-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Added capabilicy to corecmd_exec_chroot Added pgpkeyserver port definition - - Included squid patch to show use of pgpkeyserver Addition of /dev/kvm Add the ability to relabel from lnk_files labeled device_t Add an interface to manage directories in /dev. This is used by xserver. dev_dontaudit_getattr_all_blk_files Should include blk_files labeled device_t dev_dontaudit_getattr_all_chr_files Should include chr_files labeled device_t Added interface dev_rw_generic_usb_pipes used by xserver Added a hole bunch of dontaudit domain statements to remove tons of bug reports. These interfaces remove avc's genererated by the redirection of stdout/stderr in tools like userhelper, and yum-updatesd or other rpm daemons. Also rhgb resets output on services when they start, you can ifdef Redhat, but I think all distributions could use these or similar rules. Remove mount_domtrans from polyinstatiation macro since auth_login_pgm_domain needs mount_domtrans for pam_mount so needs to be outside of polyinstatiation. Included authlogin_patch. Added fs_manage_dos_dirs to be used by confined users that need to manage a usb stick. Add fs_use_xattr for ext4 add definition for vmblock fix definition of kernel_rw_afs_state Dontaudit proc_type and sysctl_type file getattr Add getattr and dontaudit getattr when using security_t When using telnetd, it creates a server_ptynode that the login sessions need to access, this needs to use added to generic_ptys handling. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.7 (GNU/Linux) Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org iD8DBQFHYUD/rlYvE4MpobMRAuHRAKDBt0mGqWC/Yc/1DxpWYcc/oPEItwCeNVCL au6825mNvZQNRfOj3D7+93o= =5BLE -----END PGP SIGNATURE-----
Attachment:
kernel.patch.gz
Description: GNU Zip compressed data
Attachment:
kernel.patch.gz.sig
Description: Binary data
