SEARCH
NEW RPMS
DIRECTORIES
ABOUT
FAQ
VARIOUS
BLOG

 
 
Changelog for selinux-policy-minimum-2.4.6-255.SEL5_4.noarch.rpm :

* Fri Sep 18 2009 Anatoly Metetes - Rebuild for StartCom Linux 5.0.x
* Tue Jul 28 2009 Dan Walsh 2.4.6-255- Allow samba as domain controller to change passwordsResolves: #475562
* Wed Jul 22 2009 Dan Walsh 2.4.6-254- Add ipsec_match_default_spd back into userdomain- Allow sysadm_t to execute setkey and racoon executables- Dontaudit write of logwatch to etc_t- Allow samba as domain controller to change passwordsResolves: #475562
* Tue Jul 21 2009 Dan Walsh 2.4.6-253- Allow windbind to create directroies in samba_var_tResolves: #509174
* Wed Jul 08 2009 Dan Walsh 2.4.6-252- Change mmap_low boolean to effect unconfined_t- Allow ipsec_t to read its init scriptResolves: #511359
* Wed Jul 08 2009 Dan Walsh 2.4.6-251- Remove transition from initrc_t to qemu_t Resolves: #504805
* Tue Jul 07 2009 Dan Walsh 2.4.6-250- Need to transition from initrc_t to qemu_t Resolves: #504805
* Sat Jun 20 2009 Dan Walsh 2.4.6-249- Fix sbin==binResolves: #504805
* Sat Jun 20 2009 Dan Walsh 2.4.6-248- Allow cyrus to bind to port 3905Resolves: #504805
* Tue Jun 16 2009 Dan Walsh 2.4.6-247- Additional privs for privoxy, kpropd found in other dists- iscsi wants to look at the process state of all domainsResolves: #506057
* Sat Jun 13 2009 Dan Walsh 2.4.6-246- Allow semanage_t to transition to initrc_t in order to restart mcstransResolves: #460970- Additional rules for ipsecResolves: #443646
* Fri Jun 12 2009 Dan Walsh 2.4.6-245- Allow qemu to use full networkingResolves: #504238
* Wed Jun 10 2009 Dan Walsh 2.4.6-244- Allow qemu to append virt_log_tResolves: #504238
* Tue Jun 09 2009 Dan Walsh 2.4.6-243- Add policy for /dev/ksmResolves: #504238
* Fri Jun 05 2009 Dan Walsh 2.4.6-242- Allow all domains to search bin_t and sbin_t- Allow qemu to write to /var/run/svirt/qemuResolves: #499701
* Fri Jun 05 2009 Dan Walsh 2.4.6-241- Allow xm_ssh_t to search /rootResolves: #499888
* Fri Jun 05 2009 Dan Walsh 2.4.6-240- Don\'t execute semanage command in post installResolves: #499701
* Thu Jun 04 2009 Dan Walsh 2.4.6-239- Allow rsync_t to read nfs and samba sharesResolves: #499701
* Tue Jun 02 2009 Dan Walsh 2.4.6-238- Turn on qemu for OvirtResolves: #499701
* Fri May 22 2009 Dan Walsh 2.4.6-237- Fix iptables labelingResolves: #499888
* Fri May 15 2009 Dan Walsh 2.4.6-236- Allow xm to execute sshResolves: #499888
* Wed May 13 2009 Dan Walsh 2.4.6-234- Dontaudit sendmail leaked file descriptorResolves: #486187
* Tue May 12 2009 Dan Walsh 2.4.6-233- Add rsync_client for Fedora Infrastructure- Allow spamd to exec itself when it gets a hup signalResolves: #499701
* Sat May 09 2009 Dan Walsh 2.4.6-232- Allow spamd to exec itself when it gets a hup signal- Add Minimum policy for Ovirt to RHEL5Resolves: #499701
* Wed May 06 2009 Dan Walsh 2.4.6-231- Add postgrey policy- Allow xm_t in xen to list sysfsResolves: #499249
* Sat May 02 2009 Dan Walsh 2.4.6-230- Allow amanda to signal fsadm- Add context for /var/cache/cgit- Dontaudit apache leaked tcp_sockets- Fixes for cvs service-allow initrc_t and inetd_t siginh over their children- add privoxy_connect_any boolean- Allow smbd_t to signal nmbd_tResolves: #498596
* Sat Apr 25 2009 Dan Walsh 2.4.6-229- Fix sepolgen error regression- Fix milter implementaion - Additional rules required for update to automountResolves: #497273
* Fri Apr 24 2009 Dan Walsh 2.4.6-228- Additional rules required for update to automountResolves: #497273
* Thu Apr 23 2009 Dan Walsh 2.4.6-227- Allow nfs to share removable devices- Allow ipsec additional privs for FIPS complianceResolves: #497168
* Wed Apr 22 2009 Dan Walsh 2.4.6-226- Fix dnsmasq labeling for libvirt Resolves: #496867
* Fri Apr 17 2009 Dan Walsh 2.4.6-225- add context for rpc.quoatad- Allow spamassassin to append to user_home_t for log files Resolves: #481387Resolves: #486187
* Fri Apr 10 2009 Dan Walsh 2.4.6-224Allow ioctl to cron fifo pipesResolves: #481628
* Thu Apr 09 2009 Dan Walsh 2.4.6-222- Allow spamc to append to user_home_tResolves: #486187- Allow dbus to send message back to all servicesResolves: #481628
* Sat Apr 04 2009 Dan Walsh 2.4.6-221- Allow procmail to domtrans to spamassassinResolves: #486187
* Sat Apr 04 2009 Dan Walsh 2.4.6-220- Allow procmail to domtrans to spamassassinResolves: #492567
* Fri Mar 27 2009 Dan Walsh 2.4.6-219- Add labeling for /var/named/chroot/procResolves: #492567
* Fri Mar 13 2009 Dan Walsh 2.4.6-218- dnsmasq needs to read proc- Allow nscd to reexec itselfResolves: #429726
* Tue Mar 10 2009 Dan Walsh 2.4.6-217- Allow saslauthd access to kerberos host rcache- Allow dbus to read all domains statesResolves: #489899
* Thu Feb 26 2009 Dan Walsh 2.4.6-216- Dontaudit leaked descriptor to apache- Fixes for strict policyResolves: #486354
* Mon Feb 23 2009 Dan Walsh 2.4.6-215- Label all matlab libraries as textrel_shlib_tResolves: #486965
* Mon Feb 23 2009 Dan Walsh 2.4.6-214- Allow init_t to transition to rpm_script_tResolves: #480163
* Fri Feb 20 2009 Dan Walsh 2.4.6-213- Allow postfix_virtual_t to use private steam sock_file- Fix java shared library in IBM packageResolves: #486608
* Fri Feb 13 2009 Dan Walsh 2.4.6-212- More fixes for strict policy Resolves: #485111
* Wed Feb 11 2009 Dan Walsh 2.4.6-211- Allow samba to edit apache files in home dirResolves: #485111- Allow procmail to transition to spamassassin domainsResolves: #485107
* Wed Feb 11 2009 Dan Walsh 2.4.6-210- Fix labeling on sysstat packageResolves: #485078
* Mon Feb 09 2009 Dan Walsh 2.4.6-209- Fix duplicate /var/turboprint Resolves: #477123
* Fri Feb 06 2009 Dan Walsh 2.4.6-208- Allow samba to manage ALL files in home dir if boolean set- Fix typos in man pagesResolves: #477123
* Wed Jan 28 2009 Dan Walsh 2.4.6-207- Remove lusterfs fs_use_xattr lineResolves: #481628
* Mon Jan 26 2009 Dan Walsh 2.4.6-205- Allow dbus to send message back to all servicesResolves: #481628
* Fri Dec 19 2008 Dan Walsh 2.4.6-204- Allow ipsec_mgmt to exec sbin_t files (/sbin/lsmod)Resolves: #469943
* Wed Dec 17 2008 Dan Walsh 2.4.6-203- Allow samba to rw/shadowResolves: #474854
* Mon Dec 15 2008 Dan Walsh 2.4.6-202- Additional winbind and samba_net issues caused by coolkeyResolves: #474854
* Wed Dec 10 2008 Dan Walsh 2.4.6-200- Allow ldap to connect to sasl- avc denials during samba active directory joinResolves: #474852- samba - winbind - periodic avc denialsResolves: #474854- \"Syntax error on line 1 \' [type=SQUOTE]\" upgrading selinux-policy-develResolves: #474868- missing policyResolves: #475273
