From 69b0c3958fee0645f468b9b480cc9a9b865d96c0 Mon Sep 17 00:00:00 2001
From: Daniel J Walsh <dwalsh@fedoraproject.org>
Date: May 19 2010 20:20:53 +0000
Subject: - Add labels for /sys

- Allow sshd to getattr on shutdown
- Fixes for munin
- Allow sssd to use the kernel key ring
- Allow tor to send syslog messages
- Allow iptabels to read usr files
- allow policykit to read all domains state Resolves: #591561

---

diff --git a/policy-F13.patch b/policy-F13.patch
index ab4f15e..ea004ed 100644
--- a/policy-F13.patch
+++ b/policy-F13.patch
@@ -21047,7 +21047,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/netw
 +
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/networkmanager.if serefpolicy-3.7.19/policy/modules/services/networkmanager.if
 --- nsaserefpolicy/policy/modules/services/networkmanager.if	2009-07-14 14:19:57.000000000 -0400
-+++ serefpolicy-3.7.19/policy/modules/services/networkmanager.if	2010-05-19 14:05:37.000000000 -0400
++++ serefpolicy-3.7.19/policy/modules/services/networkmanager.if	2010-05-19 16:16:12.000000000 -0400
 @@ -100,6 +100,27 @@
  
  ########################################
@@ -21190,7 +21190,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/netw
 +
 +	logging_search_logs($1)
 +	allow $1 NetworkManager_log_t:dir list_dir_perms;
-+	append_files_pattern($1, NetworkManager_log_t, NetworkManagerlog_t)
++	append_files_pattern($1, NetworkManager_log_t, NetworkManager_log_t)
 +')
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/networkmanager.te serefpolicy-3.7.19/policy/modules/services/networkmanager.te
 --- nsaserefpolicy/policy/modules/services/networkmanager.te	2009-08-14 16:14:31.000000000 -0400
diff --git a/selinux-policy.spec b/selinux-policy.spec
index ae77e56..4ab1bf8 100644
--- a/selinux-policy.spec
+++ b/selinux-policy.spec
@@ -20,7 +20,7 @@
 Summary: SELinux policy configuration
 Name: selinux-policy
 Version: 3.7.19
-Release: 17%{?dist}
+Release: 18%{?dist}
 License: GPLv2+
 Group: System Environment/Base
 Source: serefpolicy-%{version}.tgz
@@ -468,6 +468,16 @@ exit 0
 %endif
 
 %changelog
+* Wed May 19 2010 Dan Walsh <dwalsh@redhat.com> 3.7.19-18
+- Add labels for /sys
+- Allow sshd to getattr on shutdown
+- Fixes for munin
+- Allow sssd to use the kernel key ring
+- Allow tor to send syslog messages
+- Allow iptabels to read usr files
+- allow policykit to read all domains state
+Resolves: #591561
+
 * Thu May 13 2010 Dan Walsh <dwalsh@redhat.com> 3.7.19-17
 - Fix path for /var/spool/abrt
 Resolves: #591561