-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Format: 3.0 (quilt) Source: refpolicy Binary: selinux-policy-default, selinux-policy-mls, selinux-policy-src, selinux-policy-dev, selinux-policy-doc Architecture: all Version: 2:2.20140421-7 Maintainer: Debian SELinux maintainers <[email protected]> Uploaders: Russell Coker <[email protected]> Homepage: http://oss.tresys.com/projects/refpolicy/wiki/DownloadRelease Standards-Version: 3.9.5 Vcs-Browser: http://anonscm.debian.org/gitweb/?p=selinux/refpolicy.git;a=summary Vcs-Git: git://anonscm.debian.org/selinux/refpolicy.git Build-Depends: debhelper (>= 9) Build-Depends-Indep: policycoreutils (>= 2.2.1), checkpolicy (>= 2.2), python, m4, bzip2, gawk, libsepol1 (>= 2.2) Package-List: selinux-policy-default deb admin optional arch=all selinux-policy-dev deb admin optional arch=all selinux-policy-doc deb doc optional arch=all selinux-policy-mls deb admin extra arch=all selinux-policy-src deb admin optional arch=all Checksums-Sha1: c1134b778e0a62b5692a8284454bfc91fd72914e 684349 refpolicy_2.20140421.orig.tar.bz2 ab940c7f1d4427b30cf39d2173952ca0ff29182b 78900 refpolicy_2.20140421-7.debian.tar.xz Checksums-Sha256: 258ff813c84139175db63958ac8bff2bcce32982bb0d902e06aaaf17dd644367 684349 refpolicy_2.20140421.orig.tar.bz2 ba7e1b14d1d9524758cba1f540d6f10f1929c858b2d5788a9a4c6302c75044c6 78900 refpolicy_2.20140421-7.debian.tar.xz Files: a43b25c3a748659cddbf2df89920ee6d 684349 refpolicy_2.20140421.orig.tar.bz2 9497a6e8233fbb09077a1c653b51d3a4 78900 refpolicy_2.20140421-7.debian.tar.xz -----BEGIN PGP SIGNATURE----- Version: GnuPG v2 iEYEARECAAYFAlQ7BkYACgkQwrB5/PXHUlYLuACg4D1bxkOTgZXfP1xv3IyQjcKD c6cAoJhfxKwLBplnSYthgKcUA7S2Nn0m =1dn1 -----END PGP SIGNATURE----- Changes: refpolicy (2:2.20140421-7) unstable; urgency=medium * Label /run/systemd/journal/dev-log and /run/systemd/journal/stdout as devlog_t * Allow bootloadter_t to load kernel modules and run apt-cache * Allow systemd_cgroups_t to read /proc/cmdline * Allow sshd net_admin capability * Allow systemd_logind_t to read kernel sysctls, list tmpfs, and mount on /var/auth, and systemd_unit_file_t:service stop. * Allow dpkg_script_t to restart systemd unit files of type init_var_run_t * Allow local_login_t and user_t to talk to systemd_logind via dbus * Allow user_ssh_agent_t to read/write it's own fifo files * Allow user_t to talk to gconfd_t via dbus * Allow gpg_agent_t to send sigchld to xdm_t, to be a system dbus client, to use nsswitch, and to read user xauth file * Allow $1_dbusd_t domains systemd_login_read_pid_files access * Remove gpg_helper_t, merge gpg_pinentry_t with the main gpg domain, and create user_gpg_t, staff_gpg_t, etc. * Allow userdomains to talk to kerneloops via dbus * Allow sysstat_t to search all mountpoints * Allow udev_t self:netlink_route_socket nlmsg_write for interface rename * Allow systemd_tmpfiles_t to read kernel sysctls for boot_id * Allow setfiles_t to read /dev/urandom * Label /var/run/blkid as etc_runtime_t * TLDR: Make everything work with latest systemd and allow KDE login with latest X11 configuration. -- Russell Coker <[email protected]> Mon, 13 Oct 2014 09:41:44 +1100