* Fri Dec 05 2008 Dan Walsh 2.4.6-199- Allow apps that check password to write to faillog audisp_remote needs to bind to audit portsResolves: #474481- Allow xm to stream connect to virtResolves: #472903
* Tue Dec 02 2008 Dan Walsh 2.4.6-197- Dontaudit search of /root for init daemons- Fixes for ricci- Allow xm to manage virt_image_tResolves: #472903
* Mon Dec 01 2008 Dan Walsh 2.4.6-195- Fixes for networkmanager- Allow xm to manage virt_image_tResolves: #472903
* Tue Nov 25 2008 Dan Walsh 2.4.6-194- Fix ipsec management label- Allow xm to manage virt_image_tResolves: #472903
* Thu Nov 20 2008 Dan Walsh 2.4.6-193- Fixes for networkmanager- Eliminte import polgenResolves: #440151
* Thu Nov 20 2008 Dan Walsh 2.4.6-192- Allow named to use kerberos keytabsResolves: #440151
* Wed Nov 19 2008 Dan Walsh 2.4.6-191- Fixes for Fedora Infrastructure- Stop transition to unconfined_t from init_tResolves: #440151
* Mon Nov 17 2008 Dan Walsh 2.4.6-189- Fixes for Fedora InfrastructureResolves: #440151
* Fri Nov 14 2008 Dan Walsh 2.4.6-188- Fixes for Fedora Infrastructure- Make pegasus an unconfined_domain - Add pki policyResolves: #440151
* Mon Nov 10 2008 Dan Walsh 2.4.6-185- Fixes for Fedora Infrastructure- Allow cups to signal hplip_tResolves: #470621
* Mon Nov 10 2008 Dan Walsh 2.4.6-183- Allow cups to signal hplip_tResolves: #470621- Allow dnsmasq to use libvirt files
* Thu Nov 06 2008 Dan Walsh 2.4.6-182- Change apache httpd_use_nfs to mean managing nfs shares- From Fedora InfrastructureResolves: #469943
* Thu Nov 06 2008 Dan Walsh 2.4.6-181- Change apache httpd_use_nfs to mean managing nfs shares- From Fedora InfrastructureResolves: #469943
* Wed Nov 05 2008 Dan Walsh 2.4.6-180- Fix label on /usr/sbin/ipsecResolves: #469943
* Mon Nov 03 2008 Dan Walsh 2.4.6-179- Allow restorecon to read locale_tResolves: #469402- Allow hal/pm-utils to look at /var/run/video.rom
* Sat Oct 25 2008 Dan Walsh 2.4.6-178- Allow dnsmasq reading of pid filesResolves: #442028
* Sat Oct 25 2008 Dan Walsh 2.4.6-177- More fixes for NetworkManagerResolves: #442028
* Wed Oct 22 2008 Dan Walsh 2.4.6-173- Allow samba to read crack_dbResolves: #467905
* Wed Oct 22 2008 Dan Walsh 2.4.6-171- Allow ssh_keygen_t to read fips_enabledResolves: #467720
* Tue Oct 21 2008 Dan Walsh 2.4.6-170- Allow confined domains to read fips_enabledResolves: #467720
* Tue Oct 21 2008 Dan Walsh 2.4.6-168- Add zosremote policy- Allow confined domains to read fips_enabledResolves: #467720
* Thu Oct 16 2008 Dan Walsh 2.4.6-167- Fix relabel to not output so many avcsResolves: #467229
* Thu Oct 16 2008 Dan Walsh 2.4.6-166- Allow snmp to getschedResolves: #466470
* Thu Oct 09 2008 Dan Walsh 2.4.6-165- New policy to allow fsdaemon to create correctly labeled devicesResolves: #456471
* Thu Oct 09 2008 Dan Walsh 2.4.6-164- Fix labeling on dhclient-lease files- Allow portmap_helper to bind to rpc portsResolves: #451805
* Fri Oct 03 2008 Dan Walsh 2.4.6-162- Allow domains to read etc_runtime for access to modified denyhosts- Allow dhcpc_t to list dbusd_etc_t directoryResolves: #459888
* Wed Sep 24 2008 Dan Walsh 2.4.6-161- More fixes for NetworkManagerResolves: #442028
* Wed Sep 24 2008 Dan Walsh 2.4.6-160- Upgrade dbus policy to match new packageResolves: #463267
* Wed Sep 17 2008 Dan Walsh 2.4.6-158- Proper labeling on wsgiResolves: #461323
* Fri Sep 12 2008 Dan Walsh 2.4.6-157- Allow postdrop rw sendmail unix_stream sockets- Additional snmp Resolves: #461323
* Fri Sep 12 2008 Dan Walsh 2.4.6-156- Add racoon/ipsec policyResolves: #247510
* Fri Sep 12 2008 Dan Walsh 2.4.6-155- Complete backport of logging/audit policy- Allow pegasus to look at kernel xen informationResolves: #461624
* Sat Sep 06 2008 Dan Walsh 2.4.6-154- Allow portmak to read kernel state - Allow ricci to figure out if cluster services are runningResolve: #461769
* Fri Sep 05 2008 Dan Walsh 2.4.6-153- Make stunnel work with psieved and other python scriptsResolve: #460733
* Thu Sep 04 2008 Dan Walsh 2.4.6-152- Allow freeradius to connect to snmp portResolve: #461040
* Wed Sep 03 2008 Dan Walsh 2.4.6-151- allow mailman_t signull- Fix location of sepolgen-ifgenResolves: #460398
* Sat Aug 30 2008 Dan Walsh 2.4.6-150- Allow iscsi net_rawResolves: #460398
* Wed Aug 27 2008 Dan Walsh 2.4.6-149- Fix file context to install on strict/mls policy- Allow hal to modify input deviceResolves: #442623
* Fri Aug 08 2008 Dan Walsh 2.4.6-145- Policy does not allow ifpolgen-if to work properlyResolves: #444133
* Fri Aug 08 2008 Dan Walsh 2.4.6-144- add mmap_low booleanResolves: #444133
* Wed Jul 30 2008 Dan Walsh 2.4.6-143- Allow smbd_t to chown filesResolves: #456674
* Thu Jul 17 2008 Dan Walsh 2.4.6-142- add mmap_low boolean- Upgrade to latest networkmanager policy- Add kpropd policy- update nscd policy- Update ntp policy- Update openvpn policy- Fix ppp_read_read interface- fix portmapper to allow it to connect to all <1024 ports- Fix ricci_modstorage to be able to start clvmdResolves: #442028Resolves: #447014Resolves: #455784
* Tue Jun 17 2008 Dan Walsh 2.4.6-141- Allow squid to listen to port 3401Resolves: #452787Resolves: #450390
* Tue Jun 17 2008 Dan Walsh 2.4.6-139- Add infiniband supportResolves: #447854
* Tue May 06 2008 Dan Walsh 2.4.6-138- Allow pam_console to setattr on cpu_device_tResolves: #447403- selinux-policy support for virtio block devicesResolves: #446229
* Wed Apr 30 2008 Dan Walsh 2.4.6-137.1- Allow named to bind to any udp portResolves: #451970
* Wed Apr 30 2008 Dan Walsh 2.4.6-137- Allow mdadm to read /dev/.udev directoryResolves: #248467
* Tue Apr 29 2008 Dan Walsh 2.4.6-136- Allow mdadm to read /dev/.udev directory- Allow Radiusd to access mysqlResolves: #248467
* Tue Apr 22 2008 Dan Walsh 2.4.6-135- Fixes for radiousd access in SELinuxResolves: #248467
* Sun Apr 20 2008 Dan Walsh 2.4.6-134- Allow kerberos daemons to create log files- Resolves: 442981- Fix label on /usr/libexec/hal_lpadminResolves: #442951
* Fri Apr 18 2008 Dan Walsh 2.4.6-133- Allow netutils to read kernel and net sysctlsResolves: #439018
* Tue Apr 15 2008 Dan Walsh 2.4.6-131- Allow rpc apps to manage coolkey directoryResolves: #440685
* Fri Apr 11 2008 Dan Walsh 2.4.6-130- Fix regression Resolves: #440260
* Thu Apr 10 2008 Dan Walsh 2.4.6-129- Fix regression Resolves: #440260
* Mon Apr 07 2008 Dan Walsh 2.4.6-128- Allow dhcpc to read dbus configResolves: #440260
* Sat Apr 05 2008 Dan Walsh 2.4.6-127- Allow deliver to manage homedir content, and Resolves: #414891
* Tue Mar 11 2008 Dan Walsh 2.4.6-126- Allow lvm to create fifo_file- Fix building of policy modules with MakefileResolves: #438234
