[DSE-Dev] refpolicy_2.20210203-3_amd64.changes ACCEPTED into unstable
Debian FTP Masters
ftpmaster at ftp-master.debian.org
Tue Feb 23 10:19:03 GMT 2021
Accepted:
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Format: 1.8
Date: Tue, 23 Feb 2021 16:57:40 +1100
Source: refpolicy
Architecture: source
Version: 2:2.20210203-3
Distribution: unstable
Urgency: medium
Maintainer: Debian SELinux maintainers <selinux-devel at lists.alioth.debian.org>
Changed-By: Russell Coker <russell at coker.com.au>
Changes:
refpolicy (2:2.20210203-3) unstable; urgency=medium
.
* Add policy for blkmapd which is part of nfs service (included in upstream)
* Add interfaces systemd_search_user_runtime()
* Allow systemd_user_runtime_dir_t to unlink dirmngr sock files
* Allow sshd_t to talk to systemd_nspawn_t via Unix sockets
* Allow syslogd_t to search systemd_user_runtime_t dirs
* Allow acpid_t to rw input device files
* Allow restorecond_t to watch all dirs
* Allow mailman_queue_t to search the cron spool dir, also allow it to be
started as a daemon and to write mailman pid files
* Included upstream git patches for latest systemd features, this may
save some pain when Bullseye+1 is released
* Allow systemd-nspawn to mount on and manage more things when
systemd_nspawn_labeled_namespace is on.
* Allow smbcontrol_t to talk to itself via Unix domain sockets
* Add policy for postfwd
* Allow aptcacher_t to read urandom and random devices and to read kernel
sysctls
* Label /usr/lib/x86_64-linux-gnu/libexec/* as bin_t for KDE/sddm login
Allow user to execute and execmod user tmpfs files, for KDE
Allow user to write to user_runtime_t sock files
* Add policy to run the certbot --nginx which runs nginx, doesn't work
in all situations but should cover the common cases.
* Set label for /usr/bin/redis-check-rdb (redis server binary in Debian)
and allow redis to read certs and read vm and net sysctls.
Checksums-Sha1:
1f16bd35c15dcbdf84ba0cca5996b467747f402e 2445 refpolicy_2.20210203-3.dsc
5b6713bfd201755bee2ed9828a25aaafc76094a9 87504 refpolicy_2.20210203-3.debian.tar.xz
1eefe32a4cea4b377f144bbbd297c729c8c80709 8573 refpolicy_2.20210203-3_amd64.buildinfo
Checksums-Sha256:
d184b403c916fafb8e5dbfcb3abf58549f06cc13c2d4ce27230562c3a6a81eeb 2445 refpolicy_2.20210203-3.dsc
9c22102f4edd7740ad0876912d9343577fc41f97132bb4965f95d61945670352 87504 refpolicy_2.20210203-3.debian.tar.xz
2bfa50f38b2d410398dad77ad1e62711b9dea5f053c0b0e2284201c9c24779b0 8573 refpolicy_2.20210203-3_amd64.buildinfo
Files:
bcf826c697d7b6b622547bfc339919c4 2445 admin optional refpolicy_2.20210203-3.dsc
994a15c218c80091e01e10f8d1468997 87504 admin optional refpolicy_2.20210203-3.debian.tar.xz
4f8c38246929963263ad273ca8f9b841 8573 admin optional refpolicy_2.20210203-3_amd64.buildinfo
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCAAdFiEEn31hncwG9XwCqmbH0UHNMPxLj3kFAmA00mgACgkQ0UHNMPxL
j3kzcg/+IwOOjl7WupIXnDFtnckDtxTyrbkZJvLe7l+uNoe2+gYN70EjKqAF+I86
vNvkqDW1LhBnJzwmZxDM0nskAJOgdtwlX6nRU892BfLdROzDS2fs4US7Tqvy/vBe
Av3zdpB7CYhVkELENr89F/A1JF533aCxISqZFUgX2qumNtmvNFY1WHh8QgwrOnK8
/KCUOoeVO1VOwev8p/aE1z8lcxj8eeW4WP5QOa6eLXYMIRHtRFoKE7hy+Y8wZ6Ho
vFqmRzZ01Yth79cqBsogIIF1dQ5f4IMdT4Gorcc7v9IEbrPN+mU3DcdYeLd1NKvH
MsZtRRVbFK9CfG7Gj2xHL7Cpv8eB5UWB6TtNABId3Kl581UB27lsFytNreWqA1gl
Ohw9EfvHaMUFKh/6iu7P7ZPV3cndESAmCjETy4BuArsRLfAGz6jxUu4F2+oar89j
UB8pU2tsMkaJNIZBVaDWo6Y1C19PufNeiLrpbwgVs3uGWoKBFdYoELD1i8G4bBBl
mMBUei7MM7h+3DwGuiGCxFlF3gfjmJhpPlnrVTuWQnynT23B58dfClffBnO7j41R
IIMrpI/W6f5NNymoAkApjVqHauSkKidWvMvCYd0RzvtZYvjySQyYYnrBghpJVkiY
YwsLhXoyNV39lyGwXCa/RDtjkeB0Q9P6QIRAHJdKVqwDfUQ0D7s=
=uMru
-----END PGP SIGNATURE-----
Thank you for your contribution to Debian.
More information about the SELinux-devel
mailing list