From 953fd14b2e0ece113fb0de7e7fd310c3c36a3fa0 Mon Sep 17 00:00:00 2001
From: Daniel J Walsh <dwalsh@fedoraproject.org>
Date: Oct 18 2007 22:00:35 +0000
Subject: - Fix vpn to bind to port 4500

- Allow ssh to create shm
- Allow rshd to bind to ports > 1023
- Add Kismet policy

---

diff --git a/policy-20070703.patch b/policy-20070703.patch
index 7fbeae6..44dd69a 100644
--- a/policy-20070703.patch
+++ b/policy-20070703.patch
@@ -1128,8 +1128,8 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/admin/kismet.
 +/var/log/kismet(/.*)?			gen_context(system_u:object_r:kismet_log_t,s0)
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/admin/kismet.if serefpolicy-3.0.8/policy/modules/admin/kismet.if
 --- nsaserefpolicy/policy/modules/admin/kismet.if	1969-12-31 19:00:00.000000000 -0500
-+++ serefpolicy-3.0.8/policy/modules/admin/kismet.if	2007-10-18 17:32:20.000000000 -0400
-@@ -0,0 +1,277 @@
++++ serefpolicy-3.0.8/policy/modules/admin/kismet.if	2007-10-18 17:39:24.000000000 -0400
+@@ -0,0 +1,276 @@
 +
 +## <summary>policy for kismet</summary>
 +
@@ -1187,9 +1187,9 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/admin/kismet.
 +		type kismet_var_run_t;
 +	')
 +
-+         manage_dir_perms($1,kismet_var_run_t,kismet_var_run_t)
-+         manage_file_perms($1,kismet_var_run_t,kismet_var_run_t)
-+         manage_lnk_file_perms($1,kismet_var_run_t,kismet_var_run_t)
++         manage_dirs_pattern($1,kismet_var_run_t,kismet_var_run_t)
++         manage_files_pattern($1,kismet_var_run_t,kismet_var_run_t)
++         manage_lnk_files_pattern($1,kismet_var_run_t,kismet_var_run_t)
 +')
 +
 +
@@ -1268,9 +1268,9 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/admin/kismet.
 +		type kismet_var_lib_t;
 +	')
 +
-+         manage_dir_perms($1,kismet_var_lib_t,kismet_var_lib_t)
-+         manage_file_perms($1,kismet_var_lib_t,kismet_var_lib_t)
-+         manage_lnk_file_perms($1,kismet_var_lib_t,kismet_var_lib_t)
++         manage_dirs_pattern($1,kismet_var_lib_t,kismet_var_lib_t)
++         manage_files_pattern($1,kismet_var_lib_t,kismet_var_lib_t)
++         manage_lnk_files_pattern($1,kismet_var_lib_t,kismet_var_lib_t)
 +')
 +
 +
@@ -1331,9 +1331,9 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/admin/kismet.
 +		type kismet_log_t;
 +	')
 +
-+         manage_dir_perms($1,kismet_log_t,kismet_log_t)
-+         manage_file_perms($1,kismet_log_t,kismet_log_t)
-+         manage_lnk_file_perms($1,kismet_log_t,kismet_log_t)
++         manage_dirs_pattern($1,kismet_log_t,kismet_log_t)
++         manage_files_pattern($1,kismet_log_t,kismet_log_t)
++         manage_lnk_files_pattern($1,kismet_log_t,kismet_log_t)
 +')
 +
 +########################################
@@ -1406,7 +1406,6 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/admin/kismet.
 +	kismet_manage_log($2)
 +
 +')
-+
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/admin/kismet.te serefpolicy-3.0.8/policy/modules/admin/kismet.te
 --- nsaserefpolicy/policy/modules/admin/kismet.te	1969-12-31 19:00:00.000000000 -0500
 +++ serefpolicy-3.0.8/policy/modules/admin/kismet.te	2007-10-18 16:30:41.000000000 -0400
diff --git a/selinux-policy.spec b/selinux-policy.spec
index cb62fd4..70b6e07 100644
--- a/selinux-policy.spec
+++ b/selinux-policy.spec
@@ -377,6 +377,7 @@ exit 0
 - Fix vpn to bind to port 4500
 - Allow ssh to create shm
 - Allow rshd to bind to ports > 1023
+- Add Kismet policy
 
 * Tue Oct 16 2007 Dan Walsh <dwalsh@redhat.com> 3.0.8-24
 - Allow rpm to chat with networkmanager