* Wed Feb 27 2008 Dan Walsh 2.4.6-125- Dontaudit leaked httpd file descriptorResolves: #430702
* Tue Feb 26 2008 Dan Walsh 2.4.6-124- Fix deletion of dovecot files in strict/mls policy Resolves 434843- Allow hal to setsched on kernelResolves: #435197
* Fri Feb 22 2008 Dan Walsh 2.4.6-123- Fix labeling of exim log filesResolves: #429843
* Tue Feb 19 2008 Dan Walsh 2.4.6-122- Allow vpnc to bind to ipsecnat portResolves: #433363
* Thu Feb 07 2008 Dan Walsh 2.4.6-121- Fix transition rules on creation of nfs files in homedir.Resolves: #430577
* Wed Feb 06 2008 Dan Walsh 2.4.6-120- Fix transition rules on creation of nfs files in homedir.Resolves: #430577
* Mon Feb 04 2008 Dan Walsh 2.4.6-119- Revert previous version of policygentool- Remove snmpd_etc_tResolves: #247461
* Thu Jan 31 2008 Dan Walsh 2.4.6-118- Allow xdm_xserver_t to domain_mmap_lowResolves: #431023
* Tue Jan 29 2008 Dan Walsh 2.4.6-117- Allow mailman to signal itselfResolves: #430639- Allow iscsid to setrlimit Resolves: #430669- Additional fix to allow setroubleshoot to talk to dbusResolves: #224351
* Mon Jan 21 2008 Dan Walsh 2.4.6-116- Allow sysstat to read sysfsResolves: #429554
* Thu Jan 17 2008 Dan Walsh 2.4.6-115- Update selinux-policy to handle setroubleshootResolves: #224351
* Tue Jan 15 2008 Dan Walsh 2.4.6-114- Allow restorecond to read homedir sym links- Allow mailservers/postfix to use nfs file systemsResolves: #245605
* Thu Jan 10 2008 Dan Walsh 2.4.6-112- Turn off domain fd for MLSResolves: #427517
* Thu Jan 10 2008 Dan Walsh 2.4.6-111- Fix passing of fds, test regressionResolves: #427517
* Tue Jan 08 2008 Dan Walsh 2.4.6-110- Add access for oddjobResolves: #427517
* Tue Dec 18 2007 Dan Walsh 2.4.6-108- Allow kudzu to domtrans to unconfined_t- Allow audit to send mail- Allow mailman and postfix to interactResolves: #425806:
* Tue Dec 11 2007 Dan Walsh 2.4.6-107- Remove badly labeled pegasus directory- Allow postfix to work with NFS homedirs- Allow iptables to connect to ldap- Allow apache scripts to run nice- Allow ntpd to use /dev/ptmx for setting the time- Allow automount to read /dev/random- Allow samba to use kerberos- Allow squid to access to port 2048- Allow amanda to talk to ldap- Allow yppasswd to run pwupdate- Allow automount to mount squashfs- Add new nscd permissions- Resolves: #245605Resolves: #248838Resolves: #251841Resolves: #253999Resolves: #316011Resolves: #326631Resolves: #350511Resolves: #366461Resolves: #390771Resolves: #247814Resolves: #238347Resolves: #351051Resolves: #254199Resolves: #288771Resolves: #294671Resolves: #317281Resolves: #340311Resolves: #340321Resolves: #386481Resolves: #327121Resolves: #416541Resolves: #416561Resolves: #414891Resolves: 383231Resolves: 254197Resolves: 266341Resolves: 248835Resolves: 326721Resolves: 319791Resolves: 359701Resolves: 374431Resolves: 403241Resolves: 251712Resolves: 283971Resolves: 284361Resolves: 300391Resolves: 339651Resolves: 383191Resolves: 279261
* Wed Oct 24 2007 Dan Walsh 2.4.6-106.EL5_1.3- Allow NetworkManager and rpm_t to dbus chat- Rebuilding for errata toolResolves: 345991
* Wed Oct 03 2007 Dan Walsh 2.4.6-106.1- dontaudit consoletype talking to hotplug- allow hotplug to signal ifconfigResolves: 328211Resolves: 328251
* Wed Oct 03 2007 Dan Walsh 2.4.6-106- Remove additional avc\'s caused by pm-toolsResolves: #282421
* Wed Oct 03 2007 Dan Walsh 2.4.6-104- Fix salsa context to create alsa.sound correctlyResolves: #315341
* Tue Oct 02 2007 Dan Walsh 2.4.6-102- Allow multipathd to connect to itselfResolves: #245268
* Fri Sep 28 2007 Dan Walsh 2.4.6-101- Dontaudit postfix_smtpd_t getattr on /home- Fix ftpResolves: #245268
* Wed Sep 26 2007 Dan Walsh 2.4.6-99- Introduced a minor bug when fixing replay cache, blowing up strict policyResolves: #284831
* Tue Sep 25 2007 Dan Walsh 2.4.6-97- Fixup clmvd to allow creation of fixed devices- Fixes telnet/rlogin using replay cacheResolves: #284831
* Fri Sep 14 2007 Dan Walsh 2.4.6-93- Allow hal to write to pm-tools directoriesResolves: #282421
* Thu Sep 13 2007 Dan Walsh 2.4.6-92- Many fixes for Kerberos Replay Cache.Resolves: #282421
* Wed Sep 12 2007 Dan Walsh 2.4.6-91- Many fixes for Kerberos Replay Cache.- Allow xfs to listen on port 7100Resolves: #282421
* Sat Sep 08 2007 Dan Walsh 2.4.6-90- Additional perms for xenResolves: #249895
* Thu Sep 06 2007 Dan Walsh 2.4.6-89- Allow postfix to read master proc info- Allow unix_update to talk to nsswitch- Allow dmidecode to search sysfs_tResolves: #263141
* Wed Sep 05 2007 Dan Walsh 2.4.6-88- Fix relabel of /var/run dir- Allow snmp to read any directory- Allow cimserver to create pegasus_data directoriesResolves: #213809- Change to context on /var/run/libvirtResolves: #249069
* Wed Aug 22 2007 Dan Walsh 2.4.6-86- More fixes for snmpResolves: #246431
* Wed Aug 22 2007 Dan Walsh 2.4.6-85- Fix duplicate /etc/asound.state- Allow auditctl to getattr on all filesResolves: #249754
* Tue Aug 21 2007 Dan Walsh 2.4.6-84- Allow dovecot read of /tmp files for kerberos- Fix apache policy for virtual hosting- Allow Xen to run on nfsResolves: #253744
* Fri Aug 17 2007 Steve Grubb 2.4.6-83- Add set_loginuid permission to ftpd_tResolves:#220085
* Wed Aug 08 2007 Dan Walsh 2.4.6-82- Fix java specifications for IBM- Fix xen startup problemsResolves:#249895
* Sat Jul 28 2007 Dan Walsh 2.4.6-81- Allow auditctl dac_override and dac_read_searchResolves:#249754
* Thu Jul 12 2007 Dan Walsh 2.4.6-80- New devices- Allow fsadm to use xen images and log files
* Sun Jul 08 2007 Dan Walsh 2.4.6-79- Allow hal to write to pm-suspendResolves:#245926
* Mon Jul 02 2007 Dan Walsh 2.4.6-78- Added fixes for gfs init scriptResolves:#246194
* Tue Jun 12 2007 Dan Walsh 2.4.6-77- More fixes add mmap_zero for new kernelResolves:#244690
* Tue Jun 12 2007 Dan Walsh 2.4.6-76- Allow xenconsole to manage xen log files- add mmap_zero for new kernel- Fixes for RHEL5Resolves:#244690
* Tue Jun 12 2007 Dan Walsh 2.4.6-75- Allow lvm to connecto unix_stream_socketResolves: #241621
* Wed May 30 2007 Dan Walsh 2.4.6-74- Fix location of ypxfr on 64 bit platforms- Fixes for nagios, postfix, procmail, saslauthd, arpwatch, avahi, dovecotResolves: #241621
* Wed May 23 2007 Dan Walsh 2.4.6-72- Allow prelink sys_resource, Add transition rule to allow apps to run java in different context
* Wed May 16 2007 Dan Walsh 2.4.6-71- Allow netlable to read etc and work with init terminals- Change file context to have all of policy at SystemLowResolves: #239079
* Wed May 16 2007 Dan Walsh 2.4.6-70- Back out Useradd changeResolves: #239079
