nnd
/
selinux-refpolicy
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
selinux-refpolicy/policy/modules/services
History
Amisha Jain 7a33b4bc87 Sepolicy changes for bluez to access uhid 
Resolve selinux premission for HID

Below avc denials that are fixed with this patch -

avc:  denied  { read write } for  pid=656 comm="bluetoothd" name="uhid" dev="devtmpfs" ino=841 scontext=system_u:system_r:bluetooth_t:s0-s15:c0.c1023 tcontext=system_u:object_r:uhid_device_t:s0 tclass=chr_file permissive=0

Signed-off-by: Amisha Jain <quic_amisjain@quicinc.com>
 		2024-06-05 14:50:39 -04:00
..
abrt.fc
abrt.if
abrt.te
accountsd.fc
accountsd.if
accountsd.te
acpi.fc
acpi.if
acpi.te
afs.fc
afs.if
afs.te
aisexec.fc
aisexec.if
aisexec.te
amavis.fc
amavis.if
amavis.te
apache.fc
apache.if
apache.te
apcupsd.fc
apcupsd.if
apcupsd.te
aptcacher.fc
aptcacher.if
aptcacher.te
arpwatch.fc
arpwatch.if
arpwatch.te
asterisk.fc
asterisk.if
asterisk.te asterisk: allow binding to all unreserved UDP ports 2024-05-09 10:00:51 -04:00
automount.fc
automount.if
automount.te
avahi.fc
avahi.if
avahi.te small ntp and dns changes (#703) 2023-09-25 11:01:12 -04:00
bind.fc
bind.if
bind.te bind: fix for named service 2023-10-02 16:38:12 +08:00
bird.fc
bird.if
bird.te
bitlbee.fc
bitlbee.if
bitlbee.te
bluetooth.fc
bluetooth.if Adding Sepolicy rules to allow bluetoothctl and dbus-daemon to access unix stream sockets. 2024-06-04 09:08:18 -04:00
bluetooth.te Sepolicy changes for bluez to access uhid 2024-06-05 14:50:39 -04:00
boinc.fc
boinc.if
boinc.te
bugzilla.fc
bugzilla.if
bugzilla.te
cachefilesd.fc
cachefilesd.if
cachefilesd.te
canna.fc
canna.if
canna.te
certbot.fc
certbot.if
certbot.te certbot: Drop execmem. 2024-04-29 14:20:24 -04:00
certmaster.fc
certmaster.if
certmaster.te
certmonger.fc
certmonger.if
certmonger.te Let the certmonger module manage SSL Private Keys 2023-11-20 17:09:31 +01:00
cgmanager.fc
cgmanager.if
cgmanager.te
cgroup.fc
cgroup.if
cgroup.te
chronyd.fc
chronyd.if Denial during cockpit use 2024-01-26 21:32:08 -05:00
chronyd.te chronyd: Read /dev/urandom. 2024-02-21 16:45:39 -05:00
clamav.fc
clamav.if
clamav.te policy patches for anti-spam daemons (#698) 2023-09-21 12:01:24 -04:00
cobbler.fc
cobbler.if
cobbler.te
cockpit.fc SELinux policy for cockpit 2024-01-26 21:05:27 -05:00
cockpit.if Need map perm for cockpit 300.4 2024-05-05 22:14:39 -04:00
cockpit.te Allow key manipulation 2024-01-26 21:05:28 -05:00
collectd.fc
collectd.if
collectd.te
colord.fc
colord.if
colord.te Resolve some denials with colord 2023-09-19 13:52:50 -04:00
comsat.fc
comsat.if
comsat.te
condor.fc
condor.if
condor.te
consolesetup.fc
consolesetup.if
consolesetup.te consolesetup: update 2024-02-23 17:55:29 +01:00
container.fc container: add filecons for rook-ceph 2024-02-10 21:10:38 -05:00
container.if container, podman: various fixes 2024-05-09 10:13:29 -04:00
container.te container, crio, kubernetes: minor fixes 2024-05-09 10:13:37 -04:00
corosync.fc
corosync.if
corosync.te
couchdb.fc
couchdb.if
couchdb.te
courier.fc misc small email changes (#704) 2023-09-28 09:57:18 -04:00
courier.if
courier.te misc small email changes (#704) 2023-09-28 09:57:18 -04:00
cpucontrol.fc
cpucontrol.if
cpucontrol.te
crio.fc
crio.if
crio.te container, crio, kubernetes: minor fixes 2024-05-09 10:13:37 -04:00
cron.fc
cron.if misc small patches for cron policy (#701) 2023-09-28 09:46:14 -04:00
