* Mon Mar 23 2015 Lukas Vrabec <lvrabec@redhat.com> 3.13.1-120
- Allow mysqld_t to use pam. BZ(1196104) - Added label mysqld_etc_t for /etc/my.cnf.d/ dir. BZ(1203989) - Allow fetchmail to read mail_spool_t. BZ(1200552) - Dontaudit blueman_t write to all mountpoints. BZ(1198272) - Allow all domains some process flags. - Merge branch 'rawhide-base' of github.com:selinux-policy/selinux-policy into rawhide-base - Turn on overlayfs labeling for testin, we need this backported to F22 and Rawhide. Eventually will need this in RHEL
This commit is contained in:
parent
60d4b2cec9
commit
734dd8ae6f
|
@ -9051,7 +9051,7 @@ index 6a1e4d1..549967a 100644
|
||||||
+ dontaudit $1 domain:dir_file_class_set audit_access;
|
+ dontaudit $1 domain:dir_file_class_set audit_access;
|
||||||
')
|
')
|
||||||
diff --git a/policy/modules/kernel/domain.te b/policy/modules/kernel/domain.te
|
diff --git a/policy/modules/kernel/domain.te b/policy/modules/kernel/domain.te
|
||||||
index cf04cb5..04c9593 100644
|
index cf04cb5..7da29ff 100644
|
||||||
--- a/policy/modules/kernel/domain.te
|
--- a/policy/modules/kernel/domain.te
|
||||||
+++ b/policy/modules/kernel/domain.te
|
+++ b/policy/modules/kernel/domain.te
|
||||||
@@ -4,17 +4,41 @@ policy_module(domain, 1.11.0)
|
@@ -4,17 +4,41 @@ policy_module(domain, 1.11.0)
|
||||||
|
@ -9118,7 +9118,7 @@ index cf04cb5..04c9593 100644
|
||||||
|
|
||||||
# create child processes in the domain
|
# create child processes in the domain
|
||||||
-allow domain self:process { fork sigchld };
|
-allow domain self:process { fork sigchld };
|
||||||
+allow domain self:process { getcap fork getsched signal_perms };
|
+allow domain self:process { getcap fork getsched signal_perms setrlimit getattr getcap getsched getsession };
|
||||||
|
|
||||||
# Use trusted objects in /dev
|
# Use trusted objects in /dev
|
||||||
+dev_read_cpu_online(domain)
|
+dev_read_cpu_online(domain)
|
||||||
|
@ -15743,10 +15743,10 @@ index 8416beb..75c7b9d 100644
|
||||||
+ fs_tmpfs_filetrans($1, cgroup_t, lnk_file, "cpuacct")
|
+ fs_tmpfs_filetrans($1, cgroup_t, lnk_file, "cpuacct")
|
||||||
+')
|
+')
|
||||||
diff --git a/policy/modules/kernel/filesystem.te b/policy/modules/kernel/filesystem.te
|
diff --git a/policy/modules/kernel/filesystem.te b/policy/modules/kernel/filesystem.te
|
||||||
index e7d1738..c0b17f8 100644
|
index e7d1738..3ed4189 100644
|
||||||
--- a/policy/modules/kernel/filesystem.te
|
--- a/policy/modules/kernel/filesystem.te
|
||||||
+++ b/policy/modules/kernel/filesystem.te
|
+++ b/policy/modules/kernel/filesystem.te
|
||||||
@@ -26,14 +26,18 @@ fs_use_xattr ext2 gen_context(system_u:object_r:fs_t,s0);
|
@@ -26,14 +26,19 @@ fs_use_xattr ext2 gen_context(system_u:object_r:fs_t,s0);
|
||||||
fs_use_xattr ext3 gen_context(system_u:object_r:fs_t,s0);
|
fs_use_xattr ext3 gen_context(system_u:object_r:fs_t,s0);
|
||||||
fs_use_xattr ext4 gen_context(system_u:object_r:fs_t,s0);
|
fs_use_xattr ext4 gen_context(system_u:object_r:fs_t,s0);