* Tue May 08 2007 Dan Walsh 2.4.6-69- Useradd causes files to lower sensitivityResolves: #239079
* Fri May 04 2007 Dan Walsh 2.4.6-68- Cleanup handling of audit messagesResolves: #238189
* Wed Apr 25 2007 Dan Walsh 2.4.6-67- Allow logging into the console on s390Resolves: #237703- Additional avc\'s caused by change in unix_updateResolves: #236316
* Wed Apr 25 2007 Dan Walsh 2.4.6-64- Fix crond avc when trying to read shadowResolves: #236316
* Wed Apr 25 2007 Dan Walsh 2.4.6-63- Handle password experationResolves: #236316
* Sat Apr 21 2007 Dan Walsh 2.4.6-62- Revert patch to stop secadm and sysadm from having audit_controlResolves: #236855
* Fri Apr 20 2007 Dan Walsh 2.4.6-61 - Fix admin_domain_template to allow custom user typesResolves: #237133-Allow lvm to create/delete generic device_t direcories/files under /dev Resolves: #237128
* Thu Apr 19 2007 Dan Walsh 2.4.6-60- Fixes for AIDE at SystemHigh- Stop secadm and sysadm from having audit_controlResolves: #236855
* Tue Apr 17 2007 Dan Walsh 2.4.6-59- Allow racoon to send audit messagesResolves: #232508
* Tue Apr 17 2007 Dan Walsh 2.4.6-58- Fix aide specification Resolves: #234885
* Sat Apr 14 2007 Dan Walsh 2.4.6-57- Allow ssh to read passwd crack databaseResolves: #236316
* Thu Apr 12 2007 Dan Walsh 2.4.6-56- Allow lvm mls_file_read_up to look at Fixed disksResolves: #236060
* Wed Apr 11 2007 Dan Walsh 2.4.6-55- kudzu Needs to ptrace initResolves: #225443
* Wed Apr 11 2007 Dan Walsh 2.4.6-54- syslog needs to be run as SystemHigh- Fix file context mappingResolves: #235725
* Fri Apr 06 2007 Dan Walsh 2.4.6-52- Allow netutils to read sysfsResolves: #235357- Allow samba to work as a PDCResolves: #235360- Allow ypserv to bind to ports 600-1024Resolves: #235363- Fix kudzu to be able to telinitResolves: #225443
* Wed Apr 04 2007 Dan Walsh 2.4.6-51- Allow nscd setcap privs
* Tue Apr 03 2007 Dan Walsh 2.4.6-50- More work to allow kudzu to setup init correctly so getty will workResolves: #225443- Allow pegasus to execute ifconfigResolves: #227485- Allow Aide to look at lnk_files and other fixesResolves: #234885- querying cups jobs with sysadm_r needs override mls restrictionsResolves: #234889
* Wed Mar 28 2007 Dan Walsh 2.4.6-49- Change init_daemon_domain(netlabel_mgmt_t,netlabel_mgmt_exec_t)- to init_system_domain(netlabel_mgmt_t,netlabel_mgmt_exec_t)Resolves: #233313
* Tue Mar 20 2007 Dan Walsh 2.4.6-47- Allow sysadm_r to transition to netlabel_mgmtResolves: #233313- Allow kudzu to setup init correctly so getty will workResolves: #225443
* Tue Mar 20 2007 Dan Walsh 2.4.6-46- Allow cyrus_t to user kerberos- Allow cyrus_t to send mail- Allow saslauthd_t to user kerberos
* Fri Mar 09 2007 Dan Walsh 2.4.6-45- Allow setkey to search racoon_conf- Allow ccs to create tmp filesResolves: #231021
* Fri Mar 09 2007 Dan Walsh 2.4.6-44- Fix use of hi_reserved_port_t
* Tue Mar 06 2007 Dan Walsh 2.4.6-43- Add amtu policy for MLSResolves: #231021-Additional paths for cups
* Thu Mar 01 2007 Dan Walsh 2.4.6-42- Dontaudit restorecon writing to cron pipes- Fix filespec for /dev/ub
*- Allow ftp and telnet to use kerberos key files- Allow syslog to use alternate ports- Allow radious to look at the routing table- Allow pyzor to getattr on autofs
* Thu Feb 22 2007 Dan Walsh 2.4.6-41- Allow samba to run as domain controller - execute useradd
* Fri Feb 16 2007 Dan Walsh 2.4.6-40- Fix bugzilla file context.
* Thu Feb 15 2007 Dan Walsh 2.4.6-39- Add bugzilla policy- Allow procmail to create tmp files so spamassisin will work- Some fixes for pyzor
* Wed Feb 14 2007 Dan Walsh 2.4.6-38- Removing dangling inlcud symlink if devel not installedResolves: #220085
* Mon Feb 12 2007 Dan Walsh 2.4.6-37- Allow kudzu to signal init to restartResolves: #225443
* Mon Feb 05 2007 Dan Walsh 2.4.6-36- Allow xen to work properly on ia64, needs to be able to read dosfs_tResolves: #217362- Allow mozilla, evolution and thunderbird to read dev_random.Resolves: FC6-227002- Allow spamd to connect to smtp portResolves: FC6-227184- Fixes to make ypxfr workResolves: FC6-227237- Allow audit fsetsid capabilityResolves: FC6-227423- Allow syslog (syslog-ng) to tcp_connect to other syslog serversResolves: FC6-218978
* Fri Jan 26 2007 Dan Walsh 2.4.6-35- Fixes to make setrans work properly on MLSResolves: #224441
* Fri Jan 26 2007 Dan Walsh 2.4.6-34- Fixes to make setrans work properly on MLSResolves: #224441
* Fri Jan 26 2007 Dan Walsh 2.4.6-33- Additional fixes for ricci_modstorage, lvm- Fixes for mls policy net labelResolves: #224441
* Wed Jan 24 2007 Dan Walsh 2.4.6-31- Fix clvmd policy- Fix squid cgi script to run with correct context.- Maintain proper context on /etc/lvm/.cache file- Lots of fixes for ricci and friends- mount.nfs needs sys_resource- Change gstreamer context for only i386- Fix libXcomp file_contextResolves: #224441
* Tue Jan 23 2007 Dan Walsh 2.4.6-30- Fixes for ricci_modserviceResolves: #217519
* Mon Jan 22 2007 Dan Walsh 2.4.6-29- remove swapfile avc- Fix rpcsvcgssdResolves: #217519
* Wed Jan 17 2007 Dan Walsh 2.4.6-28- Allow logwatch to use ypbind- Allow system_crond_t to create cron_var_run_t files (prelink files)- dontaudit postfix-smtp reading /boot, fix file context on lmtpResolves: #215722
* Mon Jan 15 2007 Dan Walsh 2.4.6-27- Fix senmail avc trying to read /root- More fixes for ssh transitions to userspaceResolves: #221608Resolves: #222548
* Fri Jan 12 2007 Dan Walsh 2.4.6-26- automounter needs setuid- prelink needs to be able to rw_dir_perms on usr_t- pcscd_t needs to be able to search sysfs_t- Lots of fixes to run sshd under xinetdResolves: #219999
* Wed Jan 10 2007 Dan Walsh 2.4.6-25- Allow pcscd to use dac_search_override capabilityResolves: #222064
* Mon Jan 08 2007 Dan Walsh 2.4.6-24- Allow prelink when run from rpm to create tmp filesResolves: #221865- Remove file_context for exportfsResolves: #221181- Allow spamassassin to create ~/.spamassissinResolves: #203290- Allow netlabel packets to flow.Resolves: #210426
* Fri Jan 05 2007 Dan Walsh 2.4.6-23- Allow ssh access to the krb tickets- Allow sshd to change passwd- Stop newrole -l from working on non securettyResolves: #200110
* Wed Jan 03 2007 Dan Walsh 2.4.6-22- Fixes to run prelink in MLS machineResolves: #221233
* Tue Jan 02 2007 Dan Walsh 2.4.6-21- Allow spamassassin to read var_lib_t dirResolves: #219234
* Fri Dec 29 2006 Dan Walsh 2.4.6-20- fix mplayer to work under strict policy- Allow iptables to use nscdResolves: #220794
* Thu Dec 28 2006 Dan Walsh 2.4.6-19- Add gconf policy and make it work with strict
* Sat Dec 23 2006 Dan Walsh 2.4.6-18- Many fixes for strict policy and by extension mls.
