From f4cd1caeddabdf97153c31544c929ffbd2b7ae21 Mon Sep 17 00:00:00 2001
From: Juan Orti Alcaine <j.orti.alcaine@gmail.com>
Date: Jun 30 2017 18:22:06 +0000
Subject: Update SELinux policy


---

diff --git a/radicale.spec b/radicale.spec
index a0c1445..a12f4e4 100644
--- a/radicale.spec
+++ b/radicale.spec
@@ -3,7 +3,7 @@
 
 Name:             radicale
 Version:          2.1.0
-Release:          2%{?dist}
+Release:          3%{?dist}
 Summary:          A simple CalDAV (calendar) and CardDAV (contact) server
 License:          GPLv3+
 URL:              http://radicale.org
@@ -203,6 +203,9 @@ fi
 %config(noreplace) %{_sysconfdir}/httpd/conf.d/%{name}.conf
 
 %changelog
+* Fri Jun 30 2017 Juan Orti Alcaine <jorti@fedoraproject.org> - 2.1.0-3
+- Update SELinux policy
+
 * Fri Jun 30 2017 Juan Orti Alcaine <jorti@fedoraproject.org> - 2.1.0-2
 - Remove PrivateDevices=true (RHBZ#1452328)
 
diff --git a/radicale.te b/radicale.te
index e4abfab..7df3a13 100644
--- a/radicale.te
+++ b/radicale.te
@@ -1,12 +1,9 @@
-policy_module(radicale, 1.0.6)
+policy_module(radicale, 1.0.7)
 
 gen_require(`
     type httpd_t;
-    type bin_t;
 ')
 
-
-
 ########################################
 #
 # Declarations
@@ -16,8 +13,6 @@ type radicale_t;
 type radicale_exec_t;
 init_daemon_domain(radicale_t, radicale_exec_t)
 
-permissive radicale_t;
-
 type radicale_log_t;
 logging_log_file(radicale_log_t)
 
@@ -28,7 +23,7 @@ type radicale_var_run_t;
 files_pid_file(radicale_var_run_t)
 
 type radicale_etc_t;
-files_type(radicale_etc_t);
+files_config_file(radicale_etc_t);
 
 type radicale_unit_file_t;
 systemd_unit_file(radicale_unit_file_t)
@@ -47,8 +42,6 @@ allow radicale_t self:unix_dgram_socket create_stream_socket_perms;
 
 allow radicale_t radicale_port_t:tcp_socket name_bind;
 
-allow radicale_t bin_t:file execute;
-
 manage_dirs_pattern(radicale_t, radicale_log_t, radicale_log_t)
 manage_files_pattern(radicale_t, radicale_log_t, radicale_log_t)
 manage_lnk_files_pattern(radicale_t, radicale_log_t, radicale_log_t)
@@ -91,5 +84,7 @@ dev_read_urand(radicale_t)
 dev_read_rand(radicale_t)
 auth_use_nsswitch(radicale_t)
 corecmd_exec_shell(radicale_t)
+corecmd_exec_bin(radicale_t)
 libs_exec_ldconfig(radicale_t)
 kernel_read_system_state(radicale_t)
+apache_search_config(radicale_t)