|
||||||
fs_use_xattr ext4dev gen_context(system_u:object_r:fs_t,s0);
|
fs_use_xattr ext4dev gen_context(system_u:object_r:fs_t,s0);
|
||||||
|
@ -15758,6 +15758,7 @@ index e7d1738..c0b17f8 100644
|
||||||
fs_use_xattr jfs gen_context(system_u:object_r:fs_t,s0);
|
fs_use_xattr jfs gen_context(system_u:object_r:fs_t,s0);
|
||||||
fs_use_xattr lustre gen_context(system_u:object_r:fs_t,s0);
|
fs_use_xattr lustre gen_context(system_u:object_r:fs_t,s0);
|
||||||
+fs_use_xattr ocfs2 gen_context(system_u:object_r:fs_t,s0);
|
+fs_use_xattr ocfs2 gen_context(system_u:object_r:fs_t,s0);
|
||||||
|
+fs_use_xattr overlay gen_context(system_u:object_r:fs_t,s0);
|
||||||
fs_use_xattr xfs gen_context(system_u:object_r:fs_t,s0);
|
fs_use_xattr xfs gen_context(system_u:object_r:fs_t,s0);
|
||||||
+fs_use_xattr squashfs gen_context(system_u:object_r:fs_t,s0);
|
+fs_use_xattr squashfs gen_context(system_u:object_r:fs_t,s0);
|
||||||
fs_use_xattr zfs gen_context(system_u:object_r:fs_t,s0);
|
fs_use_xattr zfs gen_context(system_u:object_r:fs_t,s0);
|
||||||
|
@ -15765,7 +15766,7 @@ index e7d1738..c0b17f8 100644
|
||||||
|
|
||||||
# Use the allocating task SID to label inodes in the following filesystem
|
# Use the allocating task SID to label inodes in the following filesystem
|
||||||
# types, and label the filesystem itself with the specified context.
|
# types, and label the filesystem itself with the specified context.
|
||||||
@@ -53,6 +57,7 @@ type anon_inodefs_t;
|
@@ -53,6 +58,7 @@ type anon_inodefs_t;
|
||||||
fs_type(anon_inodefs_t)
|
fs_type(anon_inodefs_t)
|
||||||
files_mountpoint(anon_inodefs_t)
|
files_mountpoint(anon_inodefs_t)
|
||||||
genfscon anon_inodefs / gen_context(system_u:object_r:anon_inodefs_t,s0)
|
genfscon anon_inodefs / gen_context(system_u:object_r:anon_inodefs_t,s0)
|
||||||
|
@ -15773,7 +15774,7 @@ index e7d1738..c0b17f8 100644
|
||||||
|
|
||||||
type bdev_t;
|
type bdev_t;
|
||||||
fs_type(bdev_t)
|
fs_type(bdev_t)
|
||||||
@@ -63,12 +68,18 @@ fs_type(binfmt_misc_fs_t)
|
@@ -63,12 +69,18 @@ fs_type(binfmt_misc_fs_t)
|
||||||
files_mountpoint(binfmt_misc_fs_t)
|
files_mountpoint(binfmt_misc_fs_t)
|
||||||
genfscon binfmt_misc / gen_context(system_u:object_r:binfmt_misc_fs_t,s0)
|
genfscon binfmt_misc / gen_context(system_u:object_r:binfmt_misc_fs_t,s0)
|
||||||
|
|
||||||
|
@ -15793,7 +15794,7 @@ index e7d1738..c0b17f8 100644
|
||||||
fs_type(cgroup_t)
|
fs_type(cgroup_t)
|
||||||
files_mountpoint(cgroup_t)
|
files_mountpoint(cgroup_t)
|
||||||
dev_associate_sysfs(cgroup_t)
|
dev_associate_sysfs(cgroup_t)
|
||||||
@@ -88,6 +99,11 @@ fs_noxattr_type(ecryptfs_t)
|
@@ -88,6 +100,11 @@ fs_noxattr_type(ecryptfs_t)
|
||||||
files_mountpoint(ecryptfs_t)
|
files_mountpoint(ecryptfs_t)
|
||||||
genfscon ecryptfs / gen_context(system_u:object_r:ecryptfs_t,s0)
|
genfscon ecryptfs / gen_context(system_u:object_r:ecryptfs_t,s0)
|
||||||
|
|
||||||
|
@ -15805,7 +15806,7 @@ index e7d1738..c0b17f8 100644