* Fri Dec 22 2006 Dan Walsh 2.4.6-17- Fix to allow ftp to bind to ports > 1024Resolves: #219349
* Tue Dec 19 2006 Dan Walsh 2.4.6-16- Allow semanage to exec it self. Label genhomedircon as semanage_exec_tResolves: #219421- Allow sysadm_lpr_t to manage other print spool jobsResolves: #220080
* Mon Dec 18 2006 Dan Walsh 2.4.6-15- allow automount to setgidResolves: #219999
* Thu Dec 14 2006 Dan Walsh 2.4.6-14- Allow cron to polyinstatiate - Fix creation of boot flagsResolves: #207433
* Thu Dec 14 2006 Dan Walsh 2.4.6-13- Fixes for irqbalanceResolves: #219606
* Thu Dec 14 2006 Dan Walsh 2.4.6-12- Fix vixie-cron to work on mlsResolves: #207433
* Wed Dec 13 2006 Dan Walsh 2.4.6-11Resolves: #218978
* Tue Dec 12 2006 Dan Walsh 2.4.6-10- Allow initrc to create files in /var directoriesResolves: #219227
* Fri Dec 08 2006 Dan Walsh 2.4.6-9- More fixes for MLSResolves: #181566
* Wed Dec 06 2006 Dan Walsh 2.4.6-8- More Fixes polyinstatiationResolves: #216184
* Wed Dec 06 2006 Dan Walsh 2.4.6-7- More Fixes polyinstatiation- Fix handling of keyringsResolves: #216184
* Mon Dec 04 2006 Dan Walsh 2.4.6-6- Fix polyinstatiation- Fix pcscd handling of terminalResolves: #218149Resolves: #218350
* Fri Dec 01 2006 Dan Walsh 2.4.6-5- More fixes for quotaResolves: #212957
* Fri Dec 01 2006 Dan Walsh 2.4.6-4- ncsd needs to use avahi socketsResolves: #217640Resolves: #218014
* Tue Nov 28 2006 Dan Walsh 2.4.6-3- Allow login programs to polyinstatiate homedirsResolves: #216184- Allow quotacheck to create database filesResolves: #212957
* Tue Nov 28 2006 Dan Walsh 2.4.6-1- Dontaudit appending hal_var_lib files Resolves: #217452Resolves: #217571Resolves: #217611Resolves: #217640Resolves: #217725
* Tue Nov 21 2006 Dan Walsh 2.4.5-4- Fix context for helix players file_context #216942
* Mon Nov 20 2006 Dan Walsh 2.4.5-3- Fix load_policy to be able to mls_write_down so it can talk to the terminal
* Mon Nov 20 2006 Dan Walsh 2.4.5-2- Fixes for hwclock, clamav, ftp
* Wed Nov 15 2006 Dan Walsh 2.4.5-1- Move to upstream version which accepted my patches
* Wed Nov 15 2006 Dan Walsh 2.4.4-2- Fixes for nvidia driver
* Tue Nov 14 2006 Dan Walsh 2.4.4-2- Allow semanage to signal mcstrans
* Tue Nov 14 2006 Dan Walsh 2.4.4-1- Update to upstream
* Mon Nov 13 2006 Dan Walsh 2.4.3-13- Allow modstorage to edit /etc/fstab file
* Mon Nov 13 2006 Dan Walsh 2.4.3-12- Fix for qemu, /dev/
* Mon Nov 13 2006 Dan Walsh 2.4.3-11- Fix path to realplayer.bin
* Fri Nov 10 2006 Dan Walsh 2.4.3-10- Allow xen to connect to xen port
* Fri Nov 10 2006 Dan Walsh 2.4.3-9- Allow cups to search samba_etc_t directory- Allow xend_t to list auto_mountpoints
* Thu Nov 09 2006 Dan Walsh 2.4.3-8- Allow xen to search automount
* Thu Nov 09 2006 Dan Walsh 2.4.3-7- Fix spec of jre files
* Wed Nov 08 2006 Dan Walsh 2.4.3-6- Fix unconfined access to shadow file
* Wed Nov 08 2006 Dan Walsh 2.4.3-5- Allow xend to create files in xen_image_t directories
* Wed Nov 08 2006 Dan Walsh 2.4.3-4- Fixes for /var/lib/hal
* Tue Nov 07 2006 Dan Walsh 2.4.3-3- Remove ability for sysadm_t to look at audit.log
* Tue Nov 07 2006 Dan Walsh 2.4.3-2- Fix rpc_port_types- Add aide policy for mls
* Mon Nov 06 2006 Dan Walsh 2.4.3-1- Merge with upstream
* Fri Nov 03 2006 Dan Walsh 2.4.2-8- Lots of fixes for ricci
* Fri Nov 03 2006 Dan Walsh 2.4.2-7- Allow xen to read/write fixed devices with a boolean- Allow apache to search /var/log
* Thu Nov 02 2006 James Antill 2.4.2-6- Fix policygentool specfile problem.- Allow apache to send signals to it\'s logging helpers.- Resolves: rhbz#212731
* Wed Nov 01 2006 Dan Walsh 2.4.2-5- Add perms for swat
* Tue Oct 31 2006 Dan Walsh 2.4.2-4- Add perms for swat
* Mon Oct 30 2006 Dan Walsh 2.4.2-3- Allow daemons to dump core files to /
* Sat Oct 28 2006 Dan Walsh 2.4.2-2- Fixes for ricci
* Sat Oct 28 2006 Dan Walsh 2.4.2-1- Allow mount.nfs to work
* Sat Oct 28 2006 Dan Walsh 2.4.1-5- Allow ricci-modstorage to look at lvm_etc_t
* Tue Oct 24 2006 Dan Walsh 2.4.1-4- Fixes for ricci using saslauthd
* Tue Oct 24 2006 Dan Walsh 2.4.1-3- Allow mountpoint on home_dir_t and home_t
* Tue Oct 24 2006 Dan Walsh 2.4.1-2- Update xen to read nfs files
* Tue Oct 24 2006 Dan Walsh 2.4-4- Allow noxattrfs to associate with other noxattrfs
* Tue Oct 24 2006 Dan Walsh 2.4-3- Allow hal to use power_device_t
* Sat Oct 21 2006 Dan Walsh 2.4-2- Allow procemail to look at autofs_t- Allow xen_image_t to work as a fixed device
* Fri Oct 20 2006 Dan Walsh 2.4-1- Refupdate from upstream
* Fri Oct 20 2006 Dan Walsh 2.3.19-4- Add lots of fixes for mls cups
* Thu Oct 19 2006 Dan Walsh 2.3.19-3- Lots of fixes for ricci
* Tue Oct 17 2006 Dan Walsh 2.3.19-2- Fix number of cats
* Tue Oct 17 2006 Dan Walsh 2.3.19-1- Update to upstream
* Fri Oct 13 2006 James Antill 2.3.18-10- More iSCSI changes for #209854
* Wed Oct 11 2006 James Antill 2.3.18-9- Test ISCSI fixes for #209854
* Mon Oct 09 2006 Dan Walsh 2.3.18-8- allow semodule to rmdir selinux_config_t dir
* Sat Oct 07 2006 Dan Walsh 2.3.18-7- Fix boot_runtime_t problem on ppc. Should not be creating these files.
* Fri Oct 06 2006 Dan Walsh 2.3.18-6- Fix context mounts on reboot- Fix ccs creation of directory in /var/log
* Fri Oct 06 2006 Dan Walsh 2.3.18-5- Update for tallylog
* Fri Oct 06 2006 Dan Walsh 2.3.18-4- Allow xend to rewrite dhcp conf files- Allow mgetty sys_admin capability
* Thu Oct 05 2006 Dan Walsh 2.3.18-3- Make xentapctrl work
* Wed Oct 04 2006 Dan Walsh 2.3.18-2- Don\'t transition unconfined_t to bootloader_t- Fix label in /dev/xen/blktap
* Wed Oct 04 2006 Dan Walsh 2.3.18-1- Patch for labeled networking
* Tue Oct 03 2006 Dan Walsh 2.3.17-2- Fix crond handling for mls
* Fri Sep 29 2006 Dan Walsh 2.3.17-1- Update to upstream
* Fri Sep 29 2006 Dan Walsh 2.3.16-9- Remove bluetooth-helper transition- Add selinux_validate for semanage- Require new version of libsemanage
* Fri Sep 29 2006 Dan Walsh 2.3.16-8- Fix prelink
* Fri Sep 29 2006 Dan Walsh 2.3.16-7- Fix rhgb
* Thu Sep 28 2006 Dan Walsh 2.3.16-6- Fix setrans handling on MLS and useradd
* Thu Sep 28 2006 Dan Walsh 2.3.16-5- Support for fuse- fix vigr
* Thu Sep 28 2006 Dan Walsh 2.3.16-4- Fix dovecot, amanda- Fix mls
* Tue Sep 26 2006 Dan Walsh 2.3.16-2- Allow java execheap for itanium
* Tue Sep 26 2006 Dan Walsh 2.3.16-1- Update with upstream
* Tue Sep 26 2006 Dan Walsh 2.3.15-2- mls fixes
* Sat Sep 23 2006 Dan Walsh 2.3.15-1- Update from upstream
* Sat Sep 23 2006 Dan Walsh 2.3.14-8- More fixes for mls- Revert change on automount transition to mount
* Thu Sep 21 2006 Dan Walsh 2.3.14-7- Fix cron jobs to run under the correct context
* Wed Sep 20 2006 Dan Walsh 2.3.14-6- Fixes to make pppd work
* Tue Sep 19 2006 Dan Walsh 2.3.14-4- Multiple policy fixes- Change max categories to 1023
* Sun Sep 17 2006 Dan Walsh 2.3.14-3- Fix transition on mcstransd
* Sat Sep 16 2006 Dan Walsh 2.3.14-2- Add /dev/em8300 defs
* Sat Sep 16 2006 Dan Walsh 2.3.14-1- Upgrade to upstream
* Fri Sep 15 2006 Dan Walsh 2.3.13-6- Fix ppp connections from network manager
* Thu Sep 14 2006 Dan Walsh 2.3.13-5- Add tty access to all domains boolean- Fix gnome-pty-helper context for ia64
* Tue Sep 12 2006 Dan Walsh 2.3.13-4- Fixed typealias of firstboot_rw_t
* Fri Sep 08 2006 Dan Walsh 2.3.13-3- Fix location of xel log files- Fix handling of sysadm_r -> rpm_exec_t
* Fri Sep 08 2006 Dan Walsh 2.3.13-2- Fixes for autofs, lp
* Thu Sep 07 2006 Dan Walsh 2.3.13-1- Update from upstream
* Wed Sep 06 2006 Dan Walsh 2.3.12-2- Fixup for test6
* Wed Sep 06 2006 Dan Walsh 2.3.12-1- Update to upstream
* Sat Sep 02 2006 Dan Walsh 2.3.11-1- Update to upstream
* Sat Sep 02 2006 Dan Walsh 2.3.10-7- Fix suspend to disk problems
* Fri Sep 01 2006 Dan Walsh 2.3.10-6- Lots of fixes for restarting daemons at the console.
