1 |
Hi guys, |
2 |
|
3 |
I haven't merged hardened-development overlay with the main tree yet because |
4 |
I had to make sure that the changes in the policycoreutils wouldn't break |
5 |
(m)any systems. Since I'm now pushing out rev 11, I'm going to skip merging |
6 |
rev 10 and focus on the rev 11 instead in a few days. |
7 |
|
8 |
So yes, the updated policies are now available and include the following |
9 |
fixes: |
10 |
|
11 |
bug #397535: Add policy for working with dracut (creating initramfs) |
12 |
bug #396241: Updates for bacula policy |
13 |
(no bug): Introduce aggregated types for Apache (needed later to support phpfpm) |
14 |
(no bug): Additional dontaudit statements for dbus, mozilla, networkmanager, wpa_cli, hostname, sysnetwork |
15 |
(no bug): Do not use java* wildcard in file contexts as it hits java-config as well then |
16 |
|
17 |
I'm currently putting most work in getting an initramfs with full SELinux |
18 |
support (not by forcing unconfined domains or switching to permissive first) |
19 |
working (through dracut for the moment). Hopefully that'll work in the near |
20 |
future :-( |
21 |
|
22 |
Wkr, |
23 |
Sven Vermeulen |