70c776 * Wed Nov 07 2018 Lukas Vrabec <lvrabec@redhat.com> - 3.14.3-13

Authored and Committed by Lukas Vrabec 6 years ago
    * Wed Nov 07 2018 Lukas Vrabec <lvrabec@redhat.com> - 3.14.3-13
    - Update pesign policy to allow pesign_t domain to read bind cache files/dirs
    - Add dac_override capability to mdadm_t domain
    - Create ibacm_tmpfs_t type for the ibacm policy
    - Dontaudit capability sys_admin for dhcpd_t domain
    - Makes rhsmcertd_t domain an exception to the constraint preventing changing the user identity in object contexts.
    - Allow abrt_t domain to mmap generic tmp_t files
    - Label /usr/sbin/wpa_cli as wpa_cli_exec_t
    - Allow sandbox_xserver_t domain write to user_tmp_t files
    - Allow certutil running as ipsec_mgmt_t domain to mmap ipsec_mgmt pid files Dontaudit ipsec_mgmt_t domain to write to the all mountpoints
    - Add interface files_map_generic_tmp_files()
    - Add dac_override capability to the syslogd_t domain
    - Create systemd_timedated_var_run_t label
    - Update systemd_timedated_t domain to allow create own pid files/access init_var_lib_t files and read dbus files BZ(1646202)
    - Add init_read_var_lib_lnk_files and init_read_var_lib_sock_files interfaces
    
        
file modified
+2 -0
file modified
+19 -3
file modified
+3 -3