(logwatch,1.~~1.4~~)
2 policy_module(logwatch,1.2.0)
3 3
4 4 #################################
upstream/refpolicy/policy/modules/admin/mrtg.te

r48 r73

1 1
2 policy_module(mrtg,1.~~0.3~~)
2 policy_module(mrtg,1.1.0)
3 3
4 4 ########################################
upstream/refpolicy/policy/modules/admin/netutils.te

r48 r73

1 1
2 policy_module(netutils,1.~~1.5~~)
2 policy_module(netutils,1.2.0)
3 3
4 4 ########################################

upstream/refpolicy/policy/modules/admin/portage.if

r48	r73
174	174
175	175	domain_use_interactive_fds($1)
	176	domain_dontaudit_read_all_domains_state($1)
176	177
177	178	files_exec_etc_files($1)
…	…
223	224	interface(`portage_fetch_domain',`
224	225
225		allow $1 self:capability dac_override;
226		dontaudit $1 self:capability { fowner fsetid };
	226	allow $1 self:capability { dac_override fowner fsetid };
227	227	allow $1 self:process signal;
228	228	allow $1 self:unix_stream_socket create_socket_perms;

upstream/refpolicy/policy/modules/admin/portage.te

r48	r73
1	1
2		policy_module(portage,1.~~0.5~~)
	2	policy_module(portage,1.1.0)
3	3
4	4	########################################
…	…
152	152	portage_compile_domain(portage_t.merge)
153	153
154		allow portage_t.merge ~~portage_t.fetch~~:process signal;
	154	allow portage_t.merge { portage_t.fetch portage_t.sandbox }:process signal;
155	155
156	156	# transition for rsync and wget

upstream/refpolicy/policy/modules/admin/prelink.te

r48 r73

1 1
2 policy_module(prelink,1.~~1.7~~)
2 policy_module(prelink,1.2.0)
3 3
4 4 ########################################
upstream/refpolicy/policy/modules/admin/readahead.te

r48 r73

1 1
2 policy_module(readahead,1.~~2.3~~)
2 policy_module(readahead,1.3.0)
3 3
4 4 ########################################
upstream/refpolicy/policy/modules/admin/rpm.te

r48 r73

1 1
2 policy_module(rpm,1.~~3.11~~)
2 policy_module(rpm,1.4.0)
3 3
4 4 ########################################
upstream/refpolicy/policy/modules/admin/su.te

r48 r73

1 1
2 policy_module(su,1.~~3.4~~)
2 policy_module(su,1.4.0)
3 3
4 4 ########################################
upstream/refpolicy/policy/modules/admin/sxid.te

r48 r73

1 1
2 policy_module(sxid,1.~~0.3~~)
2 policy_module(sxid,1.1.0)
3 3
4 4 ########################################
upstream/refpolicy/policy/modules/admin/updfstab.te

r48 r73

1 1
2 policy_module(updfstab,1.~~2.1~~)
2 policy_module(updfstab,1.3.0)
3 3
4 4 ########################################
upstream/refpolicy/policy/modules/admin/usbmodules.te

r48 r73

1 1
2 policy_module(usbmodules,1.~~0.1~~)
2 policy_module(usbmodules,1.1.0)
3 3
4 4 ########################################
upstream/refpolicy/policy/modules/admin/usermanage.te

r48 r73

1 1 <

r48	r73
1	1
2		policy_module(amanda,1.~~3.7~~)
	2	policy_module(amanda,1.4.0)
3	3
4	4	#######################################

r48	r73
1	1
2		policy_module(anaconda,1.~~0.1~~)
	2	policy_module(anaconda,1.1.0)
3	3
4	4	########################################

r48	r73
1	1
2		policy_module(apt,1.~~0.3~~)
	2	policy_module(apt,1.1.0)
3	3
4	4	########################################

r48	r73
1	1
2		policy_module(backup,1.~~0.1~~)
	2	policy_module(backup,1.1.0)
3	3
4	4	########################################

r48	r73
1	1
2		policy_module(bootloader,1.~~2.7~~)
	2	policy_module(bootloader,1.3.0)
3	3
4	4	########################################

r48	r73
1	1
2		policy_module(consoletype,1.~~0.2~~)
	2	policy_module(consoletype,1.1.0)
3	3
4	4	########################################

r48	r73
1	1
2		policy_module(dmidecode,1.~~0.1~~)
	2	policy_module(dmidecode,1.1.0)
3	3
4	4	########################################

r48	r73
1	1
2		policy_module(dpkg,1.~~0.3~~)
	2	policy_module(dpkg,1.1.0)
3	3
4	4	########################################

r48	r73
1	1
2		policy_module(firstboot,1.~~1.5~~)
	2	policy_module(firstboot,1.2.0)
3	3
4	4	gen_require(`

r48	r73
1	1
2		policy_module(kudzu,1.~~2.1~~)
	2	policy_module(kudzu,1.3.0)
3	3
4	4	########################################

r48	r73
1	1
2		policy_module(logwatch,1.~~1.4~~)
	2	policy_module(logwatch,1.2.0)
3	3
4	4	#################################

r48	r73
1	1
2		policy_module(logrotate,1.~~2.2~~)
	2	policy_module(logrotate,1.3.0)
3	3
4	4	########################################

r48	r73
1	1
2		policy_module(mrtg,1.~~0.3~~)
	2	policy_module(mrtg,1.1.0)
3	3
4	4	########################################

r48	r73
1	1
2		policy_module(netutils,1.~~1.5~~)
	2	policy_module(netutils,1.2.0)
3	3
4	4	########################################

r48	r73
1	1
2		policy_module(prelink,1.~~1.7~~)
	2	policy_module(prelink,1.2.0)
3	3
4	4	########################################

r48	r73
1	1
2		policy_module(readahead,1.~~2.3~~)
	2	policy_module(readahead,1.3.0)
3	3
4	4	########################################

r48	r73
1	1
2		policy_module(rpm,1.~~3.11~~)
	2	policy_module(rpm,1.4.0)
3	3
4	4	########################################

r48	r73
1	1
2		policy_module(su,1.~~3.4~~)
	2	policy_module(su,1.4.0)
3	3
4	4	########################################

r48	r73
1	1
2		policy_module(sxid,1.~~0.3~~)
	2	policy_module(sxid,1.1.0)
3	3
4	4	########################################

r48	r73
1	1
2		policy_module(updfstab,1.~~2.1~~)
	2	policy_module(updfstab,1.3.0)
3	3
4	4	########################################

r48	r73
1	1
2		policy_module(usbmodules,1.~~0.1~~)
	2	policy_module(usbmodules,1.1.0)
3	3
4	4	########################################