Fedora Packages

selinux-policy-minimum-39.6-1.fc39 in Fedora 39

↵ Return to the main page of selinux-policy-minimum
View build
Search for updates

Package Info
🠗 Changelog
🠗 Dependencies
🠗 Provides
🠗 Files

Changelog

Date Author Change
2024-04-23 Zdenek Pytela <zpytela at redhat dot com> - 39.6-1 - Allow smbd_t to watch user_home_dir_t if samba_enable_home_dirs is on - Allow auditd read all domains process state - Allow keyutils-dns-resolver connect to the system log service - dontaudit execmem for modemmanager - Dontaudit systemd-hwdb dac_override capability - Allow plymouthd log during shutdown - Allow journalctl_t read filesystem sysctls - Replace init domtrans rule for confined users to allow exec init - Allow sulogin relabel tty1 - Dontaudit sulogin the checkpoint_restore capability - Allow wireguard work with firewall-cmd
2024-02-27 Zdenek Pytela <zpytela at redhat dot com> - 39.5-1 - Allow userdomain get attributes of files on an nsfs filesystem - Allow login_userdomain map files in /var - Update ssh_role_template() for user ssh-agent type - Dontaudit getty and plymouth the checkpoint_restore capability - Allow sendmail MTA connect to sendmail LDA - Allow system_mail_t manage exim spool files and dirs
2024-01-25 Zdenek Pytela <zpytela at redhat dot com> - 39.4-1 - Allow collectd read raw fixed disk device - Allow collectd read udev pid files - Allow httpd work with PrivateTmp - Allow certmonger read network sysctls - Allow systemd-sleep set attributes of efivarfs files - Allow spamd_update_t the sys_ptrace capability in user namespace - Allow alsa get attributes filesystems with extended attributes - Allow systemd-sleep send a message to syslog over a unix dgram socket
2023-12-15 Zdenek Pytela <zpytela at redhat dot com> - 39.3-1 - Allow init create and use vsock sockets - Allow ddclient send e-mail notifications - Allow postfix_master_t map postfix data files - Allow thumb_t append to init unix domain stream sockets - Allow spamd_update_t read hardware state information - Allow systemd-sleep create efivarfs files
2023-11-14 Zdenek Pytela <zpytela at redhat dot com> - 39.2-1 - Allow graphical applications work in Wayland - Allow map xserver_tmpfs_t files when xserver_clients_write_xshm is on - Allow kdump work with PrivateTmp - Allow dovecot-auth work with PrivateTmp - Allow nfsd get attributes of all filesystems - Allow fido-device-onboard (FDO) read the crack database - Allow winbind_rpcd_t processes access when samba_export_all_* is on - Allow ntp to bind and connect to ntske port. - Allow apcupsd cgi scripts read /sys - Allow rpcbind read network sysctls
2023-11-02 Zdenek Pytela <zpytela at redhat dot com> - 39.1-1 - Support using systemd containers - Allow kernel_t to manage and relabel all files - Add missing optional_policy() to files_relabel_all_files() - Improve default file context(None) of /var/lib/authselect/backups - Allow targetd write to the syslog pid sock_file - Add ipa_pki_retrieve_key_exec() interface - Allow kdumpctl_t to list all directories with a filesystem type - Allow udev additional permissions - Allow udev load kernel module - Allow sysadm_t to mmap modules_object_t files - Add the unconfined_read_files() and unconfined_list_dirs() interfaces - Set default file context of HOME_DIR/tmp/.* to <<none>> - Allow kernel_generic_helper_t to execute mount(1)
2023-10-02 Zdenek Pytela <zpytela at redhat dot com> - 38.29-1 - Allow sssd send SIGKILL to passkey_child running in ipa_otpd_t - Allow systemd-localed create Xserver config dirs - Allow sssd read symlinks in /etc/sssd - Label /dev/gnss[0-9] with gnss_device_t - Allow systemd-sleep read/write efivarfs variables - ci: Fix version number of packit generated srpms - Dontaudit rhsmcertd write memory device - Allow ssh_agent_type create a sockfile in /run/user/USERID - Set default file context of /var/lib/authselect/backups to <<none>> - Allow prosody read network sysctls - Allow cupsd_t to use bpf capability
2023-09-15 Zdenek Pytela <zpytela at redhat dot com> - 38.28-1 - Allow sssd domain transition on passkey_child execution conditionally - Allow login_userdomain watch lnk_files in /usr - Allow login_userdomain watch video4linux devices - Change systemd-network-generator transition to include class file - Revert "Change file transition for systemd-network-generator" - Allow nm-dispatcher winbind plugin read/write samba var files - Allow systemd-networkd write to cgroup files - Allow kdump create and use its memfd: objects
2023-08-31 Zdenek Pytela <zpytela at redhat dot com> - 38.27-1 - Allow fedora-third-party get generic filesystem attributes - Allow sssd use usb devices conditionally - Update policy for qatlib - Allow ssh_agent_type manage generic cache home files - Update make-rhat-patches.sh file to use the f39 dist-git branch in F39
2023-08-24 Zdenek Pytela <zpytela at redhat dot com> - 38.26-1 - Change file transition for systemd-network-generator - Additional support for gnome-initial-setup - Update gnome-initial-setup policy for geoclue - Allow openconnect vpn open vhost net device - Allow cifs.upcall to connect to SSSD also through the /var/run socket - Grant cifs.upcall more required capabilities - Allow xenstored map xenfs files - Update policy for fdo - Allow keepalived watch var_run dirs - Allow svirt to rw /dev/udmabuf - Allow qatlib to modify hardware state information. - Allow key.dns_resolve connect to avahi over a unix stream socket - Allow key.dns_resolve create and use unix datagram socket - Use quay.io as the container image source for CI

Dependencies

Provides

  • config(selinux-policy-minimum)
  • selinux-policy-any
  • selinux-policy-minimum

Files


Sources on Pagure