From 43fb726b4bf4f94e1be5c75e799467799f3edad6 Mon Sep 17 00:00:00 2001
From: Daniel J Walsh <dwalsh@fedoraproject.org>
Date: Jul 30 2009 21:38:54 +0000
Subject: - More fixes from upstream


---

diff --git a/.cvsignore b/.cvsignore
index b11d307..4db517c 100644
--- a/.cvsignore
+++ b/.cvsignore
@@ -181,3 +181,4 @@ serefpolicy-3.6.22.tgz
 serefpolicy-3.6.23.tgz
 serefpolicy-3.6.24.tgz
 serefpolicy-3.6.25.tgz
+serefpolicy-3.6.26.tgz
diff --git a/policy-F12.patch b/policy-F12.patch
index 4088d85..317966e 100644
--- a/policy-F12.patch
+++ b/policy-F12.patch
@@ -10579,7 +10579,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
 +')
 diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/hal.te serefpolicy-3.6.26/policy/modules/services/hal.te
 --- nsaserefpolicy/policy/modules/services/hal.te	2009-07-28 13:28:33.000000000 -0400
-+++ serefpolicy-3.6.26/policy/modules/services/hal.te	2009-07-30 15:33:08.000000000 -0400
++++ serefpolicy-3.6.26/policy/modules/services/hal.te	2009-07-30 17:31:42.000000000 -0400
 @@ -55,6 +55,9 @@
  type hald_var_lib_t;
  files_type(hald_var_lib_t)
@@ -10645,7 +10645,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
  	policykit_domtrans_auth(hald_acl_t)
  	policykit_read_lib(hald_acl_t)
  	policykit_read_reload(hald_acl_t)
-@@ -450,11 +466,15 @@
+@@ -450,12 +466,16 @@
  
  miscfiles_read_localization(hald_keymap_t)
  
@@ -10658,12 +10658,18 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
  # Local hald dccm policy
  #
 -
+-allow hald_dccm_t self:capability { net_bind_service };
 +allow hald_dccm_t self:fifo_file rw_fifo_file_perms;
- allow hald_dccm_t self:capability { net_bind_service };
++allow hald_dccm_t self:capability { chown net_bind_service };
  allow hald_dccm_t self:process getsched;
  allow hald_dccm_t self:tcp_socket create_stream_socket_perms;
-@@ -473,6 +493,8 @@
+ allow hald_dccm_t self:udp_socket create_socket_perms;
+@@ -471,8 +491,12 @@
  
+ write_files_pattern(hald_dccm_t, hald_log_t, hald_log_t)
+ 
++dev_read_urand(hald_dccm_t)
++
  kernel_search_network_sysctl(hald_dccm_t)
  
 +hal_dontaudit_rw_dgram_sockets(hald_dccm_t)
@@ -10671,7 +10677,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
  corenet_all_recvfrom_unlabeled(hald_dccm_t)
  corenet_all_recvfrom_netlabel(hald_dccm_t)
  corenet_tcp_sendrecv_generic_if(hald_dccm_t)
-@@ -484,6 +506,7 @@
+@@ -484,6 +508,7 @@
  corenet_tcp_bind_generic_node(hald_dccm_t)
  corenet_udp_bind_generic_node(hald_dccm_t)
  corenet_udp_bind_dhcpc_port(hald_dccm_t)
@@ -10679,7 +10685,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
  corenet_tcp_bind_dccm_port(hald_dccm_t)
  
  logging_send_syslog_msg(hald_dccm_t)
-@@ -491,3 +514,9 @@
+@@ -491,3 +516,9 @@
  files_read_usr_files(hald_dccm_t)
  
  miscfiles_read_localization(hald_dccm_t)
diff --git a/sources b/sources
index c4060e7..681011f 100644
--- a/sources
+++ b/sources
@@ -1 +1 @@
-1bf047937d814f33c84b5fb13f55b620  serefpolicy-3.6.25.tgz
+8c707d664792b43fa6c1f1adde8cfd57  serefpolicy-3.6.26.tgz