|
||||||
type futexfs_t;
|
type futexfs_t;
|
||||||
fs_type(futexfs_t)
|
fs_type(futexfs_t)
|
||||||
genfscon futexfs / gen_context(system_u:object_r:futexfs_t,s0)
|
genfscon futexfs / gen_context(system_u:object_r:futexfs_t,s0)
|
||||||
@@ -96,6 +112,7 @@ type hugetlbfs_t;
|
@@ -96,6 +113,7 @@ type hugetlbfs_t;
|
||||||
fs_type(hugetlbfs_t)
|
fs_type(hugetlbfs_t)
|
||||||
files_mountpoint(hugetlbfs_t)
|
files_mountpoint(hugetlbfs_t)
|
||||||
fs_use_trans hugetlbfs gen_context(system_u:object_r:hugetlbfs_t,s0);
|
fs_use_trans hugetlbfs gen_context(system_u:object_r:hugetlbfs_t,s0);
|
||||||
|
@ -15813,7 +15814,7 @@ index e7d1738..c0b17f8 100644
|
||||||
|
|
||||||
type ibmasmfs_t;
|
type ibmasmfs_t;
|
||||||
fs_type(ibmasmfs_t)
|
fs_type(ibmasmfs_t)
|
||||||
@@ -118,13 +135,14 @@ genfscon mvfs / gen_context(system_u:object_r:mvfs_t,s0)
|
@@ -118,13 +136,14 @@ genfscon mvfs / gen_context(system_u:object_r:mvfs_t,s0)
|
||||||
|
|
||||||
type nfsd_fs_t;
|
type nfsd_fs_t;
|
||||||
fs_type(nfsd_fs_t)
|
fs_type(nfsd_fs_t)
|
||||||
|
@ -15829,7 +15830,7 @@ index e7d1738..c0b17f8 100644
|
||||||
fs_type(pstore_t)
|
fs_type(pstore_t)
|
||||||
files_mountpoint(pstore_t)
|
files_mountpoint(pstore_t)
|
||||||
dev_associate_sysfs(pstore_t)
|
dev_associate_sysfs(pstore_t)
|
||||||
@@ -150,11 +168,6 @@ fs_type(spufs_t)
|
@@ -150,11 +169,6 @@ fs_type(spufs_t)
|
||||||
genfscon spufs / gen_context(system_u:object_r:spufs_t,s0)
|
genfscon spufs / gen_context(system_u:object_r:spufs_t,s0)
|
||||||
files_mountpoint(spufs_t)
|
files_mountpoint(spufs_t)
|
||||||
|
|
||||||
|
@ -15841,7 +15842,7 @@ index e7d1738..c0b17f8 100644
|
||||||
type sysv_t;
|
type sysv_t;
|
||||||
fs_noxattr_type(sysv_t)
|
fs_noxattr_type(sysv_t)
|
||||||
files_mountpoint(sysv_t)
|
files_mountpoint(sysv_t)
|
||||||
@@ -172,6 +185,8 @@ type vxfs_t;
|
@@ -172,6 +186,8 @@ type vxfs_t;
|
||||||
fs_noxattr_type(vxfs_t)
|
fs_noxattr_type(vxfs_t)
|
||||||
files_mountpoint(vxfs_t)
|
files_mountpoint(vxfs_t)
|
||||||
genfscon vxfs / gen_context(system_u:object_r:vxfs_t,s0)
|
genfscon vxfs / gen_context(system_u:object_r:vxfs_t,s0)
|
||||||
|
@ -15850,7 +15851,7 @@ index e7d1738..c0b17f8 100644
|
||||||
|
|
||||||
#
|
#
|
||||||
# tmpfs_t is the type for tmpfs filesystems
|
# tmpfs_t is the type for tmpfs filesystems
|
||||||
@@ -182,6 +197,8 @@ fs_type(tmpfs_t)
|
@@ -182,6 +198,8 @@ fs_type(tmpfs_t)
|
||||||
files_type(tmpfs_t)
|
files_type(tmpfs_t)
|
||||||
files_mountpoint(tmpfs_t)
|
files_mountpoint(tmpfs_t)
|
||||||
files_poly_parent(tmpfs_t)
|
files_poly_parent(tmpfs_t)
|
||||||
|
@ -15859,7 +15860,7 @@ index e7d1738..c0b17f8 100644
|
||||||
|
|
||||||
# Use a transition SID based on the allocating task SID and the
|
# Use a transition SID based on the allocating task SID and the
|
||||||
# filesystem SID to label inodes in the following filesystem types,
|
# filesystem SID to label inodes in the following filesystem types,
|
||||||
