[ol7_optional_latest] selinux-policy-doc-3.13.1-192.0.6.el7_5.6.noarch

Name:	selinux-policy-doc
Version:	3.13.1
Release:	192.0.6.el7_5.6
Architecture:	noarch
Group:	System Environment/Base
Size:	31521056
License:	GPLv2+
RPM:	selinux-policy-doc-3.13.1-192.0.6.el7_5.6.noarch.rpm
Source RPM:	selinux-policy-3.13.1-192.0.6.el7_5.6.src.rpm
Build Date:	Fri Sep 28 2018
Build Host:	x86-ol7-builder-03.us.oracle.com
Vendor:	Oracle America
URL:	http://oss.tresys.com/repos/refpolicy/
Summary:	SELinux policy documentation
Description:	SELinux policy documentation package

Changelog (Show File list) (Show related packages)

Thu Aug 23 2018 Naoki Tanaka <naoki.tanaka@oracle.com> - 3.13.1-192.0.6

- Allow map permission for systemd-journald [OraBug 28523895]
- contrib: allow map permission where needed [OraBug 28523895]
- allow map permission where needed [OraBug 28523895]
- Remove map permissions from merging commit with refpolicy [OraBug 28523895]
- Allow sssd_t domain to map sssd_var_lib_t files [OraBug 28523895]
- Allow just map permission insead of using mmap_file_pattern because mmap_files_pattern allows also executing objects. [OraBug 28523895]
- Allow abrt_t domain to mmap files with label syslogd_var_run_t BZ(1514975) [OraBug 28523895]
- Allow mandb_t domain to mmap files with label mandb_cache_t BZ(1514093) [OraBug 28523895]
- Update gnome_manage_home_config() to allow also map permission BZ(1544270) [OraBug 28523895]
- Allow rpm domain to mmap rpm_var_lib_t files [OraBug 28523895]
- logging: Various audit tools (auditctl, ausearch, etc) map their config and logs [OraBug 28523895]

Thu Aug 16 2018 EL Errata <el-errata_ww@oracle.com> - 3.13.1-192.0.5

- SELinux support for cgroup2 filesystem. [OraBug 28127822]
- refpolicy: Define and allow map permission [OraBug 28229492]
- refpolicy: Define extended_socket_class policy capability and socket classes [OraBug 28229492]
- refpolicy: Define smc_socket security class [OraBug 28229492]
- refpolicy: Define getrlimit permission for class process [OraBug 28229492]
- Add vhost-scsi to be vhost_device_t type [OraBug 27774921]
- Obsolete docker-engine-selinux [OraBug 26439663]
- Fix container selinux policy [OraBug 26427364]
- Allow ocfs2_dlmfs to be mounted with ocfs2_dlmfs_t type.

Tue Jul 31 2018 Lukas Vrabec <lvrabec@redhat.com> - 3.13.1-192.6

- Allow virtlogd_t domain to chat via dbus with systemd_logind
Resolves: rhbz#1593740

Fri Jun 29 2018 Lukas Vrabec <lvrabec@redhat.com> - 3.13.1-192.5

- Allow virtlogd_t domain to write inhibit systemd pipes.
Resolves: rhbz#1596730

Thu Jun 07 2018 Lukas Vrabec <lvrabec@redhat.com> - 3.13.1-192.4
```
- Allow certmonger to sends emails
Resolves: rhbz#1588363
```

Wed Mar 28 2018 Lukas Vrabec <lvrabec@redhat.com> - 3.13.1-192.3

- Allow snapperd_t domain to unmount fs_t filesystems
Resolves: rhbz#1561424

Mon Mar 26 2018 Lukas Vrabec <lvrabec@redhat.com> - 3.13.1-192.2

- Allow snapperd_t to set priority for kernel processes
Resolves: rhbz#1558656

Wed Mar 21 2018 Lukas Vrabec <lvrabec@redhat.com> - 3.13.1-192.1

- Backport several changes for snapperdfrom Fedora Rawhide
Resolves: rhbz#1558656

Tue Feb 27 2018 Lukas Vrabec <lvrabec@redhat.com> - 3.13.1-192

- Label /usr/libexec/dbus-1/dbus-daemon-launch-helper  as dbusd_exec_t to have systemd dbus services running in the correct domain instead of unconfined_service_t if unconfined.pp module is enabled.
Resolves: rhbz#1546721

Mon Feb 19 2018 Lukas Vrabec <lvrabec@redhat.com> - 3.13.1-191

- Allow openvswitch_t stream connect svirt_t
Resolves: rhbz#1540702