Bumping to revision 8

(Portage version: 2.1.11.31/cvs/Linux x86_64, signed Manifest commit with key 0xCDBA2FDB)

3 files changed, 69 insertions, 2 deletions

diff --git a/sec-policy/selinux-nginx/ChangeLog b/sec-policy/selinux-nginx/ChangeLog
index f735dbc41ca1..861caf9ac1da 100644
--- a/sec-policy/selinux-nginx/ChangeLog
+++ b/sec-policy/selinux-nginx/ChangeLog
@@ -1,6 +1,12 @@
 # ChangeLog for sec-policy/selinux-nginx
 # Copyright 1999-2012 Gentoo Foundation; Distributed under the GPL v2
-# $Header: /var/cvsroot/gentoo-x86/sec-policy/selinux-nginx/ChangeLog,v 1.16 2012/11/18 15:18:08 swift Exp $
+# $Header: /var/cvsroot/gentoo-x86/sec-policy/selinux-nginx/ChangeLog,v 1.17 2012/12/03 08:52:24 swift Exp $
+
+*selinux-nginx-2.20120725-r8 (03 Dec 2012)
+
+  03 Dec 2012; Sven Vermeulen +files/fix-tunable-names-r8.patch,
+  +selinux-nginx-2.20120725-r8.ebuild:
+  Bumping to revision 8
 
 *selinux-nginx-2.20120725-r7 (18 Nov 2012)
 
@@ -82,4 +88,3 @@
   17 Jul 2011; <swift@gentoo.org> +files/fix-services-nginx-r1.patch,
   +selinux-nginx-2.20101213-r1.ebuild, +metadata.xml:
   Add initial support for nginx
-
diff --git a/sec-policy/selinux-nginx/files/fix-tunable-names-r8.patch b/sec-policy/selinux-nginx/files/fix-tunable-names-r8.patch
new file mode 100644
index 000000000000..3a5b69f7b5b1
--- /dev/null
+++ b/sec-policy/selinux-nginx/files/fix-tunable-names-r8.patch
@@ -0,0 +1,42 @@
+--- contrib.orig/nginx.te	2012-11-24 19:52:13.439337617 +0100
++++ contrib/nginx.te	2012-11-24 18:34:57.565327680 +0100
+@@ -124,33 +124,33 @@
+ sysnet_dns_name_resolve(nginx_t)
+ 
+ 
+-tunable_policy(`gentoo_nginx_enable_http_server',`
++tunable_policy(`nginx_enable_http_server',`
+ 	corenet_tcp_bind_http_port(nginx_t)
+ 	apache_read_all_content(nginx_t)
+ 	apache_manage_all_rw_content(nginx_t)
+ ')
+ 
+ # We enable both binding and connecting, since nginx acts here as a reverse proxy
+-tunable_policy(`gentoo_nginx_enable_imap_server',`
++tunable_policy(`nginx_enable_imap_server',`
+ 	corenet_tcp_bind_pop_port(nginx_t)
+ 	corenet_tcp_connect_pop_port(nginx_t)
+ ')
+ 
+-tunable_policy(`gentoo_nginx_enable_pop3_server',`
++tunable_policy(`nginx_enable_pop3_server',`
+ 	corenet_tcp_bind_pop_port(nginx_t)
+ 	corenet_tcp_connect_pop_port(nginx_t)
+ ')
+ 
+-tunable_policy(`gentoo_nginx_enable_smtp_server',`
++tunable_policy(`nginx_enable_smtp_server',`
+ 	corenet_tcp_bind_smtp_port(nginx_t)
+ 	corenet_tcp_connect_smtp_port(nginx_t)
+ ')
+ 
+-tunable_policy(`gentoo_nginx_can_network_connect_http',`
++tunable_policy(`nginx_can_network_connect_http',`
+ 	corenet_tcp_connect_http_port(nginx_t)
+ ')
+ 
+-tunable_policy(`gentoo_nginx_can_network_connect',`
++tunable_policy(`nginx_can_network_connect',`
+ 	corenet_tcp_connect_all_ports(nginx_t)
+ ')
+ 
diff --git a/sec-policy/selinux-nginx/selinux-nginx-2.20120725-r8.ebuild b/sec-policy/selinux-nginx/selinux-nginx-2.20120725-r8.ebuild
new file mode 100644
index 000000000000..521bec3984bc
--- /dev/null
+++ b/sec-policy/selinux-nginx/selinux-nginx-2.20120725-r8.ebuild
@@ -0,0 +1,20 @@
+# Copyright 1999-2012 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Header: /var/cvsroot/gentoo-x86/sec-policy/selinux-nginx/selinux-nginx-2.20120725-r8.ebuild,v 1.1 2012/12/03 08:52:24 swift Exp $
+EAPI="4"
+
+IUSE=""
+MODS="nginx"
+BASEPOL="2.20120725-r8"
+
+inherit selinux-policy-2
+
+DESCRIPTION="SELinux policy for nginx"
+
+KEYWORDS="~amd64 ~x86"
+DEPEND="${DEPEND}
+	sec-policy/selinux-apache
+"
+RDEPEND="${DEPEND}"
+
+POLICY_PATCH="${FILESDIR}/fix-tunable-names-r8.patch"