selinux-refpolicy

History

David Sugar 3425d22c24 Allow X (xserver_t) to read /proc/sys/crypto/fips_enabled type=AVC msg=audit(1543761322.221:211): avc: denied { search } for pid=16826 comm="X" name="crypto" dev="proc" ino=10257 scontext=system_u:system_r:xserver_t:s0-s0:c0.c1023 tcontext=system_u:object_r:sysctl_crypto_t:s0 tclass=dir permissive=1 type=AVC msg=audit(1543761322.221:211): avc: denied { read } for pid=16826 comm="X" name="fips_enabled" dev="proc" ino=10258 scontext=system_u:system_r:xserver_t:s0-s0:c0.c1023 tcontext=system_u:object_r:sysctl_crypto_t:s0 tclass=file permissive=1 type=AVC msg=audit(1543761322.221:211): avc: denied { open } for pid=16826 comm="X" path="/proc/sys/crypto/fips_enabled" dev="proc" ino=10258 scontext=system_u:system_r:xserver_t:s0-s0:c0.c1023 tcontext=system_u:object_r:sysctl_crypto_t:s0 tclass=file permissive=1 type=AVC msg=audit(1543761322.222:212): avc: denied { getattr } for pid=16826 comm="X" path="/proc/sys/crypto/fips_enabled" dev="proc" ino=10258 scontext=system_u:system_r:xserver_t:s0-s0:c0.c1023 tcontext=system_u:object_r:sysctl_crypto_t:s0 tclass=file permissive=1 Signed-off-by: Dave Sugar <dsugar@tresys.com>		2018-12-11 17:54:44 -05:00
..
flask	Add xdp_socket security class and access vectors	2018-10-21 13:01:22 +02:00
modules	Allow X (xserver_t) to read /proc/sys/crypto/fips_enabled	2018-12-11 17:54:44 -05:00
support	obj_perm_sets.spt: Add xdp_socket to socket_class_set.	2018-10-23 17:18:43 -04:00
constraints	refpolicy: Update for kernel sctp support	2018-03-21 14:14:37 -04:00
context_defaults
global_booleans
global_tunables	user_udp_server tunable	2016-08-02 19:44:16 -04:00
mcs	refpolicy: Update for kernel sctp support	2018-03-21 14:14:37 -04:00
mls	Remove unused translate permission in context userspace class.	2018-10-13 13:39:18 -04:00
policy_capabilities	Enable cgroup_seclabel and nnp_nosuid_transition.	2018-01-16 18:52:39 -05:00
users