selinux-policy-doc_2.20161023.1-10_all.deb


Advertisement

Description

selinux-policy-doc - Documentation for the SELinux reference policy

Distribution: Debian Sid
Repository: Debian Main i386
Package name: selinux-policy-doc
Package version: 2.20161023.1
Package release: 10
Package architecture: all
Package type: deb
Installed size: 20.48 KB
Download size: 439.71 KB
Official Mirror: ftp.br.debian.org
Description: unavailable.

Alternatives

Conflicts

  • selinux-policy-refpolicy-doc

    Download

    Source package: refpolicy

    Install Howto

    1. Update the package index:
      # sudo apt-get update
    2. Install selinux-policy-doc deb package:
      # sudo apt-get install selinux-policy-doc

    Changelog

    2017-09-13 - Russell Coker <russell@coker.com.au> refpolicy (2:2.20161023.1-10) unstable; urgency=medium * Add patch for typebounds. This patch was rejected upstream, to quote Chris PeBenito: NAK. This has already been fixed with the upcoming nnp_transition nosuid_transition permissions in refpolicy. I'm afraid distros will have to carry policy patches until they can roll out kernels that support these permissions. https://marc.info/?l=selinux&m=150151037511601&w=2 Closes: #874201 * Allow systemd-tmpfiles to delete /var/lib/sudo files. Closes: #875668 * Allow brctl to create files in sysfs and correctly label /usr/lib/bridge-utils/.*\.sh Closes: #875669 * Give bootloader_t all the access it needs to create initramfs images in different situations and communicate with dpkg_t. Closes: #875676 * Allow dnsmasq_t to read it's config dir Closes: #875681 * Build-depend and depend on version 2.7 of tools and libraries. * Allow systemd_tmpfiles_t to manage lastlog_t Closes: #875726 * Allow udev_t to talk to init via dbus and get service status in strict configuration Closes: #875727

    2017-01-26 - Russell Coker <russell@coker.com.au> refpolicy (2:2.20161023.1-9) unstable; urgency=medium * Dontaudit dkim_milter_t binding to labeled udp ports * Allow passwd_t to inherit fd from unconfined_t for package scripts * Allow httpd_sys_script_t to talk to itself via unix datagrams and send syslog messages * Allow logwatch_mail_t to rw system_cronjob_t pipes Allow logwatch_t to run mdadm * Label /etc/postfixadmin as httpd_config_t * Allow system_cronjob_t to create directories under /tmp * Allow spamass_milter_t to read the overcommit sysctl * Allow unconfined domains the capability2:wake_alarm. * Added ~/DovecotMail to the list of mail_home_rw_t directories * Allow systemd_logind_t to get dpkg_script_t process state and talk to it via dbus * For https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=851933 allow udev_t to read default_t. Still need that udev bug fixed!

    Advertisement
    Advertisement