cron.te cron: Use raw entrypoint rule for system_cronjob_t. 2024-04-26 14:21:12 -04:00
ctdb.fc
ctdb.if
ctdb.te
cups.fc cups: Remove PTAL. 2024-04-26 14:21:12 -04:00
cups.if cups: Remove PTAL. 2024-04-26 14:21:12 -04:00
cups.te cups: Remove PTAL. 2024-04-26 14:21:12 -04:00
cvs.fc
cvs.if
cvs.te
cyphesis.fc
cyphesis.if
cyphesis.te
cyrus.fc
cyrus.if
cyrus.te
dante.fc
dante.if
dante.te
dbskk.fc
dbskk.if
dbskk.te
dbus.fc
dbus.if dbus changes 2024-01-02 15:18:55 -05:00
dbus.te Merge pull request #780 from pebenito/quic_nakella-gatt 2024-06-04 09:54:45 -04:00
ddclient.fc
ddclient.if
ddclient.te
devicekit.fc
devicekit.if
devicekit.te devicedisk: reorder optional block 2024-01-10 17:02:41 +01:00
dhcp.fc
dhcp.if
dhcp.te
dictd.fc
dictd.if
dictd.te
dirmngr.fc
dirmngr.if
dirmngr.te
distcc.fc
distcc.if
distcc.te
djbdns.fc
djbdns.if
djbdns.te
dkim.fc policy patches for anti-spam daemons (#698) 2023-09-21 12:01:24 -04:00
dkim.if
dkim.te policy patches for anti-spam daemons (#698) 2023-09-21 12:01:24 -04:00
dnsmasq.fc
dnsmasq.if
dnsmasq.te small ntp and dns changes (#703) 2023-09-25 11:01:12 -04:00
docker.fc
docker.if
docker.te docker: Fix dockerc typo in container_engine_executable_file 2024-04-26 14:21:12 -04:00
dovecot.fc
dovecot.if
dovecot.te dovecot: allow dovecot-auth to read SASL keytab 2024-05-09 10:00:23 -04:00
drbd.fc
drbd.if
drbd.te
eg25manager.fc
eg25manager.if
eg25manager.te Changes to eg25manager and modemmanager needed for firmware upload on pinephonepro 2023-10-07 13:56:52 +11:00
entropyd.fc
entropyd.if
entropyd.te
exim.fc
exim.if
exim.te misc small email changes (#704) 2023-09-28 09:57:18 -04:00
fail2ban.fc
fail2ban.if
fail2ban.te fail2ban: allow reading net sysctls 2024-05-09 10:00:23 -04:00
fcoe.fc
fcoe.if
fcoe.te
fetchmail.fc
fetchmail.if
fetchmail.te
finger.fc
finger.if
finger.te
firewalld.fc
firewalld.if
firewalld.te Firewalld need to relabel direct.xml file 2024-01-07 17:15:36 -05:00
fprintd.fc
fprintd.if
fprintd.te
ftp.fc small network patches (#707) 2023-09-25 11:44:52 -04:00
ftp.if
ftp.te small network patches (#707) 2023-09-25 11:44:52 -04:00
gatekeeper.fc
gatekeeper.if
gatekeeper.te
gdomap.fc
gdomap.if
gdomap.te
geoclue.fc
geoclue.if
geoclue.te Daemon to monitor memory pressure and notify applications and change … (#670) 2023-09-14 09:15:09 -04:00
git.fc git: add fcontext for default binary 2023-12-28 17:52:08 +01:00
git.if
git.te
glance.fc
glance.if
glance.te
glusterfs.fc
glusterfs.if
glusterfs.te glusterfs: add tunable to allow managing unlabeled files 2023-12-17 23:42:04 -05:00
gnomeclock.fc
gnomeclock.if
gnomeclock.te
gpm.fc
gpm.if
gpm.te
gpsd.fc
gpsd.if
gpsd.te
gssproxy.fc
gssproxy.if
gssproxy.te
hadoop.fc
hadoop.if
hadoop.te
hddtemp.fc
hddtemp.if
hddtemp.te
hostapd.fc
hostapd.if
hostapd.te
hypervkvp.fc
hypervkvp.if
hypervkvp.te
i18n_input.fc
i18n_input.if
i18n_input.te
icecast.fc
icecast.if
icecast.te
ifplugd.fc
ifplugd.if
ifplugd.te
iiosensorproxy.fc
iiosensorproxy.if
iiosensorproxy.te
inetd.fc
inetd.if
inetd.te small network patches (#707) 2023-09-25 11:44:52 -04:00
inn.fc
inn.if
inn.te
iodine.fc
iodine.if
iodine.te
ircd.fc
ircd.if
ircd.te
irqbalance.fc
irqbalance.if
irqbalance.te
isns.fc
isns.if
isns.te
jabber.fc
jabber.if
jabber.te allow jabbers to create sock file and allow matrixd to read sysfs (#705) 2023-09-26 09:48:31 -04:00
kerberos.fc
