Mailing List Archive

SELinux base policy rev 6 in hardened-dev
Hiya folks

I just pushed a small update to the SELinux policies to hardened-dev
overlay. This includes the following fixes on top of rev 5:

#405425 Allow syslog-ng to getsched capability (needed for its new threading implementation)
<no bug> Do not audit sys_admin capability for dhcpc (in sysnetwork)
<no bug> Allow sys_admin capability for init scripts (modify sysctl settings)

If there are no vital issues on this the next day or so, I'll start moving
stuff to the main tree (~arch'ed) in the course of this weekend.

Sven Vermeulen