Fedora 9 Update: selinux-policy-3.3.1-72.fc9
Summary
SELinux Reference Policy - modular.
Based off of reference policy: Checked out revision 2624.
* Mon Jun 23 2008 Dan Walsh
- Fix file context of real player
* Mon Jun 23 2008 Dan Walsh
- Allow system_mail_t to exec other mail clients
- Label mogrel_rails as an apache server
* Mon Jun 23 2008 Dan Walsh
- Apply unconfined_execmem_exec_t to haskell programs
* Sun Jun 22 2008 Dan Walsh
- Fix prelude file context
* Sun Jun 22 2008 Dan Walsh
- Allow virt to getsched and setsched on qemu
- Allow networkmanager to getattr on fixed disk
* Wed Jun 4 2008 Dan Walsh
- Add slattach policy for eparis testing
* Mon Jun 2 2008 Dan Walsh
- Allow bootloader to run mount in the users role
* Mon Jun 2 2008 Dan Walsh
- Allow policykit_resolve to ptrace all levels
* Fri May 30 2008 Dan Walsh
- Allow policykit_resolve to ptrace user processes
* Fri May 30 2008 Dan Walsh
- Allow policykit_resolve to read users process table
* Thu May 29 2008 Dan Walsh
- Allow policykit_resolve to read polkit_var_lib
- Other policykit fixes
* Thu May 29 2008 Dan Walsh
- Allow oddjob to change roles
* Thu May 29 2008 Dan Walsh
- Allow policykit_resolve to getattr hal
- Allow pyzor_t manage files user_pyzor_home_t
* Wed May 28 2008 Dan Walsh
- Allow dhcpc sys_nice
- Allow handling of /var/run/video.rom
- Allow policykit_resolve to use dbus
* Wed May 21 2008 Dan Walsh
- Fix vncserver transition to work properly in unconfined environment.
- Allow virsh to run
* Tue May 20 2008 Dan Walsh
- More fixes for spamassassin
* Tue May 20 2008 Dan Walsh
- Allow spamassassin_t to be run by system_r
* Mon May 19 2008 Dan Walsh
- Add mono_exec to podsleuth
* Fri May 16 2008 Dan Walsh
- Allow httpd_suexec_t to use cgi scripts in home dir
- Allow httpd_syexec_t to connect to mysql
- Allow sasl to communicate with kerberos rhost cache
- Fix vncserver to work again
- Allow procmail to ioctl spamasssin_exec_t
* Tue May 13 2008 Dan Walsh
- Dontaudit dhcpc_t reading of domains state
* Mon May 12 2008 Dan Walsh
- Add sys_nice for audispd
* Thu May 8 2008 Dan Walsh
- Allow libvirtd sys_nice
- Fixes for policykit
- Allow dovecot getattr all filesystem directories
* Wed May 7 2008 Dan Walsh
- Allow amanada to create data files
* Wed May 7 2008 Dan Walsh
- Fix initial install, semanage setup
* Tue May 6 2008 Dan Walsh
- Allow system_r for httpd_unconfined_script_t
* Wed Apr 30 2008 Dan Walsh
- Remove dmesg boolean
- Allow user domains to read/write game data
* Mon Apr 28 2008 Dan Walsh
- Change unconfined_t to transition to unconfined_mono_t when running mono
- Change XXX_mono_t to transition to XXX_t when executing bin_t files, so gnome-do will work
* Mon Apr 28 2008 Dan Walsh
- Remove old booleans from targeted-booleans.conf file
su -c 'yum update selinux-policy' at the command line.
For more information, refer to "Managing Software with yum",
available at .
