Debian Package Tracker

From: Russell Coker <russell@coker.com.au>
To: <debian-devel-changes@lists.debian.org>
Subject: Accepted refpolicy 2:2.20140421-3 (source all)
Date: Sun, 29 Jun 2014 09:51:57 +0000
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Format: 1.8
Date: Sun, 29 Jun 2014 19:11:45 +1000
Source: refpolicy
Binary: selinux-policy-default selinux-policy-mls selinux-policy-src selinux-policy-dev selinux-policy-doc
Architecture: source all
Version: 2:2.20140421-3
Distribution: unstable
Urgency: medium
Maintainer: Debian SELinux maintainers <selinux-devel@lists.alioth.debian.org>
Changed-By: Russell Coker <russell@coker.com.au>
Description:
 selinux-policy-default - Strict and Targeted variants of the SELinux policy
 selinux-policy-dev - Headers from the SELinux reference policy for building modules
 selinux-policy-doc - Documentation for the SELinux reference policy
 selinux-policy-mls - MLS (Multi Level Security) variant of the SELinux policy
 selinux-policy-src - Source of the SELinux reference policy for customization
Changes:
 refpolicy (2:2.20140421-3) unstable; urgency=medium
 .
   * Allow sysadm_t to read policy
   * Make systemd_login_list_pid_dirs() call init_search_pid_dirs() as it
     doesn't work without it
   * Added chromium/google-chrome policy
   * dev_getattr_sysfs(sysstat_t) for Debian cron job
   * Allow sysstat_t to manage it's log files
   * Allow dpkg_script_t to config all systemd services and get init status
   * Allow dpkg_script_t to dirmngr_admin
   * really added systemd_login_list_pid_dirs(system_dbusd_t) (somehow missed
     this last time)
   * Allow sshd to chat with systemd via dbus
   * Allow unconfined_t to restart services
   * systemd_write_inherited_logind_sessions_pipes(system_dbusd_t)
   * systemd_dbus_chat_logind(sshd_t)
   * Allow xend to read vm sysctls
   * Allow udev_t to manage xenfs_t files for xenstore-read
   * Allow system_dbusd_t systemd_login_read_pid_files access for
     /run/systemd/users/* files
   * Allow systemd_logind_t to stat tmpfs_t filesystems for /run/user
   * Remove the "genfscon selinuxfs" line from selinux.if in selinux-policy-dev
     to stop sepolgen-ifgen errors.
   * Make udev_relabelto_db() include lnk_file relabeling
   * Allow kernel_t to fs_search_tmpfs, selinux_compute_create_context, and
     kernel_read_unlabeled_state for booting without unconfined.pp
   * Allow system_cronjob_t to manage the apt cache
   * Allow modutils_read_module_config(init_t) and create cgroup_t links for
     strict config. Allow it to relabel from tmpfs_t symlinks
   * Allow init_run_all_scripts_domain (initrc_t) the service { status start
     stop } for all the daemon _initrc_exec_t scripts.
   * Allow sysadm_r to have domain system_mail_t for strict policy
   * Allow init_t to relabel device_t symlinks and pstore_t dirs, load kernel
     modules, manage init_var_run_t sock_files, read /usr, read /dev/urandom,
     systemd_manage_passwd_run, and domain_read_all_domains_state
Checksums-Sha1:
 2d0a86bdb4f55d81bed35e4cd14eca2b59895552 1758 refpolicy_2.20140421-3.dsc
 009ee151d0e35a13176c124b97e3cfcabbf485d8 71128 refpolicy_2.20140421-3.debian.tar.xz
 b4ae9fd6ecc9a4daec6685d1953ccdb6e8ed4920 2800446 selinux-policy-default_2.20140421-3_all.deb
 67d6948daa54734480b3a899a990b0ea0edeaf5d 2851542 selinux-policy-mls_2.20140421-3_all.deb
 81ef6b6f76c925993afa08dc0b81dd1c3c8158f8 1202722 selinux-policy-src_2.20140421-3_all.deb
 1281b41fd1f5643d39451b70c77a8b1e6cf0fd56 436260 selinux-policy-dev_2.20140421-3_all.deb
 0148f48a8cb765e6ab0910150d52439a36bfe369 412982 selinux-policy-doc_2.20140421-3_all.deb
Checksums-Sha256:
 2b524f9a889bb3acf335296ff1fccf26b3210aa388a7a5a92fde41d1dd41dcfa 1758 refpolicy_2.20140421-3.dsc
 8abada0a0291e7ecb539e1b8b3197a43705e28e879898950c8f13ede403ff130 71128 refpolicy_2.20140421-3.debian.tar.xz
 1c3be2de6b310ff3aef9c0ee1912123ca19674059f98baad5ebb1783c5d7cb91 2800446 selinux-policy-default_2.20140421-3_all.deb
 fba0afd74721a0d0f73da57e4628e6592bd0ed91e256804c3346d072451d9f52 2851542 selinux-policy-mls_2.20140421-3_all.deb
 bc50d6d98e5473d3660736320366c9abacbdaacd8602675c6576668d2fc12677 1202722 selinux-policy-src_2.20140421-3_all.deb
 4ff3d49ce3ffe94a8f0f1683a28347d87238964ea0c921d5cba6ccca20407a5c 436260 selinux-policy-dev_2.20140421-3_all.deb
 b742124b29c533e9505c01cb96ee7b1971274589905c9f2ea31e20bddbe708c9 412982 selinux-policy-doc_2.20140421-3_all.deb
Files:
 927023db57701b7cad5cc5be087cdea5 2800446 admin optional selinux-policy-default_2.20140421-3_all.deb
 027b75a8c713d4913869b03144e402ac 2851542 admin extra selinux-policy-mls_2.20140421-3_all.deb
 ba44fb327d8008139b1f52687fb813f0 1202722 admin optional selinux-policy-src_2.20140421-3_all.deb
 f2481b58b3b1934864a865cdb76b9bb0 436260 admin optional selinux-policy-dev_2.20140421-3_all.deb
 0640d8373d687fc01d06526456fbac62 412982 doc optional selinux-policy-doc_2.20140421-3_all.deb
 c8e657fc931fdf81ed6b38638f37ae73 1758 admin optional refpolicy_2.20140421-3.dsc
 92ed25bebce64e4a8a0de95738bd96f0 71128 admin optional refpolicy_2.20140421-3.debian.tar.xz

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iEYEARECAAYFAlOv2wUACgkQwrB5/PXHUlZblgCg2qClVI1LuPee6tdrfe4fVIRr
NsgAnRTMoIeU/dA+G+qJ4PK1zYQEzXH9
=CnzB
-----END PGP SIGNATURE-----
News for package refpolicy
