6994976 - Add snapperd_home_t for HOME_DIR/.snapshots directory

Authored and Committed by mgrepl 7 years ago
    - Add snapperd_home_t for HOME_DIR/.snapshots directory
    - Make sosreport as unconfined domain
    - Allow sosreport to execute grub2-probe
    - Allow NM to manage hostname config file
    - Allow systemd_timedated_t to dbus chat with rpm_script_t
    - Allow lsmd plugins to connect to http/ssh/http_cache ports by default
    - Add lsmd_plugin_connect_any boolean
    - Allow mozilla_plugin to attempt to set capabilities
    - Allow lsdm_plugins to use tcp_socket
    - Dontaudit mozilla plugin from getattr on /proc or /sys
    - Dontaudit use of the keyring by the services in a sandbox
    - Dontaudit attempts to sys_ptrace caused by running ps for mysqld_safe_t
    - Allow rabbitmq_beam to connect to jabber_interserver_port
    - Allow logwatch_mail_t to transition to qmail_inject and queueu
    - Added new rules to pcp policy
    - Allow vmtools_helper_t to change role to system_r
    - Allow NM to dbus chat with vmtools
    - Fix couchdb_manage_files() to allow manage couchdb conf files
    - Add support for /var/run/redis.sock
    - dontaudit gpg trying to use audit
    - Allow consolekit to create log directories and files
    - Fix vmtools policy to allow user roles to access vmtools_helper_t
    - Allow block_suspend cap2 for ipa-otpd
    - Allow pkcsslotd to read users state
    - Add ioctl to init_dontaudit_rw_stream_socket
    - Add systemd_hostnamed_manage_config() interface
    - Remove transition for temp dirs created by init_t
    - gdm-simple-slave uses use setsockopt
    - sddm-greater is a xdm type program
file modified
+45 -11
file modified
+158 -88
file modified
+32 -1