Пакет selinux-policy-38.1.53-5.el9_6.inferit.src
| Имя | selinux-policy |
|---|---|
| Эпоха | 0 |
| Версия | 38.1.53 |
| Релиз | 5.el9_6.inferit |
| Архитектура | src |
| Сайт | https://github.com/fedora-selinux/selinux-policy |
| Лицензия | GPLv2+ |
| Время сборки | 2025-05-14 22:47:48 |
| Хост сборки | builder-arm64-1.inferitos.ru |
| Краткое описание | SELinux policy configuration |
| Репозитории | BaseOS |
| Полное описание | SELinux core policy package. Originally based off of reference policy, the policy has been adjusted to provide support for Fedora. |
| Эррата | — |
| Размер | 1144 КиБ |
| Исходный проект | selinux-policy-38.1.53-5.el9_6.inferit |
| Контрольная сумма SHA-256 | fc0ad15005e358159d4416997afa382cfb2c85ad6ee7016f5ef84369e4abd73a |
×
![Full screenshot]()
* Fri Apr 11 2025 Vit Mojzis <vmojzis@redhat.com> - 38.1.53-5 - automotive: Deny unknown classes/permissions (RHEL-87350) * Fri Mar 14 2025 Zdenek Pytela <zpytela@redhat.com> - 38.1.53-4 - Allow afterburn to mount and read config drives Resolves: RHEL-82276 * Fri Feb 07 2025 Zdenek Pytela <zpytela@redhat.com> - 38.1.53-1 - Allow svirt_t to connect to nbdkit over a unix stream socket Resolves: RHEL-56029 - Allow power-profiles-daemon the bpf capability Resolves: RHEL-61117 - Allow systemd-machined the kill user-namespace capability Resolves: RHEL-76352 * Fri Jan 31 2025 Zdenek Pytela <zpytela@redhat.com> - 38.1.52-1 - Add the files_read_root_files() interface Resolves: RHEL-70849 - Dontaudit systemd-logind remove all files Resolves: RHEL-59145 - Add the files_dontaudit_read_all_dirs() interface Resolves: RHEL-59145 - Add the files_dontaudit_delete_all_files() interface Resolves: RHEL-59145 - Allow rhsmcertd notify virt-who Resolves: RHEL-77152 - Allow irqbalance to run unconfined scripts conditionally Resolves: RHEL-1556 - Backport bootupd policy from current Fedora rawhide Resolves: RHEL-70849 - Support using systemd containers Resolves: RHEL-76352 - Allow svirt_t connect to unconfined_t over a unix domain socket Resolves: RHEL-37539 - Allow virt_domain to use pulseaudio - conditional Resolves: RHEL-1379 - Allow telnetd read network sysctls Resolves: RHEL-58825 - Allow alsa watch generic device directories Resolves: RHEL-61472 - Update switcheroo policy Resolves: RHEL-24268 * Wed Jan 15 2025 Zdenek Pytela <zpytela@redhat.com> - 38.1.51-1 - Allow rsyslog read systemd-logind session files Resolves: RHEL-73839 - Allow samba-bgqd connect to cupsd over an unix domain stream socket Resolves: RHEL-72860 - Allow svirt_t read sysfs files Resolves: RHEL-70839 - Allow xdm dbus chat with power-profiles-daemon Resolves: RHEL-61117 - Update power-profiles-daemon policy Resolves: RHEL-61117 - Confine power-profiles-daemon Resolves: RHEL-61117 - Allow virtqemud domain transition to nbdkit Resolves: RHEL-56029 - Add nbdkit interfaces defined conditionally Resolves: RHEL-56029 - Confine the switcheroo-control service Resolves: RHEL-24268 * Fri Dec 13 2024 Zdenek Pytela <zpytela@redhat.com> - 38.1.50-1 - Allow auditctl signal auditd Resolves: RHEL-68969 - Fix the cups_read_pid_files() interface to use read_files_pattern Resolves: RHEL-69517 - Dontaudit systemd-coredump the sys_resource capability Resolves: RHEL-46339 - Allow rpcd read network sysctls Resolves: RHEL-1558 - Allow irqbalance setpcap capability in the user namespace Resolves: RHEL-69564 - Allow traceroute_t bind rawip sockets to unreserved ports Resolves: RHEL-54561 - Allow svirt_t the sys_rawio capability Resolves: RHEL-56955 - Change /run/sysctl\.d(/.*)? fc entry to /var/run/sysctl\.d(/.*)? Resolves: RHEL-56988 - Exclude container-selinux manpage from selinux-policy-doc Resolves: RHEL-69916 * Fri Dec 06 2024 Zdenek Pytela <zpytela@redhat.com> - 38.1.49-1 - Update virtlogd policy Resolves: RHEL-69433 - Allow svirt_t the sys_rawio capability Resolves: RHEL-56955 - Allow qemu-ga the dac_override and dac_read_search capabilities Resolves: RHEL-52476 - Allow ip the setexec permission Resolves: RHEL-62923 - Allow alsa get attributes filesystems with extended attributes Resolves: RHEL-61472 - Allow bacula execute container in the container domain Resolves: RHEL-21168 - Allow httpd get attributes of dirsrv unit files Resolves: RHEL-46808 - Update samba-bgqd policy Resolves: RHEL-69517 - Allow samba-bgqd read cups config files Resolves: RHEL-69517 - Update policy for samba-bgqd Resolves: RHEL-69517 - Update bootupd policy for the removing-state-file test Resolves: RHEL-66584 - Allow qatlib search the content of the kernel debugging filesystem Resolves: RHEL-53864 - Allow qatlib connect to systemd-machined over a unix socket Resolves: RHEL-53864 - Update qatlib policy for v24.02 with new features Resolves: RHEL-53864 * Tue Nov 19 2024 Arkady L. Shane <tigro@msvsphere-os.ru> - 38.1.44-1.inferit - Added policy fprintd_t for focal fingerprint * Tue Nov 12 2024 Zdenek Pytela <zpytela@redhat.com> - 38.1.48-1 - Revert "Allow unconfined_t execute kmod in the kmod domain" Resolves: RHEL-65008 - Add policy for /usr/libexec/samba/samba-bgqd Resolves: RHEL-53124 * Wed Oct 23 2024 Zdenek Pytela <zpytela@redhat.com> - 38.1.47-1 - Label /etc/sysctl.d and /run/sysctl.d with system_conf_t Resolves: RHEL-56988 - Allow lldpad create and use netlink_generic_socket Resolves: RHEL-61832 - Allow unconfined_t execute kmod in the kmod domain Resolves: RHEL-54710 - Allow confined users r/w to screen unix stream socket Resolves: RHEL-50379 - Label /root/.screenrc and /root/.tmux.conf with screen_home_t Resolves: RHEL-50375 - Allow iio-sensor-proxy the bpf capability Resolves: RHEL-17346