Re: another SE Linux policy

To: debian-release@lists.debian.org
Subject: Re: another SE Linux policy
From: Russell Coker <russell@coker.com.au>
Date: Tue, 21 Oct 2008 00:51:39 +1100
Message-id: <200810210051.41263.russell@coker.com.au>
Reply-to: russell@coker.com.au
In-reply-to: <200810210050.31493.russell@coker.com.au>
References: <200810210050.31493.russell@coker.com.au>

Sorry, I forgot to ask, please allow this version in Lenny.  Without it 
sometimes some machines won't boot...

On Tuesday 21 October 2008 00:50, Russell Coker <russell@coker.com.au> wrote:
> The spamassassin and Clamav changes are needed for some people who use
> those programs.
>
> But the real requirement here is to have the correct labels for device
> nodes created by initrc_t.  It is needed to allow booting in enforcing mode
> when you have a corrupt /etc/fstab file.
>
>  refpolicy (2:0.0.20080702-13) unstable; urgency=high
>  .
>    * Allow spamd_t to create a Unix domain socket.
>    * Allow clamd_t to read files under /usr (for Perl).
>      Allow it to connect to amavisd_send_port_t.
>      Allow it to talk to itself by unix stream sockets and bind to UDP
> nodes. Closes: #502274
>    * Allow logrotate_t to transition to webalizer_t for web log processing.
>    * Allow initrc_t to create fixed_disk_device_t nodes under var_run_t,
>      for the case where /etc/fstab has an error regarding the root fs.
>    * Use the Lenny paths for xm, xend, xenstored, and xenconsoled.
>      Add some extra permissions that Xen needs.

-- 
russell@coker.com.au
http://etbe.coker.com.au/          My Blog

http://www.coker.com.au/sponsorship.html Sponsoring Free Software development

Reply to:

References:
- another SE Linux policy
  - From: Russell Coker <russell@coker.com.au>

Prev by Date: another SE Linux policy
Next by Date: Re: Allow localization-config to propagate to testing
Previous by thread: another SE Linux policy
Next by thread: Re: another SE Linux policy
Index(es):
- Date
- Thread