SELinux base policy rev 8 in hardened-dev
Revision 8 of the 2.20120215 policies are now in the hardened-dev overlay.
It contains the following changes:
<no bug> Update whitespace in python scripts (support python3)
#411149 Introduce httpd_setrlimit to support setrlimit/sys_resource on apache (for lighttpd)
#411943 Allow unconfined users to start X (or XFCE) from the commandline
Testing is, as always, appreciated. However, the changes are non-intrusive
and I'm going to make a few more intrusive changes now which will need a bit
more testing, so I'm heading out with rev 8 now.
Also, I've moved the repository I use for maintaining the policies from
github to gogo . I didn't use the git magic, just a copy of the sources,
as patching is always done in incremental manners (and not through git
patches)... for now ;-)
I'll have our SELinux development guide also updated to have users base
their patches from this tree instead, that should make development a bit
easier for them.