From c6a731700fbd4b9ce90660cf7d4b995a240e3980 Mon Sep 17 00:00:00 2001
From: Dan Walsh <dwalsh@redhat.com>
Date: Sep 17 2011 02:25:35 +0000
Subject: Make colord unconfined for RC1


---

diff --git a/colord.patch b/colord.patch
new file mode 100644
index 0000000..72fe9bd
--- /dev/null
+++ b/colord.patch
@@ -0,0 +1,12 @@
+diff --git a/policy/modules/services/colord.te b/policy/modules/services/colord.te
+index 810b790..a073a0c 100644
+--- a/policy/modules/services/colord.te
++++ b/policy/modules/services/colord.te
+@@ -128,3 +128,7 @@ optional_policy(`
+ 	# /var/lib/gdm/.local/share/icc/edid-0a027915105823af34f99b1704e80336.icc
+ 	xserver_read_inherited_xdm_lib_files(colord_t)
+ ')
++
++optional_policy(`
++	unconfined_domain(colord_t)
++')
diff --git a/selinux-policy.spec b/selinux-policy.spec
index 6182864..86eaca6 100644
--- a/selinux-policy.spec
+++ b/selinux-policy.spec
@@ -17,11 +17,12 @@
 Summary: SELinux policy configuration
 Name: selinux-policy
 Version: 3.10.0
-Release: 29%{?dist}
+Release: 29.1%{?dist}
 License: GPLv2+
 Group: System Environment/Base
 Source: serefpolicy-%{version}.tgz
 patch: policy-F16.patch
+patch1: colord.patch
 Source1: modules-targeted.conf
 Source2: booleans-targeted.conf
 Source3: Makefile.devel
@@ -235,6 +236,7 @@ Based off of reference policy: Checked out revision  2.20091117
 %prep 
 %setup -n serefpolicy-%{version} -q
 %patch -p1
+%patch1 -p1
 
 %install
 mkdir selinux_config
@@ -466,6 +468,9 @@ SELinux Reference policy mls base module.
 %endif
 
 %changelog
+* Fri Sep 16 2011 Dan Walsh <dwalsh@redhat.com> 3.10.0-29.1
+- Make colord unconfined so we can ship RC1
+
 * Fri Sep 16 2011 Miroslav Grepl <mgrepl@redhat.com> 3.10.0-29
 - Allow sanlock to manage virt lib files
 - Add virt_use_sanlock booelan