* Thu Aug 31 2006 Dan Walsh 2.3.10-3- Fix audit line- Fix requires line
* Wed Aug 30 2006 Dan Walsh 2.3.10-1- Upgrade to upstream
* Tue Aug 29 2006 Dan Walsh 2.3.9-6- Fix install problems
* Sat Aug 26 2006 Dan Walsh 2.3.9-5- Allow setroubleshoot to getattr on all dirs to gather RPM data
* Fri Aug 25 2006 Dan Walsh 2.3.9-4- Set /usr/lib/ia32el/ia32x_loader to unconfined_execmem_exec_t for ia32 platform- Fix spec for /dev/adsp
* Fri Aug 25 2006 Dan Walsh 2.3.9-3- Fix xen tty devices
* Fri Aug 25 2006 Dan Walsh 2.3.9-2- Fixes for setroubleshoot
* Thu Aug 24 2006 Dan Walsh 2.3.9-1- Update to upstream
* Mon Aug 21 2006 Dan Walsh 2.3.8-2- Fixes for stunnel and postgresql- Update from upstream
* Fri Aug 11 2006 Dan Walsh 2.3.7-1- Update from upstream- More java fixes
* Fri Aug 11 2006 Dan Walsh 2.3.6-4- Change allow_execstack to default to on, for RHEL5 Beta. This is required because of a Java compiler problem. Hope to turn off for next beta
* Fri Aug 11 2006 Dan Walsh 2.3.6-3- Misc fixes
* Thu Aug 10 2006 Dan Walsh 2.3.6-2- More fixes for strict policy
* Wed Aug 09 2006 Dan Walsh 2.3.6-1- Quiet down anaconda audit messages
* Tue Aug 08 2006 Dan Walsh 2.3.5-1- Fix setroubleshootd
* Fri Aug 04 2006 Dan Walsh 2.3.4-1- Update to the latest from upstream
* Fri Aug 04 2006 Dan Walsh 2.3.3-20- More fixes for xen
* Fri Aug 04 2006 Dan Walsh 2.3.3-19- Fix anaconda transitions
* Thu Aug 03 2006 Dan Walsh 2.3.3-18- yet more xen rules
* Wed Aug 02 2006 Dan Walsh 2.3.3-17- more xen rules
* Tue Aug 01 2006 Dan Walsh 2.3.3-16- Fixes for Samba
* Sun Jul 30 2006 Dan Walsh 2.3.3-15- Fixes for xen
* Sat Jul 29 2006 Dan Walsh 2.3.3-14- Allow setroubleshootd to send mail
* Thu Jul 27 2006 Dan Walsh 2.3.3-13- Add nagios policy
* Thu Jul 27 2006 Dan Walsh 2.3.3-12- fixes for setroubleshoot
* Thu Jul 27 2006 Dan Walsh 2.3.3-11- Added Paul Howarth patch to only load policy packages shipped with this package- Allow pidof from initrc to ptrace higher level domains- Allow firstboot to communicate with hal via dbus
* Tue Jul 25 2006 Dan Walsh 2.3.3-10- Add policy for /var/run/ldapi
* Sun Jul 23 2006 Dan Walsh 2.3.3-9- Fix setroubleshoot policy
* Sat Jul 22 2006 Dan Walsh 2.3.3-8- Fixes for mls use of ssh- named has a new conf file
* Sat Jul 22 2006 Dan Walsh 2.3.3-7- Fixes to make setroubleshoot work
* Thu Jul 20 2006 Dan Walsh 2.3.3-6- Cups needs to be able to read domain state off of printer client
* Thu Jul 20 2006 Dan Walsh 2.3.3-5- add boolean to allow zebra to write config files
* Wed Jul 19 2006 Dan Walsh 2.3.3-4- setroubleshootd fixes
* Tue Jul 18 2006 Dan Walsh 2.3.3-3- Allow prelink to read bin_t symlink- allow xfs to read random devices- Change gfs to support xattr
* Tue Jul 18 2006 Dan Walsh 2.3.3-2- Remove spamassassin_can_network boolean
* Sat Jul 15 2006 Dan Walsh 2.3.3-1- Update to upstream- Fix lpr domain for mls
* Sat Jul 15 2006 Dan Walsh 2.3.2-4- Add setroubleshoot policy
* Sat Jul 08 2006 Dan Walsh 2.3.2-3- Turn off auditallow on setting booleans
* Sat Jul 08 2006 Dan Walsh 2.3.2-2- Multiple fixes
* Sat Jul 08 2006 Dan Walsh 2.3.2-1- Update to upstream
* Fri Jun 23 2006 Dan Walsh 2.3.1-1- Update to upstream- Add new class for kernel key ring
* Thu Jun 22 2006 Dan Walsh 2.2.49-1- Update to upstream
* Wed Jun 21 2006 Dan Walsh 2.2.48-1- Update to upstream
* Wed Jun 21 2006 Dan Walsh 2.2.47-5- Break out selinux-devel package
* Sat Jun 17 2006 Dan Walsh 2.2.47-4- Add ibmasmfs
* Fri Jun 16 2006 Dan Walsh 2.2.47-3- Fix policygentool gen_requires
* Wed Jun 14 2006 Dan Walsh 2.2.47-1- Update from Upstream
* Wed Jun 14 2006 Dan Walsh 2.2.46-2- Fix spec of realplay
* Wed Jun 14 2006 Dan Walsh 2.2.46-1- Update to upstream
* Tue Jun 13 2006 Dan Walsh 2.2.45-3- Fix semanage
* Tue Jun 13 2006 Dan Walsh 2.2.45-2- Allow useradd to create_home_dir in MLS environment
* Fri Jun 09 2006 Dan Walsh 2.2.45-1- Update from upstream
* Wed Jun 07 2006 Dan Walsh 2.2.44-1- Update from upstream
* Wed Jun 07 2006 Dan Walsh 2.2.43-4- Add oprofilefs
* Mon May 29 2006 Dan Walsh 2.2.43-3- Fix for hplip and Picasus
* Sun May 28 2006 Dan Walsh 2.2.43-2- Update to upstream
* Sat May 27 2006 Dan Walsh 2.2.43-1- Update to upstream
* Sat May 27 2006 Dan Walsh 2.2.42-4- fixes for spamd
* Thu May 25 2006 Dan Walsh 2.2.42-3- fixes for java, openldap and webalizer
* Tue May 23 2006 Dan Walsh 2.2.42-2- Xen fixes
* Fri May 19 2006 Dan Walsh 2.2.42-1- Upgrade to upstream
* Fri May 19 2006 Dan Walsh 2.2.41-1- allow hal to read boot_t files- Upgrade to upstream
* Thu May 18 2006 Dan Walsh 2.2.40-2- allow hal to read boot_t files
* Wed May 17 2006 Dan Walsh 2.2.40-1- Update from upstream
* Tue May 16 2006 Dan Walsh 2.2.39-2- Fixes for amavis
* Tue May 16 2006 Dan Walsh 2.2.39-1- Update from upstream
* Sat May 13 2006 Dan Walsh 2.2.38-6- Allow auditctl to search all directories
* Fri May 12 2006 Dan Walsh 2.2.38-5- Add acquire service for mono.
