a9b321 * Fri Dec 20 2019 Zdenek Pytela <zpytela@redhat.com> - 3.14.5-19

Authored and Committed by Zdenek Pytela 4 years ago
    * Fri Dec 20 2019 Zdenek Pytela <zpytela@redhat.com> - 3.14.5-19
    - Allow init_t nnp domain transition to kmod_t
    - Allow userdomain dbus chat with systemd_resolved_t
    - Allow init_t read and setattr on /var/lib/fprintd
    - Allow sysadm_t dbus chat with colord_t
    - Allow confined users run fwupdmgr
    - Allow confined users run machinectl
    - Allow systemd labeled as init_t domain to create dirs labeled as var_t
    - Allow systemd labeled as init_t do read/write tpm_device_t chr files BZ(1778079)
    - Add new file context rabbitmq_conf_t.
    - Allow journalctl read init state BZ(1731753)
    - Add fprintd_read_var_lib_dir and fprintd_setattr_var_lib_dir interfaces
    - Allow pulseaudio create .config and dgram sendto to unpriv_userdomain
    - Change type in transition for /var/cache/{dnf,yum} directory
    - Allow cockpit_ws_t read efivarfs_t BZ(1777085)
    - Allow abrt_dump_oops_t domain to create udp sockets BZ(1778030)
    - Allow named_t domain to mmap named_zone_t files BZ(1647493)
    - Make boinc_var_lib_t label system mountdir attribute
    - Allow stratis_t domain to request load modules
    - Update fail2ban policy
    - Allow spamd_update_t access antivirus_unit_file_t BZ(1774092)
    - Allow uuidd_t Domain trasition from sytemd into confined domain with NoNewPrivileges Systemd Security feature.
    - Allow rdisc_t Domain trasition from sytemd into confined domain with NoNewPrivileges Systemd Security feature.
    
        
file modified
+2 -0
file modified
+27 -3
file modified
+3 -3