Revisions of selinux-policy
William Brown (firstyear)
committed
(revision 2)
- Update to version 20240314: * nscd can go awa - Update to version 20240314: * kanidm module * Assign alts_exec_t to files_type * Support /bin/alts in the policy (bsc#1217530) * Allow ssh-keygen to use the libica crypto module (bsc#1220373) * Revert "Allow virtnetworkd_t to execute bin_t (bsc#1216903)" * Revert "Change domain_kernel_load_modules boolean to true" * Fix gitolite homedir paths (bsc#1218826) * Allow keepalived_t read+write kernel_t pipes (bsc#1216060) * allow rebootmgr to read the system state (bsc#1205931) * Allow virtnetworkd_t to execute bin_t (bsc#1216903) * Allow sssd_t watch permission to net_conf_t dirs (bsc#1216052) * Revert fix for bsc#1205770 since it causes a regression for bsc#1214887 * Allow kdump_t to manage symlinks under kdump_var_lib_t (bsc#1213721) * allow haveged to manage tmpfs directories (bsc#1213594) * removed merge conflict marker * Remove unneeded manage_dirs_pattern for lastlog_t (bsc#1210461) * Add policy for wtmpdb (bsc#1210717) * Add support for lastlog2 (bsc#1210461) * allow the chrony client to use unallocated ttys (bsc#1210672) * libzypp creates temporary files in /var/adm/mount. Label it with rpm_var_cache_t to prevent wrong labels in /var/cache/zypp * only use rsync_exec_t for the rsync server, not for the client (bsc#1209890) * properly label sshd-gen-keys-start to ensure ssh host keys have proper labels after creation * allow systemd_resolved_t to bind to all nodes (bsc#1200182) * make kernel_t unconfined again * prevent labeling of overlayfs filesystems based on the /var/lib/overlay path * allow kernel_t to relabel etc_t files
William Brown (firstyear)
committed
(revision 1)
Displaying all 2 revisions