@@ -261,6 +278,8 @@ genfscon udf / gen_context(system_u:object_r:iso9660_t,s0)
|
@@ -261,6 +279,8 @@ genfscon udf / gen_context(system_u:object_r:iso9660_t,s0)
|
||||||
type removable_t;
|
type removable_t;
|
||||||
allow removable_t noxattrfs:filesystem associate;
|
allow removable_t noxattrfs:filesystem associate;
|
||||||
fs_noxattr_type(removable_t)
|
fs_noxattr_type(removable_t)
|
||||||
|
@ -15868,7 +15869,7 @@ index e7d1738..c0b17f8 100644
|
||||||
files_mountpoint(removable_t)
|
files_mountpoint(removable_t)
|
||||||
|
|
||||||
#
|
#
|
||||||
@@ -280,6 +299,7 @@ genfscon ncpfs / gen_context(system_u:object_r:nfs_t,s0)
|
@@ -280,6 +300,7 @@ genfscon ncpfs / gen_context(system_u:object_r:nfs_t,s0)
|
||||||
genfscon reiserfs / gen_context(system_u:object_r:nfs_t,s0)
|
genfscon reiserfs / gen_context(system_u:object_r:nfs_t,s0)
|
||||||
genfscon panfs / gen_context(system_u:object_r:nfs_t,s0)
|
genfscon panfs / gen_context(system_u:object_r:nfs_t,s0)
|
||||||
genfscon gadgetfs / gen_context(system_u:object_r:nfs_t,s0)
|
genfscon gadgetfs / gen_context(system_u:object_r:nfs_t,s0)
|
||||||
|
|
|
@ -9558,7 +9558,7 @@ index 16ec525..1dd4059 100644
|
||||||
|
|
||||||
########################################
|
########################################
|
||||||
diff --git a/blueman.te b/blueman.te
|
diff --git a/blueman.te b/blueman.te
|
||||||
index 3a5032e..2097425 100644
|
index 3a5032e..7987a21 100644
|
||||||
--- a/blueman.te
|
--- a/blueman.te
|
||||||
+++ b/blueman.te
|
+++ b/blueman.te
|
||||||
@@ -7,7 +7,7 @@ policy_module(blueman, 1.1.0)
|
@@ -7,7 +7,7 @@ policy_module(blueman, 1.1.0)
|
||||||
|
@ -9589,7 +9589,7 @@ index 3a5032e..2097425 100644
|
||||||
kernel_read_system_state(blueman_t)
|
kernel_read_system_state(blueman_t)
|
||||||
kernel_request_load_module(blueman_t)
|
kernel_request_load_module(blueman_t)
|
||||||
|
|
||||||
@@ -41,29 +42,44 @@ corecmd_exec_bin(blueman_t)
|
@@ -41,29 +42,45 @@ corecmd_exec_bin(blueman_t)
|
||||||
dev_read_rand(blueman_t)
|
dev_read_rand(blueman_t)
|
||||||
dev_read_urand(blueman_t)
|
dev_read_urand(blueman_t)
|
||||||
dev_rw_wireless(blueman_t)
|
dev_rw_wireless(blueman_t)
|
||||||
|
@ -9599,6 +9599,7 @@ index 3a5032e..2097425 100644
|
||||||
|
|
||||||
files_list_tmp(blueman_t)
|
files_list_tmp(blueman_t)
|
||||||
-files_read_usr_files(blueman_t)
|
-files_read_usr_files(blueman_t)
|
||||||
|
+files_dontaudit_write_all_mountpoints(blueman_t)
|
||||||
|
|
||||||
auth_use_nsswitch(blueman_t)
|
auth_use_nsswitch(blueman_t)
|
||||||
|
|
||||||
|
@ -27280,7 +27281,7 @@ index c3f7916..cab3954 100644
|
||||||
admin_pattern($1, fetchmail_etc_t)
|
admin_pattern($1, fetchmail_etc_t)
|
||||||
|
|
||||||
diff --git a/fetchmail.te b/fetchmail.te
|
diff --git a/fetchmail.te b/fetchmail.te
|
||||||
index 742559a..57711b3 100644
|
index 742559a..fa51d09 100644
|
||||||
--- a/fetchmail.te
|
--- a/fetchmail.te
|
||||||
+++ b/fetchmail.te
|
+++ b/fetchmail.te
|
||||||
@@ -32,14 +32,18 @@ files_type(fetchmail_uidl_cache_t)
