Fedora Packages

selinux-policy-targeted-40.29-2.fc40 in Fedora 40

↵ Return to the main page of selinux-policy-targeted
View build
Search for updates

Package Info
🠗 Changelog
🠗 Dependencies
🠗 Provides
🠗 Files

Changelog

Date Author Change
2024-10-26 Zdenek Pytela <zpytela at redhat dot com> - 40.29-2 - Rebuild
2024-10-25 Zdenek Pytela <zpytela at redhat dot com> - 40.29-1 - Allow systemd-machined the kill user-namespace capability - Use better escape method for "interface" - Allow the sysadm user use the secretmem API - Allow boothd connect to systemd-userdbd over a unix socket - Allow staff user nlmsg_write - Update policy for xdm with confined users
2024-10-02 Zdenek Pytela <zpytela at redhat dot com> - 40.28-1 - Allow chronyc sendto to chronyd-restricted - Allow cups sys_ptrace capability in the user namespace - Allow abrt-dump-journal-core connect to winbindd - Allow sysadm_t to create PF_KEY sockets - Allow init and systemd-logind to inherit fds from sshd - Label /usr/bin/noping and /usr/bin/oping with ping_exec_t - Allow virtstoraged get attributes of configfs dirs - Update policy for rpc-virtstorage - Allow thumb_t map dri devices - Allow samba use the io_uring API - Allow nut-upsmon read systemd-logind session files - Support SGX devices
2024-08-06 Zdenek Pytela <zpytela at redhat dot com> - 40.27-1 - Allow NetworkManager_dispatcher_t send SIGKILL to plugins - Allow setroubleshootd execute sendmail with a domain transition - Allow key.dns_resolve set attributes on the kernel key ring - Update fstab and cryptsetup generators policy - Allow cryptsetup-generator read and write fstab-generator unit file - Allow postfix_domain map postfix_etc_t files - Update qatlib policy for v24.02 with new features - Label /var/lib/systemd/sleep with systemd_sleep_var_lib_t - Allow tlp status power services - Allow login_userdomain read aliases file - Allow login_userdomain read ipsec config files - Allow login_userdomain read all pid files - Allow xdm_t read and write the dma device - Allow rsyslog read systemd-logind session files
2024-07-25 Zdenek Pytela <zpytela at redhat dot com> - 40.26-1 - Label /run/modprobe.d with modules_conf_t - Allow virtstoraged manage files with virt_content_t type - Allow virtqemud unmount a filesystem with extended attributes - Allow svirt_t connect to unconfined_t over a unix domain socket - Allow ssh_t to change role to system_r - Allow systemd_getty_generator_t to read and write to tty_device_t
2024-07-23 Zdenek Pytela <zpytela at redhat dot com> - 40.25-1 - Allow virtqemud connect to sanlock over a unix stream socket - Allow virtqemud relabel virt_var_run_t directories - Allow svirt_tcg_t read vm sysctls - Allow virtnodedevd connect to systemd-userdbd over a unix socket - Allow svirt read virtqemud fifo files - Allow svirt attach_queue to a virtqemud tun_socket - Allow virtqemud run ssh client with a transition - Sync systemd-generator policy with rawhide - Allow staff use watch /run/systemd - Update keyutils policy - Allow updatedb connect to userdbd over a unix stream socket - Allow systemd-coredump read nsfs files
2024-07-17 Zdenek Pytela <zpytela at redhat dot com> - 40.24-1 - Allow the staff user use wireshark - Allow locate stream connect to systemd-userdbd - Allow postfix-smtpd read mysql config files - Allow virtnetworkd exec shell when virt_hooks_unconfined is on - Allow systemd-networkd write files in /var/lib/systemd/network - Allow systemd-networkd list /var/lib/systemd/network - Allow abrt-dump-journal read all non_security socket files - Add support for libvirt hooks - Allow to create and delete socket files created by rhsm.service
2024-06-20 Zdenek Pytela <zpytela at redhat dot com> - 40.23-1 - Synchronize policy for systemd-generators with rawhide - Allow certmonger read and write tpm devices - Allow virt_driver_domain dbus chat with policykit - Allow login_userdomain execute systemd-tmpfiles in the caller domain - Revert "Allow systemd-machined manage runtime sockets" - Label /usr/bin/ntfsck with fsadm_exec_t - Escape "interface" as a file name in a virt filetrans pattern - Allow gnome-software work for login_userdomain
2024-06-08 Zdenek Pytela <zpytela at redhat dot com> - 40.22-1 - Allow systemd-machined manage runtime sockets - Allow systemd-gpt-generator setfscreate - Allow bootupd search efivarfs dirs - Sync policy for confined systemd generators with rawhide - Update policy for fstab and gpt generators - Allow systemd (PID 1) manage systemd conf files - Allow pulseaudio map its runtime files - Update policy for getty-generator - Allow systemd-machined manage runtime sockets - Allow fstab-generator create unit file symlinks - Dontaudit systemd-coredump sys_admin capability - Update policy for fstab-generator - Allow virtqemud read vm sysctls - Add policy for second batch of generators - Update policy for systemd generators - ci: Adjust Cockpit test plans
2024-05-31 Zdenek Pytela <zpytela at redhat dot com> - 40.21-1 - Add policy for second batch of generators - Update policy for systemd generators - ci: Adjust Cockpit test plans

Dependencies

Provides

  • config(selinux-policy-targeted)
  • selinux-policy-any
  • selinux-policy-targeted

Files


Sources on Pagure