rpms
/
selinux-policy
7
0
Fork 0
Code Issues Pull Requests Releases Activity
SELinux policy configuration
5,735 Commits 8 Branches 90 Tags 36 MiB
Shell 100%
Go to file
Lukas Vrabec 529a517a7a
* Mon Mar 12 2018 Lukas Vrabec <lvrabec@redhat.com> - 3.14.2-5 
- Allow bluetooth_t domain to create alg_socket BZ(1554410)
- Allow tor_t domain to execute bin_t files BZ(1496274)
- Allow iscsid_t domain to mmap kernel modules BZ(1553759)
- Update minidlna SELinux policy BZ(1554087)
- Allow motion_t domain to read sysfs_t files BZ(1554142)
- Allow snapperd_t domain to getattr on all files,dirs,sockets,pipes BZ(1551738)
- Allow l2tp_t domain to read ipsec config files BZ(1545348)
- Allow colord_t to mmap home user files BZ(1551033)
- Dontaudit httpd_t creating kobject uevent sockets BZ(1552536)
- Allow ipmievd_t to mmap kernel modules BZ(1552535)
- Allow boinc_t domain to read cgroup files BZ(1468381)
- Backport allow rules from refpolicy upstream repo
- Allow gpg_t domain to bind on all unereserved udp ports
- Allow systemd to create systemd_rfkill_var_lib_t dirs BZ(1502164)
- Allow netlabel_mgmt_t domain to read sssd public files, stream connect to sssd_t BZ(1483655)
- Allow xdm_t domain to sys_ptrace BZ(1554150)
- Allow application_domain_type also mmap inherited user temp files BZ(1552765)
- Update ipsec_read_config() interface
- Fix broken sysadm SELinux module
- Allow ipsec_t to search for bind cache BZ(1542746)
- Allow staff_t to send sigkill to mount_t domain BZ(1544272)
- Label /run/systemd/resolve/stub-resolv.conf as net_conf_t BZ(1471545)
- Label ip6tables.init as iptables_exec_t BZ(1551463)
- Allow hostname_t to use usb ttys BZ(1542903)
- Add fsetid capability to updpwd_t domain BZ(1543375)
- Allow systemd machined send signal to all domains BZ(1372644)
- Dontaudit create netlink selinux sockets for unpriv SELinux users BZ(1547876)
- Allow sysadm_t to create netlink generic sockets BZ(1547874)
- Allow passwd_t domain chroot
- Dontaudit confined unpriviliged users setuid capability
 		2018-03-12 17:20:32 +01:00
.gitignore * Mon Mar 12 2018 Lukas Vrabec <lvrabec@redhat.com> - 3.14.2-5 2018-03-12 17:20:32 +01:00
COPYING remove extra level of directory 2006-07-12 20:32:27 +00:00
Makefile * Mon Jan 08 2018 Lukas Vrabec <lvrabec@redhat.com> - 3.13.1-310 2018-01-08 12:28:09 +01:00
Makefile.devel Hard code to MLSENABLED 2011-08-22 16:30:20 -04:00
booleans-minimum.conf Remove ftp_home_dir boolean from distgit 2016-04-26 14:04:52 +02:00
booleans-mls.conf Make rawhide == f18 2012-12-17 17:21:00 +01:00
booleans-targeted.conf Switch default value of SELinux boolean httpd_graceful_shutdown to off. 2017-10-03 14:17:18 +02:00
booleans.subs_dist subs virt_sandbox_use_nfs by virt_use_nfs 2016-07-16 17:52:41 +02:00
config.tgz Update /etc/selinux/targeted/contexts/lxc_contexts file. https://github.com/fedora-selinux/selinux-policy/pull/166 2016-10-11 14:15:16 +02:00
customizable_types * Mon Oct 17 2016 Miroslav Grepl <mgrepl@redhat.com> - 3.13.1-221 2016-10-17 20:52:01 +02:00
file_contexts.subs_dist Add label for /sbin symlink 2017-03-02 17:56:48 +01:00
make-rhat-patches.sh Commit removes big SELinux policy patches against tresys refpolicy. 2018-01-08 18:28:27 +01:00
modules-minimum.conf - More access needed for devicekit 2010-08-30 11:58:36 -04:00
modules-mls-base.conf Add fixes for selinux-policy packages to reflect the latest changes related to policy module store migration. 2015-07-16 09:10:21 +02:00
modules-mls-contrib.conf Add fixes for selinux-policy packages to reflect the latest changes related to policy module store migration. 2015-07-16 09:10:21 +02:00
modules-targeted-base.conf Activate kdbus.pp 2015-08-03 17:47:45 +02:00
modules-targeted-contrib.conf Remove ganesha module from active modules 2017-12-06 10:11:13 +01:00
modules-targeted.conf We should not build vbetool anylonger 2014-10-12 07:15:24 -04:00
permissivedomains.cil Remove all permissive domains, all domains looks stable 2017-09-22 12:24:43 +02:00
rpm.macros Updated rpm.macros 2018-02-05 17:01:34 +01:00
securetty_types-minimum - Update to upstream 2010-03-18 15:47:35 +00:00
securetty_types-mls - Update to upstream 2010-03-18 15:47:35 +00:00
securetty_types-targeted - Update to upstream 2010-03-18 15:47:35 +00:00
selinux-factory-reset Do a factory reset when there's no policy.kern file in a store 2016-09-15 13:51:31 +02:00
selinux-factory-reset@.service Do a factory reset when there's no policy.kern file in a store 2016-09-15 13:51:31 +02:00
selinux-policy.conf We need to setcheckreqprot to 0 for security purposes 2015-04-16 14:00:38 -04:00
selinux-policy.spec * Mon Mar 12 2018 Lukas Vrabec <lvrabec@redhat.com> - 3.14.2-5 2018-03-12 17:20:32 +01:00
setrans-minimum.conf - Update to Latest upstream 2009-03-03 20:10:30 +00:00
setrans-mls.conf - Multiple policy fixes 2006-09-19 14:59:46 +00:00
setrans-targeted.conf - Update to Latest upstream 2009-03-03 20:10:30 +00:00
seusers - Fix cron jobs to run under the correct context 2006-09-21 23:05:49 +00:00
sources * Mon Mar 12 2018 Lukas Vrabec <lvrabec@redhat.com> - 3.14.2-5 2018-03-12 17:20:32 +01:00
users-minimum - Move users file to selection by spec file. 2010-01-12 13:36:10 +00:00
users-mls - Move users file to selection by spec file. 2010-01-11 22:06:55 +00:00
users-targeted - Move users file to selection by spec file. 2010-01-12 13:36:10 +00:00