|
@@ -32,14 +32,18 @@ files_type(fetchmail_uidl_cache_t)
|
||||||
|
@ -27311,7 +27312,7 @@ index 742559a..57711b3 100644
|
||||||
corenet_all_recvfrom_netlabel(fetchmail_t)
|
corenet_all_recvfrom_netlabel(fetchmail_t)
|
||||||
corenet_tcp_sendrecv_generic_if(fetchmail_t)
|
corenet_tcp_sendrecv_generic_if(fetchmail_t)
|
||||||
corenet_tcp_sendrecv_generic_node(fetchmail_t)
|
corenet_tcp_sendrecv_generic_node(fetchmail_t)
|
||||||
@@ -84,15 +87,23 @@ fs_search_auto_mountpoints(fetchmail_t)
|
@@ -84,15 +87,24 @@ fs_search_auto_mountpoints(fetchmail_t)
|
||||||
|
|
||||||
domain_use_interactive_fds(fetchmail_t)
|
domain_use_interactive_fds(fetchmail_t)
|
||||||
|
|
||||||
|
@ -27330,6 +27331,7 @@ index 742559a..57711b3 100644
|
||||||
+
|
+
|
||||||
+optional_policy(`
|
+optional_policy(`
|
||||||
+ mta_send_mail(fetchmail_t)
|
+ mta_send_mail(fetchmail_t)
|
||||||
|
+ mta_read_spool(fetchmail_t)
|
||||||
+')
|
+')
|
||||||
+
|
+
|
||||||
+optional_policy(`
|
+optional_policy(`
|
||||||
|
@ -51906,10 +51908,10 @@ index b708708..dd6e04b 100644
|
||||||
+ apache_search_sys_content(munin_t)
|
+ apache_search_sys_content(munin_t)
|
||||||
+')
|
+')
|
||||||
diff --git a/mysql.fc b/mysql.fc
|
diff --git a/mysql.fc b/mysql.fc
|
||||||
index 06f8666..4a315d5 100644
|
index 06f8666..d813d8a 100644
|
||||||
--- a/mysql.fc
|
--- a/mysql.fc
|
||||||
+++ b/mysql.fc
|
+++ b/mysql.fc
|
||||||
@@ -1,12 +1,25 @@
|
@@ -1,12 +1,26 @@
|
||||||
-HOME_DIR/\.my\.cnf -- gen_context(system_u:object_r:mysqld_home_t,s0)
|
-HOME_DIR/\.my\.cnf -- gen_context(system_u:object_r:mysqld_home_t,s0)
|
||||||
-
|
-
|
||||||
-/etc/my\.cnf -- gen_context(system_u:object_r:mysqld_etc_t,s0)
|
-/etc/my\.cnf -- gen_context(system_u:object_r:mysqld_etc_t,s0)
|
||||||
|
@ -51935,6 +51937,7 @@ index 06f8666..4a315d5 100644
|
||||||
+#
|
+#
|
||||||
+/etc/my\.cnf -- gen_context(system_u:object_r:mysqld_etc_t,s0)
|
+/etc/my\.cnf -- gen_context(system_u:object_r:mysqld_etc_t,s0)
|
||||||
+/etc/mysql(/.*)? gen_context(system_u:object_r:mysqld_etc_t,s0)
|
+/etc/mysql(/.*)? gen_context(system_u:object_r:mysqld_etc_t,s0)
|
||||||
|
+/etc/my\.cnf\.d(/.*)? gen_context(system_u:object_r:mysqld_etc_t,s0)
|
||||||
+/etc/rc\.d/init\.d/mysqld -- gen_context(system_u:object_r:mysqld_initrc_exec_t,s0)
|
+/etc/rc\.d/init\.d/mysqld -- gen_context(system_u:object_r:mysqld_initrc_exec_t,s0)
|
||||||
+/etc/rc\.d/init\.d/mysqlmanager -- gen_context(system_u:object_r:mysqlmanagerd_initrc_exec_t,s0)
|
+/etc/rc\.d/init\.d/mysqlmanager -- gen_context(system_u:object_r:mysqlmanagerd_initrc_exec_t,s0)
|
||||||
+
|
+
|
||||||
|
@ -51944,7 +51947,7 @@ index 06f8666..4a315d5 100644
|
||||||
/usr/bin/mysqld_safe -- gen_context(system_u:object_r:mysqld_safe_exec_t,s0)
|
/usr/bin/mysqld_safe -- gen_context(system_u:object_r:mysqld_safe_exec_t,s0)
|
||||||
/usr/bin/mysql_upgrade -- gen_context(system_u:object_r:mysqld_exec_t,s0)
|
/usr/bin/mysql_upgrade -- gen_context(system_u:object_r:mysqld_exec_t,s0)
