diff options
| author | Matthew Harmsen <mharmsen@redhat.com> | 2012-02-28 17:46:59 -0800 |
|---|---|---|
| committer | Matthew Harmsen <mharmsen@redhat.com> | 2012-02-28 17:59:56 -0800 |
| commit | a0824523105996829fa750f26a74bce6be3fbae0 (patch) | |
| tree | 8b17988fb1563f1930d6b407e935dc030d2d5f48 /pki/patches/pki-core-selinux-f16.patch | |
| parent | 3a2cd2158ff31667432867181618d845267353a7 (diff) | |
| download | pki-a0824523105996829fa750f26a74bce6be3fbae0.tar.gz pki-a0824523105996829fa750f26a74bce6be3fbae0.tar.xz pki-a0824523105996829fa750f26a74bce6be3fbae0.zip | |
Enhanced compose scripts to download patches
Added platform-dependent patches for SELinux component
Bugzilla Bug #739708 - Selinux fix for ephemeral ports (F16)
Bugzilla Bug #795966 - pki-selinux policy is kind of a mess (F17)
Diffstat (limited to 'pki/patches/pki-core-selinux-f16.patch')
| -rw-r--r-- | pki/patches/pki-core-selinux-f16.patch | 23 |
1 files changed, 23 insertions, 0 deletions
diff --git a/pki/patches/pki-core-selinux-f16.patch b/pki/patches/pki-core-selinux-f16.patch new file mode 100644 index 000000000..6866033dc --- /dev/null +++ b/pki/patches/pki-core-selinux-f16.patch @@ -0,0 +1,23 @@ +diff --git a/pki/base/selinux/src/pki.if b/pki/base/selinux/src/pki.if +index 0709176..9a35184 100644 +--- a/pki/base/selinux/src/pki.if ++++ b/pki/base/selinux/src/pki.if +@@ -193,7 +193,7 @@ template(`pki_ca_template',` + corenet_tcp_connect_ldap_port($1_t) + + # tomcat connects to ephemeral ports on shutdown +- corenet_tcp_connect_all_unreserved_ports($1_t) ++ corenet_tcp_connect_all_ephemeral_ports($1_t) + + optional_policy(` + #This is broken in selinux-policy we need java_exec defined, Will add to policy +diff --git a/pki/base/selinux/src/pki.te b/pki/base/selinux/src/pki.te +index 7f6e657..dab02d4 100644 +--- a/pki/base/selinux/src/pki.te ++++ b/pki/base/selinux/src/pki.te +@@ -1,4 +1,4 @@ +-policy_module(pki,10.0.2) ++policy_module(pki,10.0.3) + + attribute pki_ca_config; + attribute pki_ca_executable; |