Please merge refpolicy 2:0.2.20100524-2 (universe) from Debian unstable (main)
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
refpolicy (Ubuntu) |
Fix Released
|
Undecided
|
Unassigned |
Bug Description
There is new version in Debian to be merged:
refpolicy (2:0.2.20100524-2) unstable; urgency=low
.
* Include tmpreaper in base policy as mountnfs-
mountall-
* Added a new mcsdeleteall attribute for tmpreaper_t so that it can
delete files and directories regardless of mcs level.
* Allow perdition netlink_
* Allow nrpe_t to execute sudo and search /var/spool
also don't audit capability sys_resource.
* Allow postfix_local_t to run sendmail for programs like vacation
* Make the milter module be loaded if the milter-greylist or spamass-milter
package is installed. Make spamassassin policy optional when using the
milter module.
* Added a bunch of fixes from git mostly trivial stuff but also allowed
bootloader_t to load modules, allowed kismet_t to search home directories,
* Don't allow cron daemon to search /var/lib/logrotate.
* Fixed a typo in gitosis.if
* Commented out the genfscon line in selinux.if for the includes directory,
now sepolgen-ifgen works without error.
Thanks!
This bug was fixed in the package refpolicy - 2:0.2.20100524- 2ubuntu1
--------------- 20100524- 2ubuntu1) maverick; urgency=low
refpolicy (2:0.2.
* Merge from debian unstable (LP: #607149). Remaining changes:
- debian/control: drop "selinux" conflict (Debian bug 576598).
refpolicy (2:0.2.20100524-2) unstable; urgency=low
* Include tmpreaper in base policy as mountnfs- bootclean. sh and bootclean. sh need to run as tmpreaper_t. route_socket access.
mountall-
* Added a new mcsdeleteall attribute for tmpreaper_t so that it can
delete files and directories regardless of mcs level.
* Allow perdition netlink_
* Allow nrpe_t to execute sudo and search /var/spool
also don't audit capability sys_resource.
* Allow postfix_local_t to run sendmail for programs like vacation
* Make the milter module be loaded if the milter-greylist or spamass-milter
package is installed. Make spamassassin policy optional when using the
milter module.
* Added a bunch of fixes from git mostly trivial stuff but also allowed
bootloader_t to load modules, allowed kismet_t to search home directories,
* Don't allow cron daemon to search /var/lib/logrotate.
* Fixed a typo in gitosis.if
* Commented out the genfscon line in selinux.if for the includes directory,
now sepolgen-ifgen works without error.
-- Angel Abad <email address hidden> Fri, 09 Jul 2010 06:30:26 +0100