kerberos.if
kerberos.te
kerneloops.fc
kerneloops.if
kerneloops.te
keystone.fc
keystone.if
keystone.te
knot.fc
knot.if
knot.te
ksmtuned.fc
ksmtuned.if
ksmtuned.te
kubernetes.fc
kubernetes.if container: allow spc to map kubernetes runtime files 2024-02-21 15:33:39 -05:00
kubernetes.te various: various fixes 2024-05-09 10:13:37 -04:00
l2tp.fc
l2tp.if
l2tp.te
ldap.fc
ldap.if
ldap.te
likewise.fc
likewise.if
likewise.te
lircd.fc
lircd.if
lircd.te
lldpad.fc
lldpad.if
lldpad.te
lowmemorymonitor.fc Daemon to monitor memory pressure and notify applications and change … (#670) 2023-09-14 09:15:09 -04:00
lowmemorymonitor.if Daemon to monitor memory pressure and notify applications and change … (#670) 2023-09-14 09:15:09 -04:00
lowmemorymonitor.te Daemon to monitor memory pressure and notify applications and change … (#670) 2023-09-14 09:15:09 -04:00
lpd.fc
lpd.if
lpd.te
lsm.fc
lsm.if
lsm.te
mailman.fc
mailman.if
mailman.te
matrixd.fc
matrixd.if
matrixd.te matrixd: add tunable for binding to all unreserved ports 2024-05-09 10:00:54 -04:00
mediawiki.fc
mediawiki.if
mediawiki.te
memcached.fc
memcached.if
memcached.te
memlockd.fc
memlockd.if
memlockd.te
metadata.xml
milter.fc policy patches for anti-spam daemons (#698) 2023-09-21 12:01:24 -04:00
milter.if
milter.te policy patches for anti-spam daemons (#698) 2023-09-21 12:01:24 -04:00
minidlna.fc
minidlna.if
minidlna.te
minissdpd.fc
minissdpd.if
minissdpd.te minissdpd: Revoke kernel module loading permissions. 2024-04-26 14:21:12 -04:00
modemmanager.fc
modemmanager.if
modemmanager.te Changes to eg25manager and modemmanager needed for firmware upload on pinephonepro 2023-10-07 13:56:52 +11:00
mojomojo.fc
mojomojo.if
mojomojo.te
mon.fc
mon.if
mon.te mon.te patches as well as some fstools patches related to it (#697) 2023-09-28 09:55:56 -04:00
mongodb.fc
mongodb.if
mongodb.te
monit.fc
monit.if
monit.te
monop.fc
monop.if
monop.te
mpd.fc
mpd.if
mpd.te
mta.fc
mta.if misc small email changes (#704) 2023-09-28 09:57:18 -04:00
mta.te misc small email changes (#704) 2023-09-28 09:57:18 -04:00
munin.fc
munin.if
munin.te
mysql.fc
mysql.if
mysql.te Added tmpfs file type for postgresql 2023-09-22 19:09:12 +10:00
nagios.fc
nagios.if
nagios.te
nessus.fc
nessus.if
nessus.te
networkmanager.fc
networkmanager.if
networkmanager.te small network patches (#707) 2023-09-25 11:44:52 -04:00
nis.fc
nis.if
nis.te
node_exporter.fc
node_exporter.if
node_exporter.te
nscd.fc
nscd.if
nscd.te xen: Drop xend/xm stack. 2024-04-29 14:20:19 -04:00
nsd.fc
nsd.if
nsd.te
nslcd.fc
nslcd.if
nslcd.te
ntop.fc
ntop.if
ntop.te
ntp.fc small ntp and dns changes (#703) 2023-09-25 11:01:12 -04:00
ntp.if small ntp and dns changes (#703) 2023-09-25 11:01:12 -04:00
ntp.te
numad.fc
numad.if
numad.te
nut.fc
nut.if
nut.te
nx.fc
nx.if
nx.te
obex.fc
obex.if
obex.te Adding Sepolicy rules to allow bluetoothctl and dbus-daemon to access unix stream sockets. 2024-06-04 09:08:18 -04:00
obfs4proxy.fc
obfs4proxy.if
obfs4proxy.te
oddjob.fc
oddjob.if
oddjob.te
oident.fc
oident.if
oident.te
openca.fc
openca.if
openca.te
openct.fc
openct.if
openct.te
openhpi.fc
openhpi.if
openhpi.te
opensm.fc
opensm.if
opensm.te
openvpn.fc
openvpn.if
openvpn.te small network patches (#707) 2023-09-25 11:44:52 -04:00
openvswitch.fc
openvswitch.if
openvswitch.te
pacemaker.fc
pacemaker.if
pacemaker.te
pads.fc
pads.if
pads.te
pcscd.fc
pcscd.if
