From 404d0dbf0c816e90d713ea3dae4c0649ba8080ab Mon Sep 17 00:00:00 2001
From: Daniel J Walsh <dwalsh@fedoraproject.org>
Date: Oct 27 2009 21:34:12 +0000
Subject: - Allow bittlebee to connect to privoxy port

- Allow iptables to work with shorewall

---

diff --git a/policy-F12.patch b/policy-F12.patch
index 9b26e26..23c4c8b 100644
--- a/policy-F12.patch
+++ b/policy-F12.patch
@@ -7721,13 +7721,13 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
 +gen_user(guest_u, user, guest_r, s0, s0)
 diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/roles/staff.te serefpolicy-3.6.32/policy/modules/roles/staff.te
 --- nsaserefpolicy/policy/modules/roles/staff.te	2009-07-14 14:19:57.000000000 -0400
-+++ serefpolicy-3.6.32/policy/modules/roles/staff.te	2009-10-26 16:38:35.000000000 -0400
++++ serefpolicy-3.6.32/policy/modules/roles/staff.te	2009-10-27 17:32:32.000000000 -0400
 @@ -10,161 +10,117 @@
  
  userdom_unpriv_user_template(staff)
  
 +# needed for sandbox
-+allow staff_t self:process setexec setfscreate;
++allow staff_t self:process setexec;
 +
  ########################################
  #