On Tue, 2008-07-22 at 16:29 -0400, Chris PeBenito wrote: > On Sat, 2008-07-19 at 22:50 +0200, david@xxxxxxxxxxx wrote: > > plain text document attachment (policy_modules_services_rhgb.patch) > > rhgb (RedHat Graphical Boot) is RH specific so this should be uncontroversial... > > > > diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/rhgb.if serefpolicy-3.5.0/policy/modules/services/rhgb.if > > --- nsaserefpolicy/policy/modules/services/rhgb.if 2008-07-10 11:38:46.000000000 -0400 > > +++ serefpolicy-3.5.0/policy/modules/services/rhgb.if 2008-07-15 14:05:13.000000000 -0400 > > @@ -4,7 +4,7 @@ > > ## <summary> > > ## RHGB stub interface. No access allowed. > > ## </summary> > > -## <param name="domain" unused="true"> > > +## <param name="domain"> > > ## <summary> > > ## N/A > > ## </summary> > > This reverses an upstream change. > > > diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/rhgb.te serefpolicy-3.5.0/policy/modules/services/rhgb.te > > --- nsaserefpolicy/policy/modules/services/rhgb.te 2008-07-10 11:38:46.000000000 -0400 > > +++ serefpolicy-3.5.0/policy/modules/services/rhgb.te 2008-07-15 14:05:13.000000000 -0400 > > @@ -92,6 +92,7 @@ > > term_getattr_pty_fs(rhgb_t) > > > > init_write_initctl(rhgb_t) > > +init_chat(rhgb_t) > > > > libs_use_ld_so(rhgb_t) > > libs_use_shared_libs(rhgb_t) > > This interface doesn't exist. This is more towards Dan, but how much do we care about this policy, now that rhgb has been removed from Fedora? -- Chris PeBenito <pebenito@xxxxxxxxxx> Developer, Hardened Gentoo Linux Public Key: http://pgp.mit.edu:11371/pks/lookup?op=get&search=0xE6AF9243 Key fingerprint = B0E6 877A 883F A57A 8E6A CB00 BC8E E42D E6AF 9243
Attachment:
signature.asc
Description: This is a digitally signed message part
