Commit - rpms/selinux-policy - ab84f40064ad511804a7d1b3b78b25f235a353f6

    - Allow init_t to stream connect to ipsec
    - Add /usr/lib/systemd/systemd-networkd policy
    - Add sysnet_manage_config_dirs()
    - Add support for /var/run/systemd/network and labeled it as net_conf_t
    - Allow unpriv SELinux users to dbus chat with firewalld
    - Add lvm_write_metadata()
    - Label /etc/yum.reposd dir as system_conf_t. Should be safe because system_conf_t is base_ro_file_type
    - Add support for /dev/vmcp and /dev/sclp
    - Add docker_connect_any boolean
    - Fix zabbix policy
    - Allow zabbix to send system log msgs
    - Allow pegasus_openlmi_storage_t to write lvm metadata
    - Updated pcp_bind_all_unreserved_ports
    - Allow numad to write scan_sleep_millisecs
    - Turn on entropyd_use_audio boolean by default
    - Allow cgred to read /etc/cgconfig.conf because it contains templates used together with rules from /etc/cgrules.conf.
    - Allow lscpu running as rhsmcertd_t to read /proc/sysinfo

permissivedomains.pp

file modified

+0 -0

permissivedomains.te

file modified

+7 -0

policy-rawhide-base.patch

file modified

+492 -379

policy-rawhide-contrib.patch

file modified

+65 -27

selinux-policy.spec

file modified

+20 -1

rpms / selinux-policy

Source Code

ab84f40 - Allow init_t to stream connect to ipsec

Authored and Committed by mgrepl 10 years ago

`ab84f40` - Allow init_t to stream connect to ipsec