trunk: fc fix and if addtion from Stefan Schulze Frielinghaus.

policy/modules/kernel/storage.if

@@ -169,6 +169,24 @@ interface(`storage_dontaudit_write_fixed_disk',`
 	dontaudit $1 fixed_disk_device_t:blk_file write_blk_file_perms;
 ')
 
+########################################
+## <summary>
+##      Allow the caller to directly read and write to a fixed disk.
+##      This is extremly dangerous as it can bypass the
+##      SELinux protections for filesystem objects, and
+##      should only be used by trusted domains.
+## </summary>
+## <param name="domain">
+##      <summary>
+##      Domain allowed access.
+##      </summary>
+## </param>
+#
+interface(`storage_raw_rw_fixed_disk',`
+	storage_raw_read_fixed_disk($1)
+	storage_raw_write_fixed_disk($1)
+')
+
 ########################################
 ## <summary>
 ##	Create, read, write, and delete fixed disk device nodes.

policy/modules/kernel/storage.te

@@ -1,5 +1,5 @@
 
-policy_module(storage,1.5.0)
+policy_module(storage,1.5.1)
 
 ########################################
 #

policy/modules/system/logging.fc

@@ -15,10 +15,10 @@
 
 /usr/sbin/klogd		--	gen_context(system_u:object_r:klogd_exec_t,s0)
 /usr/sbin/metalog	--	gen_context(system_u:object_r:syslogd_exec_t,s0)
-/usr/sbin/syslogd	--	gen_context(system_u:object_r:syslogd_exec_t,s0)
-ifdef(`distro_gentoo', `
+/usr/sbin/rklogd	--	gen_context(system_u:object_r:klogd_exec_t,s0)
+/usr/sbin/rsyslogd	--	gen_context(system_u:object_r:syslogd_exec_t,s0)
 /usr/sbin/syslog-ng	--	gen_context(system_u:object_r:syslogd_exec_t,s0)
-')
+/usr/sbin/syslogd	--	gen_context(system_u:object_r:syslogd_exec_t,s0)
 
 ifdef(`distro_suse', `
 /var/lib/stunnel/dev/log -s	gen_context(system_u:object_r:devlog_t,s0)

policy/modules/system/logging.te

@@ -1,5 +1,5 @@
 
-policy_module(logging,1.9.0)
+policy_module(logging,1.9.1)
 
 ########################################
 #