SELinux policy configuration
e5e6b1ee54
- Add fixes for selinux-policy packages to reflect the latest changes related to policy module store migration. - Prepare selinux-policy package for SELinux store migration - gnome_dontaudit_search_config() needs to be a part of optinal_policy in pegasus.te - Allow glusterd to manage nfsd and rpcd services. - Allow smbd_t and nmbd_t to manage winbind_var_run_t files/socktes/dirs. - Add samba_manage_winbind_pid() interface - Allow networkmanager to communicate via dbus with systemd_hostanmed. - Allow stream connect logrotate to prosody. - Add prosody_stream_connect() interface. - httpd should be able to send signal/signull to httpd_suexec_t, instead of httpd_suexec_exec_t. - Allow prosody to create own tmp files/dirs. - Allow keepalived request kernel load module - kadmind should not read generic files in /usr - Allow kadmind_t access to /etc/krb5.keytab - Add more fixes to kerberos.te - Add labeling for /var/tmp/kadmin_0 and /var/tmp/kiprop_0 - Add lsmd_t to nsswitch_domain. - Allow pegasus_openlmi_storage_t create mdadm.conf.anacbak file in /etc. - Add fixes to pegasus_openlmi_domain - Allow Glance Scrubber to connect to commplex_main port - Allow RabbitMQ to connect to amqp port - Allow isnsd read access on the file /proc/net/unix - Allow qpidd access to /proc/<pid>/net/psched - Allow openshift_initrc_t to communicate with firewalld over dbus. - Allow ctdbd_t send signull to samba_unconfined_net_t. - Add samba_signull_unconfined_net() - Add samba_signull_winbind() - Revert "Add interfaces winbind_signull(), samba_unconfined_net_signull()." - Fix ctdb policy - Label /var/db/ as system_db_t. |
||
|---|---|---|
| .gitignore | ||
| booleans-minimum.conf | ||
| booleans-mls.conf | ||
| booleans-targeted.conf | ||
| booleans.subs_dist | ||
| config.tgz | ||
| COPYING | ||
| customizable_types | ||
| file_contexts.subs_dist | ||
| Makefile | ||
| Makefile.devel | ||
| modules-minimum.conf | ||
| modules-mls-base.conf | ||
| modules-mls-contrib.conf | ||
| modules-targeted-base.conf | ||
| modules-targeted-contrib.conf | ||
| modules-targeted.conf | ||
| permissivedomains.fc | ||
| permissivedomains.if | ||
| permissivedomains.pp | ||
| permissivedomains.te | ||
| policy-rawhide-base-cockpit.patch | ||
| policy-rawhide-base.patch | ||
| policy-rawhide-contrib.patch | ||
| securetty_types-minimum | ||
| securetty_types-mls | ||
| securetty_types-targeted | ||
| selinux-policy.conf | ||
| selinux-policy.spec | ||
| setrans-minimum.conf | ||
| setrans-mls.conf | ||
| setrans-targeted.conf | ||
| seusers | ||
| sources | ||
| users-minimum | ||
| users-mls | ||
| users-targeted | ||