Gentoo Archives: gentoo-hardened

From: Sven Vermeulen <swift@g.o>
To: gentoo-hardened@l.g.o
Subject: [gentoo-hardened] SELinux base policy rev 8 in hardened-dev
Date: Sun, 22 Apr 2012 09:02:13
Message-Id: 20120422083540.GA18809@gentoo.org
1 Hi guys,
2
3 Revision 8 of the 2.20120215 policies are now in the hardened-dev overlay.
4 It contains the following changes:
5
6 <no bug> Update whitespace in python scripts (support python3)
7 #411149 Introduce httpd_setrlimit to support setrlimit/sys_resource on apache (for lighttpd)
8 #411943 Allow unconfined users to start X (or XFCE) from the commandline
9
10 Testing is, as always, appreciated. However, the changes are non-intrusive
11 and I'm going to make a few more intrusive changes now which will need a bit
12 more testing, so I'm heading out with rev 8 now.
13
14 Also, I've moved the repository I use for maintaining the policies from
15 github to gogo [1]. I didn't use the git magic, just a copy of the sources,
16 as patching is always done in incremental manners (and not through git
17 patches)... for now ;-)
18
19 I'll have our SELinux development guide also updated to have users base
20 their patches from this tree instead, that should make development a bit
21 easier for them.
22
23 Wkr,
24 Sven Vermeulen