Need to turn on rpm and not alias to unconfined_t, because the rule

rpm_t->shell_exec_t->rpm_script_t was causing all terminal windows to run in rpm_script_t in targeted.

Allow users to su to root and then suspend the session.

Pegasus policy was too loose.
/bin/ksh should be sheel_exec_t
(.*)? is the same as .* and causes python to blow up.

-- 





--
This message was distributed to subscribers of the selinux mailing list.
If you no longer wish to subscribe, send mail to majordomo@tycho.nsa.gov with
the words "unsubscribe selinux" without quotes as the message.



text/x-patch attachment: policy-20051114.patch