SELinux policy configuration
ba0eef5c75
- Add few interfaces to cloudform.if file - Label /var/run/corosync-qnetd and /var/run/corosync-qdevice as cluster_var_run_t. Note: corosync policy is now par of rhcs module - Allow krb5kdc_t to read krb4kdc_conf_t dirs. - Update networkmanager_filetrans_named_content() interface to allow source domain to create also temad dir in /var/run. - Make confined users working again - Fix hypervkvp module - Allow ipmievd domain to create lock files in /var/lock/subsys/ - Update policy for ipmievd daemon. Contain: Allowing reading sysfs, passwd,kernel modules Execuring bin_t,insmod_t - A new version of cloud-init that supports the effort to provision RHEL Atomic on Microsoft Azure requires some a new rules that allows dhclient/dhclient hooks to call cloud-init. - Allow systemd to stop systemd-machined daemon. This allows stop virtual machines. - Label /usr/libexec/iptables/iptables.init as iptables_exec_t Allow iptables creating lock file in /var/lock/subsys/ |
||
|---|---|---|
| .gitignore | ||
| booleans-minimum.conf | ||
| booleans-mls.conf | ||
| booleans-targeted.conf | ||
| booleans.subs_dist | ||
| config.tgz | ||
| COPYING | ||
| customizable_types | ||
| docker-selinux.tgz | ||
| file_contexts.subs_dist | ||
| make-rhat-patches.sh | ||
| Makefile | ||
| Makefile.devel | ||
| modules-minimum.conf | ||
| modules-mls-base.conf | ||
| modules-mls-contrib.conf | ||
| modules-targeted-base.conf | ||
| modules-targeted-contrib.conf | ||
| modules-targeted.conf | ||
| permissivedomains.cil | ||
| policy-rawhide-base-cockpit.patch | ||
| policy-rawhide-base.patch | ||
| policy-rawhide-contrib.patch | ||
| securetty_types-minimum | ||
| securetty_types-mls | ||
| securetty_types-targeted | ||
| selinux-policy.conf | ||
| selinux-policy.spec | ||
| setrans-minimum.conf | ||
| setrans-mls.conf | ||
| setrans-targeted.conf | ||
| seusers | ||
| sources | ||
| users-minimum | ||
| users-mls | ||
| users-targeted | ||