refpolicy 0.0.20080702-11 needed for Lenny

To: debian-release@lists.debian.org
Subject: refpolicy 0.0.20080702-11 needed for Lenny
From: Russell Coker <russell@coker.com.au>
Date: Sat, 27 Sep 2008 19:06:02 +1000
Message-id: <[🔎] 200809271906.03260.russell@coker.com.au>
Reply-to: russell@coker.com.au

Below is the changelog.  The most important thing is the cron changes without 
which cron is essentially unusable for users who aren't in the unconfined_t 
domain.

  * Create new interface crond_search_dir() and use it to allow crond_t to
    search clamd_var_lib_t for amavis cron jobs.
  * Allow postfix_cleanup_t to talk to dkim for signing local messages.
  * Allow freshclam_t to read the routing table and talk to http_cache_port_t.
  * Allow clamd_t to search bin_t and read bin_t links.
  * Allow clamd_t to search postfix_spool_t for creation of Unix domain socket
    in the sub-directory, this is ugly and a little bit wrong but makes it
    easier to configure Postfix.
  * Allow semanage_t (for setsebool and semodule) to call statfs().
  * Add Asterisk policy module, and grant setcap access.
  * Copy the Fedora 10 cron changes to reduce the policy size.
    Allow user_t to send sigchld to user_crontab_t and to write to
    user_crontab_tmp_t files.  Necessary for full functionality!


-- 
russell@coker.com.au
http://etbe.coker.com.au/          My Blog

http://www.coker.com.au/sponsorship.html Sponsoring Free Software development

Reply to:

Follow-Ups:
- Re: refpolicy 0.0.20080702-11 needed for Lenny
  - From: Luk Claes <luk@debian.org>

Prev by Date: Please unblock webkit 1.0.1-4
Next by Date: Re: freeze exception for yodl_2.13.1-1 (fixes RC bug) please allow into lenny
Previous by thread: Re: Please unblock pcmanfm
Next by thread: Re: refpolicy 0.0.20080702-11 needed for Lenny
Index(es):
- Date
- Thread