2b76eb * Tue Apr 27 2021 Zdenek Pytela <zpytela@redhat.com> - 34.4-1

Authored and Committed by Zdenek Pytela 3 years ago
    * Tue Apr 27 2021 Zdenek Pytela <zpytela@redhat.com> - 34.4-1
    - Allow domain create anonymous inodes
    - Add anon_inode class to the policy
    - Allow systemd-coredump getattr nsfs files and net_admin capability
    - Allow systemd-sleep transition to sysstat_t
    - Allow systemd-sleep transition to tlp_t
    - Allow systemd-sleep transition to unconfined_service_t on bin_t executables
    - Allow systemd-timedated watch runtime dir and its parent
    - Allow system dbusd read /var/lib symlinks
    - Allow unconfined_service_t confidentiality and integrity lockdown
    - Label /var/lib/brltty with brltty_var_lib_t
    - Allow domain and unconfined_domain_type watch /proc/PID dirs
    - Additional permission for confined users loging into graphic session
    - Make for screen fsetid/setuid/setgid permission conditional
    - Allow for confined users acces to wtmp and run utempter
    
        
file modified
+18 -2
file modified
+2 -2