From 501a17b8b21a8bd4af6d7b5051c3a080799ec125 Mon Sep 17 00:00:00 2001
From: Daniel J Walsh <dwalsh@fedoraproject.org>
Date: Jul 06 2007 19:23:20 +0000
Subject: - Fix root login to include system_r


---

diff --git a/policy-20070703.patch b/policy-20070703.patch
index 253e075..cfd46a5 100644
--- a/policy-20070703.patch
+++ b/policy-20070703.patch
@@ -52,6 +52,22 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/config/appconfig-targeted-mc
 @@ -1 +1 @@
 -user_u:system_r:initrc_t:s0
 +system_u:system_r:initrc_t:s0
+diff --exclude-from=exclude -N -u -r nsaserefpolicy/config/appconfig-targeted-mcs/root_default_contexts serefpolicy-3.0.2/config/appconfig-targeted-mcs/root_default_contexts
+--- nsaserefpolicy/config/appconfig-targeted-mcs/root_default_contexts	2007-05-25 09:09:09.000000000 -0400
++++ serefpolicy-3.0.2/config/appconfig-targeted-mcs/root_default_contexts	2007-07-06 15:14:25.000000000 -0400
+@@ -1,2 +1,10 @@
+-system_r:unconfined_t:s0	system_r:unconfined_t:s0
+-system_r:initrc_t:s0	system_r:unconfined_t:s0
++system_r:local_login_t:s0  system_r:unconfined_t:s0 sysadm_r:sysadm_t:s0 staff_r:staff_t:s0 user_r:user_t:s0
++system_r:crond_t:s0	system_r:unconfined_t:s0 sysadm_r:sysadm_crond_t:s0 staff_r:staff_crond_t:s0 user_r:user_crond_t:s0
++staff_r:staff_su_t:s0	system_r:unconfined_t:s0 sysadm_r:sysadm_t:s0 staff_r:staff_t:s0 user_r:user_t:s0
++sysadm_r:sysadm_su_t:s0	system_r:unconfined_t:s0 sysadm_r:sysadm_t:s0 staff_r:staff_t:s0 user_r:user_t:s0
++user_r:user_su_t:s0	system_r:unconfined_t:s0 sysadm_r:sysadm_t:s0 staff_r:staff_t:s0 user_r:user_t:s0
++#
++# Uncomment if you want to automatically login as sysadm_r
++#
++#system_r:sshd_t:s0 sysadm_r:sysadm_t:s0 staff_r:staff_t:s0 user_r:user_t:s0
++
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/config/appconfig-targeted-mcs/seusers serefpolicy-3.0.2/config/appconfig-targeted-mcs/seusers
 --- nsaserefpolicy/config/appconfig-targeted-mcs/seusers	2007-05-31 15:35:39.000000000 -0400
 +++ serefpolicy-3.0.2/config/appconfig-targeted-mcs/seusers	2007-07-03 14:38:10.000000000 -0400
diff --git a/selinux-policy.spec b/selinux-policy.spec
index 5ebfb6d..bbabcf2 100644
--- a/selinux-policy.spec
+++ b/selinux-policy.spec
@@ -17,7 +17,7 @@
 Summary: SELinux policy configuration
 Name: selinux-policy
 Version: 3.0.2
-Release: 2%{?dist}
+Release: 3%{?dist}
 License: GPL
 Group: System Environment/Base
 Source: serefpolicy-%{version}.tgz
@@ -356,6 +356,9 @@ exit 0
 %endif
 
 %changelog
+* Fri Jul 6 2007 Dan Walsh <dwalsh@redhat.com> 3.0.2-3
+- Fix root login to include system_r
+
 * Fri Jul 6 2007 Dan Walsh <dwalsh@redhat.com> 3.0.2-2
 - Allow prelink to read kernel sysctls