packages/selinux-policy
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
99 Commits 1 Branch 0 Tags
Commit Graph

99 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
lujie54
21f06ca0b3 backport upstream patches 2022-09-15 09:20:10 +08:00
lujie54
738fcaf614 update upstream patches 2022-09-14 15:35:03 +08:00
lujie54
45421a28ba update upstream patches 2022-09-13 19:52:03 +08:00
lujie54
3c7c076926 backport upstream patches 2022-09-05 10:17:25 +08:00
openeuler-ci-bot
50a98d956e
!159 Allow chage domtrans to sssd 
From: @wxdl 
Reviewed-by: @HuaxinLuGitee 
Signed-off-by: @HuaxinLuGitee
 2022-08-19 02:57:34 +00:00
wxdl
ef438f32fe Allow chage domtrans to sssd 2022-08-19 09:55:39 +08:00
openeuler-ci-bot
634a717a51
!156 Allow domain transition to sssd_t and role access to sssd 
From: @lujie42 
Reviewed-by: @zhujianwei001 
Signed-off-by: @zhujianwei001
 2022-06-30 12:49:52 +00:00
lujie54
4fcb05937d Allow domain transition to sssd_t and role access to sssd 2022-06-27 21:35:58 +08:00
openeuler-ci-bot
a3631e7ab5
!151 allow httpd to create files in /etc/httpd 
From: @HuaxinLuGitee 
Reviewed-by: @zhujianwei001 
Signed-off-by: @zhujianwei001
 2022-06-25 09:26:31 +00:00
luhuaxin
14c13b3f9c allow httpd to create files in /etc/httpd 2022-06-25 15:21:34 +08:00
openeuler-ci-bot
1fb1efdfd1
!148 add open permission to files_read_inherited_tmp_file 
From: @HuaxinLuGitee 
Reviewed-by: @zhujianwei001 
Signed-off-by: @zhujianwei001
 2022-04-28 11:03:58 +00:00
luhuaxin
4fb7ff7fee add open permission to files_read_inherited_tmp_file 2022-04-28 17:20:43 +08:00
openeuler-ci-bot
e91cac707e
!145 fix context of /usr/bin/rpmdb 
From: @lujie42 
Reviewed-by: @zhujianwei001 
Signed-off-by: @zhujianwei001
 2022-03-01 02:16:52 +00:00
lujie42
5d8b207b89 fix context of /usr/bin/rpmdb 2022-02-28 14:12:17 +08:00
openeuler-ci-bot
101f6817a0
!143 selinux-requires macro shouldn't depend on policycoreutils-python 
From: @lujie42 
Reviewed-by: @zhujianwei001 
Signed-off-by: @zhujianwei001
 2022-02-21 12:52:14 +00:00
lujie42
c098ffa16a selinux-requires macro shouldn't depend on policycoreutils-python 2022-02-21 10:26:43 +08:00
openeuler-ci-bot
c8d151dfa0
!141 update selinux-policy-3.14.2 to selinux-policy-35.5-1 
From: @lujie42 
Reviewed-by: @zhujianwei001 
Signed-off-by: @zhujianwei001
 2022-02-21 01:46:21 +00:00
lujie42
6ebc7b5b53 update selinux-policy-3.14.2 to selinux-policy-35.5-1 2022-01-11 20:10:16 +08:00
openeuler-ci-bot
22388671cb !134 Fix CVE-2020-24612 
From: @lujie42
Reviewed-by: @zhujianwei001
Signed-off-by: @zhujianwei001
 2021-11-16 04:10:11 +00:00
lujie42
df3c36d34c Fix CVE-2020-24612 2021-10-08 11:35:33 +08:00
openeuler-ci-bot
b0507f843a !131 set httpd_can_network_connect bool true 
From: @lujie42
Reviewed-by: @zhujianwei001
Signed-off-by: @zhujianwei001
 2021-09-30 07:20:42 +00:00
lujie42
be315378df set httpd_can_network_connect bool true 2021-09-22 09:47:17 +08:00
openeuler-ci-bot
a44af5a0ee !127 Add allow rasdaemon cap_sys_admin 
From: @lujie42
Reviewed-by: @zhujianwei001
Signed-off-by: @zhujianwei001
 2021-09-07 01:43:46 +00:00
lujie42
ed7a2bd008 Merge branch 'master' of https://gitee.com/lujie42/selinux-policy 2021-09-03 20:55:13 +08:00
lujie42
77e27bb287 Add allow rasdaemon cap_sys_admin 2021-09-03 20:45:51 +08:00
openeuler-ci-bot
f3b4286d02 !126 Allow systemd hostnamed read udev runtime data 
From: @lujie42
Reviewed-by: @zhujianwei001
Signed-off-by: @zhujianwei001
 2021-08-31 12:21:18 +00:00
lujie42
2530406b8f Allow systemd hostnamed read udev runtime data 2021-08-31 16:06:49 +08:00
openeuler-ci-bot
40252f9d44 !124 add avc for systemd selinux page 
From: @extinctfire
Reviewed-by: @zhujianwei001
Signed-off-by: @zhujianwei001
 2021-08-28 06:10:43 +00:00
ExtinctFire
ad1f8e0d0d add avc for systemd selinux page 
Signed-off-by: ExtinctFire <shenyining_00@126.com>
 2021-08-28 11:26:03 +08:00
openeuler-ci-bot
f4a58218c6 !121 Add qemu_exec_t for stratovirt. 
