system environment/base

selinux-policy-sandbox - SELinux policy sandbox

Website: http://oss.tresys.com/repos/refpolicy/
License: GPLv2+
Vendor: Scientific Linux
Description:
SELinux sandbox policy used for the policycoreutils-sandbox package

Packages

selinux-policy-sandbox-3.13.1-268.el7_9.2.noarch [499 KiB] Changelog by Zdenek Pytela (2020-10-29):
- Allow certmonger add new entries in a generic certificates directory
Resolves: rhbz#1879496
- Allow slapd add new entries in ldap certificates directory
Resolves: rhbz#1879496
- Add miscfiles_add_entry_generic_cert_dirs() interface
Resolves: rhbz#1879496
selinux-policy-sandbox-3.13.1-268.el7.noarch [499 KiB] Changelog by Zdenek Pytela (2020-05-12):
- Allow rhsmd read process state of all domains and kernel threads
Resolves: rhbz#1837461
- Allow ipa-adtrust-install restart sssd and dirsrv services
Resolves: rhbz#1820298
- Allow nagios_plugin_domain execute programs in bin directories
Resolves: rhbz#1824625
- selinux policy: add the right context for org.freeipa.server.trust-enable-agent
Related: rhbz#1820298
selinux-policy-sandbox-3.13.1-266.el7_8.1.noarch [499 KiB] Changelog by Zdenek Pytela (2020-05-15):
- Allow nagios_plugin_domain execute programs in bin directories
Resolves: rhbz#1832219
selinux-policy-sandbox-3.13.1-252.el7_7.6.noarch [494 KiB] Changelog by Lukas Vrabec (2019-11-06):
- Dontaudit tmpreaper_t getting attributes from sysctl_type files
Resolves: rhbz#1766095
selinux-policy-sandbox-3.13.1-252.el7.1.noarch [493 KiB] Changelog by Lukas Vrabec (2019-07-10):
- Allow sbd_t domain to use nsswitch
Resolves: rhbz#1728593
selinux-policy-sandbox-3.13.1-229.el7_6.6.noarch [485 KiB] Changelog by Lukas Vrabec (2018-11-02):
- Allow nova_t domain to use pam
Resolves: rhbz:#1645270
- sysstat: grant sysstat_t the search_dir_perms set
Resolves: rhbz#1645271
selinux-policy-sandbox-3.13.1-229.el7_6.5.noarch [484 KiB] Changelog by Lukas Vrabec (2018-10-12):
- Remove disabling ganesha module in pre install phase of installation new selinux-policy package where ganesha is again standalone module
Resolves: rhbz#1638257
selinux-policy-sandbox-3.13.1-229.el7.noarch [484 KiB] Changelog by Lukas Vrabec (2018-09-26):
- Allow neutron domain to read/write /var/run/utmp
Resolves: rhbz#1630318
selinux-policy-sandbox-3.13.1-192.el7_5.3.noarch [454 KiB] Changelog by Lukas Vrabec (2018-03-28):
- Allow snapperd_t domain to unmount fs_t filesystems
Resolves: rhbz#1561424
selinux-policy-sandbox-3.13.1-166.el7_4.9.noarch [438 KiB] Changelog by Lukas Vrabec (2018-02-21):
- Update openvswitch policy from Fedora
Resolves: rhbz#1538936
selinux-policy-sandbox-3.13.1-166.el7_4.7.noarch [439 KiB] Changelog by Lukas Vrabec (2017-11-16):
- Allow cluster_t domain creating bundles directory with label var_log_t instead of cluster_var_log_t
Resolves: rhbz:#1513075
selinux-policy-sandbox-3.13.1-166.el7_4.5.noarch [439 KiB] Changelog by Lukas Vrabec (2017-08-30):
- Allow certmonger using systemctl on pki_tomcat unit files
Resolves: rhbz#1486552
selinux-policy-sandbox-3.13.1-166.el7.noarch [438 KiB] Changelog by Lukas Vrabec (2017-07-10):
- Add new boolean gluster_use_execmem
Resolves: rhbz#1469027
- Allow cluster_t and glusterd_t domains to dbus chat with ganesha service
Resolves: rhbz#1468581
selinux-policy-sandbox-3.13.1-102.el7_3.16.noarch [417 KiB] Changelog by Lukas Vrabec (2017-03-09):
- Allow openvswitch read script state.
- Allow openvswitch exec hostname and readinitrc_t files
Resolves: rhbz#1430751
selinux-policy-sandbox-3.13.1-102.el7_3.15.noarch [416 KiB] Changelog by Lukas Vrabec (2017-02-07):
- Allow sssd_t domain setpgid
Resolves:rhbz#1419836
selinux-policy-sandbox-3.13.1-102.el7_3.4.noarch [414 KiB] Changelog by Miroslav Grepl (2016-10-19):
- Allow GlusterFS with RDMA transport to be started correctly. It requires ipc_lock capability together with rw permission on rdma_cm device.
Resolves:#1386620
- Allow glusterd to get attributes on /sys/kernel/config directory.
Resolves:#1386621

Listing created by Repoview-0.6.6-4.el7