[DSE-Dev] Bug#756729: selinux-policy-default: Patch for Jessie

Andreas Florath andre at flonatel.org
Sun Aug 10 18:10:53 UTC 2014

Package: selinux-policy-default
Version: 2:2.20140421-4
Followup-For: Bug #756729


After some more reading (and some more understanding ;-) ) of the refpolicy
I'm pretty sure that the reported problem is a result of a missing allow-rule.

Therefore I prepared the attached patch which adds the missing rule.

The patch is against
commit 242a27cb910e7035d01347bea209010d51c2b727
which is (as the time of this writing) the master HEAD.

I changed the already available patches 0050-systemd and 0080-misc-daemon
to limit the number of patches.
This is the first time sending a patch.  Therefore I'm not sure if the
formal things are correct.  If you need another format or a patch
against another version, just give notice.

If you are interested, I can also try to provide a patch for Wheezy.

Kind regards


-- System Information:
Debian Release: jessie/sid
  APT prefers testing-updates
  APT policy: (500, 'testing-updates'), (500, 'testing')
Architecture: amd64 (x86_64)

Kernel: Linux 3.14-2-amd64 (SMP w/4 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash

Versions of packages selinux-policy-default depends on:
ii  libpam-modules   1.1.8-3
ii  libselinux1      2.3-1
ii  libsepol1        2.3-1
ii  policycoreutils  2.3-1
ii  python           2.7.8-1
ii  selinux-utils    2.3-1

Versions of packages selinux-policy-default recommends:
ii  checkpolicy  2.3-1
ii  setools      3.3.8-3

Versions of packages selinux-policy-default suggests:
pn  logcheck        <none>
pn  syslog-summary  <none>

-- Configuration Files:
/etc/selinux/default/modules/active/file_contexts.local [Errno 13] Permission denied: u'/etc/selinux/default/modules/active/file_contexts.local'

-- no debconf information
-------------- next part --------------
A non-text attachment was scrubbed...
Name: selinux-policy-default-756729-p01.patch
Type: text/x-diff
Size: 3397 bytes
Desc: not available
URL: <http://lists.alioth.debian.org/pipermail/selinux-devel/attachments/20140810/84486d6e/attachment.patch>

More information about the SELinux-devel mailing list