rpms/selinux-policy
7
0
Fork 0
Code Issues Pull Requests Releases Activity
SELinux policy configuration
5,758 Commits 8 Branches 96 Tags 37 MiB
Shell 100%
9364159b18
Go to file
Lukas Vrabec 9364159b18
* Thu May 24 2018 Lukas Vrabec <lvrabec@redhat.com> - 3.14.2-20 
- Allow tangd_t domain to create tcp sockets and add new interface tangd_read_db_files
- Allow mailman_mail_t domain to search for apache configs
- Allow mailman_cgi_t domain to ioctl an httpd with a unix domain stream sockets.
- Improve procmail_domtrans() to allow mmaping procmail_exec_t
- Allow ptrace arbitrary processes
- Allow jabberd_router_t domain read kerberos keytabs BZ(1573945)
- Allow certmonger to geattr of filesystems BZ(1578755)
- Update dev_map_xserver_misc interface to allo mmaping char devices instead of files
- Allow noatsecure permission for all domain transitions from systemd.
- Allow systemd to read tangd db files
- Fix typo in ssh.if file
- Allow xdm_t domain to mmap xserver_misc_device_t files
- Allow xdm_t domain to execute systemd-coredump binary
- Add bridge_socket, dccp_socket, ib_socket and mpls_socket to socket_class_set
- Improve modutils_domtrans_insmod() interface to mmap insmod_exec_t binaries
- Improve iptables_domtrans() interface to allow mmaping iptables_exec_t binary
- Improve auth_domtrans_login_programinterface to allow also mmap login_exec_t binaries
- Improve auth_domtrans_chk_passwd() interface to allow also mmaping chkpwd_exec_t binaries.
- Allow mmap dhcpc_exec_t binaries in sysnet_domtrans_dhcpc interface
- Improve running xorg with proper SELinux domain even if systemd security feature NoNewPrivileges is used
2018-05-24 16:07:11 +02:00
.gitignore * Thu May 24 2018 Lukas Vrabec <lvrabec@redhat.com> - 3.14.2-20 2018-05-24 16:07:11 +02:00
booleans-minimum.conf Remove ftp_home_dir boolean from distgit 2016-04-26 14:04:52 +02:00
booleans-mls.conf Make rawhide == f18 2012-12-17 17:21:00 +01:00
booleans-targeted.conf Switch default value of SELinux boolean httpd_graceful_shutdown to off. 2017-10-03 14:17:18 +02:00
booleans.subs_dist subs virt_sandbox_use_nfs by virt_use_nfs 2016-07-16 17:52:41 +02:00
config.tgz Update /etc/selinux/targeted/contexts/lxc_contexts file. https://github.com/fedora-selinux/selinux-policy/pull/166 2016-10-11 14:15:16 +02:00
COPYING remove extra level of directory 2006-07-12 20:32:27 +00:00
customizable_types * Mon Oct 17 2016 Miroslav Grepl <mgrepl@redhat.com> - 3.13.1-221 2016-10-17 20:52:01 +02:00
file_contexts.subs_dist Fedora Atomic host using for temp files /sysroot/tmp patch, we should label same as /tmp adding file context equivalence BZ(1559531) 2018-03-26 15:47:43 +02:00
make-rhat-patches.sh Commit removes big SELinux policy patches against tresys refpolicy. 2018-01-08 18:28:27 +01:00
Makefile * Mon Jan 08 2018 Lukas Vrabec <lvrabec@redhat.com> - 3.13.1-310 2018-01-08 12:28:09 +01:00
Makefile.devel Hard code to MLSENABLED 2011-08-22 16:30:20 -04:00
modules-minimum.conf - More access needed for devicekit 2010-08-30 11:58:36 -04:00
modules-mls-base.conf Add fixes for selinux-policy packages to reflect the latest changes related to policy module store migration. 2015-07-16 09:10:21 +02:00
modules-mls-contrib.conf Add fixes for selinux-policy packages to reflect the latest changes related to policy module store migration. 2015-07-16 09:10:21 +02:00
modules-targeted-base.conf Activate kdbus.pp 2015-08-03 17:47:45 +02:00
modules-targeted-contrib.conf Make tangd policy active 2018-04-25 11:01:01 +02:00
modules-targeted.conf We should not build vbetool anylonger 2014-10-12 07:15:24 -04:00
permissivedomains.cil Make tangd policy active 2018-04-25 11:01:01 +02:00
rpm.macros Update selinux policy macros to reflect the latest changes in 2018-04-25 21:48:43 +02:00
securetty_types-minimum - Update to upstream 2010-03-18 15:47:35 +00:00
securetty_types-mls - Update to upstream 2010-03-18 15:47:35 +00:00
securetty_types-targeted - Update to upstream 2010-03-18 15:47:35 +00:00
selinux-factory-reset Do a factory reset when there's no policy.kern file in a store 2016-09-15 13:51:31 +02:00
selinux-factory-reset@.service Do a factory reset when there's no policy.kern file in a store 2016-09-15 13:51:31 +02:00
selinux-policy.conf We need to setcheckreqprot to 0 for security purposes 2015-04-16 14:00:38 -04:00
selinux-policy.spec * Thu May 24 2018 Lukas Vrabec <lvrabec@redhat.com> - 3.14.2-20 2018-05-24 16:07:11 +02:00
setrans-minimum.conf - Update to Latest upstream 2009-03-03 20:10:30 +00:00
setrans-mls.conf - Multiple policy fixes 2006-09-19 14:59:46 +00:00
setrans-targeted.conf - Update to Latest upstream 2009-03-03 20:10:30 +00:00
seusers - Fix cron jobs to run under the correct context 2006-09-21 23:05:49 +00:00
sources * Thu May 24 2018 Lukas Vrabec <lvrabec@redhat.com> - 3.14.2-20 2018-05-24 16:07:11 +02:00
users-minimum - Move users file to selection by spec file. 2010-01-12 13:36:10 +00:00
users-mls - Move users file to selection by spec file. 2010-01-11 22:06:55 +00:00
users-targeted - Move users file to selection by spec file. 2010-01-12 13:36:10 +00:00