From: @yangming73
Reviewed-by: @zhujianwei001
Signed-off-by: @zhujianwei001
 2021-08-20 07:04:51 +00:00
Ming Yang
a7e58912d2 Add qemu_exec_t for stratovirt. 
Signed-off-by: Ming Yang <yangming73@huawei.com>
 2021-08-20 14:17:15 +08:00
openeuler-ci-bot
ee95a508ef !119 add weak dep of selinux-policy-targeted 
From: @lujie42
Reviewed-by: @zhujianwei001
Signed-off-by: @zhujianwei001
 2021-07-31 11:38:01 +00:00
lujie42
afff97ac55 Add weak dep of selinux-policy-targeted 2021-07-22 20:06:32 +08:00
openeuler-ci-bot
106ec7cd52 !113 [backport] iptables.fc: Add missing legacy-restore and legacy-save entries 
From: @HuaxinLuGitee
Reviewed-by: @zhujianwei001
Signed-off-by: @zhujianwei001
 2021-06-21 12:50:40 +00:00
luhuaxin
c1e30c15e9 [backport] iptables.fc: Add missing legacy-restore and legacy-save entries 2021-06-17 21:40:29 +08:00
openeuler-ci-bot
f2160847b6 !112 fix context of ebtables 
From: @HuaxinLuGitee
Reviewed-by: @zhujianwei001
Signed-off-by: @zhujianwei001
 2021-06-15 11:45:38 +00:00
卢华歆
83e1d46407 fix context of ebtables 2021-06-09 10:50:22 +08:00
luhuaxin
95b77d5438 fix context of ebtables 2021-06-09 10:24:39 +08:00
openeuler-ci-bot
bbb7898a99 !102 backport upstream patch 
From: @HuaxinLuGitee
Reviewed-by: @zhujianwei001
Signed-off-by: @zhujianwei001
 2021-06-01 10:11:42 +08:00
luhuaxin
67a202caa4 backport some upstream patches 2021-05-31 18:58:06 +08:00
openeuler-ci-bot
a80a853d59 !100 allow kdump_t net_admin capability 
From: @HuaxinLuGitee
Reviewed-by: @zhujianwei001
Signed-off-by: @zhujianwei001
 2021-05-29 16:33:38 +08:00
luhuaxin
376ce47dad allow kdump_t net_admin capability 2021-05-29 15:01:20 +08:00
openeuler-ci-bot
e5328d37b4 !95 allow rpcbind to bind all udp ports 
From: @HuaxinLuGitee
Reviewed-by: @zhujianwei001
Signed-off-by: @zhujianwei001
 2021-05-27 22:10:38 +08:00
luhuaxin
f6c6e703eb allow rpcbind to bind all port 2021-05-27 20:46:18 +08:00
openeuler-ci-bot
77c0703f33 !80 sync modification on other branches 
From: @HuaxinLuGitee
Reviewed-by: @zhujianwei001
Signed-off-by: @zhujianwei001
 2021-03-05 11:35:29 +08:00
HuaxinLuGitee
64b450cf99 sync modification on other branches 2021-03-05 10:52:38 +08:00
openeuler-ci-bot
0c24e3de8b !72 revert sync pr 
From: @HuaxinLuGitee
Reviewed-by: @zhujianwei001
Signed-off-by: @zhujianwei001
 2021-03-04 21:27:47 +08:00
HuaxinLuGitee
ee48de4148 Revert "!63 [sync] PR-61: add patch for allowing systemd services to check selinux status" 
This reverts commit 6a2a24f73728bc6f9f84ee86a9b9e55f990ab159, reversing
changes made to e32b39f7dceeba4920507a916d6f6856d274c076.
 2021-03-04 20:51:15 +08:00
openeuler-ci-bot
6a2a24f737 !63 [sync] PR-61: add patch for allowing systemd services to check selinux status 
From: @openeuler-sync-bot
Reviewed-by: @zhujianwei001
Signed-off-by: @zhujianwei001
 2021-03-04 19:58:02 +08:00
HuaxinLuGitee
c94c44a3e1 add patch 
(cherry picked from commit 2d0372bd1827949321901de7d997f5c88ee9cd9d)
 2021-03-02 18:17:54 +08:00