Please sync refpolicy (universe) from unstable (main)
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
refpolicy (Ubuntu) |
Fix Released
|
Undecided
|
Unassigned |
Bug Description
Please sync refpolicy (universe) from Debian unstable (main).
Changelog since current feisty version 0.0.20061018-3:
refpolicy (0.0.20061018-5) unstable; urgency=high
* Add policy for log and lock files for aptitude. This is needed for
proper function; so one does not need to go into permissive mode to
run aptitude. Stolen from Erich. This is a low risk change.
* Debian puts grub in /usr/sbin/grub. Reflect that in the initial file
context.
* Debian creates /dev/xconsole independently of whether or not a xserver
has been installed or not. So move the policy related to /dev/sconsole
out of the xserver policy, and into places where relevant (init.te,
logging.fc), to reflect the status that /dev/console is present
anyway.
* Add support for /etc/network/run and /dev/shm/network, which seem to
be Debian specific as well.
* Allow udev to manage configuration files.
-- Manoj Srivastava <email address hidden> Fri, 9 Mar 2007 00:22:19 -0600
refpolicy (0.0.20061018-4) unstable; urgency=low
* Bug fix: "selinux-
fix the 'maybe failing' attempt in postinst", thanks to Eddy Petrisor.
While this does not belong in the postinst, I have addedthis to the
README.Debian file. This should be a low risk change. (Closes: #407691).
* Bug fix: "Default build.conf doesn't match default strict/targeted
policy", thanks to Stefan.The build.conf included in the reference
source policy describe to build a policy of the type "strict". The
default binary policies coming with Debian are build with the policy
type "strict-mcs" or "targeted-mcs". Change the build.conf shipped in
source to conform to what we really use. (changes TYPE=strict to
TYPE=
* Bug fix: "selinux-
allow tcp connection mode", thanks to Rafal Kupka. This bug really
should be at least important, and we should fully support a class of
security product like OpenVPN on machines which are running SELinux,
and this is a very low risk change. (Closes: #409041).
* Install header files required for policy building for both strict and
targeted policies in a new -dev package, so it becomes really useful
to work with the source package. Moved the examples from the -src
package to this new -dev package, since the example is only useful in
with the headers provided. This is a new package, but it contains only
files already in the sources (No upstream changes at all), and is the
result of make install-headers. This new package has no rdepends, and
should be a very low risk addition to Debian.
* This release should be a whole lot better for building local policies,
including the policygentool for creating a new policy from scratch,
and ability to build local policy modular packages. The build.conf
files have been cleaned up, and the source policy defaults to targeted
policy, which is standard in Debian, as opposed to the strict policy,
which has priority optional.
-- Manoj Srivastava <email address hidden> Mon, 26 Feb 2007 22:37:17 -0600
Changed in refpolicy: | |
status: | Unconfirmed → Confirmed |
[Updating] refpolicy (0.0.20061018-3 [Ubuntu] < 0.0.20061018-5 [Debian]) 0.0.20061018. orig.tar. gz: already in distro - downloading from librarian> 0.0.20061018- 5.dsc: downloading from http:// ftp.debian. org/debian/> 0.0.20061018- 5.diff. gz: downloading from http:// ftp.debian. org/debian/>
* Trying to add refpolicy...
- <refpolicy_
- <refpolicy_
- <refpolicy_