From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from pigeon.gentoo.org ([208.92.234.80] helo=lists.gentoo.org)
	by finch.gentoo.org with esmtp (Exim 4.60)
	(envelope-from <gentoo-commits+bounces-313120-garchives=archives.gentoo.org@lists.gentoo.org>)
	id 1PloxH-00028N-0S
	for garchives@archives.gentoo.org; Sat, 05 Feb 2011 20:42:03 +0000
Received: from pigeon.gentoo.org (localhost [127.0.0.1])
	by pigeon.gentoo.org (Postfix) with SMTP id 76CBAE0A5D;
	Sat,  5 Feb 2011 20:41:06 +0000 (UTC)
Received: from smtp.gentoo.org (smtp.gentoo.org [140.211.166.183])
	by pigeon.gentoo.org (Postfix) with ESMTP id 45563E0A5D
	for <gentoo-commits@lists.gentoo.org>; Sat,  5 Feb 2011 20:41:06 +0000 (UTC)
Received: from flycatcher.gentoo.org (flycatcher.gentoo.org [81.93.255.6])
	(using TLSv1 with cipher ADH-CAMELLIA256-SHA (256/256 bits))
	(No client certificate requested)
	by smtp.gentoo.org (Postfix) with ESMTPS id B52871B4159
	for <gentoo-commits@lists.gentoo.org>; Sat,  5 Feb 2011 20:41:05 +0000 (UTC)
Received: by flycatcher.gentoo.org (Postfix, from userid 2273)
	id 4FB4520060; Sat,  5 Feb 2011 20:41:04 +0000 (UTC)
From: "Anthony G. Basile (blueness)" <blueness@gentoo.org>
To: gentoo-commits@lists.gentoo.org
Reply-To: gentoo-dev@lists.gentoo.org, blueness@gentoo.org
Subject: [gentoo-commits] gentoo-x86 commit in sec-policy/selinux-qemu/files: fix-apps-qemu.patch
X-VCS-Repository: gentoo-x86
X-VCS-Files: fix-apps-qemu.patch
X-VCS-Directories: sec-policy/selinux-qemu/files
X-VCS-Committer: blueness
X-VCS-Committer-Name: Anthony G. Basile
Content-Type: text/plain; charset=utf8
Message-Id: <20110205204104.4FB4520060@flycatcher.gentoo.org>
Date: Sat,  5 Feb 2011 20:41:04 +0000 (UTC)
Precedence: bulk
List-Post: <mailto:gentoo-commits@lists.gentoo.org>
List-Help: <mailto:gentoo-commits+help@lists.gentoo.org>
List-Unsubscribe: <mailto:gentoo-commits+unsubscribe@lists.gentoo.org>
List-Subscribe: <mailto:gentoo-commits+subscribe@lists.gentoo.org>
List-Id: Gentoo Linux mail <gentoo-commits.gentoo.org>
X-BeenThere: gentoo-commits@lists.gentoo.org
Content-Transfer-Encoding: quoted-printable
X-Archives-Salt: 
X-Archives-Hash: 2337669714391cf2570332fdbdbba718

blueness    11/02/05 20:41:04

  Added:                fix-apps-qemu.patch
  Log:
  Bulk addition of new selinux policies.
 =20
  (Portage version: 2.1.9.25/cvs/Linux x86_64)

Revision  Changes    Path
1.1                  sec-policy/selinux-qemu/files/fix-apps-qemu.patch

file : http://sources.gentoo.org/viewvc.cgi/gentoo-x86/sec-policy/selinux=
-qemu/files/fix-apps-qemu.patch?rev=3D1.1&view=3Dmarkup
plain: http://sources.gentoo.org/viewvc.cgi/gentoo-x86/sec-policy/selinux=
-qemu/files/fix-apps-qemu.patch?rev=3D1.1&content-type=3Dtext/plain

Index: fix-apps-qemu.patch
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D
--- apps/qemu.te	2010-12-13 15:11:01.000000000 +0100
+++ apps/qemu.te	2011-01-22 21:35:19.555999967 +0100
@@ -56,6 +56,10 @@
 userdom_search_user_home_content(qemu_t)
 userdom_read_user_tmpfs_files(qemu_t)
=20
+allow qemu_t self:socket create_socket_perms;
+
+kernel_request_load_module(qemu_t)
+
 tunable_policy(`qemu_full_network',`
 	allow qemu_t self:udp_socket create_socket_perms;
=20
@@ -116,3 +120,7 @@
 	allow unconfined_qemu_t self:process { execstack execmem };
 	allow unconfined_qemu_t qemu_exec_t:file execmod;
 ')
+
+optional_policy(`
+	vde_connect(qemu_t)
+')