* Fri May 12 2006 Dan Walsh 2.2.38-4- Turn off allow_execmem boolean- Allow ftp dac_override when allowed to access users homedirs
* Thu May 11 2006 Dan Walsh 2.2.38-3- Clean up spec file- Transition from unconfined_t to prelink_t
* Tue May 09 2006 Dan Walsh 2.2.38-2- Allow execution of cvs command
* Sat May 06 2006 Dan Walsh 2.2.38-1- Update to upstream
* Thu May 04 2006 Dan Walsh 2.2.37-1- Update to upstream
* Tue May 02 2006 Dan Walsh 2.2.36-2- Fix libjvm spec
* Wed Apr 26 2006 Dan Walsh 2.2.36-1- Update to upstream
* Wed Apr 26 2006 James Antill 2.2.35-2- Add xm policy- Fix policygentool
* Tue Apr 25 2006 Dan Walsh 2.2.35-1- Update to upstream- Fix postun to only disable selinux on full removal of the packages
* Sat Apr 22 2006 Dan Walsh 2.2.34-3- Allow mono to chat with unconfined
* Fri Apr 21 2006 Dan Walsh 2.2.34-2- Allow procmail to sendmail- Allow nfs to share dosfs
* Fri Apr 21 2006 Dan Walsh 2.2.34-1- Update to latest from upstream- Allow selinux-policy to be removed and kernel not to crash
* Wed Apr 19 2006 Dan Walsh 2.2.33-1- Update to latest from upstream- Add James Antill patch for xen- Many fixes for pegasus
* Sun Apr 16 2006 Dan Walsh 2.2.32-2- Add unconfined_mount_t- Allow privoxy to connect to httpd_cache- fix cups labeleing on /var/cache/cups
* Sat Apr 15 2006 Dan Walsh 2.2.32-1- Update to latest from upstream
* Sat Apr 15 2006 Dan Walsh 2.2.31-1- Update to latest from upstream- Allow mono and unconfined to talk to initrc_t dbus objects
* Wed Apr 12 2006 Dan Walsh 2.2.30-2- Change libraries.fc to stop shlib_t form overriding texrel_shlib_t
* Wed Apr 12 2006 Dan Walsh 2.2.30-1- Fix samba creating dirs in homedir- Fix NFS so its booleans would work
* Tue Apr 11 2006 Dan Walsh 2.2.29-6- Allow secadm_t ability to relabel all files- Allow ftp to search xferlog_t directories- Allow mysql to communicate with ldap- Allow rsync to bind to rsync_port_t
* Tue Apr 11 2006 Russell Coker 2.2.29-5- Fixed mailman with Postfix #183928- Allowed semanage to create file_context files.- Allowed amanda_t to access inetd_t TCP sockets and allowed amanda_recover_t to bind to reserved ports. #149030- Don\'t allow devpts_t to be associated with tmp_t.- Allow hald_t to stat all mountpoints.- Added boolean samba_share_nfs to allow smbd_t full access to NFS mounts. - Make mount run in mount_t domain from unconfined_t to prevent mislabeling of /etc/mtab.- Changed the file_contexts to not have a regex before the first ^/[a-z]/ whenever possible, makes restorecon slightly faster.- Correct the label of /etc/named.caching-nameserver.conf- Now label /usr/src/kernels/.+/lib(/.
*)? as usr_t instead of /usr/src(/.
*)?/lib(/.
*)? - I don\'t think we need anything else under /usr/src hit by this.- Granted xen access to /boot, allowed mounting on xend_var_lib_t, and allowed xenstored_t rw access to the xen device node.
* Wed Apr 05 2006 Dan Walsh 2.2.29-4- More textrel_shlib_t file path fixes- Add ada support
* Tue Apr 04 2006 Dan Walsh 2.2.29-3- Get auditctl working in MLS policy
* Tue Apr 04 2006 Dan Walsh 2.2.29-2- Add mono dbus support- Lots of file_context fixes for textrel_shlib_t in FC5- Turn off execmem auditallow since they are filling log files
* Fri Mar 31 2006 Dan Walsh 2.2.29-1- Update to upstream
* Fri Mar 31 2006 Dan Walsh 2.2.28-3- Allow automount and dbus to read cert files
* Fri Mar 31 2006 Dan Walsh 2.2.28-2- Fix ftp policy- Fix secadm running of auditctl
* Tue Mar 28 2006 Dan Walsh 2.2.28-1- Update to upstream
* Wed Mar 22 2006 Dan Walsh 2.2.27-1- Update to upstream
* Wed Mar 22 2006 Dan Walsh 2.2.25-3- Fix policyhelp
* Wed Mar 22 2006 Dan Walsh 2.2.25-2- Fix pam_console handling of usb_device- dontaudit logwatch reading /mnt dir
* Fri Mar 17 2006 Dan Walsh 2.2.24-1- Update to upstream
* Wed Mar 15 2006 Dan Walsh 2.2.23-19- Get transition rules to create policy.20 at SystemHigh
* Tue Mar 14 2006 Dan Walsh 2.2.23-18- Allow secadmin to shutdown system- Allow sendmail to exec newalias
* Tue Mar 14 2006 Dan Walsh 2.2.23-17- MLS Fixes dmidecode needs mls_file_read_up- add ypxfr_t- run init needs access to nscd- udev needs setuid- another xen log file- Dontaudit mount getattr proc_kcore_t
* Tue Mar 14 2006 Karsten Hopp 2.2.23-16- fix buildroot usage (#185391)
* Thu Mar 09 2006 Dan Walsh 2.2.23-15- Get rid of mount/fsdisk scan of /dev messages- Additional fixes for suspend/resume
* Thu Mar 09 2006 Dan Walsh 2.2.23-14- Fake make to rebuild enableaudit.pp
* Thu Mar 09 2006 Dan Walsh 2.2.23-13- Get xen networking running.
* Thu Mar 09 2006 Dan Walsh 2.2.23-12- Fixes for Xen- enableaudit should not be the same as base.pp- Allow ps to work for all process
* Thu Mar 09 2006 Jeremy Katz - 2.2.23-11- more xen policy fixups
* Wed Mar 08 2006 Jeremy Katz - 2.2.23-10- more xen fixage (#184393)
* Wed Mar 08 2006 Dan Walsh 2.2.23-9- Fix blkid specification- Allow postfix to execute mailman_que
* Wed Mar 08 2006 Dan Walsh 2.2.23-8- Blkid changes- Allow udev access to usb_device_t- Fix post script to create targeted policy config file
* Wed Mar 08 2006 Dan Walsh 2.2.23-7- Allow lvm tools to create drevice dir
* Tue Mar 07 2006 Dan Walsh 2.2.23-5- Add Xen support
* Mon Mar 06 2006 Dan Walsh 2.2.23-4- Fixes for cups- Make cryptosetup work with hal
* Sun Mar 05 2006 Dan Walsh 2.2.23-3- Load Policy needs translock
* Sat Mar 04 2006 Dan Walsh 2.2.23-2- Fix cups html interface
* Sat Mar 04 2006 Dan Walsh 2.2.23-1- Add hal changes suggested by Jeremy- add policyhelp to point at policy html pages
* Mon Feb 27 2006 Dan Walsh 2.2.22-2- Additional fixes for nvidia and cups
* Mon Feb 27 2006 Dan Walsh 2.2.22-1- Update to upstream- Merged my latest fixes- Fix cups policy to handle unix domain sockets
* Sat Feb 25 2006 Dan Walsh 2.2.21-9- NSCD socket is in nscd_var_run_t needs to be able to search dir
* Fri Feb 24 2006 Dan Walsh 2.2.21-8- Fixes Apache interface file
* Fri Feb 24 2006 Dan Walsh 2.2.21-7- Fixes for new version of cups
* Fri Feb 24 2006 Dan Walsh 2.2.21-6- Turn off polyinstatiate util after FC5
* Fri Feb 24 2006 Dan Walsh 2.2.21-5- Fix problem with privoxy talking to Tor
* Wed Feb 22 2006 Dan Walsh 2.2.21-4- Turn on polyinstatiation
* Wed Feb 22 2006 Dan Walsh 2.2.21-3- Don\'t transition from unconfined_t to fsadm_t
* Wed Feb 22 2006 Dan Walsh 2.2.21-2- Fix policy update model.
* Wed Feb 22 2006 Dan Walsh 2.2.21-1- Update to upstream
* Wed Feb 22 2006 Dan Walsh 2.2.20-1- Fix load_policy to work on MLS- Fix cron_rw_system_pipes for postfix_postdrop_t- Allow audotmount to run showmount
* Tue Feb 21 2006 Dan Walsh 2.2.19-2- Fix swapon- allow httpd_sys_script_t to be entered via a shell- Allow httpd_sys_script_t to read eventpolfs
* Tue Feb 21 2006 Dan Walsh 2.2.19-1- Update from upstream
* Tue Feb 21 2006 Dan Walsh 2.2.18-2- allow cron to read apache files
* Tue Feb 21 2006 Dan Walsh 2.2.18-1- Fix vpnc policy to work from NetworkManager
* Mon Feb 20 2006 Dan Walsh 2.2.17-2- Update to upstream- Fix semoudle polcy
* Thu Feb 16 2006 Dan Walsh 2.2.16-1- Update to upstream - fix sysconfig/selinux link
* Wed Feb 15 2006 Dan Walsh 2.2.15-4- Add router port for zebra- Add imaze port for spamd- Fixes for amanda and java
* Tue Feb 14 2006 Dan Walsh 2.2.15-3- Fix bluetooth handling of usb devices- Fix spamd reading of ~/- fix nvidia spec
* Tue Feb 14 2006 Dan Walsh 2.2.15-1- Update to upsteam
* Mon Feb 13 2006 Dan Walsh 2.2.14-2- Add users_extra files
* Fri Feb 10 2006 Dan Walsh 2.2.14-1- Update to upstream
* Fri Feb 10 2006 Dan Walsh 2.2.13-1- Add semodule policy
* Tue Feb 07 2006 Dan Walsh 2.2.12-1- Update from upstream
* Mon Feb 06 2006 Dan Walsh 2.2.11-2- Fix for spamd to use razor port
* Fri Feb 03 2006 Dan Walsh 2.2.11-1- Fixes for mcs- Turn on mount and fsadm for unconfined_t
* Wed Feb 01 2006 Dan Walsh 2.2.10-1- Fixes for the -devel package
* Wed Feb 01 2006 Dan Walsh 2.2.9-2- Fix for spamd to use ldap
* Fri Jan 27 2006 Dan Walsh 2.2.9-1- Update to upstream
* Fri Jan 27 2006 Dan Walsh 2.2.8-2- Update to upstream- Fix rhgb, and other Xorg startups
* Thu Jan 26 2006 Dan Walsh 2.2.7-1- Update to upstream
* Thu Jan 26 2006 Dan Walsh 2.2.6-3- Separate out role of secadm for mls
* Thu Jan 26 2006 Dan Walsh 2.2.6-2- Add inotifyfs handling
* Thu Jan 26 2006 Dan Walsh 2.2.6-1- Update to upstream- Put back in changes for pup/zen
* Tue Jan 24 2006 Dan Walsh 2.2.5-1- Many changes for MLS - Turn on strict policy
* Mon Jan 23 2006 Dan Walsh 2.2.4-1- Update to upstream
* Wed Jan 18 2006 Dan Walsh 2.2.3-1- Update to upstream- Fixes for booting and logging in on MLS machine
* Wed Jan 18 2006 Dan Walsh 2.2.2-1- Update to upstream- Turn off execheap execstack for unconfined users- Add mono/wine policy to allow execheap and execstack for them- Add execheap for Xdm policy
* Wed Jan 18 2006 Dan Walsh 2.2.1-1- Update to upstream- Fixes to fetchmail,
* Tue Jan 17 2006 Dan Walsh 2.1.13-1- Update to upstream
* Tue Jan 17 2006 Dan Walsh 2.1.12-3- Fix for procmail/spamassasin- Update to upstream- Add rules to allow rpcd to work with unlabeled_networks.
* Sat Jan 14 2006 Dan Walsh 2.1.11-1- Update to upstream- Fix ftp Man page
* Fri Jan 13 2006 Dan Walsh 2.1.10-1- Update to upstream
* Wed Jan 11 2006 Jeremy Katz - 2.1.9-2- fix pup transitions (#177262)- fix xen disks (#177599)
* Tue Jan 10 2006 Dan Walsh 2.1.9-1- Update to upstream
* Tue Jan 10 2006 Dan Walsh 2.1.8-3- More Fixes for hal and readahead
* Mon Jan 09 2006 Dan Walsh 2.1.8-2- Fixes for hal and readahead
* Mon Jan 09 2006 Dan Walsh 2.1.8-1- Update to upstream- Apply
* Sat Jan 07 2006 Dan Walsh 2.1.7-4- Add wine and fix hal problems
* Fri Jan 06 2006 Dan Walsh 2.1.7-3- Handle new location of hal scripts
* Thu Jan 05 2006 Dan Walsh 2.1.7-2- Allow su to read /etc/mtab
* Wed Jan 04 2006 Dan Walsh 2.1.7-1- Update to upstream
* Tue Jan 03 2006 Dan Walsh 2.1.6-24- Fix \"libsemanage.parse_module_headers: Data did not represent a module.\" problem
* Tue Jan 03 2006 Dan Walsh 2.1.6-23- Allow load_policy to read /etc/mtab
* Mon Jan 02 2006 Dan Walsh 2.1.6-22- Fix dovecot to allow dovecot_auth to look at /tmp
* Mon Jan 02 2006 Dan Walsh 2.1.6-21- Allow restorecon to read unlabeled_t directories in order to fix labeling.
* Fri Dec 30 2005 Dan Walsh 2.1.6-20- Add Logwatch policy
* Wed Dec 28 2005 Dan Walsh 2.1.6-18- Fix /dev/ub[a-z] file context
* Tue Dec 27 2005 Dan Walsh 2.1.6-17- Fix library specification- Give kudzu execmem privs
* Thu Dec 22 2005 Dan Walsh 2.1.6-16- Fix hostname in targeted policy
* Wed Dec 21 2005 Dan Walsh 2.1.6-15- Fix passwd command on mls
* Wed Dec 21 2005 Dan Walsh 2.1.6-14- Lots of fixes to make mls policy work
* Tue Dec 20 2005 Dan Walsh 2.1.6-13- Add dri libs to textrel_shlib_t- Add system_r role for java- Add unconfined_exec_t for vncserver- Allow slapd to use kerberos
* Mon Dec 19 2005 Dan Walsh 2.1.6-11- Add man pages
* Fri Dec 16 2005 Dan Walsh 2.1.6-10- Add enableaudit.pp
* Fri Dec 16 2005 Dan Walsh 2.1.6-9- Fix mls policy
* Fri Dec 16 2005 Dan Walsh 2.1.6-8- Update mls file from old version
* Thu Dec 15 2005 Dan Walsh 2.1.6-5- Add sids back in- Rebuild with update checkpolicy
* Thu Dec 15 2005 Dan Walsh 2.1.6-4- Fixes to allow automount to use portmap- Fixes to start kernel in s0-s15:c0.c255
* Wed Dec 14 2005 Dan Walsh 2.1.6-3- Add java unconfined/execmem policy
* Wed Dec 14 2005 Dan Walsh 2.1.6-2- Add file context for /var/cvs- Dontaudit webalizer search of homedir
* Tue Dec 13 2005 Dan Walsh 2.1.6-1- Update from upstream
* Tue Dec 13 2005 Dan Walsh 2.1.4-2- Clean up spec- range_transition crond to SystemHigh
* Mon Dec 12 2005 Dan Walsh 2.1.4-1- Fixes for hal- Update to upstream
* Mon Dec 12 2005 Dan Walsh 2.1.3-1- Turn back on execmem since we need it for java, firefox, ooffice- Allow gpm to stream socket to itself
* Mon Dec 12 2005 Jeremy Katz - 2.1.2-3- fix requirements to be on the actual packages so that policy can get created properly at install time
* Sat Dec 10 2005 Dan Walsh 2.1.2-2- Allow unconfined_t to execmod texrel_shlib_t
* Fri Dec 09 2005 Dan Walsh 2.1.2-1- Update to upstream - Turn off allow_execmem and allow_execmod booleans- Add tcpd and automount policies
* Thu Dec 08 2005 Dan Walsh 2.1.1-3- Add two new httpd booleans, turned off by default
* httpd_can_network_relay
* httpd_can_network_connect_db
* Thu Dec 08 2005 Dan Walsh 2.1.1-2- Add ghost for policy.20
* Thu Dec 08 2005 Dan Walsh 2.1.1-1- Update to upstream- Turn off boolean allow_execstack
* Thu Dec 08 2005 Dan Walsh 2.1.0-3- Change setrans-mls to use new libsetrans- Add default_context rule for xdm
* Thu Dec 08 2005 Dan Walsh 2.1.0-2.- Change Requires to PreReg for requiring of policycoreutils on install
* Wed Dec 07 2005 Dan Walsh 2.1.0-1.- New upstream release
* Wed Dec 07 2005 Dan Walsh 2.0.11-2.Add xdm policy
* Tue Dec 06 2005 Dan Walsh 2.0.11-1.Update from upstream
* Fri Dec 02 2005 Dan Walsh 2.0.9-1.Update from upstream
* Fri Dec 02 2005 Dan Walsh 2.0.8-1.Update from upstream
* Fri Dec 02 2005 Dan Walsh 2.0.7-3- Also trigger to rebuild policy for versions up to 2.0.7.
* Tue Nov 29 2005 Dan Walsh 2.0.7-2- No longer installing policy.20 file, anaconda handles the building of the app.
* Tue Nov 29 2005 Dan Walsh 2.0.6-2- Fixes for dovecot and saslauthd
* Wed Nov 23 2005 Dan Walsh 2.0.5-4- Cleanup pegasus and named - Fix spec file- Fix up passwd changing applications
* Mon Nov 21 2005 Dan Walsh 2.0.5-1-Update to latest from upstream
* Mon Nov 21 2005 Dan Walsh 2.0.4-1- Add rules for pegasus and avahi
* Mon Nov 21 2005 Dan Walsh 2.0.2-2- Start building MLS Policy
* Fri Nov 18 2005 Dan Walsh 2.0.2-1- Update to upstream
* Wed Nov 09 2005 Dan Walsh 2.0.1-2- Turn on bash
* Wed Nov 09 2005 Dan Walsh 2.0.1-1- Initial version
  
ICM