SELinux policy configuration
Go to file
Lukas Vrabec 1ba0a986f6 * Tue Aug 18 2015 Lukas Vrabec <lvrabec@redhat.com> 3.13.1-142
- Allow samba_net_t to manage samba_var_t sock files.
- Allow httpd daemon to manage httpd_var_lib_t lnk_files.
- Allow collectd stream connect to pdns.(BZ #1191044)
- Add interface pdns_stream_connect()
- Merge branch 'rawhide-contrib' of github.com:fedora-selinux/selinux-policy into rawhide-contrib
- Allow chronyd exec systemctl
- Merge pull request #30 from vmojzis/rawhide-contrib
- Hsqldb policy upgrade -Allow sock_file management
- Add inteface chronyd_signal Allow timemaster_t send generic signals to chronyd_t.
- Hsqldb policy upgrade.  -Disallow hsqldb_tmp_t link_file management
- Hsqldb policy upgrade:  -Remove tmp link_file transition  -Add policy summary  -Remove redundant parameter for "hsqldb_admin" interface
- Label /var/run/chrony-helper dir as chronyd_var_run_t.
- Allow lldpad_t to getattr tmpfs_t. Label /dev/shm/lldpad.* as lldapd_tmpfs_t
- Fix label on /var/tmp/kiprop_0
- Add mountpoint dontaudit access check in rhsmcertd policy.
- Allow pcp_domain to manage pcp_var_lib_t lnk_files.
- Allow chronyd to execute mkdir command.
- Allow chronyd_t to read dhcpc state.
- Label /usr/libexec/chrony-helper as chronyd_exec_t
- Allow openhpid liboa_soap plugin to read resolv.conf file.
- Allow openhpid liboa_soap plugin to read generic certs.
- Allow openhpid use libwatchdog plugin. (Allow openhpid_t rw watchdog device)
- Allow logrotate to reload services.
- Allow apcupsd_t to read /sys/devices
- Allow kpropd to connect to kropd tcp port.
- Allow systemd_networkd to send logs to syslog.
- Added interface fs_dontaudit_write_configfs_dirs
- Allow audisp client to read system state.
- Label /var/run/xtables.lock as iptables_var_run_t.
-  Add labels for /dev/memory_bandwith and /dev/vhci. Thanks ssekidde
- Add interface to read/write watchdog device.
- Add transition rule for iptables_var_lib_t
2015-08-18 10:39:06 +02:00
.gitignore - Update to upstream 2011-01-17 18:42:12 +00:00
booleans-minimum.conf - Turn on execstack on a temporary basis (#512845) 2009-08-07 19:36:54 +00:00
booleans-mls.conf Make rawhide == f18 2012-12-17 17:21:00 +01:00
booleans-targeted.conf Make rawhide == f18 2012-12-17 17:21:00 +01:00
booleans.subs_dist * Tue Apr 8 2014 Miroslav Grepl<mgrepl@redhat.com> 3.13.1-45 2014-04-08 11:35:12 +02:00
config.tgz Add /etc/selinux/targeted/contexts/openssh_contexts 2015-01-03 08:44:45 -05:00
COPYING remove extra level of directory 2006-07-12 20:32:27 +00:00
customizable_types svirt_sandbox_file_t should be in customizable_types 2014-04-11 15:09:33 -04:00
file_contexts.subs_dist Label genrator.late correctly 2014-09-21 07:36:03 -04:00
Makefile - Add sepgsql_contexts file 2011-01-18 10:28:56 +00:00
Makefile.devel Hard code to MLSENABLED 2011-08-22 16:30:20 -04:00
manpages_html.tgz Fix for Replace generating man/html pages with pages from actual build. This is due to broken userspace with python3 in F23/Rawhide. Please Revert when userspace will be fixed. 2015-08-04 00:25:37 +02:00
manpages_man.tgz Fix for Replace generating man/html pages with pages from actual build. This is due to broken userspace with python3 in F23/Rawhide. Please Revert when userspace will be fixed. 2015-08-04 00:25:37 +02:00
modules-minimum.conf - More access needed for devicekit 2010-08-30 11:58:36 -04:00
modules-mls-base.conf Add fixes for selinux-policy packages to reflect the latest changes related to policy module store migration. 2015-07-16 09:10:21 +02:00
modules-mls-contrib.conf Add fixes for selinux-policy packages to reflect the latest changes related to policy module store migration. 2015-07-16 09:10:21 +02:00
modules-targeted-base.conf Activate kdbus.pp 2015-08-03 17:47:45 +02:00
modules-targeted-contrib.conf Activate new hsqldb policy. 2015-08-17 15:05:14 +02:00
modules-targeted.conf We should not build vbetool anylonger 2014-10-12 07:15:24 -04:00
permissivedomains.fc Add permissivedomains module 2012-06-06 15:26:24 +02:00
permissivedomains.if Add permissivedomains module 2012-06-06 15:26:24 +02:00
permissivedomains.pp Revert "Add pdns to permissivedomains policy." 2015-07-28 18:03:18 +02:00
permissivedomains.te Revert "Add pdns to permissivedomains policy." 2015-07-28 18:03:18 +02:00
policy-rawhide-base-cockpit.patch - Allow systemd-networkd to be running as dhcp client. 2014-10-17 10:12:44 +02:00
policy-rawhide-base.patch * Tue Aug 18 2015 Lukas Vrabec <lvrabec@redhat.com> 3.13.1-142 2015-08-18 10:39:06 +02:00
policy-rawhide-contrib.patch * Tue Aug 18 2015 Lukas Vrabec <lvrabec@redhat.com> 3.13.1-142 2015-08-18 10:39:06 +02:00
securetty_types-minimum - Update to upstream 2010-03-18 15:47:35 +00:00
securetty_types-mls - Update to upstream 2010-03-18 15:47:35 +00:00
securetty_types-targeted - Update to upstream 2010-03-18 15:47:35 +00:00
selinux-policy.conf We need to setcheckreqprot to 0 for security purposes 2015-04-16 14:00:38 -04:00
selinux-policy.spec * Tue Aug 18 2015 Lukas Vrabec <lvrabec@redhat.com> 3.13.1-142 2015-08-18 10:39:06 +02:00
setrans-minimum.conf - Update to Latest upstream 2009-03-03 20:10:30 +00:00
setrans-mls.conf - Multiple policy fixes 2006-09-19 14:59:46 +00:00
setrans-targeted.conf - Update to Latest upstream 2009-03-03 20:10:30 +00:00
seusers - Fix cron jobs to run under the correct context 2006-09-21 23:05:49 +00:00
sources Fix config.tgz to include lxc_contexts and systemd_contexts 2013-11-14 11:05:22 -05:00
users-minimum - Move users file to selection by spec file. 2010-01-12 13:36:10 +00:00
users-mls - Move users file to selection by spec file. 2010-01-11 22:06:55 +00:00
users-targeted - Move users file to selection by spec file. 2010-01-12 13:36:10 +00:00