From d2c14d45ecabe0f4feb579af635ec07d386f8d32 Mon Sep 17 00:00:00 2001
From: nettingsisyphus <benjamin93@163.com>
Date: Tue, 16 Mar 2021 17:12:57 +0800
Subject: [PATCH] add file context for firewalld temporary file

---
 add-firewalld-fc.patch | 12 ++++++++++++
 selinux-policy.spec    |  6 +++++-
 2 files changed, 17 insertions(+), 1 deletion(-)
 create mode 100644 add-firewalld-fc.patch

diff --git a/add-firewalld-fc.patch b/add-firewalld-fc.patch
new file mode 100644
index 0000000..524cd2c
--- /dev/null
+++ b/add-firewalld-fc.patch
@@ -0,0 +1,12 @@
+diff -uprN selinux-policy-9c84d687e0fef5d8e4e25273bd25f58c28a7c67c.orig/policy/modules/contrib/firewalld.fc selinux-policy-9c84d687e0fef5d8e4e25273bd25f58c28a7c67c/policy/modules/contrib/firewalld.fc
+--- selinux-policy-9c84d687e0fef5d8e4e25273bd25f58c28a7c67c.orig/policy/modules/contrib/firewalld.fc	2020-09-03 14:43:46.690880806 +0200
++++ selinux-policy-9c84d687e0fef5d8e4e25273bd25f58c28a7c67c/policy/modules/contrib/firewalld.fc	2020-09-10 17:25:25.126199087 +0200
+@@ -6,6 +6,8 @@
+ 
+ /usr/sbin/firewalld	--	gen_context(system_u:object_r:firewalld_exec_t,s0)
+ 
++/usr/share/firewalld/firewalld-tmp-mmap	--	gen_context(system_u:object_r:firewalld_tmp_t,s0)
++
+ /var/log/firewalld.*	--	gen_context(system_u:object_r:firewalld_var_log_t,s0)
+ 
+ /var/run/firewalld(/.*)?	gen_context(system_u:object_r:firewalld_var_run_t,s0)
diff --git a/selinux-policy.spec b/selinux-policy.spec
index 39e89b0..86adc0e 100644
--- a/selinux-policy.spec
+++ b/selinux-policy.spec
@@ -12,7 +12,7 @@
 Summary: SELinux policy configuration
 Name:    selinux-policy
 Version: 3.14.2
-Release: 67
+Release: 68
 License: GPLv2+
 URL:     https://github.com/fedora-selinux/selinux-policy/
 
@@ -68,6 +68,7 @@ Patch15: add-allow-systemd-timedated-to-unlink-etc-link.patch
 Patch16: add-avc-for-openEuler-1.patch
 Patch17: backport-Allow-dovecot-bind-to-smtp-ports.patch
 Patch18: backport-systemd-allow-all-systemd-services-to-check-selinux-.patch
+Patch19: add-firewalld-fc.patch
 
 BuildArch: noarch
 BuildRequires:  python3 gawk checkpolicy >= %{CHECKPOLICYVER} m4 policycoreutils-devel >= %{POLICYCOREUTILSVER} bzip2 gcc
@@ -734,6 +735,9 @@ exit 0
 %endif
 
 %changelog
+* Tue Mar 16 2021 openEuler Buildteam <buildteam@openeuler.org> - 3.14.2-68
+- add add-firewalld-fc.patch
+
 * Sat Mar 13 2021 luhuaxin <1539327763@qq.com> - 3.14.2-67
 - fix rpm macros
 
-- 
Gitee