rpms/selinux-policy
5
0
Fork 0
Code Issues Pull Requests Releases Activity
SELinux policy configuration
5,519 Commits 9 Branches 108 Tags 34 MiB
Shell 100%
1ad8909907
Go to file
Lukas Vrabec 1ad8909907 * Mon Jul 11 2016 Lukas Vrabec <lvrabec@redhat.com> 3.13.1-201 
- Allow lttng tools to block suspending
- Allow creation of vpnaas in openstack
- remove rules with compromised_kernel permission
- Allow dnssec-trigger to chat with NetworkManager over DBUS BZ(1350100)
- Allow virtual machines to rw infiniband devices. Resolves: rhbz#1210263
- Update makefile to support snapperd_contexts file
- Remove compromize_kernel permission Remove unused mac_admin permission Add undefined system permission
- Remove duplicate declaration of class service
- Fix typo in access_vectors file
- Merge branch 'rawhide-base-modules-load' into rawhide-base
- Add new policy for systemd-modules-load
- Add systemd access vectors.
- Revert "Revert "Revert "Missed this version of exec_all"""
- Revert "Revert "Missed this version of exec_all""
- Revert "Missed this version of exec_all"
- Revert "Revert "Fix name of capability2 secure_firmware->compromise_kernel"" BZ(1351624) This reverts commit 3e0e7e70de481589440f3f79cccff08d6e62f644.
- Revert "Fix name of capability2 secure_firmware->compromise_kernel" BZ(1351624) This reverts commit 7a0348a2d167a72c8ab8974a1b0fc33407f72c48.
- Revert "Allow xserver to compromise_kernel access"BZ(1351624)
- Revert "Allow anyone who can load a kernel module to compromise_kernel"BZ(1351624)
- Revert "add ptrace_child access to process" (BZ1351624)
- Add user namespace capability object classes.
- Allow udev to manage systemd-hwdb files
- Add interface systemd_hwdb_manage_config()
- Fix paths to infiniband devices. This allows use more then two infiniband interfaces.
- corecmd: Remove fcontext for /etc/sysconfig/libvirtd
- iptables: add fcontext for nftables
2016-07-11 16:49:35 +02:00
.gitignore - Update to upstream 2011-01-17 18:42:12 +00:00
booleans-minimum.conf Remove ftp_home_dir boolean from distgit 2016-04-26 14:04:52 +02:00
booleans-mls.conf Make rawhide == f18 2012-12-17 17:21:00 +01:00
booleans-targeted.conf Set default value as true in boolean mozilla_plugin_can_network_connect. 2015-11-27 16:21:05 +01:00
booleans.subs_dist * Tue Apr 8 2014 Miroslav Grepl<mgrepl@redhat.com> 3.13.1-45 2014-04-08 11:35:12 +02:00
config.tgz Update config.tgz file by adding snapperd_contexts file to the policy 2016-07-11 13:45:58 +02:00
COPYING remove extra level of directory 2006-07-12 20:32:27 +00:00
customizable_types svirt_sandbox_file_t should be in customizable_types 2014-04-11 15:09:33 -04:00
docker-selinux.tgz * Mon Jul 11 2016 Lukas Vrabec <lvrabec@redhat.com> 3.13.1-201 2016-07-11 16:49:35 +02:00
file_contexts.subs_dist Label genrator.late correctly 2014-09-21 07:36:03 -04:00
make-rhat-patches.sh Fix make-rhel-patches script, docker-selinux policy files are in master branch so checkout to another branch is no more needed. 2016-03-08 15:38:07 +01:00
Makefile - Add sepgsql_contexts file 2011-01-18 10:28:56 +00:00
Makefile.devel Hard code to MLSENABLED 2011-08-22 16:30:20 -04:00
modules-minimum.conf - More access needed for devicekit 2010-08-30 11:58:36 -04:00
modules-mls-base.conf Add fixes for selinux-policy packages to reflect the latest changes related to policy module store migration. 2015-07-16 09:10:21 +02:00
modules-mls-contrib.conf Add fixes for selinux-policy packages to reflect the latest changes related to policy module store migration. 2015-07-16 09:10:21 +02:00
modules-targeted-base.conf Activate kdbus.pp 2015-08-03 17:47:45 +02:00
modules-targeted-contrib.conf Make sbd SELinux module active 2016-07-05 13:50:18 +02:00
modules-targeted.conf We should not build vbetool anylonger 2014-10-12 07:15:24 -04:00
permissivedomains.cil Make systemd_resolved_t as permissive domain. 2016-03-10 12:39:39 +01:00
policy-rawhide-base-cockpit.patch - Allow systemd-networkd to be running as dhcp client. 2014-10-17 10:12:44 +02:00
policy-rawhide-base.patch * Mon Jul 11 2016 Lukas Vrabec <lvrabec@redhat.com> 3.13.1-201 2016-07-11 16:49:35 +02:00
policy-rawhide-contrib.patch * Mon Jul 11 2016 Lukas Vrabec <lvrabec@redhat.com> 3.13.1-201 2016-07-11 16:49:35 +02:00
securetty_types-minimum - Update to upstream 2010-03-18 15:47:35 +00:00
securetty_types-mls - Update to upstream 2010-03-18 15:47:35 +00:00
securetty_types-targeted - Update to upstream 2010-03-18 15:47:35 +00:00
selinux-policy.conf We need to setcheckreqprot to 0 for security purposes 2015-04-16 14:00:38 -04:00
selinux-policy.spec * Mon Jul 11 2016 Lukas Vrabec <lvrabec@redhat.com> 3.13.1-201 2016-07-11 16:49:35 +02:00
setrans-minimum.conf - Update to Latest upstream 2009-03-03 20:10:30 +00:00
setrans-mls.conf - Multiple policy fixes 2006-09-19 14:59:46 +00:00
setrans-targeted.conf - Update to Latest upstream 2009-03-03 20:10:30 +00:00
seusers - Fix cron jobs to run under the correct context 2006-09-21 23:05:49 +00:00
sources Fix config.tgz to include lxc_contexts and systemd_contexts 2013-11-14 11:05:22 -05:00
users-minimum - Move users file to selection by spec file. 2010-01-12 13:36:10 +00:00
users-mls - Move users file to selection by spec file. 2010-01-11 22:06:55 +00:00
users-targeted - Move users file to selection by spec file. 2010-01-12 13:36:10 +00:00