f461645 - Fix files_dontaudit_unmount_all_mountpoints()

Authored and Committed by mgrepl 7 years ago
    - Fix files_dontaudit_unmount_all_mountpoints()
    - Add support for 2608-2609 tcp/udp ports
    - Should allow domains to lock the terminal device
    - More fixes for user config files to make crond_t running in userdomain
    - Add back disable/reload/enable permissions for system class
    - Fix manage_service_perms macro
    - We need to require passwd rootok
    - Fix zebra.fc
    - Fix dnsmasq_filetrans_named_content() interface
    - Allow all sandbox domains create content in svirt_home_t
    - Allow zebra domains also create zebra_tmp_t files in /tmp
    - Add support for new zebra services:isisd,babeld. Add systemd support for zebra services.
    - Fix labeling on neutron and remove transition to iconfig_t
    - abrt needs to read mcelog log file
    - Fix labeling on dnsmasq content
    - Fix labeling on /etc/dnsmasq.d
    - Allow glusterd to relabel own lib files
    - Allow sandbox domains to use pam_rootok, and dontaudit attempts to unmount file systems, this is caused by a bug in systemd
    - Allow ipc_lock for abrt to run journalctl
policy-f20-base.patch policy-rawhide-base.patch
file renamed
+206 -224
policy-f20-contrib.patch policy-rawhide-contrib.patch
file renamed
+293 -152
file modified
+24 -3