[ubuntu/maverick] refpolicy 2:0.2.20100524-1ubuntu1 (Accepted)

Bhavani Shankar bhavi at ubuntu.com
Wed Jul 7 10:35:25 BST 2010 

refpolicy (2:0.2.20100524-1ubuntu1) maverick; urgency=low

  * Merge from debian unstable.  Remaining changes: LP: #602199
    - debian/control: drop "selinux" conflict (Debian bug 576598).

refpolicy (2:0.2.20100524-1) unstable; urgency=low

  * New Upstream release.  This version has had a good deal of testing for
    server use but almost no testing for desktop use.  The usual "Unstable"
    disclaimers apply.

  * Disable UBAC - see http://etbe.coker.com.au/2010/05/26/ubac-selinux-debian/
  * Allow mount_t to read sysfs_t.
  * Allow lvm_t to create semaphores.
  * Allow mount_t and setfiles_t to read/write device_t chr_file.
  * Allow udev to read sym-links in it's config directory.
  * Allow vbetool_t to read inotify directories.
  * Allow gpm_t self signull and signal access.

refpolicy (2:0.2.20091117-3) unstable; urgency=low

  * label Google Chrome as unconfined_execmem_exec_t
  * Change the apache_content_template() macro to not define the type
    httpd_$1_script_exec_t, now the caller must unconditionally define it and
    can therefore use it in it's .fc file without making a .fc dependency.
  * Allow setrans_t to read proc_t files.
  * Allow pppd to load modules.
  * Allow watchdog_t to read/write /dev/watchdog
  * Allow rpcd_t getcap and setcap access.
  * Allow insmod_t to mount a rpc_pipefs_t filesystem.
  * Correctly label kdm.log.* pm-*log* aptitude*
  * Allow consolekit_t to access pam console data.
  * Correctly label consolekit scripts
  * Allow mount_t to set the scheduling for kernel threads.

Date: Tue, 06 Jul 2010 14:26:53 +0530
Changed-By: Bhavani Shankar <bhavi at ubuntu.com>
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Signed-By: Daniel Holbach <daniel.holbach at ubuntu.com>
https://launchpad.net/ubuntu/maverick/+source/refpolicy/2:0.2.20100524-1ubuntu1
-------------- next part --------------
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Format: 1.8
Date: Tue, 06 Jul 2010 14:26:53 +0530
Source: refpolicy
Binary: selinux-policy-default selinux-policy-mls selinux-policy-src selinux-policy-dev selinux-policy-doc
Architecture: source
Version: 2:0.2.20100524-1ubuntu1
Distribution: maverick
Urgency: low
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Bhavani Shankar <bhavi at ubuntu.com>
Description: 
 selinux-policy-default - Strict and Targeted variants of the SELinux policy
 selinux-policy-dev - Headers from the SELinux reference policy for building modules
 selinux-policy-doc - Documentation for the SELinux reference policy
 selinux-policy-mls - MLS (Multi Level Security) variant of the SELinux policy
 selinux-policy-src - Source of the SELinux reference policy for customization
Launchpad-Bugs-Fixed: 602199
Changes: 
 refpolicy (2:0.2.20100524-1ubuntu1) maverick; urgency=low
 .
   * Merge from debian unstable.  Remaining changes: LP: #602199
     - debian/control: drop "selinux" conflict (Debian bug 576598).
 .
 refpolicy (2:0.2.20100524-1) unstable; urgency=low
 .
   * New Upstream release.  This version has had a good deal of testing for
     server use but almost no testing for desktop use.  The usual "Unstable"
     disclaimers apply.
 .
   * Disable UBAC - see http://etbe.coker.com.au/2010/05/26/ubac-selinux-debian/
   * Allow mount_t to read sysfs_t.
   * Allow lvm_t to create semaphores.
   * Allow mount_t and setfiles_t to read/write device_t chr_file.
   * Allow udev to read sym-links in it's config directory.
   * Allow vbetool_t to read inotify directories.
   * Allow gpm_t self signull and signal access.
 .
 refpolicy (2:0.2.20091117-3) unstable; urgency=low
 .
   * label Google Chrome as unconfined_execmem_exec_t
   * Change the apache_content_template() macro to not define the type
     httpd_$1_script_exec_t, now the caller must unconditionally define it and
     can therefore use it in it's .fc file without making a .fc dependency.
   * Allow setrans_t to read proc_t files.
   * Allow pppd to load modules.
   * Allow watchdog_t to read/write /dev/watchdog
   * Allow rpcd_t getcap and setcap access.
   * Allow insmod_t to mount a rpc_pipefs_t filesystem.
   * Correctly label kdm.log.* pm-*log* aptitude*
   * Allow consolekit_t to access pam console data.
   * Correctly label consolekit scripts
   * Allow mount_t to set the scheduling for kernel threads.
Checksums-Sha1: 
 abcc5d1629c0734318bd991661dd69c0c36d1da3 1621 refpolicy_0.2.20100524-1ubuntu1.dsc
 fbb7aaf78eb543e35225e1624702aadf3dd3c376 781561 refpolicy_0.2.20100524.orig.tar.gz
 7806f5fc67a69e02a92091d31270ceca58c0358d 101471 refpolicy_0.2.20100524-1ubuntu1.diff.gz
Checksums-Sha256: 
 c5bdf930eff36d31017dff66358a550d29996cbb7a001469998519a58650c9b7 1621 refpolicy_0.2.20100524-1ubuntu1.dsc
 de52e2dd7431e04b9061a246431b6f6aeac2b91af5553b2cef22c8cf853f1700 781561 refpolicy_0.2.20100524.orig.tar.gz
 f93c317645793868bff72db89503529be4130808ea7e42fc27e5e58dcc46ba5b 101471 refpolicy_0.2.20100524-1ubuntu1.diff.gz
Files: 
 4e5df42dc3ba7ab5914d27f590a448dd 1621 admin optional refpolicy_0.2.20100524-1ubuntu1.dsc
 bc26268d634b06ffefbd87aff1aeb0b9 781561 admin optional refpolicy_0.2.20100524.orig.tar.gz
 a4b9f1412fe4bf05349bea6f69151131 101471 admin optional refpolicy_0.2.20100524-1ubuntu1.diff.gz
Original-Maintainer: Russell Coker <russell at coker.com.au>

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)

iEYEARECAAYFAkw0SRgACgkQRjrlnQWd1esXrwCfWQ0ZN6JkecZTbP6GiXMnekGp
MUwAn0zp2ipAeFTW/ogLqM5g2ry5ptPQ
=AXvU
-----END PGP SIGNATURE-----

More information about the Maverick-changes mailing list