From 032463b5d9e37dbec318f6d4025e16b5fe95fefd Mon Sep 17 00:00:00 2001
From: Daniel J Walsh <dwalsh@fedoraproject.org>
Date: Dec 31 2009 14:31:00 +0000
Subject: - Allow traceroute to use all terms

- Fix mgetty use for faxes
- Dontaudit xdm listing fusefs
- Allow xguest to resolve host names
- Allow abrt to read noxattr filesystems (cdrom)
- Allow abrt_helper to send itself signals
- Allow amavis to read certs
- Allow apache to bind to port 3000 (Ruby on rails)
- Asterist uses mysql and snmp
- Allow consolekit to write wtmp file for shutdown
- Allow cups ipc_lock
- Allow hal to transition to ppp
- Fix mailman labels for 64 bit systems
- dontaudit system_mail access to leaked terminals
- Allow mysqld_safe_t to unlink mysqld pid files
- nrpe_t uses getpw calls
- Allow NetworkManager to delete ppp pid files
- Allow pptp_t to sens userdomain signals
- Allow prelude to connect to mysql
- Allow swat to start winbind server
- Fixes for snort
- Allow telnetd to setattr user terminals
- Allow qemu to read fusefs
- Allow domains that have telinit to connectto upstart unix_stream_socket
- Dontaudit ipsec_mgmt sys_tty_config
- Fix labels for postgrestgres test suite
- Other textrel_shlib_t fixes

---

diff --git a/policy-F12.patch b/policy-F12.patch
index 0c54f54..cb4e5e2 100644
--- a/policy-F12.patch
+++ b/policy-F12.patch
@@ -37103,7 +37103,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
 -	dontaudit $1 user_home_t:file read_file_perms;
 +	dontaudit $1 user_home_type:dir list_dir_perms;
 +	dontaudit $1 user_home_type:file read_file_perms;
-+	dontaudit $1 user_home_t:lnk_file read_lnk_file_perms;
++	dontaudit $1 user_home_type:lnk_file read_lnk_file_perms;
  ')
  
  ########################################