From 299d98087ecd9fd9d14e572076237dd703bf89b5 Mon Sep 17 00:00:00 2001
From: Dan Walsh <dwalsh@redhat.com>
Date: Tue, 7 Jun 2011 13:58:41 -0400
Subject: [PATCH] Remove mount -o bind calls from sandbox init script
 pam_namespace now has this built in.

---
 policycoreutils-rhat.patch | 18 +++++++++++++++++-
 policycoreutils.spec       |  6 +++++-
 2 files changed, 22 insertions(+), 2 deletions(-)

diff --git a/policycoreutils-rhat.patch b/policycoreutils-rhat.patch
index 59ccc3b..7906d75 100644
--- a/policycoreutils-rhat.patch
+++ b/policycoreutils-rhat.patch
@@ -2029,7 +2029,7 @@ index 0000000..ee97e10
 +This manual page was written by 
 +.I Thomas Liu <tliu@fedoraproject.org>
 diff --git a/policycoreutils/sandbox/sandbox.init b/policycoreutils/sandbox/sandbox.init
-index ff8b3ef..8508647 100644
+index ff8b3ef..66aadfd 100644
 --- a/policycoreutils/sandbox/sandbox.init
 +++ b/policycoreutils/sandbox/sandbox.init
 @@ -10,17 +10,12 @@
@@ -2056,6 +2056,22 @@ index ff8b3ef..8508647 100644
  #
  
  # Source function library.
+@@ -41,15 +36,6 @@ start() {
+ 
+ 	touch $LOCKFILE
+ 	mount --make-rshared / || return $? 
+-	mount --rbind /tmp /tmp || return $?
+-	mount --rbind /var/tmp /var/tmp || return $?
+-	mount --make-private /tmp || return $?
+-	mount --make-private /var/tmp || return $?
+-	for h in $HOMEDIRS; do
+-	    mount --rbind $h $h || return $?
+-	    mount --make-private $h || return $?
+-	done
+-
+ 	return 0
+ }
+ 
 diff --git a/policycoreutils/sandbox/sandboxX.sh b/policycoreutils/sandbox/sandboxX.sh
 index 8338203..9648100 100644
 --- a/policycoreutils/sandbox/sandboxX.sh
diff --git a/policycoreutils.spec b/policycoreutils.spec
index 385b695..afb5713 100644
--- a/policycoreutils.spec
+++ b/policycoreutils.spec
@@ -7,7 +7,7 @@
 Summary: SELinux policy core utilities
 Name:	 policycoreutils
 Version: 2.0.86
-Release: 11%{?dist}
+Release: 12%{?dist}
 License: GPLv2
 Group:	 System Environment/Base
 # Based on git repository with tag 20101221
@@ -331,6 +331,10 @@ fi
 exit 0
 
 %changelog
+* Tue Jun 7 2011 Dan Walsh <dwalsh@redhat.com> 2.0.86-12
+- Remove mount -o bind calls from sandbox init script
+- pam_namespace now has this built in.
+
 * Tue Jun 7 2011 Dan Walsh <dwalsh@redhat.com> 2.0.86-11
 - Pass desktop dpi to sandbox Xephyr window