Accepted refpolicy 0.0.20061018-5 (source)
Ubuntu Installer
archive at ubuntu.com
Tue Apr 10 18:50:49 BST 2007
Accepted:
OK: refpolicy_0.0.20061018-5.dsc
-> Component: universe Section: admin
OK: refpolicy_0.0.20061018-5.diff.gz
Origin: Debian/unstable
Format: 1.7
Date: Tue, 10 Apr 2007 18:46:12 +0100
Source: refpolicy
Binary: selinux-policy-refpolicy-dev, selinux-policy-refpolicy-targeted, selinux-policy-refpolicy-strict, selinux-policy-refpolicy-src, selinux-policy-refpolicy-doc
Architecture: source
Version: 0.0.20061018-5
Distribution: feisty
Urgency: high
Maintainer: Manoj Srivastava <srivasta at debian.org>
Changed-By: Andrew Mitchell <ajmitch at ihug.co.nz>
Closes: 407691 409041 411256
Changes:
refpolicy (0.0.20061018-5) unstable; urgency=high
.
* Add policy for log and lock files for aptitude. This is needed for
proper function; so one does not need to go into permissive mode to
run aptitude. Stolen from Erich. This is a low risk change.
* Debian puts grub in /usr/sbin/grub. Reflect that in the initial file
context.
* Debian creates /dev/xconsole independently of whether or not a xserver
has been installed or not. So move the policy related to /dev/sconsole
out of the xserver policy, and into places where relevant (init.te,
logging.fc), to reflect the status that /dev/console is present
anyway.
* Add support for /etc/network/run and /dev/shm/network, which seem to
be Debian specific as well.
* Allow udev to manage configuration files.
.
refpolicy (0.0.20061018-4) unstable; urgency=low
.
* Bug fix: "selinux-policy-refpolicy-targeted: does not suggest a way to
fix the 'maybe failing' attempt in postinst", thanks to Eddy Petrisor.
While this does not belong in the postinst, I have addedthis to the
README.Debian file. This should be a low risk change. (Closes: #407691).
* Bug fix: "Default build.conf doesn't match default strict/targeted
policy", thanks to Stefan.The build.conf included in the reference
source policy describe to build a policy of the type "strict". The
default binary policies coming with Debian are build with the policy
type "strict-mcs" or "targeted-mcs". Change the build.conf shipped in
source to conform to what we really use. (changes TYPE=strict to
TYPE=strict-mcs, very low risk change. (Closes: #411256).
* Bug fix: "selinux-policy-refpolicy-targeted: openvpn policy do not
allow tcp connection mode", thanks to Rafal Kupka. This bug really
should be at least important, and we should fully support a class of
security product like OpenVPN on machines which are running SELinux,
and this is a very low risk change. (Closes: #409041).
* Install header files required for policy building for both strict and
targeted policies in a new -dev package, so it becomes really useful
to work with the source package. Moved the examples from the -src
package to this new -dev package, since the example is only useful in
with the headers provided. This is a new package, but it contains only
files already in the sources (No upstream changes at all), and is the
result of make install-headers. This new package has no rdepends, and
should be a very low risk addition to Debian.
* This release should be a whole lot better for building local policies,
including the policygentool for creating a new policy from scratch,
and ability to build local policy modular packages. The build.conf
files have been cleaned up, and the source policy defaults to targeted
policy, which is standard in Debian, as opposed to the strict policy,
which has priority optional.
Files:
b50a3117ef90186872a4d464808194ba 843 admin optional refpolicy_0.0.20061018-5.dsc
a1d6f4c85f7f06d6266c7d08b8c6c3ae 56846 admin optional refpolicy_0.0.20061018-5.diff.gz
More information about the feisty-changes
mailing list