From 9bbc2f94a5d21a7e739c8d726d8e330b34d87287 Mon Sep 17 00:00:00 2001
From: Daniel J Walsh <dwalsh@fedoraproject.org>
Date: Jul 24 2008 11:08:40 +0000
Subject: - Handle updated NetworkManager


---

diff --git a/policy-20070703.patch b/policy-20070703.patch
index 4fc6957..e659508 100644
--- a/policy-20070703.patch
+++ b/policy-20070703.patch
@@ -10118,7 +10118,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/dnsm
  /var/run/dnsmasq\.pid		--	gen_context(system_u:object_r:dnsmasq_var_run_t,s0)
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/dnsmasq.te serefpolicy-3.0.8/policy/modules/services/dnsmasq.te
 --- nsaserefpolicy/policy/modules/services/dnsmasq.te	2008-06-12 23:37:57.000000000 -0400
-+++ serefpolicy-3.0.8/policy/modules/services/dnsmasq.te	2008-06-12 23:37:58.000000000 -0400
++++ serefpolicy-3.0.8/policy/modules/services/dnsmasq.te	2008-07-24 06:52:17.000000000 -0400
 @@ -16,6 +16,9 @@
  type dnsmasq_var_run_t;
  files_pid_file(dnsmasq_var_run_t)
@@ -10138,6 +10138,15 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/dnsm
  files_var_lib_filetrans(dnsmasq_t,dnsmasq_lease_t,file)
  
  manage_files_pattern(dnsmasq_t,dnsmasq_var_run_t,dnsmasq_var_run_t)
+@@ -55,7 +58,7 @@
+ corenet_tcp_bind_all_nodes(dnsmasq_t)
+ corenet_udp_bind_all_nodes(dnsmasq_t)
+ corenet_tcp_bind_dns_port(dnsmasq_t)
+-corenet_udp_bind_dns_port(dnsmasq_t)
++corenet_udp_bind_all_ports(dnsmasq_t)
+ corenet_udp_bind_dhcpd_port(dnsmasq_t)
+ corenet_sendrecv_dns_server_packets(dnsmasq_t)
+ corenet_sendrecv_dhcpd_server_packets(dnsmasq_t)
 @@ -94,3 +97,7 @@
  optional_policy(`
  	udev_read_db(dnsmasq_t)
@@ -18766,7 +18775,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/authlo
 +/var/cache/coolkey(/.*)?	gen_context(system_u:object_r:auth_cache_t,s0)
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/authlogin.if serefpolicy-3.0.8/policy/modules/system/authlogin.if
 --- nsaserefpolicy/policy/modules/system/authlogin.if	2008-06-12 23:37:57.000000000 -0400
-+++ serefpolicy-3.0.8/policy/modules/system/authlogin.if	2008-06-22 06:46:13.000000000 -0400
++++ serefpolicy-3.0.8/policy/modules/system/authlogin.if	2008-07-24 06:57:00.000000000 -0400
 @@ -26,7 +26,8 @@
  	type $1_chkpwd_t, can_read_shadow_passwords;
  	application_domain($1_chkpwd_t,chkpwd_exec_t)
@@ -19225,7 +19234,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/authlo
 +')
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/authlogin.te serefpolicy-3.0.8/policy/modules/system/authlogin.te
 --- nsaserefpolicy/policy/modules/system/authlogin.te	2008-06-12 23:37:57.000000000 -0400
-+++ serefpolicy-3.0.8/policy/modules/system/authlogin.te	2008-06-22 06:47:13.000000000 -0400
++++ serefpolicy-3.0.8/policy/modules/system/authlogin.te	2008-07-24 06:57:59.000000000 -0400
 @@ -1,4 +1,4 @@
 -
 +	
@@ -19267,7 +19276,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/authlo
  ########################################
  #
  # PAM local policy
-@@ -94,36 +108,39 @@
+@@ -94,36 +108,38 @@
  allow pam_t pam_tmp_t:file manage_file_perms;
  files_tmp_filetrans(pam_t, pam_tmp_t, { file dir })
  
@@ -19300,7 +19309,6 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/authlo
 +userdom_dontaudit_write_user_home_content_files(user, pam_t)
 +userdom_append_unpriv_users_home_content_files(pam_t)
 +userdom_dontaudit_read_user_tmp_files(user, pam_t)
-+userdom_dontaudit_write_user_home_content_files(unconfined, pam_t)
  
  optional_policy(`
  	locallogin_use_fds(pam_t)
@@ -19317,7 +19325,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/authlo
  ########################################
  #
  # PAM console local policy
-@@ -149,6 +166,8 @@
+@@ -149,6 +165,8 @@
  dev_setattr_apm_bios_dev(pam_console_t)
  dev_getattr_dri_dev(pam_console_t)
  dev_setattr_dri_dev(pam_console_t)
@@ -19326,7 +19334,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/authlo
  dev_getattr_framebuffer_dev(pam_console_t)
  dev_setattr_framebuffer_dev(pam_console_t)
  dev_getattr_generic_usb_dev(pam_console_t)
-@@ -159,6 +178,8 @@
+@@ -159,6 +177,8 @@
  dev_setattr_mouse_dev(pam_console_t)
  dev_getattr_power_mgmt_dev(pam_console_t)
  dev_setattr_power_mgmt_dev(pam_console_t)
@@ -19335,7 +19343,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/authlo
  dev_getattr_scanner_dev(pam_console_t)
  dev_setattr_scanner_dev(pam_console_t)
  dev_getattr_sound_dev(pam_console_t)
-@@ -168,6 +189,8 @@
+@@ -168,6 +188,8 @@
  dev_getattr_xserver_misc_dev(pam_console_t)
  dev_setattr_xserver_misc_dev(pam_console_t)
  dev_read_urand(pam_console_t)
@@ -19344,7 +19352,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/authlo
  
  mls_file_read_all_levels(pam_console_t)
  mls_file_write_all_levels(pam_console_t)
-@@ -200,6 +223,7 @@
+@@ -200,6 +222,7 @@
  
  fs_list_auto_mountpoints(pam_console_t)
  fs_list_noxattr_fs(pam_console_t)
@@ -19352,7 +19360,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/authlo
  
  init_use_fds(pam_console_t)
  init_use_script_ptys(pam_console_t)
-@@ -236,7 +260,7 @@
+@@ -236,7 +259,7 @@
  
  optional_policy(`
  	xserver_read_xdm_pid(pam_console_t)
@@ -19361,7 +19369,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/authlo
  ')
  
  ########################################
-@@ -256,6 +280,7 @@
+@@ -256,6 +279,7 @@
  userdom_dontaudit_use_unpriv_users_ttys(system_chkpwd_t)
  userdom_dontaudit_use_unpriv_users_ptys(system_chkpwd_t)
  userdom_dontaudit_use_sysadm_terms(system_chkpwd_t)
@@ -19369,7 +19377,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/authlo
  
  ########################################
  #
-@@ -302,3 +327,31 @@
+@@ -302,3 +326,31 @@
  	xserver_use_xdm_fds(utempter_t)
  	xserver_rw_xdm_pipes(utempter_t)
  ')