Package selinux-policy-40.13.26-1.el10.inferit.src
| Name | selinux-policy |
|---|---|
| Epoch | 0 |
| Version | 40.13.26 |
| Release | 1.el10.inferit |
| Architecture | src |
| Website/URL | https://github.com/fedora-selinux/selinux-policy |
| License | GPL-2.0-or-later |
| Build Time | 2025-04-09 15:01:19 |
| Build Host | builder-arm64-1.inferitos.ru |
| Summary | SELinux policy configuration |
| Repositories | BaseOS |
| Description | SELinux core policy package. Originally based off of reference policy, the policy has been adjusted to provide support for Fedora. |
| Errata | — |
| Size | 1214 KiB |
| Source Project | selinux-policy-40.13.26-1.el10.inferit |
| SHA-256 checksum | e7eeed5df437ab39bbefb61cf1a9d086117d93544e907ba2c7989f6bd1665a6f |
×
![Full screenshot]()
* Wed Apr 09 2025 Arkady L. Shane <tigro@msvsphere-os.ru> - 40.13.26-1.inferit - Added policy fprintd_t for focal fingerprint * Mon Feb 17 2025 Zdenek Pytela <zpytela@redhat.com> - 40.13.26-1 - Rename winbind_rpcd_* types to samba_dcerpcd_* Resolves: RHEL-14759 - Allow samba-dcerpcd work with ctdb cluster Resolves: RHEL-14759 - Revert "Remove socket from unconfined_domain_type allow rule" Resolves: RHEL-77327 - Dontaudit access of virt-related permissive domains Resolves: RHEL-77808 - Add selinux_requires_min macro Resolves: RHEL-54715 - Filter out EPEL related modules Resolves: RHEL-73505 * Thu Feb 06 2025 Zdenek Pytela <zpytela@redhat.com> - 40.13.25-1 - Update ktlshd policy to read /proc/keys and domain keyrings Resolves: RHEL-42672 - Allow pcmsensor read nmi_watchdog state information Resolves: RHEL-52838 - Support peer-to-peer migration of vms using ssh Resolves: RHEL-77351 - Allow virt_domain read hardware state information unconditionally Resolves: RHEL-71270 - Allow timemaster write to sysfs files Resolves: RHEL-44637 - Allow virtqemud map svirt_image_t plain files Resolves: RHEL-40080 - Allow virtqemud unmount a filesystem with extended attributes Resolves: RHEL-40080 - Allow virtqemud work with nvdimm devices Resolves: RHEL-71656 - Update virtqemud policy regarding the svirt_tcg_t domain Resolves: RHEL-71270 - Allow virtqemud use hostdev usb devices conditionally Resolves: RHEL-74230 - Support saving and restoring a VM to/from a block device Resolves: RHEL-76138 - Allow virtnwfilterd dbus chat with firewalld Resolves: RHEL-76138 - Allow virt_domain to use pulseaudio - conditional Resolves: RHEL-62763 - Allow virtstoraged write to sysfs files Resolves: RHEL-44637 - Allow irqbalance to run unconfined scripts conditionally Resolves: RHEL-54019 - Allow rhsmcertd notify virt-who Resolves: RHEL-77114 - Allow init mounton crypto sysctl files Resolves: RHEL-56250 * Mon Jan 27 2025 Zdenek Pytela <zpytela@redhat.com> - 40.13.24-1 - Allow systemd-generator connect to syslog over a unix datagram socket Resolves: RHEL-75879 - Allow ssh_t to change role to system_r Resolves: RHEL-53972 - Allow virtnodedev create /etc/mdevctl.d/scripts.d with bin_t type Resolves: RHEL-39893 - Allow virtqemud manage fixed disk device nodes Resolves: RHEL-71656 - Allow samba-bgqd connect to cupsd over an unix domain stream socket Resolves: RHEL-72861 - Allow systemd-machined read the vsock device Resolves: RHEL-74280 - Allow pcmsensor write nmi_watchdog state information Resolves: RHEL-52838 - Label /proc/sys/kernel/nmi_watchdog with sysctl_nmi_watchdog_t Resolves: RHEL-52838 * Fri Jan 24 2025 Zdenek Pytela <zpytela@redhat.com> - 40.13.23-2 - Rebuild other packages with with selinux-policy-40.13.23 Resolves: RHEL-36741 * Thu Jan 23 2025 Zdenek Pytela <zpytela@redhat.com> - 40.13.23-1 - Remove the lockdown class from the policy Resolves: RHEL-36741 - Remove socket from unconfined_domain_type allow rule Resolves: RHEL-36741 - Include key_socket in socket_class_set Resolves: RHEL-36741 * Thu Jan 16 2025 Zdenek Pytela <zpytela@redhat.com> - 40.13.22-1 - Allow staff user dbus chat with virt-dbus Resolves: RHEL-73914 - Allow virtqemud domain transition to nbdkit Resolves: RHEL-69118 - Add nbdkit interfaces defined conditionally Resolves: RHEL-69118 - Allow svirt_t read sysfs files Resolves: RHEL-71270 - Label /dev/pmem[0-9]+ with fixed_disk_device_t Resolves: RHEL-71656 - Add support for the KVM guest memfd anon inodes Resolves: RHEL-69128 - Allow sysadm user dbus chat with virt-dbus Resolves: RHEL-73914 - Allow initrc_t transition to passwd_t Resolves: RHEL-71665 - Allow unconfined_service_t transition to passwd_t Resolves: RHEL-71665 * Wed Jan 08 2025 Zdenek Pytela <zpytela@redhat.com> - 40.13.21-1 - Allow init create vsock socket for sshd Resolves: RHEL-72549 - Support ssh connections via systemd-ssh-generator Resolves: RHEL-72549 - Allow ssh generator work with systemd unit files Resolves: RHEL-72549 - Confine systemd system-ssh-generator Resolves: RHEL-72549 - Allow login_userdomain getattr nsfs files Resolves: RHEL-72549 - Allow virtqemud send a generic signal to the ssh client domain Resolves: RHEL-53972 - Add the auth_dontaudit_read_passwd_file() interface Resolves: RHEL-71490 - Dontaudit request-key read /etc/passwd Resolves: RHEL-71490 * Fri Jan 03 2025 Zdenek Pytela <zpytela@redhat.com> - 40.13.20-1 - Allow virtqemud domain transition on numad execution Resolves: RHEL-65789 - Support virt live migration using ssh Resolves: RHEL-53972 - Allow ssh_t read systemd config files Resolves: RHEL-53972 - Allow virtqemud permissions needed for live migration Resolves: RHEL-43217 - Allow virtqemud the getpgid process permission Resolves: RHEL-46357 - Allow virtqemud manage nfs dirs when virt_use_nfs boolean is on Resolves: RHEL-71068 - Allow virtqemud relabelfrom virt_log_t files Resolves: RHEL-48236 - Allow virtqemud relabel tun_socket Resolves: RHEL-71394 - Allow gnome-remote-desktop dbus chat with policykit Resolves: RHEL-35877 - Update ktlsh policy Resolves: RHEL-42672 - Confine the ktls service Resolves: RHEL-42672 - Allow request-key to read /etc/passwd Resolves: RHEL-71490 - Allow request-key to manage all domains' keys Resolves: RHEL-71490 * Fri Dec 20 2024 Petr Lautrbach <lautrbach@redhat.com> - 40.13.19-2 - Rebuild with SELinux Userspace 3.8