rpm/selinux-policy
SHA256
1
0
Fork 0
forked from pool/selinux-policy
Code Pull Requests Activity
125 Commits 2 Branches 0 Tags 6.9 MiB
3baf5bcdf6
Commit Graph

7 Commits

Author SHA256 Message Date
Dominique Leuenberger
3de9778fbc Accepting request 832021 from security:SELinux 
Policy is in better state now and should be fine for people with basic SELinux knowledge

OBS-URL: https://build.opensuse.org/request/show/832021
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/selinux-policy?expand=0&rev=1
 2020-10-06 15:06:19 +00:00
Johannes Segitz
71b9302857 Accepting request 1030151 from home:jsegitz:branches:security:SELinux 
- Update to version 20221019. Refreshed:
  * distro_suse_to_distro_redhat.patch
  * fix_apache.patch
  * fix_chronyd.patch
  * fix_cron.patch
  * fix_init.patch
  * fix_kernel_sysctl.patch
  * fix_networkmanager.patch
  * fix_rpm.patch
  * fix_sysnetwork.patch
  * fix_systemd.patch
  * fix_systemd_watch.patch
  * fix_unconfined.patch
  * fix_unconfineduser.patch
  * fix_unprivuser.patch
  * fix_xserver.patch
- Dropped fix_cockpit.patch as this is now packaged with cockpit itself
- Remove the ipa module, freeip ships their own module
- Added fix_alsa.patch to allow reading of config files in home directories
- Extended fix_networkmanager.patch and fix_postfix.patch to account
  for SUSE systems
- Added dontaudit_interface_kmod_tmpfs.patch to prevent AVCs when startproc
  queries the running processes
- Updated fix_snapper.patch to allow snapper to talk to rpm via dbus

OBS-URL: https://build.opensuse.org/request/show/1030151
OBS-URL: https://build.opensuse.org/package/show/security:SELinux/selinux-policy?expand=0&rev=153
 2022-10-20 12:00:31 +00:00
Johannes Segitz
80bdcc2619 Accepting request 988924 from home:jsegitz:branches:security:SELinux 
- Update fix_systemd.patch to add sys_admin systemd_gpt_generator_t
  (bsc#1200911)

- postfix: Label PID files and some helpers correctly (bsc#1197242)

- Add fix_userdomain.patch to dontaudit UDP rpc ports (bsc#1193984)

OBS-URL: https://build.opensuse.org/request/show/988924
OBS-URL: https://build.opensuse.org/package/show/security:SELinux/selinux-policy?expand=0&rev=134
 2022-07-13 08:15:29 +00:00
Johannes Segitz
f9eb198b55 Accepting request 821528 from home:jsegitz:branches:security:SELinux 
- Update to version 20200717. Refreshed
  * fix_fwupd.patch
  * fix_hadoop.patch
  * fix_init.patch
  * fix_irqbalance.patch
  * fix_logrotate.patch
  * fix_nagios.patch
  * fix_networkmanager.patch
  * fix_postfix.patch
  * fix_sysnetwork.patch
  * fix_systemd.patch
  * fix_thunderbird.patch
  * fix_unconfined.patch
  * fix_unprivuser.patch
  * selinux-policy.spec
- Added update.sh to make updating easier

- Updated fix_unconfineduser.patch to allow unconfined_dbusd_t access
  to accountsd dbus
- New patch:
  * fix_nis.patch
- Updated patches:
  * fix_postfix.patch: Transition is done in distribution specific script

OBS-URL: https://build.opensuse.org/request/show/821528
OBS-URL: https://build.opensuse.org/package/show/security:SELinux/selinux-policy?expand=0&rev=77
 2020-07-17 14:00:13 +00:00
Johannes Segitz
e10fb17535 Accepting request 810877 from home:jsegitz:branches:security:SELinux 
- Added module for wicked
- New patches:
  * fix_authlogin.patch
  * fix_screen.patch
  * fix_unprivuser.patch
  * fix_rpm.patch
  * fix_apache.patch

- Added module for rtorrent
- Enable snapper module in minimum policy to reduce issues on BTRFS
  Updated fix_snapper.patch to prevent relabling of snapshot

OBS-URL: https://build.opensuse.org/request/show/810877
OBS-URL: https://build.opensuse.org/package/show/security:SELinux/selinux-policy?expand=0&rev=76
 2020-06-02 15:31:08 +00:00
Johannes Segitz
cf699a6f0f Accepting request 785956 from home:jsegitz:branches:security:SELinux 
- New patches:
  * fix_accountsd.patch
  * fix_automount.patch
  * fix_colord.patch
  * fix_mcelog.patch
  * fix_sslh.patch
  * fix_nagios.patch
  * fix_openvpn.patch
  * fix_cron.patch
  * fix_usermanage.patch
  * fix_smartmon.patch
  * fix_geoclue.patch
  * suse_specific.patch
  Default systems should now work without selinuxuser_execmod
- Removed xdm_entrypoint_pam.patch, necessary change is in
  fix_unconfineduser.patch
- Enable SUSE specific settings again

OBS-URL: https://build.opensuse.org/request/show/785956
OBS-URL: https://build.opensuse.org/package/show/security:SELinux/selinux-policy?expand=0&rev=75
 2020-03-17 14:46:20 +00:00
Johannes Segitz
1fd70ac29b Accepting request 781805 from home:jsegitz:branches:security:SELinux 
- Update to version 20200219
  Refreshed fix_hadoop.patch
  Updated 
  * fix_dbus.patch
  * fix_hadoop.patch
  * fix_nscd.patch
  * fix_xserver.patch
  Renamed postfix_paths.patch to fix_postfix.patch
  Added
  * fix_init.patch
  * fix_locallogin.patch
  * fix_policykit.patch
  * fix_iptables.patch
  * fix_irqbalance.patch
  * fix_ntp.patch
  * fix_fwupd.patch
  * fix_firewalld.patch
  * fix_logrotate.patch
  * fix_selinuxutil.patch
  * fix_corecommand.patch
  * fix_snapper.patch
  * fix_systemd.patch
  * fix_unconfined.patch
  * fix_unconfineduser.patch
  * fix_chronyd.patch
  * fix_networkmanager.patch
  * xdm_entrypoint_pam.patch
- Removed modules minimum_temp_fixes and targeted_temp_fixes
  from the corresponding policies
- Reduced default module list of minimum policy by removing

OBS-URL: https://build.opensuse.org/request/show/781805
OBS-URL: https://build.opensuse.org/package/show/security:SELinux/selinux-policy?expand=0&rev=74
 2020-03-05 10:13:59 +00:00