rpms
/
selinux-policy
7
0
Fork 0
Code Issues Pull Requests Releases Activity
SELinux policy configuration
5,741 Commits 8 Branches 90 Tags 36 MiB
Shell 100%
Go to file
Lukas Vrabec 0dae2c353f
* Sun Mar 25 2018 Lukas Vrabec <lvrabec@redhat.com> - 3.14.2-9 
- Allow smbcontrol_t to mmap samba_var_t files and allow winbind create sockets BZ(1559795)
- Allow nagios to exec itself and mmap nagios spool files BZ(1559683)
- Allow nagios to mmap nagios config files BZ(1559683)
- Fixing Ganesha module
- Fix typo in NetworkManager module
- Fix bug in gssproxy SELinux module
- Allow abrt_t domain to mmap container_file_t files BZ(1525573)
- Allow networkmanager to be run ssh client BZ(1558441)
- Allow pcp domains to do dc override BZ(1557913)
- Dontaudit pcp_pmie_t to reaquest lost kernel module
- Allow pcp_pmcd_t to manage unpriv userdomains semaphores BZ(1554955)
- Allow httpd_t to read httpd_log_t dirs BZ(1554912)
- Allow fail2ban_t to read system network state BZ(1557752)
- Allow dac override capability to mandb_t domain BZ(1529399)
- Allow collectd_t domain to mmap collectd_var_lib_t files BZ(1556681)
- Dontaudit bug in kernel 4.16 when domains requesting loading kernel modules BZ(1555369)
- Add Domain transition from gssproxy_t to httpd_t domains BZ(1548439)
- Allow httpd_t to mmap user_home_type files if boolean httpd_read_user_content is enabled BZ(1555359)
- Allow snapperd to relabel snapperd_data_t
- Improve bluetooth_stream_socket interface to allow caller domain also send bluetooth sockets
- Allow tcpd_t bind on sshd_port_t if ssh_use_tcpd() is enabled
- Allow insmod_t to load modules BZ(1544189)
- Allow systemd_rfkill_t domain sys_admin capability BZ(1557595)
- Allow systemd_networkd_t to read/write tun tap devices
- Add shell_exec_t file as domain entry for init_t
- Label also /run/systemd/resolved/ as systemd_resolved_var_run_t BZ(1556862)
- Dontaudit kernel 4.16 bug when lot of domains requesting load kernel module BZ(1557347)
- Improve userdom_mmap_user_home_content_files
- Allow systemd_logind_t domain to setattributes on fixed disk devices BZ(1555414)
- Dontaudit kernel 4.16 bug when lot of domains requesting load kernel module
- Allow semanage_t domain mmap usr_t files
- Add new boolean: ssh_use_tcpd()
 		2018-03-25 01:02:58 +01:00
.gitignore * Sun Mar 25 2018 Lukas Vrabec <lvrabec@redhat.com> - 3.14.2-9 2018-03-25 01:02:58 +01:00
COPYING remove extra level of directory 2006-07-12 20:32:27 +00:00
Makefile * Mon Jan 08 2018 Lukas Vrabec <lvrabec@redhat.com> - 3.13.1-310 2018-01-08 12:28:09 +01:00
Makefile.devel Hard code to MLSENABLED 2011-08-22 16:30:20 -04:00
booleans-minimum.conf Remove ftp_home_dir boolean from distgit 2016-04-26 14:04:52 +02:00
booleans-mls.conf Make rawhide == f18 2012-12-17 17:21:00 +01:00
booleans-targeted.conf Switch default value of SELinux boolean httpd_graceful_shutdown to off. 2017-10-03 14:17:18 +02:00
booleans.subs_dist subs virt_sandbox_use_nfs by virt_use_nfs 2016-07-16 17:52:41 +02:00
config.tgz Update /etc/selinux/targeted/contexts/lxc_contexts file. https://github.com/fedora-selinux/selinux-policy/pull/166 2016-10-11 14:15:16 +02:00
customizable_types * Mon Oct 17 2016 Miroslav Grepl <mgrepl@redhat.com> - 3.13.1-221 2016-10-17 20:52:01 +02:00
file_contexts.subs_dist Add label for /sbin symlink 2017-03-02 17:56:48 +01:00
make-rhat-patches.sh Commit removes big SELinux policy patches against tresys refpolicy. 2018-01-08 18:28:27 +01:00
modules-minimum.conf - More access needed for devicekit 2010-08-30 11:58:36 -04:00
modules-mls-base.conf Add fixes for selinux-policy packages to reflect the latest changes related to policy module store migration. 2015-07-16 09:10:21 +02:00
modules-mls-contrib.conf Add fixes for selinux-policy packages to reflect the latest changes related to policy module store migration. 2015-07-16 09:10:21 +02:00
modules-targeted-base.conf Activate kdbus.pp 2015-08-03 17:47:45 +02:00
modules-targeted-contrib.conf Remove ganesha module from active modules 2017-12-06 10:11:13 +01:00
modules-targeted.conf We should not build vbetool anylonger 2014-10-12 07:15:24 -04:00
permissivedomains.cil Remove all permissive domains, all domains looks stable 2017-09-22 12:24:43 +02:00
rpm.macros Updated rpm.macros 2018-02-05 17:01:34 +01:00
securetty_types-minimum - Update to upstream 2010-03-18 15:47:35 +00:00
securetty_types-mls - Update to upstream 2010-03-18 15:47:35 +00:00
securetty_types-targeted - Update to upstream 2010-03-18 15:47:35 +00:00
selinux-factory-reset Do a factory reset when there's no policy.kern file in a store 2016-09-15 13:51:31 +02:00
selinux-factory-reset@.service Do a factory reset when there's no policy.kern file in a store 2016-09-15 13:51:31 +02:00
selinux-policy.conf We need to setcheckreqprot to 0 for security purposes 2015-04-16 14:00:38 -04:00
selinux-policy.spec * Sun Mar 25 2018 Lukas Vrabec <lvrabec@redhat.com> - 3.14.2-9 2018-03-25 01:02:58 +01:00
setrans-minimum.conf - Update to Latest upstream 2009-03-03 20:10:30 +00:00
setrans-mls.conf - Multiple policy fixes 2006-09-19 14:59:46 +00:00
setrans-targeted.conf - Update to Latest upstream 2009-03-03 20:10:30 +00:00
seusers - Fix cron jobs to run under the correct context 2006-09-21 23:05:49 +00:00
sources * Sun Mar 25 2018 Lukas Vrabec <lvrabec@redhat.com> - 3.14.2-9 2018-03-25 01:02:58 +01:00
users-minimum - Move users file to selection by spec file. 2010-01-12 13:36:10 +00:00
users-mls - Move users file to selection by spec file. 2010-01-11 22:06:55 +00:00
users-targeted - Move users file to selection by spec file. 2010-01-12 13:36:10 +00:00