FAQ Search Today's Posts Mark Forums Read
» Video Reviews

» Linux Archive

Linux-archive is a website aiming to archive linux email lists and to make them easily accessible for linux users/developers.


» Sponsor

» Partners

» Sponsor

Go Back   Linux Archive > Gentoo > Gentoo Hardened

 
 
LinkBack Thread Tools
 
Old 11-12-2011, 08:25 PM
Sven Vermeulen
 
Default SELinux base policy rev 6 in hardened-dev

Hi all,

I have pushed out an update on the SELinux policies in hardened-dev. The
changes include:

- #389579 (Mismatch on amavisd.conf context)
- #389917 (Allow resource management from within inetd -> pam_limits
support)
- #388875 (bootmisc init script test-writes directories in /var/log)
- #389569 (nagios updates, such as raid checking & mounted dir attributes)
- <no bug> (Added selinux-uwimap build as requested on mailinglist)
- <no bug> (gcc-config needs to manage etc_runtime_t files)
- <no bug> (gcc-config needs access to nfs_t if Portage tree is on NFS)
- <upstream> (Updated VDE patch to match upstream style)

I have also cleaned out our previous policies in the main portage tree
(those before 2.20110627) which was quite some work (removal itself doesn't
take that much time, but verifying that one isn't going to break systems is)
but I'm glad that is now done.

Wkr,
Sven Vermeulen
 
Old 03-29-2012, 06:36 PM
Sven Vermeulen
 
Default SELinux base policy rev 6 in hardened-dev

Hiya folks

I just pushed a small update to the SELinux policies to hardened-dev
overlay. This includes the following fixes on top of rev 5:

#405425 Allow syslog-ng to getsched capability (needed for its new threading implementation)
<no bug> Do not audit sys_admin capability for dhcpc (in sysnetwork)
<no bug> Allow sys_admin capability for init scripts (modify sysctl settings)

If there are no vital issues on this the next day or so, I'll start moving
stuff to the main tree (~arch'ed) in the course of this weekend.

Wkr,
Sven Vermeulen
 

Thread Tools




All times are GMT. The time now is 01:30 AM.

VBulletin, Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO ©2007, Crawlability, Inc.
Copyright 2007 - 2008, www.linux-archive.org