- syslog_t needs syslog capability

- dirsrv needs to be able to create /var/lib/snmp
- Fix labeling for dirsrv
- Fix for dirsrv policy missing manage_dirs_pattern
- corosync needs to delete clvm_tmpfs_t files
- qdiskd needs to list hugetlbfs
- Move setsched to sandbox_x_domain, so firefox can run without network access
- Allow hddtemp to read removable devices
- Adding syslog and read_policy permissions to policy
       * syslog
               Allow unconfined, sysadm_t, secadm_t, logadm_t
       * read_policy
               allow unconfined, sysadm_t, secadm_t, staff_t on Targeted
               allow sysadm_t (optionally), secadm_t on MLS
- mdadm application will write into /sys/.../uevent whenever arrays are
assembled or disassembled.
This commit is contained in:
Miroslav Grepl 2011-02-03 18:30:25 +00:00
parent 731e693460
commit 19cd669e5e
2 changed files with 566 additions and 173 deletions

File diff suppressed because it is too large Load Diff

View File

@ -21,7 +21,7 @@
Summary: SELinux policy configuration
Name: selinux-policy
Version: 3.9.13
Release: 8%{?dist}
Release: 9%{?dist}
License: GPLv2+
Group: System Environment/Base
Source: serefpolicy-%{version}.tgz
@ -472,6 +472,24 @@ exit 0
%endif
%changelog
* Thu Feb 3 2011 Miroslav Grepl <mgrepl@redhat.com> 3.9.13-9
- syslog_t needs syslog capability
- dirsrv needs to be able to create /var/lib/snmp
- Fix labeling for dirsrv
- Fix for dirsrv policy missing manage_dirs_pattern
- corosync needs to delete clvm_tmpfs_t files
- qdiskd needs to list hugetlbfs
- Move setsched to sandbox_x_domain, so firefox can run without network access
- Allow hddtemp to read removable devices
- Adding syslog and read_policy permissions to policy
* syslog
Allow unconfined, sysadm_t, secadm_t, logadm_t
* read_policy
allow unconfined, sysadm_t, secadm_t, staff_t on Targeted
allow sysadm_t (optionally), secadm_t on MLS
- mdadm application will write into /sys/.../uevent whenever arrays are
assembled or disassembled.
* Tue Feb 1 2011 Dan Walsh <dwalsh@redhat.com> 3.9.13-8
- Add tcsd policy