Fix filecontexts

Package-Manager: portage-2.1.9.25/cvs/Linux x86_64
author: Anthony G. Basile <blueness@gentoo.org> 2011-03-07 02:50:05 +0000
committer: Anthony G. Basile <blueness@gentoo.org> 2011-03-07 02:50:05 +0000
commit: 644e1178053426a2f7e10f4feedf45dea1a6d067 (patch)
tree: 5ba2decd4f626d43cd295b89a9ea9163c0b5d019 /sec-policy
parent: Allow mutt / gpg interaction (diff)
download: historical-644e1178053426a2f7e10f4feedf45dea1a6d067.tar.gz
historical-644e1178053426a2f7e10f4feedf45dea1a6d067.tar.bz2
historical-644e1178053426a2f7e10f4feedf45dea1a6d067.zip
4 files changed, 88 insertions, 2 deletions
diff --git a/sec-policy/selinux-postfix/ChangeLog b/sec-policy/selinux-postfix/ChangeLog
index cdb71326efc7..277e26ef25c0 100644
--- a/sec-policy/selinux-postfix/ChangeLog
+++ b/sec-policy/selinux-postfix/ChangeLog
@@ -1,6 +1,13 @@
 # ChangeLog for sec-policy/selinux-postfix
 # Copyright 1999-2011 Gentoo Foundation; Distributed under the GPL v2
-# $Header: /var/cvsroot/gentoo-x86/sec-policy/selinux-postfix/ChangeLog,v 1.31 2011/02/05 12:07:12 blueness Exp $
+# $Header: /var/cvsroot/gentoo-x86/sec-policy/selinux-postfix/ChangeLog,v 1.32 2011/03/07 02:50:05 blueness Exp $
+
+*selinux-postfix-2.20101213-r1 (07 Mar 2011)
+
+  07 Mar 2011; Anthony G. Basile <blueness@gentoo.org>
+  +files/fix-services-postfix-r1.patch,
+  +selinux-postfix-2.20101213-r1.ebuild:
+  Fix filecontexts
 
 *selinux-postfix-2.20101213 (05 Feb 2011)
 
diff --git a/sec-policy/selinux-postfix/files/fix-services-postfix-r1.patch b/sec-policy/selinux-postfix/files/fix-services-postfix-r1.patch
new file mode 100644
index 000000000000..da3e0adb35bb
--- /dev/null
+++ b/sec-policy/selinux-postfix/files/fix-services-postfix-r1.patch
@@ -0,0 +1,63 @@
+--- services/postfix.te	2010-08-03 15:11:07.000000000 +0200
++++ services/postfix.te	2011-03-03 17:48:25.952999995 +0100
+@@ -93,7 +93,7 @@
+ #
+ 
+ # chown is to set the correct ownership of queue dirs
+-allow postfix_master_t self:capability { chown dac_override kill setgid setuid net_bind_service sys_tty_config };
++allow postfix_master_t self:capability { chown dac_override kill setgid setuid net_bind_service sys_tty_config dac_read_search };
+ allow postfix_master_t self:fifo_file rw_fifo_file_perms;
+ allow postfix_master_t self:tcp_socket create_stream_socket_perms;
+ allow postfix_master_t self:udp_socket create_socket_perms;
+@@ -589,6 +589,7 @@
+ # for OpenSSL certificates
+ files_read_usr_files(postfix_smtpd_t)
+ mta_read_aliases(postfix_smtpd_t)
++mta_read_config(postfix_smtpd_t)
+ 
+ optional_policy(`
+ 	dovecot_stream_connect_auth(postfix_smtpd_t)
+--- services/postfix.fc	2010-08-03 15:11:07.000000000 +0200
++++ services/postfix.fc	2011-03-03 15:12:19.081999996 +0100
+@@ -16,24 +16,27 @@
+ /usr/libexec/postfix/pipe --	gen_context(system_u:object_r:postfix_pipe_exec_t,s0)
+ /usr/libexec/postfix/virtual --	gen_context(system_u:object_r:postfix_virtual_exec_t,s0)
+ ', `
+-/usr/lib/postfix/.*	--	gen_context(system_u:object_r:postfix_exec_t,s0)
+-/usr/lib/postfix/cleanup --	gen_context(system_u:object_r:postfix_cleanup_exec_t,s0)
+-/usr/lib/postfix/local	--	gen_context(system_u:object_r:postfix_local_exec_t,s0)
+-/usr/lib/postfix/master	--	gen_context(system_u:object_r:postfix_master_exec_t,s0)
+-/usr/lib/postfix/pickup	--	gen_context(system_u:object_r:postfix_pickup_exec_t,s0)
