[ All A B C D E F G H I J K L M N O P Q R S T U V W X Y Z ]
×

Project selinux-policy-38.1.45-3.el9_5.inferit

Name selinux-policy
Epoch 0
Version 38.1.45
Release 3.el9_5.inferit
Website/URL https://github.com/fedora-selinux/selinux-policy
License GPLv2+
Build Time 2025-02-20 14:24:01
Build Host certified-builder01.msvsphere-os.ru
Summary SELinux policy configuration
Repositories OS
Description SELinux core policy package. Originally based off of reference policy, the policy has been adjusted to provide support for Fedora.
Errata
× Full screenshot
Packages link
Package Summary SHA-256 checksum
noarch
selinux-policy-38.1.45-3.el9_5.inferit.noarch SELinux policy configuration 5ef3fd1faf7d32841764d874262e16fd825e5f6547120c3eec76b58cf4e7e73c download
selinux-policy-devel-38.1.45-3.el9_5.inferit.noarch SELinux policy development files 1054aa114a1277a81a4ad66f0cc4c35e7f25a459d7a4d2cbcb098525f2d22eba download
selinux-policy-mls-38.1.45-3.el9_5.inferit.noarch SELinux MLS policy 294c501dac1175704818ddf3196ae0ffe72a423bc049c923bbc51ef53e7c4eba download
selinux-policy-targeted-38.1.45-3.el9_5.inferit.noarch SELinux targeted policy 0f3002ffa0463f47386ed5c8dc0e0ff2e6877d82ab4ddaca1862898818382afe download
src
selinux-policy-38.1.45-3.el9_5.inferit.src SELinux policy configuration c67cddcb9afebbe80c0c94401ec025b6464da6360ccf554773dccd404195c765 download
Changelog link 
* Tue Nov 19 2024 Arkady L. Shane <tigro@msvsphere-os.ru> - 38.1.45-3.inferit
- Added policy fprintd_t for focal fingerprint

* Mon Sep 16 2024 Zdenek Pytela <zpytela@redhat.com> - 38.1.45-3
- Rebuild
Resolves: RHEL-55414

* Wed Sep 04 2024 Zdenek Pytela <zpytela@redhat.com> - 38.1.45-2
- Rebuild
Resolves: RHEL-55414

* Thu Aug 29 2024 Zdenek Pytela <zpytela@redhat.com> - 38.1.45-1
- Allow setsebool_t relabel selinux data files

* Mon Aug 12 2024 Zdenek Pytela <zpytela@redhat.com> - 38.1.44-1
- Allow coreos-installer-generator work with partitions
Resolves: RHEL-38614
- Label /etc/mdadm.conf.d with mdadm_conf_t
Resolves: RHEL-38614
- Change file context specification to /var/run/metadata
Resolves: RHEL-49735
- Allow initrc_t transition to passwd_t
Resolves: RHEL-17404
- systemd: allow systemd_notify_t to send data to kernel_t datagram sockets
Resolves: RHEL-25514
- systemd: allow sys_admin capability for systemd_notify_t
Resolves: RHEL-25514
- Change systemd-network-generator transition to include class file
Resolves: RHEL-47033
- Allow sshd_keygen_t connect to userdbd over a unix stream socket
Resolves: RHEL-47033

* Wed Jul 31 2024 Zdenek Pytela <zpytela@redhat.com> - 38.1.43-1
- Allow rhsmcertd read/write access to /dev/papr-sysparm
Resolves: RHEL-49599
- Label /dev/papr-sysparm and /dev/papr-vpd
Resolves: RHEL-49599
- Allow rhsmcertd read, write, and map ica tmpfs files
Resolves: RHEL-50926
- Update afterburn file transition policy
Resolves: RHEL-49735
- Label /run/metadata with afterburn_runtime_t
Resolves: RHEL-49735
- Allow afterburn list ssh home directory
Resolves: RHEL-49735
- Support SGX devices
Resolves: RHEL-50922
- Allow systemd-pstore send a message to syslogd over a unix domain
Resolves: RHEL-45528
- Allow postfix_domain map postfix_etc_t files
Resolves: RHEL-46332
- Allow microcode create /sys/devices/system/cpu/microcode/reload
Resolves: RHEL-26821
- Allow svirt_tcg_t map svirt_image_t files
Resolves: RHEL-27141
- Allow systemd-hostnamed shut down nscd
Resolves: RHEL-45033
- Allow postfix_domain connect to postgresql over a unix socket
Resolves: RHEL-6776

* Thu Jul 18 2024 Zdenek Pytela <zpytela@redhat.com> - 38.1.42-1
- Label samba certificates with samba_cert_t
Resolves: RHEL-25724
- Allow systemd-coredumpd the sys_chroot capability
Resolves: RHEL-45245
- Allow svirt_tcg_t read vm sysctls
Resolves: RHEL-27141
- Label /usr/sbin/samba-gpupdate with samba_gpupdate_exec_t
Resolves: RHEL-25724
- Label /var/run/coreos-installer-reboot with coreos_installer_var_run_t
Resolves: RHEL-38614
- Allow coreos-installer add systemd unit file links
Resolves: RHEL-38614

* Sun Jul 07 2024 Zdenek Pytela <zpytela@redhat.com> - 38.1.41-1
- Differentiate between staff and sysadm when executing crontab with sudo
Resolves: RHEL-31888
- Label /usr/bin/samba-gpupdate with samba_gpupdate_exec_t
Resolves: RHEL-25724
- Allow unconfined_service_t transition to passwd_t
Resolves: RHEL-17404
- Allow sbd to trace processes in user namespace
Resolves: RHEL-44680
- Allow systemd-coredumpd sys_admin and sys_resource capabilities
Resolves: RHEL-45245
- Label /usr/lib/node_modules/npm/bin with bin_t
Resolves: RHEL-36587
- Support /var is empty
Resolves: RHEL-29331
- Allow timemaster write to sysfs files
Resolves: RHEL-28777
- Don't audit crontab_domain write attempts to user home
Resolves: RHEL-31888
- Transition from sudodomains to crontab_t when executing crontab_exec_t
Resolves: RHEL-31888
- Fix label of pseudoterminals created from sudodomain
Resolves: RHEL-31888

* Tue Jun 18 2024 Zdenek Pytela <zpytela@redhat.com> - 38.1.40-1
- Allow systemd-coredump read nsfs files
Resolves: RHEL-39937
- Allow login_userdomain execute systemd-tmpfiles in the caller domain
Resolves: RHEL-40374
- Allow ptp4l_t request that the kernel load a kernel module
Resolves: RHEL-38905
- Allow collectd to trace processes in user namespace
Resolves: RHEL-36293

* Thu Jun 06 2024 Zdenek Pytela <zpytela@redhat.com> - 38.1.39-1
- Add interfaces for watching and reading ifconfig_var_run_t
Resolves: RHEL-39408
- Allow dhcpcd use unix_stream_socket
Resolves: RHEL-39408
- Allow dhcpc read /run/netns files
Resolves: RHEL-39408
- Allow all domains read and write z90crypt device
Resolves: RHEL-38833
- Allow bootupd search efivarfs dirs
Resolves: RHEL-36289
- Move unconfined_domain(sap_unconfined_t) to an optional block
Resolves: RHEL-37663