Accepted refpolicy 2:2.20110726-9 (source all)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.8
Date: Sat, 30 Jun 2012 19:19:57 +1000
Source: refpolicy
Binary: selinux-policy-default selinux-policy-mls selinux-policy-src selinux-policy-dev selinux-policy-doc
Architecture: source all
Version: 2:2.20110726-9
Distribution: unstable
Urgency: high
Maintainer: Debian SELinux maintainers <selinux-devel@lists.alioth.debian.org>
Changed-By: Russell Coker <russell@coker.com.au>
Description:
selinux-policy-default - Strict and Targeted variants of the SELinux policy
selinux-policy-dev - Headers from the SELinux reference policy for building modules
selinux-policy-doc - Documentation for the SELinux reference policy
selinux-policy-mls - MLS (Multi Level Security) variant of the SELinux policy
selinux-policy-src - Source of the SELinux reference policy for customization
Closes: 678392 679277
Changes:
refpolicy (2:2.20110726-9) unstable; urgency=high
.
* Enable UBAC as roles aren't useful. I recommend using only roles user_r
and unconfined_r and using UBAC (constraining users from sharing files
between identities) where you would previously have used roles.
* Made cron jobs run in regular user domains such as unconfined_t and user_t
Closes: #679277
* Had the wrong timestamp on the last upload, corrected it for the record.
* Allow ftpd to create sock_file objects under /var/run for proftpd
* Change readahead policy to support memlockd.
* Allow devicekit_power_t, devicekit_disk_t, kerneloops_t, and policykit_t
to send dbus messages to users.
* Grant systemd utilities access to selinuxfs so they can correctly label directories
Closes: #678392
* Assigned type consolekit_var_run_t to /var/run/console(/.*)? because it's
created and managed by consolekit nowadays.
* Created tunable allow_ssh_connect_reserved_ports to allow ssh client to
connect to reserved ports.
* Correctly label all perdition binaries, give perdition_t dac_override, and
allow perdition_t to create it's own pid directories.
* Label /etc/dansguardian as squid_etc_t
* Allow devicekit_power_t to access acpi device and read udev tables and
allow devicekit_disk_t to read udev tables.
* Allow sshd_t to write to fifos inherited from systemd
* High urgency because we really need to have working cron jobs!!!
* Removed the postinst code to upgrade from pre-squeeze packages.
Checksums-Sha1:
5443578c79f62c55398d57b766ab7358652a202f 1702 refpolicy_2.20110726-9.dsc
7eb68a563dd802a79007bbae38d3e8f20b2fd71f 204748 refpolicy_2.20110726-9.debian.tar.gz
b10d48e9235eefbbfe84e625f9fa1044bd7679f9 4296828 selinux-policy-default_2.20110726-9_all.deb
674e6454a2f7cff331df4c02570e12022be6a05e 4337300 selinux-policy-mls_2.20110726-9_all.deb
fd611e0e914fa7d04a4cfd7ab28e3994acc5847f 1058068 selinux-policy-src_2.20110726-9_all.deb
06d6d8cd93bd8447c43effe5625cca9675f6c572 888388 selinux-policy-dev_2.20110726-9_all.deb
c4a68338e95d3947d2fca271a2ff7d4a8d1011a0 518472 selinux-policy-doc_2.20110726-9_all.deb
Checksums-Sha256:
adad55dc0c4c20acc52aa6db1819a23dbbc6c3bb8e67e7e0c02959c9e475b31f 1702 refpolicy_2.20110726-9.dsc
200dc23da2d462038a4955ac87ebf2235e95bcdb03c33c8dba1d4f45b870ad87 204748 refpolicy_2.20110726-9.debian.tar.gz
1f860b526e2fc9a538a743ccf82ddc9ed9106ebbe71571a281a67c8666773353 4296828 selinux-policy-default_2.20110726-9_all.deb
cc471ba95f275ce9f1315846ac7739ed13026022f69ca88eb2ad59fade0f3f3c 4337300 selinux-policy-mls_2.20110726-9_all.deb
6db1ad3d95992885d873f0a483f3268dce502bd0c1e625c4ca4951515ec2db5d 1058068 selinux-policy-src_2.20110726-9_all.deb
2bab22227d16b1b362e160a9b75bdf589b14d5b9553fa325bd6ae93721cb447a 888388 selinux-policy-dev_2.20110726-9_all.deb
eec7463f78f2370278e0e1945c1e5697a7a707ba419c9d63071ccda2f9911971 518472 selinux-policy-doc_2.20110726-9_all.deb
Files:
b7464fa40795bb6182ebde0e697fff5a 1702 admin optional refpolicy_2.20110726-9.dsc
a8035cf66083be25ea232697d6c32c6e 204748 admin optional refpolicy_2.20110726-9.debian.tar.gz
768335906dfbd7c34b25f6484afb8875 4296828 admin optional selinux-policy-default_2.20110726-9_all.deb
d56488b7c93aeccca7920241c94367fb 4337300 admin extra selinux-policy-mls_2.20110726-9_all.deb
1a5675c480bac0e82ce74c9b3a7aa10b 1058068 admin optional selinux-policy-src_2.20110726-9_all.deb
6f197d9bbbeb644505dc88f1d80f53ef 888388 admin optional selinux-policy-dev_2.20110726-9_all.deb
f04820eb2d9fd8086e3ec018f8107a9a 518472 doc optional selinux-policy-doc_2.20110726-9_all.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)
iEYEARECAAYFAk/uzMIACgkQwrB5/PXHUlbu9QCfYCbJz91/XCy5a0IFH4Ju0FHG
1WEAn04znJL+N4RB+dqgsUFSNF0DG+Ts
=5DgB
-----END PGP SIGNATURE-----
Accepted:
refpolicy_2.20110726-9.debian.tar.gz
to main/r/refpolicy/refpolicy_2.20110726-9.debian.tar.gz
refpolicy_2.20110726-9.dsc
to main/r/refpolicy/refpolicy_2.20110726-9.dsc
selinux-policy-default_2.20110726-9_all.deb
to main/r/refpolicy/selinux-policy-default_2.20110726-9_all.deb
selinux-policy-dev_2.20110726-9_all.deb
to main/r/refpolicy/selinux-policy-dev_2.20110726-9_all.deb
selinux-policy-doc_2.20110726-9_all.deb
to main/r/refpolicy/selinux-policy-doc_2.20110726-9_all.deb
selinux-policy-mls_2.20110726-9_all.deb
to main/r/refpolicy/selinux-policy-mls_2.20110726-9_all.deb
selinux-policy-src_2.20110726-9_all.deb
to main/r/refpolicy/selinux-policy-src_2.20110726-9_all.deb
Reply to: