Fedora 8 SELinux Policy Update 3.0.8-58 Critical Access Control

SELinux Reference Policy - modular.

Based off of reference policy: Checked out revision 2393.

* Fri Nov 16 2007 Dan Walsh 3.0.8-58

- Allow nmbd to list inotifyfs_t

- Dontaudit consolekit access to user homedir

- dontaudit nscd getserv and shmemserv

- Allow rsync_t dac overrides

- Allow xfs_t to listen to sockets

* Fri Nov 16 2007 Dan Walsh 3.0.8-57

- Allow lvm to search mnt

- Add booleans for xguest account

xguest_mount_media

xguest_connect_network

xguest_use_bluetooth

* Thu Nov 15 2007 Dan Walsh 3.0.8-56

- Remove /usr/sbin/gdm label

- Label gstreamer codecs in homedir as textrel_shlib_t

* Wed Nov 14 2007 Dan Walsh 3.0.8-55

- Allow spamd to manage razor files

* Mon Nov 12 2007 Dan Walsh 3.0.8-54

- Allow cyrus to authenticate via sasl

- Allow sshd to work in tunnel mode

- Allow sshd to use -R

- Allow ssh to read user homedirs

- Add /var/lib/tftp to tftp.fc

- Add labels for /dev/dmmdi and /dev/admmdi

- Allow postmap to be run by unconfined_t

- Allow dictd to write pid file

- Allow bluetooth to connectto unix_stream_sockets

* Mon Nov 12 2007 Dan Walsh 3.0.8-53

- Allow bugzilla policy to connect to postgresql and mysql on other machines

* Mon Nov 12 2007 Dan Walsh 3.0.8-52

- Allow apache to read unconfined users content

* Sat Nov 10 2007 Dan Walsh 3.0.8-51

- Allow login programs to run mount

- Dontaudit writes to user_home_t for semanage

- Allow sendmail to write to cyrus_stream

- Define /dev/dmmidi1 as a sound_device_t

- Allow saslauthd to use nis_authentication

* Fri Nov 9 2007 Dan Walsh 3.0.8-50

- Allow login programs to delete user temp files

* Thu Nov 8 2007 Dan Walsh 3.0.8-49

- Separate xguest from guest

- Allow confined domains to output to rpm pipes

* Wed Nov 7 2007 Dan Walsh 3.0.8-48

- Add obsoletes selinux-policy-strict

- Run inetd unconfined

- dontaudit loadkeys looking at homedir

* Tue Nov 6 2007 Dan Walsh 3.0.8-47

- Allow all dns_resolves to use avahi stream

- Don't transition from unconfined_t to ping_t

* Tue Nov 6 2007 Dan Walsh 3.0.8-46

- Allow sendmail to interact with winbind

- Allow dovecot to write log files

* Fri Nov 2 2007 Dan Walsh 3.0.8-45

- Allow system_mail_t to domtrans to exim_t

e301b608c32fd3468b1be5cacb7a5779851ab38f selinux-policy-mls-3.0.8-58.fc8.noarch.rpm

0cfd8add130581f1a5871f1b00486b742eba2222 selinux-policy-devel-3.0.8-58.fc8.noarch.rpm

de6c03233d228c2d88498236b4c13746919154a0 selinux-policy-targeted-3.0.8-58.fc8.noarch.rpm

cb5cc93fd932af2175c8a20f6c66a4cd2ec9a5c7 selinux-policy-3.0.8-58.fc8.noarch.rpm

e246ba5e11336b8cfee322fcb08028e6a8a2d776 selinux-policy-3.0.8-58.fc8.src.rpm

This update can be installed with the "yum" update program. Use

su -c 'yum update selinux-policy'

at the command line. For more information, refer to "Managing Software

with yum", available at .

Fedora-package-announce mailing list

Fedora-package-announce@redhat.com

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/