معرفی شرکت ها


selinux-policy-sandbox-3.14.3-95.el8_6.1.noarch.rpm


Card image cap
تبلیغات ما

مشتریان به طور فزاینده ای آنلاین هستند. تبلیغات می تواند به آنها کمک کند تا کسب و کار شما را پیدا کنند.

مشاهده بیشتر
Card image cap
تبلیغات ما

مشتریان به طور فزاینده ای آنلاین هستند. تبلیغات می تواند به آنها کمک کند تا کسب و کار شما را پیدا کنند.

مشاهده بیشتر
Card image cap
تبلیغات ما

مشتریان به طور فزاینده ای آنلاین هستند. تبلیغات می تواند به آنها کمک کند تا کسب و کار شما را پیدا کنند.

مشاهده بیشتر
Card image cap
تبلیغات ما

مشتریان به طور فزاینده ای آنلاین هستند. تبلیغات می تواند به آنها کمک کند تا کسب و کار شما را پیدا کنند.

مشاهده بیشتر
Card image cap
تبلیغات ما

مشتریان به طور فزاینده ای آنلاین هستند. تبلیغات می تواند به آنها کمک کند تا کسب و کار شما را پیدا کنند.

مشاهده بیشتر

توضیحات

SELinux policy sandbox
ویژگی مقدار
سیستم عامل Linux
توزیع AlmaLinux 8
مخزن AlmaLinux BaseOS noarch
نام بسته selinux-policy-sandbox
نام فایل بسته selinux-policy-sandbox-3.14.3-95.el8_6.1.noarch.rpm
نسخه بسته 3.14.3
انتشار بسته 95.el8_6.1
معماری بسته noarch
نگهدارنده -
تاریخ ساخت Tue 02 Aug 2022 10
هاست سازنده almalinux-p9.osuosl.org
نوع بسته .rpm
آدرس صفحه اصلی https://github.com/fedora-selinux/selinux-policy
مجوز GPLv2+
حجم دانلود 642K
حجم نصب 84.629K
SELinux sandbox policy used for the policycoreutils-sandbox package


جایگزین ها

بسته نسخه معماری مخزن
selinux-policy-sandbox-3.14.3-95.el8.noarch.rpm 3.14.3 noarch AlmaLinux BaseOS
selinux-policy-sandbox-3.14.3-95.el8_6.4.noarch.rpm 3.14.3 noarch AlmaLinux BaseOS


نیازمندی

مقدار نام
- /bin/sh
- /bin/sh
= 3.14.3-95.el8_6.1 selinux-policy-base
= 3.14.3-95.el8_6.1 selinux-policy-targeted


ارائه دهنده

مقدار نام
= 3.14.3-95.el8_6.1 selinux-policy-sandbox


نحوه نصب


نصب پکیج rpm selinux-policy-sandbox:

    dnf install selinux-policy-sandbox-3.14.3-95.el8_6.1.noarch.rpm


فایل ها

مسیرها
/usr/share/selinux/packages/sandbox.pp


گزارش تغییرات

تاریخ آخرین تغییر جزئیات
2022-06-09

Label more vdsm utils with virtd_exec_t

2022-03-24

Allow hostapd talk with unconfined user over unix domain dgram socket

2022-03-10

Allow chronyd send a message to sosreport over datagram socket
Allow systemd-logind dbus chat with sosreport

2022-02-24

Allow systemd-networkd dbus chat with sosreport
Allow sysadm_passwd_t to relabel passwd and group files
Allow confined sysadmin to use tool vipw
Allow sosreport dbus chat with abrt and timedatex
Remove unnecessary /etc file transitions for insights-client
Label all content in /var/lib/insights with insights_client_var_lib_t
Update insights-client policy
Update insights-client: fc pattern, motd, writing to etc
Remove permissive domain for insights_client_t
New policy for insight-client
Add the insights_client module
Update specfile to buildrequire policycoreutils-devel >= 2.9-19
Add modules_checksum to %files

2022-02-16

Allow postfix_domain read dovecot certificates 1/2
Dontaudit dirsrv search filesystem sysctl directories 1/2
Allow chage domtrans to sssd
Allow postfix_domain read dovecot certificates 2/2
Allow ctdb create cluster logs
Allow alsa bind mixer controls to led triggers
Allow alsactl set group Process ID of a process
Dontaudit mdadm list dirsrv tmpfs dirs
Dontaudit dirsrv search filesystem sysctl directories 2/2
Revert "Label NetworkManager-dispatcher service with separate context"
Revert "Allow NetworkManager-dispatcher dbus chat with NetworkManager"