+-/usr/lib/postfix/(n)?qmgr --	gen_context(system_u:object_r:postfix_qmgr_exec_t,s0)
+-/usr/lib/postfix/showq	--	gen_context(system_u:object_r:postfix_showq_exec_t,s0)
+-/usr/lib/postfix/smtp	--	gen_context(system_u:object_r:postfix_smtp_exec_t,s0)
+-/usr/lib/postfix/lmtp	--	gen_context(system_u:object_r:postfix_smtp_exec_t,s0)
+-/usr/lib/postfix/scache	--	gen_context(system_u:object_r:postfix_smtp_exec_t,s0)
+-/usr/lib/postfix/smtpd	--	gen_context(system_u:object_r:postfix_smtpd_exec_t,s0)
+-/usr/lib/postfix/bounce	--	gen_context(system_u:object_r:postfix_bounce_exec_t,s0)
+-/usr/lib/postfix/pipe	--	gen_context(system_u:object_r:postfix_pipe_exec_t,s0)
+-/usr/lib/postfix/virtual --	gen_context(system_u:object_r:postfix_virtual_exec_t,s0)
++/usr/lib(64)?/postfix/.*	--	gen_context(system_u:object_r:postfix_exec_t,s0)
++/usr/lib(64)?/postfix/cleanup --	gen_context(system_u:object_r:postfix_cleanup_exec_t,s0)
++/usr/lib(64)?/postfix/local	--	gen_context(system_u:object_r:postfix_local_exec_t,s0)
++/usr/lib(64)?/postfix/master	--	gen_context(system_u:object_r:postfix_master_exec_t,s0)
++/usr/lib(64)?/postfix/pickup	--	gen_context(system_u:object_r:postfix_pickup_exec_t,s0)
++/usr/lib(64)?/postfix/(n)?qmgr --	gen_context(system_u:object_r:postfix_qmgr_exec_t,s0)
++/usr/lib(64)?/postfix/showq	--	gen_context(system_u:object_r:postfix_showq_exec_t,s0)
++/usr/lib(64)?/postfix/smtp	--	gen_context(system_u:object_r:postfix_smtp_exec_t,s0)
++/usr/lib(64)?/postfix/lmtp	--	gen_context(system_u:object_r:postfix_smtp_exec_t,s0)
++/usr/lib(64)?/postfix/scache	--	gen_context(system_u:object_r:postfix_smtp_exec_t,s0)
++/usr/lib(64)?/postfix/smtpd	--	gen_context(system_u:object_r:postfix_smtpd_exec_t,s0)
++/usr/lib(64)?/postfix/bounce	--	gen_context(system_u:object_r:postfix_bounce_exec_t,s0)
++/usr/lib(64)?/postfix/pipe	--	gen_context(system_u:object_r:postfix_pipe_exec_t,s0)
++/usr/lib(64)?/postfix/virtual --	gen_context(system_u:object_r:postfix_virtual_exec_t,s0)
++/usr/lib(64)?/postfix/postfix-script.*	--	gen_context(system_u:object_r:postfix_exec_t,s0)
+ ')
+ /etc/postfix/postfix-script.* -- gen_context(system_u:object_r:postfix_exec_t,s0)
+ /etc/postfix/prng_exch	--	gen_context(system_u:object_r:postfix_prng_t,s0)
++ifndef(`distro_gentoo',`
+ /usr/sbin/postalias	--	gen_context(system_u:object_r:postfix_master_exec_t,s0)
++')
+ /usr/sbin/postcat	--	gen_context(system_u:object_r:postfix_master_exec_t,s0)
+ /usr/sbin/postdrop	--	gen_context(system_u:object_r:postfix_postdrop_exec_t,s0)
+ /usr/sbin/postfix	--	gen_context(system_u:object_r:postfix_master_exec_t,s0)
diff --git a/sec-policy/selinux-postfix/selinux-postfix-2.20101213-r1.ebuild b/sec-policy/selinux-postfix/selinux-postfix-2.20101213-r1.ebuild
new file mode 100644
index 000000000000..1500d8725864
--- /dev/null
+++ b/sec-policy/selinux-postfix/selinux-postfix-2.20101213-r1.ebuild
@@ -0,0 +1,14 @@
+# Copyright 1999-2011 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Header: /var/cvsroot/gentoo-x86/sec-policy/selinux-postfix/selinux-postfix-2.20101213-r1.ebuild,v 1.1 2011/03/07 02:50:05 blueness Exp $
+
+MODS="postfix"
+IUSE=""
+
+inherit selinux-policy-2
+
+DESCRIPTION="SELinux policy for postfix"
+
+KEYWORDS="~amd64 ~x86"
+
+POLICY_PATCH="${FILESDIR}/fix-services-postfix-r1.patch"
diff --git a/sec-policy/selinux-postgresql/Manifest b/sec-policy/selinux-postgresql/Manifest
