rpms / selinux-policy

Clone
Source Code
GIT

5cc0487 * Tue Jul 21 2015 Lukas Vrabec <lvrabec@redhat.com> 3.13.1-138

Authored and Committed by lvrabec 8 years ago
raw patch tree parent
3 files changed. 312 lines added. 155 lines removed.
policy-rawhide-base.patch
file modified
+6 -5
policy-rawhide-contrib.patch
file modified
+260 -150
selinux-policy.spec
file modified
+46 -0 
    * Tue Jul 21 2015 Lukas Vrabec <lvrabec@redhat.com> 3.13.1-138
    - Revert "Allow smbd_t and nmbd_t to manage winbind_var_run_t files/socktes/dirs."
    - gnome_dontaudit_search_config() needs to be a part of optinal_policy in pegasus.te
    - Allow glusterd to manage nfsd and rpcd services.
    - Allow smbd_t and nmbd_t to manage winbind_var_run_t files/socktes/dirs.
    - Merge branch 'rawhide-contrib' of github.com:fedora-selinux/selinux-policy into rawhide-contrib
    - Add samba_manage_winbind_pid() interface
    -  Allow networkmanager to  communicate via dbus with systemd_hostanmed.
    - Allow networkmanager to  communicate via dbus with systemd_hostanmed.
    - Allow stream connect logrotate to prosody.
    - Add prosody_stream_connect() interface.
    -  httpd should be able to send signal/signull to httpd_suexec_t, instead of httpd_suexec_exec_t.
    - Allow prosody to create own tmp files/dirs.
    - Allow keepalived request kernel load module
    - kadmind should not read generic files in /usr
    - Allow kadmind_t access to /etc/krb5.keytab
    - Add more fixes to kerberos.te
    - Add labeling for /var/tmp/kadmin_0 and /var/tmp/kiprop_0
    - Add lsmd_t to nsswitch_domain.
    - Allow pegasus_openlmi_storage_t create mdadm.conf.anacbak file in /etc.
    - Add fixes to pegasus_openlmi_domain Resolves:#1088904
    - Allow Glance Scrubber to connect to commplex_main port
    - Allow RabbitMQ to connect to amqp port
    - Allow isnsd read access on the file /proc/net/unix
    - Allow qpidd access to /proc/<pid>/net/psched
    - Allow openshift_initrc_t to communicate with firewalld over dbus.
    - Allow ctdbd_t send signull to samba_unconfined_net_t.
    - Add samba_signull_unconfined_net()
    - Add samba_signull_winbind()
    - Revert "Add interfaces winbind_signull(), samba_unconfined_net_signull()."
    - Fix ctdb policy
    - Revert "Allow ctdbd sending signull to process winbind, samba_unconfined_net, to"
    - Merge branch 'rawhide-contrib' of github.com:fedora-selinux/selinux-policy into rawhide-contrib
    - inn daemon should create innd_log_t objects in var_log_t instead of innd_var_run_t
    - Fix rule definitions for httpd_can_sendmail boolean. We need to distinguish between base and contrib.
    - Add samba_unconfined_script_exec_t to samba_admin header.
    - Add jabberd_lock_t label to jabberd_admin header.
    - Add rpm_var_run_t label to rpm_admin header.
    - Make all interfaces related to openshift_cache_t as deprecated.
    - Remove non exits nfsd_ro_t label.
    - Label /usr/afs/ as afs_files_t Allow afs_bosserver_t create afs_config_t and afs_dbdir_t dirs under afs_files_t Allow afs_bosserver_t read kerberos config
    - Fix *_admin intefaces where body is not consistent with header.
    - Allow networkmanager read rfcomm port.
    - Fix nova_domain_template interface, Fix typo bugs in nova policy
    - Label /var/db/ as system_db_t.
file modified
+6 -5
file modified
+260 -150
file modified
+46 -0
Powered by Pagure 5.13.3
DocumentationFile an IssueAbout this InstanceSSH Hostkey/Fingerprint
© Red Hat, Inc. and others.