Skip to content

"SLC6X: system environment/base: selinux-policy

selinux-policy - SELinux policy configuration

Website: http://oss.tresys.com/repos/refpolicy/
License: GPLv2+
Vendor: Red Hat, Inc.
Description:
SELinux Reference Policy - modular.
Based off of reference policy: Checked out revision  2.20091117

Packages

selinux-policy-3.7.19-312.el6.src [20.1 MiB] Changelog by Lukas Vrabec (2017-12-06):
- Apply also patch for RHEL-6.10
- Increase nvr
Resolves: rhbz#1515499
selinux-policy-3.7.19-307.el6_9.3.src [20.1 MiB] Changelog by Lukas Vrabec (2017-12-06):
- Allow sysadm_t to run puppet_exec_t binaries as puppet_t
Resolves: rhbz#1522765
selinux-policy-3.7.19-307.el6_9.2.src [20.1 MiB] Changelog by Lukas Vrabec (2017-06-29):
- Label /usr/bin/mysqld_safe_helper as mysqld_exec_t instead of bin_t.
Resolves: rhbz#1466327
selinux-policy-3.7.19-307.el6.src [20.1 MiB] Changelog by Lukas Vrabec (2016-12-14):
- Allow glusterd_t send signals to userdomain. Label new glusterd binaries as glusterd_exec_t
Resolves: rhbz#1404152
- Label /usr/bin/puppet* binaries as puppet_exec_t
Resolves: rhbz#1386181
selinux-policy-3.7.19-292.el6_8.3.src [20.1 MiB] Changelog by Lukas Vrabec (2017-01-04):
- Allow glusterd_t send signals to userdomain. Label new glusterd binaries as glusterd_exec_t
Resolves: rhbz#1409482
selinux-policy-3.7.19-292.el6_8.2.src [20.1 MiB] Changelog by Lukas Vrabec (2016-11-09):
- Allow glusterd to manage socket files labeled as glusterd_brick_t.
Resolves: rhbz#1393267
- Allow runnig php7 in fpm mode. From selinux-policy side, we need to allow httpd to read/write hugetlbfs
Resolves: rhbz#1393253
selinux-policy-3.7.19-292.el6.src [20.1 MiB] Changelog by Lukas Vrabec (2016-04-13):
- Allow smbcontrol to create a socket in /var/samba which uses for a communication with smbd, nmbd and winbind.
Related: #1326621
selinux-policy-3.7.19-279.el6_7.9.src [20.1 MiB] Changelog by Lukas Vrabec (2016-04-12):
- Allow smbcontrol to create a socket in /var/samba which uses for a communication with smbd, nmbd and winbind.
Related: #1322688
selinux-policy-3.7.19-279.el6_7.8.src [20.1 MiB] Changelog by Miroslav Grepl (2015-12-07):
- Allow ipsec_mgmt_t to access netlink route socket and set attributes for /var/run/pluto directories.
Resolves:#1289019
selinux-policy-3.7.19-279.el6_7.7.src [20.1 MiB] Changelog by Miroslav Grepl (2015-09-16):
- Backport ipsec-mgmt fixes to have libreswan working correctly on RHEL-6.7.
Resolves:#1272437
selinux-policy-3.7.19-279.el6_7.6.src [20.1 MiB] Changelog by Miroslav Grepl (2015-09-08):
- Allow qpidd to be working with MRG. It requires to manage symlinks in /var/lib/qpidd.
Resolves:#1257318
Resolves:#1257319
selinux-policy-3.7.19-279.el6_7.5.src [20.1 MiB] Changelog by Miroslav Grepl (2015-09-01):
- Allow Chromium to use setcap inside its SUID sandbox.
Resolves:#1258392
selinux-policy-3.7.19-279.el6_7.4.src [20.1 MiB] Changelog by Miroslav Grepl (2015-08-04):
- Allow nsswitch domain to search samba pid dirs to allow to connect to nmbd_t
Resolves:#1248520
selinux-policy-3.7.19-279.el6.src [20.1 MiB] Changelog by Miroslav Grepl (2015-06-23):
- Allow logrotate get attributes of all unallocated tty device nodes.
- Add logging_syslogd_run_nagios_plugins boolean for rsyslog to allow transition to nagios unconfined plugins.
- Allow glusterd to connect to init.
Resolves:#1230371
- Allow gluster do dbus chat with domain running as initrc_t.
