selinux-policy-sandbox - SELinux policy sandbox
Website: | http://oss.tresys.com/repos/refpolicy/ |
---|---|
License: | GPLv2+ |
Vendor: | Scientific Linux |
- Description:
SELinux sandbox policy used for the policycoreutils-sandbox package
Packages
selinux-policy-sandbox-3.13.1-268.el7_9.2.noarch [499 KiB] |
Changelog
by Zdenek Pytela (2020-10-29):
- Allow certmonger add new entries in a generic certificates directory Resolves: rhbz#1879496 - Allow slapd add new entries in ldap certificates directory Resolves: rhbz#1879496 - Add miscfiles_add_entry_generic_cert_dirs() interface Resolves: rhbz#1879496 |
selinux-policy-sandbox-3.13.1-268.el7.noarch [499 KiB] |
Changelog
by Zdenek Pytela (2020-05-12):
- Allow rhsmd read process state of all domains and kernel threads Resolves: rhbz#1837461 - Allow ipa-adtrust-install restart sssd and dirsrv services Resolves: rhbz#1820298 - Allow nagios_plugin_domain execute programs in bin directories Resolves: rhbz#1824625 - selinux policy: add the right context for org.freeipa.server.trust-enable-agent Related: rhbz#1820298 |
selinux-policy-sandbox-3.13.1-266.el7_8.1.noarch [499 KiB] |
Changelog
by Zdenek Pytela (2020-05-15):
- Allow nagios_plugin_domain execute programs in bin directories Resolves: rhbz#1832219 |
selinux-policy-sandbox-3.13.1-252.el7_7.6.noarch [494 KiB] |
Changelog
by Lukas Vrabec (2019-11-06):
- Dontaudit tmpreaper_t getting attributes from sysctl_type files Resolves: rhbz#1766095 |
selinux-policy-sandbox-3.13.1-252.el7.1.noarch [493 KiB] |
Changelog
by Lukas Vrabec (2019-07-10):
- Allow sbd_t domain to use nsswitch Resolves: rhbz#1728593 |
selinux-policy-sandbox-3.13.1-229.el7_6.6.noarch [485 KiB] |
Changelog
by Lukas Vrabec (2018-11-02):
- Allow nova_t domain to use pam Resolves: rhbz:#1645270 - sysstat: grant sysstat_t the search_dir_perms set Resolves: rhbz#1645271 |
selinux-policy-sandbox-3.13.1-229.el7_6.5.noarch [484 KiB] |
Changelog
by Lukas Vrabec (2018-10-12):
- Remove disabling ganesha module in pre install phase of installation new selinux-policy package where ganesha is again standalone module Resolves: rhbz#1638257 |
selinux-policy-sandbox-3.13.1-229.el7.noarch [484 KiB] |
Changelog
by Lukas Vrabec (2018-09-26):
- Allow neutron domain to read/write /var/run/utmp Resolves: rhbz#1630318 |
selinux-policy-sandbox-3.13.1-192.el7_5.3.noarch [454 KiB] |
Changelog
by Lukas Vrabec (2018-03-28):
- Allow snapperd_t domain to unmount fs_t filesystems Resolves: rhbz#1561424 |
selinux-policy-sandbox-3.13.1-166.el7_4.9.noarch [438 KiB] |
Changelog
by Lukas Vrabec (2018-02-21):
- Update openvswitch policy from Fedora Resolves: rhbz#1538936 |
selinux-policy-sandbox-3.13.1-166.el7_4.7.noarch [439 KiB] |
Changelog
by Lukas Vrabec (2017-11-16):
- Allow cluster_t domain creating bundles directory with label var_log_t instead of cluster_var_log_t Resolves: rhbz:#1513075 |
selinux-policy-sandbox-3.13.1-166.el7_4.5.noarch [439 KiB] |
Changelog
by Lukas Vrabec (2017-08-30):
- Allow certmonger using systemctl on pki_tomcat unit files Resolves: rhbz#1486552 |
selinux-policy-sandbox-3.13.1-166.el7.noarch [438 KiB] |
Changelog
by Lukas Vrabec (2017-07-10):
- Add new boolean gluster_use_execmem Resolves: rhbz#1469027 - Allow cluster_t and glusterd_t domains to dbus chat with ganesha service Resolves: rhbz#1468581 |
selinux-policy-sandbox-3.13.1-102.el7_3.16.noarch [417 KiB] |
Changelog
by Lukas Vrabec (2017-03-09):
- Allow openvswitch read script state. - Allow openvswitch exec hostname and readinitrc_t files Resolves: rhbz#1430751 |
selinux-policy-sandbox-3.13.1-102.el7_3.15.noarch [416 KiB] |
Changelog
by Lukas Vrabec (2017-02-07):
- Allow sssd_t domain setpgid Resolves:rhbz#1419836 |
selinux-policy-sandbox-3.13.1-102.el7_3.4.noarch [414 KiB] |
Changelog
by Miroslav Grepl (2016-10-19):
- Allow GlusterFS with RDMA transport to be started correctly. It requires ipc_lock capability together with rw permission on rdma_cm device. Resolves:#1386620 - Allow glusterd to get attributes on /sys/kernel/config directory. Resolves:#1386621 |