cf8f98 * Wed Nov 07 2018 Lukas Vrabec <> - 3.14.2-43

Authored and Committed by lvrabec a year ago
    * Wed Nov 07 2018 Lukas Vrabec <> - 3.14.2-43
    - Update pesign policy to allow pesign_t domain to read bind cache files/dirs
    - Add dac_override capability to mdadm_t domain
    - Create ibacm_tmpfs_t type for the ibacm policy
    - Dontaudit capability sys_admin for dhcpd_t domain
    - Makes rhsmcertd_t domain an exception to the constraint preventing changing the user identity in object contexts.
    - Allow abrt_t domain to mmap generic tmp_t files
    - Label /usr/sbin/wpa_cli as wpa_cli_exec_t
    - Allow sandbox_xserver_t domain write to user_tmp_t files
    - Allow certutil running as ipsec_mgmt_t domain to mmap ipsec_mgmt pid files Dontaudit ipsec_mgmt_t domain to write to the all mountpoints
    - Add interface files_map_generic_tmp_files()
    - Add dac_override capability to the syslogd_t domain
    - Create systemd_timedated_var_run_t label
    - Update systemd_timedated_t domain to allow create own pid files/access init_var_lib_t files and read dbus files BZ(1646202)
    - Add init_read_var_lib_lnk_files and init_read_var_lib_sock_files interfaces
  • Build completed
    Built as selinux-policy-3.14.2-43.fc29
    a year ago
file modified
+2 -0
file modified
+19 -3
file modified
+3 -3