selinux-policy-3.7.19-260.el6_6.5.src [19.8 MiB] Changelog by Miroslav Grepl (2015-06-18):
- Allow sys_admin capability for gfs_controld
Resolves:#1233118
selinux-policy-3.7.19-260.el6_6.3.src [19.8 MiB] Changelog by Miroslav Grepl (2015-04-29):
- Allow passenger to accept connection.
- Update passenger rules from RHEL7.
Resolves:#1211706
- Allow mysqld_t to use pam
- Allow mysqld_t to send audit messages
Resolves:#1214023
- Back port labeling for /etc/my.cnf.d dir.
Resolves:#1212976
- Add labeling for mariadb log/pid files/dirs.
Resolves:#1212846
- Add support for mogos service.
Resolves:#1212972
selinux-policy-3.7.19-260.el6_6.2.src [19.8 MiB] Changelog by Miroslav Grepl (2015-01-13):
- Allow logrotate to manage virt_cache.
Resolves:#1179805
selinux-policy-3.7.19-260.el6_6.1.src [19.8 MiB] Changelog by Miroslav Grepl (2014-12-02):
- Allow osad to execute rhn_check
- Make osad_t as unconfined domain
- Allow osad connect to jabber client port
Resolves:#1169688
- Allow rhev-agentd to access /dev/.udev/db/block:sr0
selinux-policy-3.7.19-260.el6.src [19.8 MiB] Changelog by Miroslav Grepl (2014-09-17):
- Add virt_getattr_images and call it for sblim_sfcbd_t.
- We also need to call virt_search_images for sblim.
Resolves:#1140614
selinux-policy-3.7.19-231.el6_5.3.src [19.7 MiB] Changelog by Miroslav Grepl (2014-05-12):
- Fix openshift_read_lib_files() interface
Resolves:#1092624
selinux-policy-3.7.19-231.el6_5.1.src [19.7 MiB] Changelog by Miroslav Grepl (2014-03-19):
- Allow snmpd to getattr on removeable and fixed disks
Resolves:#1078275
selinux-policy-3.7.19-231.el6.src [19.7 MiB] Changelog by Miroslav Grepl (2013-10-29):
- Add named_cache_t label for /var/lib/unbound
- Fix puppet_domtrans_master() interface to make passenger working correctly if it wants to read puppet config files
- Allow anitvirus domains to manage own log dirs
selinux-policy-3.7.19-195.el6_4.18.src [19.1 MiB] Changelog by Miroslav Grepl (2013-10-31):
- Allow all daemons to manage cluster lib files if daemons_enable_cluster_mode boolean is enabled
Resolves:#985442
selinux-policy-3.7.19-195.el6_4.13.src [19.1 MiB] Changelog by Miroslav Grepl (2013-10-04):
- Remove transition from virtd_t to qemu_t to stay in virtd_t if selinux_driver is None in qemu.conf
Resolves:#1015117
- Allow virt_domain to read virt_var_run_t symlinks
Resolves:#1015068
selinux-policy-3.7.19-195.el6_4.12.src [19.1 MiB] Changelog by Miroslav Grepl (2013-06-24):
- Back port openvswitch policy
Resolves:#976000
selinux-policy-3.7.19-195.el6_4.10.src [19.1 MiB] Changelog by Miroslav Grepl (2013-06-06):
- Remove all transitions for quantum
Resolves:#969043
selinux-policy-3.7.19-195.el6_4.6.src [19.1 MiB] Changelog by Miroslav Grepl (2013-05-27):
- Allow myslqd-safe to execute shell_exec_t
Resolves:#966997
- Allow openshift-cron to read openshift link files in /var/lib
selinux-policy-3.7.19-195.el6_4.5.src [19.1 MiB] Changelog by Miroslav Grepl (2013-05-09):
- Allow dirsrv-admin server to be restarted from console
Resolves:#955703
selinux-policy-3.7.19-195.el6_4.3.src [19.1 MiB] Changelog by Miroslav Grepl (2013-03-06):
- Backport openshfit fixes
Resolves:#917966
selinux-policy-3.7.19-195.el6_4.1.src [19.1 MiB] Changelog by Miroslav Grepl (2013-02-20):
- Additional fix for tuned
- Backport openshift changes
Resolves:#912392
selinux-policy-3.7.19-195.el6.src [19.1 MiB] Changelog by Miroslav Grepl (2013-01-22):
- Make matahari domains as unconfined
- Allow nscd to connect to nmbd