index 9cd9976a521c..ee59b3ac2563 100644
--- a/sec-policy/selinux-postgresql/Manifest
+++ b/sec-policy/selinux-postgresql/Manifest
@@ -1,10 +1,12 @@
+AUX fix-services-postgresql-r1.patch 1629 RMD160 3c81a56954bfbdc902adb9fa6d2f4218f2799804 SHA1 fafe2dc7fe0fdc0a3eb998ee9fc2959fedde7b16 SHA256 78078a77b14eb1ea9ca81b55c8a1138ee7653f7e019de455f97f36cca45f520f
 DIST refpolicy-2.20090730.tar.bz2 489840 RMD160 d1d157a5ad243edd5d216504ed697f128420e8c1 SHA1 af479258b4e78b8bd7aa2a23dead49f4d61a552f SHA256 745077f6db86646458fe65df82eaa6ffc8491752e511d2a7397f4b46bd478f03
 DIST refpolicy-2.20091215.tar.bz2 502893 RMD160 d4951a3d2025630734c4664dca0cc8297a354275 SHA1 3a64189cda00475d60b70ed0876b3e297ad463c6 SHA256 8c264680d130e7d0e0a49ee80d54a3fbdf083bc341c7f7516b5edef34e222ca5
 DIST refpolicy-2.20101213.tar.bz2 559450 RMD160 4858f792f4db5b179de6fb8419a626c29d59bdd3 SHA1 0e881e99b8950a358eadc44633551ca10f12eaee SHA256 b691ee8f6066cc19bb0d4384fe3be277d97d22e9d4ac2db0c252065e8c3535de
 DIST refpolicy-20080525.tar.bz2 336603 RMD160 c4e846a5506164f8c89994df4bbd05b396f60639 SHA1 7764f2f6c60a530abb461256335b70a288bb65f9 SHA256 122a12924ef7b1348d676214590a0ed92960fbde053ea5a666e5179e0fd66ab2
 EBUILD selinux-postgresql-2.20090730.ebuild 372 RMD160 b0804290817eedff3656a60e7aa58c70b9027d73 SHA1 a6ac2c48b5cfad48ed1fd829526d564e38dee65b SHA256 afea74515924ca67e92f12fac61670e1dcb132aff7503319b7ca1b836618e8e8
 EBUILD selinux-postgresql-2.20091215.ebuild 372 RMD160 55d3a43dacac791d85cdaf310afba12638d07e27 SHA1 f8ec4da20c1e77530722357bbc14e2774b43e09d SHA256 626a4a44495ffad116ad5db9b8e4a41a6d7585a1dc81d31509633bcb2c92da0f
+EBUILD selinux-postgresql-2.20101213-r1.ebuild 436 RMD160 7643964bf16e06b5fe26e9838da7893de217d3e2 SHA1 03c649969a559e7742ced7c951009abe6d0d2db1 SHA256 75348d590d38d80c1ead62086fbde1bfb376c9b78ff5dd7c4a602f8b0a7fb405
 EBUILD selinux-postgresql-2.20101213.ebuild 372 RMD160 1c2d434f214b790f372092873b5bb9d881b30b24 SHA1 670ef1b14abf278441f75a016647b1f83db93b42 SHA256 8a36239760c81bf59114cd6dce72a188bcc8e86f65a01b20dcc8b465cecf6174
 EBUILD selinux-postgresql-20080525.ebuild 368 RMD160 60776c8b8019af8551fd243df14d6d1cabe1bb96 SHA1 15f6d9a80a3d376ec34b9d28a7260dd5e9bc3e4b SHA256 6a124e31230ec905a1f5e73edfb2af4cd8d7f78550f19cf15ac11daf00d4973c
-MISC ChangeLog 4561 RMD160 2923e393219e56415a1d73992b599fc3cfe373c2 SHA1 0b185cc3a1d8b075c0e4734267c11bfbc1edf011 SHA256 cb56c41616820dc8e5cb5b8c99a49a12a27b0426ef2a8dd48e0915d6bb876372
+MISC ChangeLog 4789 RMD160 46e69ce8794d02ce4d0501f082cdda05b05f9365 SHA1 da5c76e6ef36ae4dead7501e67f0b4a214982a81 SHA256 7455b47cd8efe1793fa73f371210da2047a3bd3a902b0386b56ac4e1c4278a2f
 MISC metadata.xml 234 RMD160 0e1a2787da54df4c4205e69260402ea8ffe5f5cb SHA1 543cef2605ee7250ee83efea825903ad20fbf756 SHA256 2f770804d9a15b13be26e873255a4428b26e895fd6818f37485b38670b373e9e
author	Anthony G. Basile <blueness@gentoo.org>	2011-03-07 02:50:05 +0000
committer	Anthony G. Basile <blueness@gentoo.org>	2011-03-07 02:50:05 +0000
commit	644e1178053426a2f7e10f4feedf45dea1a6d067 (patch)
tree	5ba2decd4f626d43cd295b89a9ea9163c0b5d019 /sec-policy
parent	Allow mutt / gpg interaction (diff)
download	historical-644e1178053426a2f7e10f4feedf45dea1a6d067.tar.gz historical-644e1178053426a2f7e10f4feedf45dea1a6d067.tar.bz2 historical-644e1178053426a2f7e10f4feedf45dea1a6d067.zip