rpms / selinux-policy

Clone
Source Code
GIT

c04fecf * Fri Jun 26 2020 Zdenek Pytela <zpytela@redhat.com> - 3.14.6-17

Authored and Committed by zpytela 3 years ago
raw patch tree parent
3 files changed. 45 lines added. 6 lines removed.
.gitignore
file modified
+2 -0
selinux-policy.spec
file modified
+40 -3
sources
file modified
+3 -3 
    * Fri Jun 26 2020 Zdenek Pytela <zpytela@redhat.com> - 3.14.6-17
    - Allow pdns server to read system state
    - Allow irqbalance nnp_transition
    - Fix description tag for the sssd_connect_all_unreserved_ports tunable
    - Allow journalctl process set its resource limits
    - Add sssd_access_kernel_keys tunable to conditionally access kernel keys
    - Make keepalived work with network namespaces
    - Create sssd_connect_all_unreserved_ports boolean
    - Allow hypervkvpd to request kernel to load a module
    - Allow systemd_private_tmp(dirsrv_tmp_t)
    - Allow microcode_ctl get attributes of sysfs directories
    - Remove duplicate files_dontaudit_list_tmp(radiusd_t) line
    - Allow radiusd connect to gssproxy over unix domain stream socket
    - Add fwupd_cache_t file context for '/var/cache/fwupd(/.*)?'
    - Allow qemu read and write /dev/mapper/control
    - Allow tlp_t can_exec() tlp_exec_t
    - Dontaudit vpnc_t setting its process scheduling
    - Remove files_mmap_usr_files() call for particular domains
    - Allow dirsrv_t list cgroup directories
    - Crete the kerberos_write_kadmind_tmp_files() interface
    - Allow realmd_t dbus chat with accountsd_t
    - Label systemd-growfs and systemd-makefs       as fsadm_exec_t
    - Allow staff_u and user_u setattr generic usb devices
    - Allow sysadm_t dbus chat with accountsd
    - Modify kernel_rw_key() not to include append permission
    - Add kernel_rw_key() interface to access to kernel keyrings
    - Modify systemd_delete_private_tmp() to use delete_*_pattern macros
    - Allow systemd-modules to load kernel modules
    - Add cachefiles_dev_t as a typealias to cachefiles_device_t
    - Allow libkrb5 lib read client keytabs
    - Allow domain mmap usr_t files
    - Remove files_mmap_usr_files() call for systemd domains
    - Allow sshd write to kadmind temporary files
    - Do not audit staff_t and user_t attempts to manage boot_t entries
    - Add files_dontaudit_manage_boot_dirs() interface
    - Allow systemd-tty-ask-password-agent read efivarfs files
  • Build completed
    success
    Built as selinux-policy-3.14.6-17.fc33
    3 years ago
file modified
+2 -0
file modified
+40 -3
file modified
+3 -3
Powered by Pagure 5.13.3
DocumentationFile an IssueAbout this InstanceSSH Hostkey/Fingerprint
© Red Hat, Inc. and others.