refpolicy 2:2.20140421-2 source package in Ubuntu
Changelog
refpolicy (2:2.20140421-2) unstable; urgency=medium * Fix systemd support * Made init, logging, authlogin, application, userdomain, systemd, dmesg, dpkg, usermanage, libraries, fstools, miscfiles, mount, selinuxutil, storage and sysnetwork be base modules - some of this is needed for systemd, some just makes sense. * Disabled modules anaconda, authbind, kudzu, portage, rhgb, speedtouch * Allow syslogd_t to read /dev/urandom (for systemd) * Change unit files to use .*\.service * Default trans syslogd_tmp_t for name /run/log (for systemd) * Make /var/auth a mountpoint * Allow systemd_tmpfiles_t to relabelto xconsole_device_t * Allow init_t to start and stop service systemd_unit_file_t * Allow udev_t to write to init_t stream sockets for systemctl * Allow syslogd_t to read udev_var_run_t so systemd_journal can get seat data * Allow systemd_logind_t to read udev_var_run_t for seat data * Allow syslogd_t setgid and setgid for systemd_journal * Allow udev_t to read cgroup files for systemd-udevd to read it's own cgroup * Give logrotate_t the systemd_systemctl_domain access to restart daemons * Make transition from unconfined_t to insmod_t for running modutils and remove all unused modutils domains. Make unconfined_t transition to insmod_t, this makes depmod run as insmod_t. Make insmod_t write modules dep files with the correct context. * Allow udev_t to load kernel modules for systemd-udevd * Allow initrc_t to systemd_config_all_services * Allow lvm_t to talk to init_t via unix socket for systemd * Allow allow lvm_t to read sysctl_crypto_t * Allow udev_t to read modules_object_t for systemd-udevd * Allow udev_t to search /run/systemd for systemd-udevd * Allow systemd_tmpfiles_t to relabel man_cache_t * Allow initrc_t to get status of init_t for systemd * Allow udev_t to get initrc_exec_t service status for when udev runs hdparm script * Allow ifconfig_t to load kernel modules * Allow named_t to read vm sysctls * Allow tor_t capabilities chown dac_read_search dac_override fowner * Allow fetchmail_t to manage dirs of type fetchmail_uidl_cache_t * Allow mysqld_t to connect to itself on unix_stream_socket * Allow mysqld_t kernel_read_vm_sysctls for overcommit_memory * Allow sysstat_t read and write access to crond_tmp_t (for cron to capture stdout/stderr). * Allow sysstat_t to read it's own log files and read shell_exec_t * Included file context for /run/kdm.pid * Allow kerneloops_t to read /proc/filesystems * Label /var/cache/dirmngr as dirmngr_var_lib_t * systemd_login_list_pid_dirs(system_dbusd_t) -- Russell Coker <email address hidden> Wed, 25 Jun 2014 15:38:58 +1000
Upload details
- Uploaded by:
- Debian SELinux maintainers
- Uploaded to:
- Sid
- Original maintainer:
- Debian SELinux maintainers
- Architectures:
- all
- Section:
- admin
- Urgency:
- Medium Urgency
See full publishing history Publishing
Series | Published | Component | Section |
---|
Downloads
File | Size | SHA-256 Checksum |
---|---|---|
refpolicy_2.20140421-2.dsc | 1.7 KiB | bbf6275973b688a8e6f0dc9fdad39629b4ea32fb98b0b6fd2116c366e15d4aaf |
refpolicy_2.20140421.orig.tar.bz2 | 668.3 KiB | 258ff813c84139175db63958ac8bff2bcce32982bb0d902e06aaaf17dd644367 |
refpolicy_2.20140421-2.debian.tar.xz | 66.2 KiB | 232bc394236b20c04825985e71ed54b65ab65293abf9de477642e5e3337a5a6d |
Available diffs
- diff from 2:2.20140421-1 to 2:2.20140421-2 (32.6 KiB)
No changes file available.
Binary packages built by this source
- selinux-policy-default: No summary available for selinux-policy-default in ubuntu utopic.
No description available for selinux-
policy- default in ubuntu utopic.
- selinux-policy-dev: No summary available for selinux-policy-dev in ubuntu utopic.
No description available for selinux-policy-dev in ubuntu utopic.
- selinux-policy-doc: No summary available for selinux-policy-doc in ubuntu utopic.
No description available for selinux-policy-doc in ubuntu utopic.
- selinux-policy-mls: No summary available for selinux-policy-mls in ubuntu utopic.
No description available for selinux-policy-mls in ubuntu utopic.
- selinux-policy-src: No summary available for selinux-policy-src in ubuntu utopic.
No description available for selinux-policy-src in ubuntu utopic.