Package selinux-policy-38.1.53-2.el9.inferit.noarch
| Name | selinux-policy |
|---|---|
| Epoch | 0 |
| Version | 38.1.53 |
| Release | 2.el9.inferit |
| Architecture | noarch |
| Website/URL | https://github.com/fedora-selinux/selinux-policy |
| License | GPLv2+ |
| Build Time | 2025-04-08 10:52:24 |
| Build Host | builder-arm64-1.inferitos.ru |
| Summary | SELinux policy configuration |
| Repositories | BaseOS |
| Description | SELinux core policy package. Originally based off of reference policy, the policy has been adjusted to provide support for Fedora. |
| Errata | — |
| Size | 46 KiB |
| Source Project | selinux-policy-38.1.53-2.el9.inferit |
| SHA-256 checksum | e85f66ab71c85fd57c7f1299738c0a8d2447b7bebf5325080628edc0d4bbf7b6 |
×
![Full screenshot]()
* Fri Feb 07 2025 Zdenek Pytela <zpytela@redhat.com> - 38.1.53-1 - Allow svirt_t to connect to nbdkit over a unix stream socket Resolves: RHEL-56029 - Allow power-profiles-daemon the bpf capability Resolves: RHEL-61117 - Allow systemd-machined the kill user-namespace capability Resolves: RHEL-76352 * Fri Jan 31 2025 Zdenek Pytela <zpytela@redhat.com> - 38.1.52-1 - Add the files_read_root_files() interface Resolves: RHEL-70849 - Dontaudit systemd-logind remove all files Resolves: RHEL-59145 - Add the files_dontaudit_read_all_dirs() interface Resolves: RHEL-59145 - Add the files_dontaudit_delete_all_files() interface Resolves: RHEL-59145 - Allow rhsmcertd notify virt-who Resolves: RHEL-77152 - Allow irqbalance to run unconfined scripts conditionally Resolves: RHEL-1556 - Backport bootupd policy from current Fedora rawhide Resolves: RHEL-70849 - Support using systemd containers Resolves: RHEL-76352 - Allow svirt_t connect to unconfined_t over a unix domain socket Resolves: RHEL-37539 - Allow virt_domain to use pulseaudio - conditional Resolves: RHEL-1379 - Allow telnetd read network sysctls Resolves: RHEL-58825 - Allow alsa watch generic device directories Resolves: RHEL-61472 - Update switcheroo policy Resolves: RHEL-24268 * Wed Jan 15 2025 Zdenek Pytela <zpytela@redhat.com> - 38.1.51-1 - Allow rsyslog read systemd-logind session files Resolves: RHEL-73839 - Allow samba-bgqd connect to cupsd over an unix domain stream socket Resolves: RHEL-72860 - Allow svirt_t read sysfs files Resolves: RHEL-70839 - Allow xdm dbus chat with power-profiles-daemon Resolves: RHEL-61117 - Update power-profiles-daemon policy Resolves: RHEL-61117 - Confine power-profiles-daemon Resolves: RHEL-61117 - Allow virtqemud domain transition to nbdkit Resolves: RHEL-56029 - Add nbdkit interfaces defined conditionally Resolves: RHEL-56029 - Confine the switcheroo-control service Resolves: RHEL-24268 * Fri Dec 13 2024 Zdenek Pytela <zpytela@redhat.com> - 38.1.50-1 - Allow auditctl signal auditd Resolves: RHEL-68969 - Fix the cups_read_pid_files() interface to use read_files_pattern Resolves: RHEL-69517 - Dontaudit systemd-coredump the sys_resource capability Resolves: RHEL-46339 - Allow rpcd read network sysctls Resolves: RHEL-1558 - Allow irqbalance setpcap capability in the user namespace Resolves: RHEL-69564 - Allow traceroute_t bind rawip sockets to unreserved ports Resolves: RHEL-54561 - Allow svirt_t the sys_rawio capability Resolves: RHEL-56955 - Change /run/sysctl\.d(/.*)? fc entry to /var/run/sysctl\.d(/.*)? Resolves: RHEL-56988 - Exclude container-selinux manpage from selinux-policy-doc Resolves: RHEL-69916 * Fri Dec 06 2024 Zdenek Pytela <zpytela@redhat.com> - 38.1.49-1 - Update virtlogd policy Resolves: RHEL-69433 - Allow svirt_t the sys_rawio capability Resolves: RHEL-56955 - Allow qemu-ga the dac_override and dac_read_search capabilities Resolves: RHEL-52476 - Allow ip the setexec permission Resolves: RHEL-62923 - Allow alsa get attributes filesystems with extended attributes Resolves: RHEL-61472 - Allow bacula execute container in the container domain Resolves: RHEL-21168 - Allow httpd get attributes of dirsrv unit files Resolves: RHEL-46808 - Update samba-bgqd policy Resolves: RHEL-69517 - Allow samba-bgqd read cups config files Resolves: RHEL-69517 - Update policy for samba-bgqd Resolves: RHEL-69517 - Update bootupd policy for the removing-state-file test Resolves: RHEL-66584 - Allow qatlib search the content of the kernel debugging filesystem Resolves: RHEL-53864 - Allow qatlib connect to systemd-machined over a unix socket Resolves: RHEL-53864 - Update qatlib policy for v24.02 with new features Resolves: RHEL-53864 * Tue Nov 19 2024 Arkady L. Shane <tigro@msvsphere-os.ru> - 38.1.44-1.inferit - Added policy fprintd_t for focal fingerprint * Tue Nov 12 2024 Zdenek Pytela <zpytela@redhat.com> - 38.1.48-1 - Revert "Allow unconfined_t execute kmod in the kmod domain" Resolves: RHEL-65008 - Add policy for /usr/libexec/samba/samba-bgqd Resolves: RHEL-53124 * Wed Oct 23 2024 Zdenek Pytela <zpytela@redhat.com> - 38.1.47-1 - Label /etc/sysctl.d and /run/sysctl.d with system_conf_t Resolves: RHEL-56988 - Allow lldpad create and use netlink_generic_socket Resolves: RHEL-61832 - Allow unconfined_t execute kmod in the kmod domain Resolves: RHEL-54710 - Allow confined users r/w to screen unix stream socket Resolves: RHEL-50379 - Label /root/.screenrc and /root/.tmux.conf with screen_home_t Resolves: RHEL-50375 - Allow iio-sensor-proxy the bpf capability Resolves: RHEL-17346 * Fri Oct 11 2024 Zdenek Pytela <zpytela@redhat.com> - 38.1.46-1 - Rebuild * Thu Oct 10 2024 Zdenek Pytela <zpytela@redhat.com> - 35.1.46-1 - Label /run/modprobe.d with modules_conf_t Resolves: RHEL-61453 - Allow boothd connect to kernel over a unix socket Resolves: RHEL-57104 - Allow boothd connect to systemd-userdbd over a unix socket Resolves: RHEL-57104 - Additional updates stalld policy for bpf usage Resolves: RHEL-57075 - Update stalld policy for bpf usage Resolves: RHEL-57075 - Allow ptp4l the sys_admin capability Resolves: RHEL-55133 - Label /dev/hfi1_[0-9]+ devices Resolves: RHEL-54996 - Confine iio-sensor-proxy Resolves: RHEL-17346