rpms / selinux-policy

Clone
Source Code
GIT

e083bc1 * Mon Mar 12 2018 Lukas Vrabec <lvrabec@redhat.com> - 3.13.1-283.28

Authored and Committed by lvrabec 6 years ago
raw patch tree parent
4 files changed. 473 lines added. 285 lines removed.
container-selinux.tgz
file modified
+0 -0
policy-f27-base.patch
file modified
+294 -202
policy-f27-contrib.patch
file modified
+143 -82
selinux-policy.spec
file modified
+36 -1 
    * Mon Mar 12 2018 Lukas Vrabec <lvrabec@redhat.com> - 3.13.1-283.28
    - Allow tor_t domain to execute bin_t files BZ(1496274)
    - Allow iscsid_t domain to mmap kernel modules BZ(1553759)
    - Update minidlna SELinux policy BZ(1554087)
    - Allow motion_t domain to read sysfs_t files BZ(1554142)
    - Allow snapperd_t domain to getattr on all files,dirs,sockets,pipes BZ(1551738)
    - Allow l2tp_t domain to read ipsec config files BZ(1545348)
    - Allow colord_t to mmap home user files BZ(1551033)
    - Dontaudit httpd_t creating kobject uevent sockets BZ(1552536)
    - Allow ipmievd_t to mmap kernel modules BZ(1552535)
    - Allow boinc_t domain to read cgroup files BZ(1468381)
    - Allow gpg_t domain to bind on all unereserved udp ports
    - Allow rpcbind_t to create directory with label rpcbind_var_run_t BZ(1552398)
    - Allow boinc_t to read cgroup files BZ(1552436)
    - Allow boinc_t to read sysctl_vm_t files BZ(1544627)
    - Allow systemd to create systemd_rfkill_var_lib_t dirs BZ(1502164)
    - Allow netlabel_mgmt_t domain to read sssd public files, stream connect to sssd_t BZ(1483655)
    - Allow xdm_t domain to sys_ptrace BZ(1554150)
    - Allow application_domain_type also mmap inherited user temp files BZ(1552765)
    - Update ipsec_read_config() interface
    - Fix broken sysadm SELinux module
    - Allow ipsec_t to search for bind cache BZ(1542746)
    - Allow staff_t to send sigkill to mount_t domain BZ(1544272)
    - Label /run/systemd/resolve/stub-resolv.conf as net_conf_t BZ(1471545)
    - Label ip6tables.init as iptables_exec_t BZ(1551463)
    - Allow hostname_t to use usb ttys BZ(1542903)
    - Add fsetid capability to updpwd_t domain BZ(1543375)
    - Allow systemd machined send signal to all domains BZ(1372644)
    - Dontaudit create netlink selinux sockets for unpriv SELinux users BZ(1547876)
    - Allow sysadm_t to create netlink generic sockets BZ(1547874)
    - Allow systemd to create sockets BZ(1546423)
    - Allow passwd_t domain chroot
    - Dontaudit confined unpriviliged users setuid capability
    - Allow staff_t domain to read/write/map zero device BZ(1552416)
file modified
+0 -0
file modified
+294 -202
file modified
+143 -82
file modified
+36 -1
Powered by Pagure 5.13.3
DocumentationFile an IssueAbout this InstanceSSH Hostkey/Fingerprint
© Red Hat, Inc. and others.