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/security/
Fedora-package-announce mailing list
Fedora-package-announce@redhat.com
http://www.redhat.com/mailman/listinfo/fedora-package-announce
FEDORA-2008-5808 2008-07-01 02:41:37 Product : Fedora 9 Version : 3.3.1 Release : 72.fc9 URL : https://serefpolicy.sourceforge.net/ Summary : SELinux policy configuration Description : SELinux Reference Policy - modular. Based off of reference policy: Checked out revision 2624. * Mon Jun 23 2008 Dan Walsh 3.3.1-72 - Fix file context of real player * Mon Jun 23 2008 Dan Walsh 3.3.1-71 - Allow system_mail_t to exec other mail clients - Label mogrel_rails as an apache server * Mon Jun 23 2008 Dan Walsh 3.3.1-70 - Apply unconfined_execmem_exec_t to haskell programs * Sun Jun 22 2008 Dan Walsh 3.3.1-69 - Fix prelude file context * Sun Jun 22 2008 Dan Walsh 3.3.1-68 - Allow virt to getsched and setsched on qemu - Allow networkmanager to getattr on fixed disk * Wed Jun 4 2008 Dan Walsh 3.3.1-66 - Add slattach policy for eparis testing * Mon Jun 2 2008 Dan Walsh 3.3.1-65 - Allow bootloader to run mount in the users role * Mon Jun 2 2008 Dan Walsh 3.3.1-64 - Allow policykit_resolve to ptrace all levels * Fri May 30 2008 Dan Walsh 3.3.1-63 - Allow policykit_resolve to ptrace user processes * Fri May 30 2008 Dan Walsh 3.3.1-61 - Allow policykit_resolve to read users process table * Thu May 29 2008 Dan Walsh 3.3.1-60 - Allow policykit_resolve to read polkit_var_lib - Other policykit fixes * Thu May 29 2008 Dan Walsh 3.3.1-59 - Allow oddjob to change roles * Thu May 29 2008 Dan Walsh 3.3.1-58 - Allow policykit_resolve to getattr hal - Allow pyzor_t manage files user_pyzor_home_t * Wed May 28 2008 Dan Walsh 3.3.1-57 - Allow dhcpc sys_nice - Allow handling of /var/run/video.rom - Allow policykit_resolve to use dbus * Wed May 21 2008 Dan Walsh 3.3.1-56 - Fix vncserver transition to work properly in unconfined environment. - Allow virsh to run * Tue May 20 2008 Dan Walsh 3.3.1-55 - More fixes for spamassassin * Tue May 20 2008 Dan Walsh 3.3.1-54 - Allow spamassassin_t to be run by system_r * Mon May 19 2008 Dan Walsh 3.3.1-53 - Add mono_exec to podsleuth * Fri May 16 2008 Dan Walsh 3.3.1-52 - Allow httpd_suexec_t to use cgi scripts in home dir - Allow httpd_syexec_t to connect to mysql - Allow sasl to communicate with kerberos rhost cache - Fix vncserver to work again - Allow procmail to ioctl spamasssin_exec_t * Tue May 13 2008 Dan Walsh 3.3.1-51 - Dontaudit dhcpc_t reading of domains state * Mon May 12 2008 Dan Walsh 3.3.1-50 - Add sys_nice for audispd * Thu May 8 2008 Dan Walsh 3.3.1-49 - Allow libvirtd sys_nice - Fixes for policykit - Allow dovecot getattr all filesystem directories * Wed May 7 2008 Dan Walsh 3.3.1-48 - Allow amanada to create data files * Wed May 7 2008 Dan Walsh 3.3.1-47 - Fix initial install, semanage setup * Tue May 6 2008 Dan Walsh 3.3.1-46 - Allow system_r for httpd_unconfined_script_t * Wed Apr 30 2008 Dan Walsh 3.3.1-45 - Remove dmesg boolean - Allow user domains to read/write game data * Mon Apr 28 2008 Dan Walsh 3.3.1-44 - Change unconfined_t to transition to unconfined_mono_t when running mono - Change XXX_mono_t to transition to XXX_t when executing bin_t files, so gnome-do will work * Mon Apr 28 2008 Dan Walsh 3.3.1-43 - Remove old booleans from targeted-booleans.conf file su -c 'yum update selinux-policy' at the command line. For more information, refer to "Managing Software with yum", available at . All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ Fedora-package-announce mailing list Fedora-package-announce@redhat.com http://www.redhat.com/mailman/listinfo/fedora-package-announce
Change Log
References