- Update to version 20240314:
  * nscd can go awa

- Update to version 20240314:
  * kanidm module
  * Assign alts_exec_t to files_type
  * Support /bin/alts in the policy (bsc#1217530)
  * Allow ssh-keygen to use the libica crypto module (bsc#1220373)
  * Revert "Allow virtnetworkd_t to execute bin_t (bsc#1216903)"
  * Revert "Change domain_kernel_load_modules boolean to true"
  * Fix gitolite homedir paths (bsc#1218826)
  * Allow keepalived_t read+write kernel_t pipes (bsc#1216060)
  * allow rebootmgr to read the system state (bsc#1205931)
  * Allow virtnetworkd_t to execute bin_t (bsc#1216903)
  * Allow sssd_t watch permission to net_conf_t dirs (bsc#1216052)
  * Revert fix for bsc#1205770 since it causes a regression for bsc#1214887
  * Allow kdump_t to manage symlinks under kdump_var_lib_t (bsc#1213721)
  * allow haveged to manage tmpfs directories (bsc#1213594)
  * removed merge conflict marker
  * Remove unneeded manage_dirs_pattern for lastlog_t (bsc#1210461)
  * Add policy for wtmpdb (bsc#1210717)
  * Add support for lastlog2 (bsc#1210461)
  * allow the chrony client to use unallocated ttys (bsc#1210672)
  * libzypp creates temporary files in /var/adm/mount. Label it with rpm_var_cache_t to prevent wrong labels in /var/cache/zypp
  * only use rsync_exec_t for the rsync server, not for the client (bsc#1209890)
  * properly label sshd-gen-keys-start to ensure ssh host keys have proper labels after creation
  * allow systemd_resolved_t to bind to all nodes (bsc#1200182)
  * make kernel_t unconfined again
  * prevent labeling of overlayfs filesystems based on the /var/lib/overlay path
  * allow kernel_t to relabel etc_t files

• Files Changed
• Browse Source

• Browse Source