rpms / selinux-policy

Clone
Source Code
GIT

0dae2c3 * Sun Mar 25 2018 Lukas Vrabec <lvrabec@redhat.com> - 3.14.2-9

Authored and Committed by lvrabec 6 years ago
raw patch tree parent
3 files changed. 42 lines added. 6 lines removed.
.gitignore
file modified
+2 -0
selinux-policy.spec
file modified
+37 -3
sources
file modified
+3 -3 
    * Sun Mar 25 2018 Lukas Vrabec <lvrabec@redhat.com> - 3.14.2-9
    - Allow smbcontrol_t to mmap samba_var_t files and allow winbind create sockets BZ(1559795)
    - Allow nagios to exec itself and mmap nagios spool files BZ(1559683)
    - Allow nagios to mmap nagios config files BZ(1559683)
    - Fixing Ganesha module
    - Fix typo in NetworkManager module
    - Fix bug in gssproxy SELinux module
    - Allow abrt_t domain to mmap container_file_t files BZ(1525573)
    - Allow networkmanager to be run ssh client BZ(1558441)
    - Allow pcp domains to do dc override BZ(1557913)
    - Dontaudit pcp_pmie_t to reaquest lost kernel module
    - Allow pcp_pmcd_t to manage unpriv userdomains semaphores BZ(1554955)
    - Allow httpd_t to read httpd_log_t dirs BZ(1554912)
    - Allow fail2ban_t to read system network state BZ(1557752)
    - Allow dac override capability to mandb_t domain BZ(1529399)
    - Allow collectd_t domain to mmap collectd_var_lib_t files BZ(1556681)
    - Dontaudit bug in kernel 4.16 when domains requesting loading kernel modules BZ(1555369)
    - Add Domain transition from gssproxy_t to httpd_t domains BZ(1548439)
    - Allow httpd_t to mmap user_home_type files if boolean httpd_read_user_content is enabled BZ(1555359)
    - Allow snapperd to relabel snapperd_data_t
    - Improve bluetooth_stream_socket interface to allow caller domain also send bluetooth sockets
    - Allow tcpd_t bind on sshd_port_t if ssh_use_tcpd() is enabled
    - Allow insmod_t to load modules BZ(1544189)
    - Allow systemd_rfkill_t domain sys_admin capability BZ(1557595)
    - Allow systemd_networkd_t to read/write tun tap devices
    - Add shell_exec_t file as domain entry for init_t
    - Label also /run/systemd/resolved/ as systemd_resolved_var_run_t BZ(1556862)
    - Dontaudit kernel 4.16 bug when lot of domains requesting load kernel module BZ(1557347)
    - Improve userdom_mmap_user_home_content_files
    - Allow systemd_logind_t domain to setattributes on fixed disk devices BZ(1555414)
    - Dontaudit kernel 4.16 bug when lot of domains requesting load kernel module
    - Allow semanage_t domain mmap usr_t files
    - Add new boolean: ssh_use_tcpd()
file modified
+2 -0
file modified
+37 -3
file modified
+3 -3
Powered by Pagure 5.13.3
DocumentationFile an IssueAbout this InstanceSSH Hostkey/Fingerprint
© Red Hat, Inc. and others.