Mailing List Archive

SELinux base policy rev 8 in hardened-dev
Hi guys,

Revision 8 of the 2.20120215 policies are now in the hardened-dev overlay.
It contains the following changes:

<no bug> Update whitespace in python scripts (support python3)
#411149 Introduce httpd_setrlimit to support setrlimit/sys_resource on apache (for lighttpd)
#411943 Allow unconfined users to start X (or XFCE) from the commandline

Testing is, as always, appreciated. However, the changes are non-intrusive
and I'm going to make a few more intrusive changes now which will need a bit
more testing, so I'm heading out with rev 8 now.

Also, I've moved the repository I use for maintaining the policies from
github to gogo [1]. I didn't use the git magic, just a copy of the sources,
as patching is always done in incremental manners (and not through git
patches)... for now ;-)

I'll have our SELinux development guide also updated to have users base
their patches from this tree instead, that should make development a bit
easier for them.

Wkr,
Sven Vermeulen