2022-02-09

Allow NetworkManager-dispatcher dbus chat with NetworkManager

2022-02-04

Fix badly indented used interfaces
Allow domain transition to sssd_t 1/2
Allow confined users to use kinit,klist and etc.
Allow login_userdomain open/read/map system journal
Allow init read stratis data symlinks 2/2
Label new utility of NetworkManager nm-priv-helper
Label NetworkManager-dispatcher service with separate context
Allow domtrans to sssd_t and role access to sssd
Creating interface sssd_run_sssd()
Allow domain transition to sssd_t 2/2
Allow timedatex dbus chat with xdm
Associate stratisd_data_t with device filesystem
Allow init read stratis data symlinks 1/2
Allow rhsmcertd create rpm hawkey logs with correct label

2022-01-26

Allow NetworkManager talk with unconfined user over unix domain dgram socket
Allow system_mail_t read inherited apache system content rw files
Add apache_read_inherited_sys_content_rw_files() interface
Allow rhsm-service execute its private memfd: objects
Allow dirsrv read configfs files and directories
Label /run/stratisd with stratisd_var_run_t
Fix path for excluding container.if from selinux-policy-devel

2022-01-20

Revert "Label /etc/cockpit/ws-certs.d with cert_t"

2022-01-18

Set default file context for /sys/firmware/efi/efivars
Allow sysadm_t start and stop transient services
Label /etc/cockpit/ws-certs.d with cert_t
Allow smbcontrol read the network state information
Allow rhsm-service read/write its private memfd: objects
Allow fcoemon request the kernel to load a module
Allow radiusd connect to the radacct port
Label /var/lib/shorewall6-lite with shorewall_var_lib_t
Exclude container.if from selinux-policy-devel

2022-01-03

Allow sysadm execute sysadmctl in sysadm_t domain using sudo
Allow local_login_t get attributes of tmpfs filesystems
Allow local_login_t get attributes of filesystems with ext attributes
Allow local_login_t domain to getattr cgroup filesystem
Allow systemd read unlabeled symbolic links
Allow userdomains use pam_ssh_agent_auth for passwordless sudo
Allow sudodomains execute passwd in the passwd domain
Label authcompat.py with authconfig_exec_t
Dontaudit pkcsslotd sys_admin capability
Allow lldpd connect to snmpd with a unix domain stream socket

2021-12-07

Allow unconfined_t to node_bind icmp_sockets in node_t domain
Allow rhsmcertd get attributes of tmpfs_t filesystems
The nfsdcld service is now confined by SELinux
Allow smbcontrol use additional socket types
Allow lldpd use an snmp subagent over a tcp socket

2021-11-24

Allow sysadm_t read/write pkcs shared memory segments
Allow sysadm_t connect to sanlock over a unix stream socket
Allow sysadm_t dbus chat with sssd
Allow sysadm_t set attributes on character device nodes
Allow sysadm_t read and write watchdog devices
Allow sysadm_t connect to cluster domains over a unix stream socket
Allow sysadm_t dbus chat with tuned 2/2
Update userdom_exec_user_tmp_files() with an entrypoint rule
Allow sudodomain send a null signal to sshd processes
Allow sysadm_t dbus chat with tuned 1/2
Allow cloud-init dbus chat with systemd-logind
Allow svnserve send mail from the system
Allow svnserve_t domain to read system state

2021-11-09

VQP: Include IANA-assigned TCP/1589
Label port 3785/udp with bfd_echo
Allow sysadm_t dbus chat with realmd_t
Support sanlock VG automated recovery on storage access loss 1/2
Revert "Support sanlock VG automated recovery on storage access loss"
Support sanlock VG automated recovery on storage access loss
radius: Lexical sort of service-specific corenet rules by service name
radius: Allow binding to the BDF Control and Echo ports
radius: Allow binding to the DHCP client port
radius: Allow net_raw; allow binding to the DHCP server ports
Support hitless reloads feature in haproxy
Allow redis get attributes of filesystems with extended attributes
Support sanlock VG automated recovery on storage access loss 2/2
Revert "Support sanlock VG automated recovery on storage access loss"

2021-10-20

Support sanlock VG automated recovery on storage access loss
Allow proper function sosreport in sysadmin role
Allow systemd execute user bin files
Label /dev/crypto/nx-gzip with accelerator_device_t
Allow ipsec_t and login_userdomain named file transition in tmpfs
Support sanlock VG automated recovery on storage access loss
Allow proper function sosreport via iotop
Call pkcs_tmpfs_named_filetrans for certmonger
Allow ibacm the net_raw and sys_rawio capabilities
Support new PING_CHECK health checker in keepalived
Update spamassasin policy to make working /usr/share/spamassassin/sa-update.cron script

2021-10-04

Allow unconfined domains to bpf all other domains
Allow vmtools_unconfined_t domain transition to rpm_script_t
Allow unbound connectto unix_stream_socket
Label /usr/sbin/virtproxyd as virtd_exec_t
Allow postfix_domain to sendto unix dgram sockets.