From 90c3c561ef5ae6bbe46b7cbe6702803d5c2df9af Mon Sep 17 00:00:00 2001
From: Chris PeBenito <cpebenito@tresys.com>
Date: Feb 25 2008 14:20:56 +0000
Subject: trunk: fc fix and if addtion from Stefan Schulze Frielinghaus.


---

diff --git a/policy/modules/kernel/storage.if b/policy/modules/kernel/storage.if
index 7522e6f..e500e21 100644
--- a/policy/modules/kernel/storage.if
+++ b/policy/modules/kernel/storage.if
@@ -171,6 +171,24 @@ interface(`storage_dontaudit_write_fixed_disk',`
 
 ########################################
 ## <summary>
+##      Allow the caller to directly read and write to a fixed disk.
+##      This is extremly dangerous as it can bypass the
+##      SELinux protections for filesystem objects, and
+##      should only be used by trusted domains.
+## </summary>
+## <param name="domain">
+##      <summary>
+##      Domain allowed access.
+##      </summary>
+## </param>
+#
+interface(`storage_raw_rw_fixed_disk',`
+	storage_raw_read_fixed_disk($1)
+	storage_raw_write_fixed_disk($1)
+')
+
+########################################
+## <summary>
 ##	Create, read, write, and delete fixed disk device nodes.
 ## </summary>
 ## <param name="domain">
diff --git a/policy/modules/kernel/storage.te b/policy/modules/kernel/storage.te
index 2057aba..adcaeaf 100644
--- a/policy/modules/kernel/storage.te
+++ b/policy/modules/kernel/storage.te
@@ -1,5 +1,5 @@
 
-policy_module(storage,1.5.0)
+policy_module(storage,1.5.1)
 
 ########################################
 #
diff --git a/policy/modules/system/logging.fc b/policy/modules/system/logging.fc
index b797ef7..244c3a8 100644
--- a/policy/modules/system/logging.fc
+++ b/policy/modules/system/logging.fc
@@ -15,10 +15,10 @@
 
 /usr/sbin/klogd		--	gen_context(system_u:object_r:klogd_exec_t,s0)
 /usr/sbin/metalog	--	gen_context(system_u:object_r:syslogd_exec_t,s0)
-/usr/sbin/syslogd	--	gen_context(system_u:object_r:syslogd_exec_t,s0)
-ifdef(`distro_gentoo', `
+/usr/sbin/rklogd	--	gen_context(system_u:object_r:klogd_exec_t,s0)
+/usr/sbin/rsyslogd	--	gen_context(system_u:object_r:syslogd_exec_t,s0)
 /usr/sbin/syslog-ng	--	gen_context(system_u:object_r:syslogd_exec_t,s0)
-')
+/usr/sbin/syslogd	--	gen_context(system_u:object_r:syslogd_exec_t,s0)
 
 ifdef(`distro_suse', `
 /var/lib/stunnel/dev/log -s	gen_context(system_u:object_r:devlog_t,s0)
diff --git a/policy/modules/system/logging.te b/policy/modules/system/logging.te
index 5a81526..4e42f83 100644
--- a/policy/modules/system/logging.te
+++ b/policy/modules/system/logging.te
@@ -1,5 +1,5 @@
 
-policy_module(logging,1.9.0)
+policy_module(logging,1.9.1)
 
 ########################################
 #