rpms / selinux-policy

Clone
Source Code
GIT

22bdc94 * Fri Dec 06 2018 Lukas Vrabec <lvrabec@redhat.com> - 3.14.3-14

Authored and Committed by lvrabec 5 years ago
raw patch tree parent
3 files changed. 39 lines added. 6 lines removed.
.gitignore
file modified
+2 -0
selinux-policy.spec
file modified
+34 -3
sources
file modified
+3 -3 
    * Fri Dec 06 2018 Lukas Vrabec <lvrabec@redhat.com> - 3.14.3-14
    - Remove all ganesha bits from gluster and rpc policy
    - Label /usr/share/spamassassin/sa-update.cron as spamd_update_exec_t
    - Add dac_override capability to ssad_t domains
    - Allow pesign_t domain to read gnome home configs
    - Label /usr/libexec/lm_sensors/sensord-service-wrapper as lsmd_exec_t
    - Allow rngd_t domains read kernel state
    - Allow certmonger_t domains to read bind cache
    - Allow ypbind_t domain to stream connect to sssd
    - Allow rngd_t domain to setsched
    - Allow sanlock_t domain to read/write sysfs_t files
    - Add dac_override capability to postfix_local_t domain
    - Allow ypbind_t to search sssd_var_lib_t dirs
    - Allow virt_qemu_ga_t domain to write to user_tmp_t files
    - Allow systemd_logind_t to dbus chat with virt_qemu_ga_t
    - Update sssd_manage_lib_files() interface to allow also mmap sssd_var_lib_t files
    - Add new interface sssd_signal()
    - Update xserver_filetrans_home_content() and xserver_filetrans_admin_home_content() unterfaces to allow caller domain to create .vnc dir in users homedir labeled as xdm_home_t
    - Update logging_filetrans_named_content() to allow caller domains of this interface to create /var/log/journal/remote directory labeled as var_log_t
    - Add sys_resource capability to the systemd_passwd_agent_t domain
    - Allow ipsec_t domains to read bind cache
    - kernel/files.fc: Label /run/motd as etc_t
    - Allow systemd to stream connect to userdomain processes
    - Label /var/lib/private/systemd/ as init_var_lib_t
    - Allow initrc_t domain to create new socket labeled as init_T
    - Allow audisp_remote_t domain remote logging client to read local audit events from relevant socket.
    - Add tracefs_t type to mountpoint attribute
    - Allow useradd_t and groupadd_t domains to send signals to sssd_t
    - Allow systemd_logind_t domain to remove directories labeled as tmpfs_t BZ(1648636)
    - Allow useradd_t and groupadd_t domains to access sssd files because of the new feature in shadow-utils
  • Build completed
    success
    Built as selinux-policy-3.14.3-14.fc30
    5 years ago
file modified
+2 -0
file modified
+34 -3
file modified
+3 -3
Powered by Pagure 5.13.3
DocumentationFile an IssueAbout this InstanceSSH Hostkey/Fingerprint
© Red Hat, Inc. and others.