|
||||||
|
|
||||||
@@ -14,14 +27,17 @@ HOME_DIR/\.my\.cnf -- gen_context(system_u:object_r:mysqld_home_t,s0)
|
@@ -14,14 +28,17 @@ HOME_DIR/\.my\.cnf -- gen_context(system_u:object_r:mysqld_home_t,s0)
|
||||||
|
|
||||||
/usr/sbin/mysqld(-max)? -- gen_context(system_u:object_r:mysqld_exec_t,s0)
|
/usr/sbin/mysqld(-max)? -- gen_context(system_u:object_r:mysqld_exec_t,s0)
|
||||||
/usr/sbin/mysqlmanager -- gen_context(system_u:object_r:mysqlmanagerd_exec_t,s0)
|
/usr/sbin/mysqlmanager -- gen_context(system_u:object_r:mysqlmanagerd_exec_t,s0)
|
||||||
|
@ -52522,7 +52525,7 @@ index 687af38..5381f1b 100644
|
||||||
+ mysql_stream_connect($1)
|
+ mysql_stream_connect($1)
|
||||||
')
|
')
|
||||||
diff --git a/mysql.te b/mysql.te
|
diff --git a/mysql.te b/mysql.te
|
||||||
index 7584bbe..a110a1a 100644
|
index 7584bbe..b852ab1 100644
|
||||||
--- a/mysql.te
|
--- a/mysql.te
|
||||||
+++ b/mysql.te
|
+++ b/mysql.te
|
||||||
@@ -6,20 +6,15 @@ policy_module(mysql, 1.14.1)
|
@@ -6,20 +6,15 @@ policy_module(mysql, 1.14.1)
|
||||||
|
@ -52655,7 +52658,8 @@ index 7584bbe..a110a1a 100644
|
||||||
+files_search_pids(mysqld_t)
|
+files_search_pids(mysqld_t)
|
||||||
+files_getattr_all_sockets(mysqld_t)
|
+files_getattr_all_sockets(mysqld_t)
|
||||||
|
|
||||||
auth_use_nsswitch(mysqld_t)
|
-auth_use_nsswitch(mysqld_t)
|
||||||
|
+auth_use_pam(mysqld_t)
|
||||||
|
|
||||||
logging_send_syslog_msg(mysqld_t)
|
logging_send_syslog_msg(mysqld_t)
|
||||||
|
|
||||||
|
|
|
@ -19,7 +19,7 @@
|
||||||
Summary: SELinux policy configuration
|
Summary: SELinux policy configuration
|
||||||
Name: selinux-policy
|
Name: selinux-policy
|
||||||
Version: 3.13.1
|
Version: 3.13.1
|
||||||
Release: 119%{?dist}
|
Release: 120%{?dist}
|
||||||
License: GPLv2+
|
License: GPLv2+
|
||||||
Group: System Environment/Base
|
Group: System Environment/Base
|
||||||
Source: serefpolicy-%{version}.tgz
|
Source: serefpolicy-%{version}.tgz
|
||||||
|
@ -602,6 +602,15 @@ SELinux Reference policy mls base module.
|
||||||
%endif
|
%endif
|
||||||
|
|
||||||
%changelog
|
%changelog
|
||||||
|
* Mon Mar 23 2015 Lukas Vrabec <lvrabec@redhat.com> 3.13.1-120
|
||||||
|
- Allow mysqld_t to use pam. BZ(1196104)
|
||||||
|
- Added label mysqld_etc_t for /etc/my.cnf.d/ dir. BZ(1203989)
|
||||||
|
- Allow fetchmail to read mail_spool_t. BZ(1200552)
|
||||||
|
- Dontaudit blueman_t write to all mountpoints. BZ(1198272)
|
||||||
|
- Allow all domains some process flags.
|
||||||
|
- Merge branch 'rawhide-base' of github.com:selinux-policy/selinux-policy into rawhide-base
|
||||||
|
- Turn on overlayfs labeling for testin, we need this backported to F22 and Rawhide. Eventually will need this in RHEL
|
||||||
|
|
||||||
* Wed Mar 18 2015 Lukas Vrabec <lvrabec@redhat.com> 3.13.1-119
|
* Wed Mar 18 2015 Lukas Vrabec <lvrabec@redhat.com> 3.13.1-119
|
||||||
- build without docker
|
- build without docker
|
||||||
|
|
||||||
|
|
Loading…
Reference in New Issue