system environment/base

selinux-policy - SELinux policy configuration

Website: http://github.com/TresysTechnology/refpolicy/wiki
License: GPLv2+
Vendor: Fedora Project
Description:
SELinux Base package for SELinux Reference Policy - modular.
Based off of reference policy: Checked out revision  2.20091117

Packages

selinux-policy-3.13.1-191.24.fc24.noarch [477 KiB] Changelog by Lukas Vrabec (2017-01-08):
- Allow thumb domain sendto via dgram sockets. BZ(1398813)
- Add condor_procd_t domain sys_ptrace cap_userns BZ(1411077)
- Allow cobbler domain to create netlink_audit sockets BZ(1384600)
- Allow networkmanager to manage networkmanager_var_lib_t lnk files BZ(1408626)
- Add dhcpd_t domain fowner capability BZ(1409963)
- Allow thumb to create netlink_kobject_uevent sockets. BZ(1410942)
- Fixes for containers
- Allow virt domain to use interited virtlogd domains fifo_file
- Allow glusterd_t to bind on glusterd_port_t udp ports.
- Revert "Allow glusterd_t to bind on med_tlp port."
- Allow glusterd_t to bind on med_tlp port.
- Update ctdbd_t policy to reflect all changes.
- Allow ctdbd_t domain transition to rpcd_t
- Allow zabbix_agent_t domain setrlimit BZ(1349998)
- Allow pptp_t to read /dev/random BZ(1404248)
- Allow glusterd_t send signals to userdomain. Label new glusterd binaries as glusterd_exec_t
- Allow systemd to stop glusterd_t domains.
- Allow setfiles_t domain rw inherited kdumpctl tmp pipes BZ(1356456)
- Allow user_t run systemctl --user BZ(1401625)
- Revert "Label tcp port 24009 as med_tlp_port_t"
- Label tcp port 24009 as med_tlp_port_t
- Allow systemd_gpt_generator_t to read efivarfs files. BZ(1403909)
- Label /usr/sbin/sln as ldconfig_exec_t BZ(1378323)
selinux-policy-3.13.1-191.23.fc24.noarch [475 KiB] Changelog by Lukas Vrabec (2016-12-05):
- Fix some boolean descriptions.
- Allow puppetagent_t to access timedated dbus
- Dontaudit logrotate_t to getattr nsfs_t BZ(1399081)
- Allow systemd to read efivarfs. Resolve: #121
- Update logging_create_devlog_dev() interface to allow calling domain create also sock_file dev-log. BZ(1393774)
- Add interface  dev_manage_sysfs()
- Allow systemd create /dev/log in own mount-namespace. BZ(1383867)
- Add interface fs_dontaudit_getattr_nsfs_files()

Listing created by Repoview-0.6.6-4.el7