Linux Archive

Linux Archive (
-   Gentoo Hardened (
-   -   SELinux base policy rev 13 in hardened-dev (

Sven Vermeulen 02-20-2012 05:00 PM

SELinux base policy rev 13 in hardened-dev
I've pushed the small bits of changes I still had for the 2.20110726 release
into selinux-base-policy-2.20110726-r13:

#389425 - Update on DHCP daemon rules (bind to udp port)
#401589 - Fix etc_runtime behavior
#402719 - Update dependency for selinux-mozilla on selinux-xserver (make it optional)

I will now focus on getting 2.20120215 in shape (together with the tools
release), stabilize the 2.20110726 ones (around r11 which has now been
around for a bit more than 30 days), work further on initramfs and our docs.

Sven Vermeulen

Sven Vermeulen 06-24-2012 03:50 PM

SELinux base policy rev 13 in hardened-dev
Hi folks,

I've released revision 13 of the base policy, which includes a bump of all
packages related to it, as one of the most-used interfaces has been changed
and apparently it isn't sufficient to reload the modules. That also means I
need to think of a way to properly handle such cases in the future, not that
it is complex, just something that needs to be managed ;-)

Anyway, changes in r13 since r12:

<no bug> Allow wpa_cli to read release files in /etc (find out which
distribution it runs in)
<no bug> Allow udev_tbl_t managers to search through udev_var_run_t
needed for /run/udev
<no bug> Update on python3 support within doc generation
<no bug> Use gnome_xdg_config_t for gnome ~/.config/gtk-* stuff
<no bug> Support wake_alarm and epollwakeup capabilities (backport)
#379879 Support phpfpm_t domain
<no bug> Support search on all web content within apache (interface)

Sven Vermeulen

All times are GMT. The time now is 04:49 PM.

VBulletin, Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO ©2007, Crawlability, Inc.