bee0c0 * Tue Aug 13 2019 Lukas Vrabec <lvrabec@redhat.com> - 3.14.4-30

Authored and Committed by Lukas Vrabec 5 years ago
    * Tue Aug 13 2019 Lukas Vrabec <lvrabec@redhat.com> - 3.14.4-30
    - cockpit: Allow cockpit-session to read cockpit-tls state
    - Allow zebrat_t domain to read state of NetworkManager_t processes BZ(1739983)
    - Allow named_t domain to read/write samba_var_t files BZ(1738794)
    - Dontaudit abrt_t domain to read root_t files
    - Allow ipa_dnskey_t domain to read kerberos keytab
    - Allow mongod_t domain to read cgroup_t files BZ(1739357)
    - Update ibacm_t policy
    - Allow systemd to relabel all files on system.
    - Revert "Add new boolean systemd_can_relabel"
    - Allow xdm_t domain to read kernel sysctl BZ(1740385)
    - Add sys_admin capability for xdm_t in user namespace. BZ(1740386)
    - Allow dbus communications with resolved for DNS lookups
    - Add new boolean systemd_can_relabel
    - Allow auditd_t domain to create auditd_tmp_t temporary files and dirs in /tmp or /var/tmp
    - Label '/var/usrlocal/(.*/)?sbin(/.*)?' as bin_t
    - Update systemd_dontaudit_read_unit_files() interface to dontaudit alos listing dirs
    - Run lvmdbusd service as lvm_t
    
        
file modified
+2 -0
file modified
+22 -3
file modified
+3 -3