Resolves:#901565
- Allow setcap/getcap for syslogd
selinux-policy-3.7.19-155.el6_3.14.src [18.8 MiB] Changelog by Miroslav Grepl (2012-12-19):
- Apache is sending sinal to openshift_initrc_t now
- Dontaudit attempts by openshift to read apache logs
- Change oddjob to transition to a ranged openshift_initr_exec_t when run from oddjob
- Allow quota to manage openshift_var_lib_t directories
Resolves:#888381
selinux-policy-3.7.19-155.el6_3.13.src [18.8 MiB] Changelog by Miroslav Grepl (2012-12-14):
- Allow consolehelper-gtk to connect to xserver port
- Make rhev_agentd_consolehelper_t also as permissive domain
- Allow rhev-agentd to connect to xserver
Resolves:#886210
selinux-policy-3.7.19-155.el6_3.8.src [18.8 MiB] Changelog by Miroslav Grepl (2012-11-15):
- Fix passenger labeling
Resolves:#876075
selinux-policy-3.7.19-155.el6_3.6.src [18.8 MiB] Changelog by Miroslav Grepl (2012-10-18):
- Allow virt domains to read/write inherited files on NFS/CIFS filesystems
Resolves:#867395
selinux-policy-3.7.19-155.el6_3.4.src [18.8 MiB] Changelog by Miroslav Grepl (2012-09-03):
- Make condor_startd_ssh domain as unconfined
- Allow condor_startd_ssh to connect to kerberos_master port
Resolves:#852456
selinux-policy-3.7.19-155.el6_3.src [18.8 MiB] Changelog by Miroslav Grepl (2012-06-18):
- Allow setroubleshootd to execute rpm
Resolves:#833053
- Add labeling for /usr/lib/flash-plugin/libflashplayer.so
selinux-policy-3.7.19-154.el6.src [18.8 MiB] Changelog by Miroslav Grepl (2012-05-23):
- Allow fenced to manage snmpd lib files
- Allow certmonger to get attributes on init script files
Resolves:#790967
- Fix labeling for Firefox plugins
Resolves:#747993
- Add mta_signal_user_agent() interface
selinux-policy-3.7.19-126.el6_2.10.src [18.6 MiB] Changelog by Miroslav Grepl (2012-02-27):
- Add MRG patch
Resolves:#796585
selinux-policy-3.7.19-126.el6_2.9.src [18.6 MiB] Changelog by Miroslav Grepl (2012-02-23):
- More fixes for FIPS
Resolves:#796423
selinux-policy-3.7.19-126.el6_2.6.src [18.6 MiB] Changelog by Miroslav Grepl (2012-01-31):
- qpidd needs to create tmpfs
- qpidd needs to read sysfs_t
Resolves:#786088
selinux-policy-3.7.19-126.el6_2.4.src [18.6 MiB] Changelog by Miroslav Grepl (2011-12-08):
- Allow rhev_agentd_consolehelper to dbus chat with session bus
Resolves:#761065
selinux-policy-3.7.19-126.el6_2.3.src [18.6 MiB] Changelog by Miroslav Grepl (2011-11-23):
- Update config.tgz to make cronjob working also for user_t
Resolves:#754112
selinux-policy-3.7.19-126.el6.src [18.6 MiB] Changelog by Miroslav Grepl (2011-11-09):
- Fix dev_rw_generic_usb_dev
Resolves:#751388
selinux-policy-3.7.19-93.el6_1.7.src [18.6 MiB] Changelog by Miroslav Grepl (2011-08-11):
- Allow httpd_dirsrv_admin_script to read and write of httpd unix stream socket
selinux-policy-3.7.19-93.el6_1.2.src [18.6 MiB] Changelog by Miroslav Grepl (2011-06-30):
- Allow syslogd ipc_lock
- Allow syslogd to read from random number generator
selinux-policy-3.7.19-93.el6.src [18.6 MiB] Changelog by Miroslav Grepl (2011-04-29):
- Make init_t MLS trusted for reading/writing from/to sockets at any level
selinux-policy-3.7.19-54.el6_0.5.src [18.6 MiB] Changelog by Miroslav Grepl (2011-03-16):
- seunshare needs to be able to mounton nfs/cifs/fusefs homedirs
Resolves: #684918
selinux-policy-3.7.19-54.el6_0.3.src [18.6 MiB] Changelog by Miroslav Grepl (2010-10-26):
- Fix init leaks
Resolves: #644820

Listing created by repoview