Fedora Packages

selinux-policy-mls-37.22-1.fc37 in Fedora 37

↵ Return to the main page of selinux-policy-mls
View build
Search for updates

Package Info
🠗 Changelog
🠗 Dependencies
🠗 Provides
🠗 Files

Changelog

Date Author Change
2023-06-29 Zdenek Pytela <zpytela at redhat dot com> - 37.22-1 - Allow exim read network sysctls - Allow kernel to manage its own BPF objects - Allow plymouthd read/write X server miscellaneous devices - Allow blueman send general signals to unprivileged user domains - Allow logwatch_mail_t read network sysctls
2023-05-15 Zdenek Pytela <zpytela at redhat dot com> - 37.21-2 - Trim changelog so that it starts at F36 time
2023-05-15 Zdenek Pytela <zpytela at redhat dot com> - 37.21-1 - Allow rpmdb_migrate execute rpmdb - Allow logrotate dbus chat with systemd-hostnamed - Allow modemmanager create hardware state information files - Allow ModemManager all permissions for netlink route socket - Add journalctl the sys_resource capability
2023-04-26 Zdenek Pytela <zpytela at redhat dot com> - 37.20-1 - Allow mongodb read filesystem sysctls - Allow mongodb read network sysctls - Allow blueman watch generic device dirs - Allow nm-dispatcher tlp plugin create tlp dirs - Allow systemd-coredump mounton /usr - Allow system_cronjob_t transition to rpm_script_t - Revert "Allow system_cronjob_t domtrans to rpm_script_t" - Allow systemd-resolved send a datagram to journald
2023-02-03 Zdenek Pytela <zpytela at redhat dot com> - 37.19-1 - Allow systemd-userdbd the sys_resource capability - Additional support for rpmdb_migrate - Allow nm-cloud-setup dispatcher plugin restart nm services - Dontaudit ftpd the execmem permission - Allow icecast rename its log files - Allow systemd-rfkill the bpf capability
2023-01-16 Zdenek Pytela <zpytela at redhat dot com> - 37.18-1 - Allow apcupsd dbus chat with systemd-logind - Allow nut_domain manage also files and sock_files in /var/run - Label /usr/lib/rpm/rpmdb_migrate with rpmdb_exec_t - Allow tlp read generic SSL certificates - Allow systemd-resolved watch tmpfs directories - Revert "Allow systemd-resolved watch tmpfs directories" - Allow stalld to read /sys/kernel/security/lockdown file
2022-12-19 Zdenek Pytela <zpytela at redhat dot com> - 37.17-1 - Allow gpsd the sys_ptrace userns capability - Introduce gpsd_tmp_t for sockfiles managed by gpsd_t - Allow ndc read hardware state information - Allow journalctl relabel with var_log_t and syslogd_var_run_t files - Allow systemd-resolved watch tmpfs directories - Allow systemd-timedated watch init runtime dir - donaudit virtlogd and dnsmasq execmem - Do not run restorecon /etc/NetworkManager/dispatcher.d in targeted - Trim changelog so that it starts at F35 time
2022-12-06 Zdenek Pytela <zpytela at redhat dot com> - 37.16-1 - Reuse tmpfs_t also for the ramfs filesystem - Allow spamc read hardware state information files - Dontaudit systemd-gpt-generator the sys_admin capability - Allow syslogd read network sysctls
2022-11-23 Zdenek Pytela <zpytela at redhat dot com> - 37.15-1 - Revert "Allow sysadm_t read raw memory devices" - Allow systemd-socket-proxyd get attributes of cgroup filesystems - Allow rpc.gssd read network sysctls - Allow winbind-rpcd get attributes of device and pty filesystems - Allow insights-client domain transition on semanage execution - Allow insights-client create gluster log dir with a transition - Allow insights-client manage generic locks - Allow insights-client unix_read all domain semaphores - Add domain_unix_read_all_semaphores() interface - Allow winbind-rpcd use the terminal multiplexor - Allow mrtg send mails - Allow systemd-hostnamed dbus chat with init scripts - Allow sssd dbus chat with system cronjobs - Add interface to watch all filesystems - Add watch_sb interfaces - Add watch interfaces - Allow dhcpd bpf capability to run bpf programs - Allow netutils and traceroute bpf capability to run bpf programs - Allow pkcs_slotd_t bpf capability to run bpf programs - Allow xdm bpf capability to run bpf programs - Allow pcscd bpf capability to run bpf programs - Allow lldpad bpf capability to run bpf programs - Allow keepalived bpf capability to run bpf programs - Allow ipsec bpf capability to run bpf programs - Allow fprintd bpf capability to run bpf programs - Allow systemd-socket-proxyd get filesystems attributes - Allow dirsrv_snmp_t to manage dirsrv_config_t & dirsrv_var_run_t files
2022-11-01 Zdenek Pytela <zpytela at redhat dot com> - 37.14-1 - Allow systemd-gpt-generator raw write to a fixed disk - Allow rotatelogs read httpd_log_t symlinks - Add winbind-rpcd to samba_enable_home_dirs boolean - Allow system cronjobs dbus chat with setroubleshoot - Allow setroubleshootd read device sysctls - Allow virt_domain read device sysctls - Allow rhcd compute selinux access vector - Allow insights-client manage samba var dirs - Label ports 10161-10162 tcp/udp with snmp - Allow aide to connect to systemd_machined with a unix socket. - Allow samba-dcerpcd use NSCD services over a unix stream socket - Allow vlock search the contents of the /dev/pts directory - Allow insights-client send null signal to rpm and system cronjob - Label port 15354/tcp and 15354/udp with opendnssec - Allow ftpd map ftpd_var_run files - Allow targetclid to manage tmp files - Allow insights-client connect to postgresql with a unix socket - Allow insights-client domtrans on unix_chkpwd execution - Add file context entries for insights-client and rhc - Allow pulseaudio create gnome content (~/.config) - Allow login_userdomain dbus chat with rhsmcertd - Allow sbd the sys_ptrace capability - Allow ptp4l_t name_bind ptp_event_port_t

Provides

  • config(selinux-policy-mls)
  • selinux-policy-any
  • selinux-policy-mls

Files


Sources on Pagure