pcscd.te
pegasus.fc
pegasus.if
pegasus.te xen: Drop xend/xm stack. 2024-04-29 14:20:19 -04:00
perdition.fc
perdition.if
perdition.te
pingd.fc
pingd.if
pingd.te
pkcs.fc
pkcs.if
pkcs.te
plymouthd.fc
plymouthd.if
plymouthd.te
podman.fc
podman.if
podman.te container, podman: various fixes 2024-05-09 10:13:29 -04:00
policykit.fc
policykit.if
policykit.te
portmap.fc
portmap.if
portmap.te
portreserve.fc
portreserve.if
portreserve.te
portslave.fc
portslave.if
portslave.te
postfix.fc
postfix.if misc small email changes (#704) 2023-09-28 09:57:18 -04:00
postfix.te misc small email changes (#704) 2023-09-28 09:57:18 -04:00
postfixpolicyd.fc
postfixpolicyd.if
postfixpolicyd.te
postgresql.fc
postgresql.if SELint userspace class tweaks 2024-01-10 17:02:41 +01:00
postgresql.te postgres: add a standalone execmem tunable 2024-05-09 10:00:51 -04:00
postgrey.fc
postgrey.if
postgrey.te
powerprofiles.fc policy for power profiles daemon, used to change power settings 2023-09-19 22:51:22 +10:00
powerprofiles.if policy for power profiles daemon, used to change power settings 2023-09-19 22:51:22 +10:00
powerprofiles.te policy for power profiles daemon, used to change power settings 2023-09-19 22:51:22 +10:00
ppp.fc small network patches (#707) 2023-09-25 11:44:52 -04:00
ppp.if
ppp.te small network patches (#707) 2023-09-25 11:44:52 -04:00
prelude.fc
prelude.if
prelude.te
privoxy.fc
privoxy.if
privoxy.te
procmail.fc
procmail.if
procmail.te
psad.fc
psad.if
psad.te
publicfile.fc
publicfile.if
publicfile.te
pwauth.fc
pwauth.if
pwauth.te
pxe.fc
pxe.if
pxe.te
pyzor.fc
pyzor.if
pyzor.te
qmail.fc
qmail.if
qmail.te
qpid.fc
qpid.if
qpid.te
quantum.fc
quantum.if
quantum.te
rabbitmq.fc
rabbitmq.if
rabbitmq.te
radius.fc
radius.if
radius.te
radvd.fc
radvd.if
radvd.te
rasdaemon.fc policy for the Reliability Availability servicability daemon (#690) 2023-09-21 10:22:36 -04:00
rasdaemon.if policy for the Reliability Availability servicability daemon (#690) 2023-09-21 10:22:36 -04:00
rasdaemon.te policy for the Reliability Availability servicability daemon (#690) 2023-09-21 10:22:36 -04:00
razor.fc
razor.if
razor.te
rdisc.fc
rdisc.if
rdisc.te
realmd.fc
realmd.if
realmd.te
redis.fc
redis.if
redis.te
remotelogin.fc
remotelogin.if
remotelogin.te
resmgr.fc
resmgr.if
resmgr.te
rhsmcertd.fc
rhsmcertd.if
rhsmcertd.te
rlogin.fc
rlogin.if
rlogin.te
rngd.fc
rngd.if
rngd.te
rootlesskit.fc
rootlesskit.if
rootlesskit.te
rpc.fc rpc: fix not labeling exports.d directory 2024-02-21 15:31:24 -05:00
rpc.if zfs: allow zfs to write to exports 2024-02-21 15:30:53 -05:00
rpc.te small network patches (#707) 2023-09-25 11:44:52 -04:00
rpcbind.fc
rpcbind.if
rpcbind.te
rshd.fc
rshd.if
rshd.te
rsync.fc
rsync.if
rsync.te
rtkit.fc
rtkit.if
rtkit.te
rwho.fc
rwho.if
rwho.te
samba.fc
samba.if
samba.te small storage changes (#706) 2023-09-25 11:46:04 -04:00
sanlock.fc
sanlock.if
sanlock.te
sasl.fc
sasl.if
sasl.te
sendmail.fc
sendmail.if
sendmail.te misc small email changes (#704) 2023-09-28 09:57:18 -04:00
sensord.fc
sensord.if
sensord.te
setroubleshoot.fc
setroubleshoot.if
setroubleshoot.te
shibboleth.fc
shibboleth.if
shibboleth.te
slpd.fc
slpd.if
slpd.te
slrnpull.fc
slrnpull.if
slrnpull.te
smartmon.fc files context for merged-usr profile on gentoo 2024-05-08 13:46:48 +02:00
smartmon.if small storage changes (#706) 2023-09-25 11:46:04 -04:00
smartmon.te policy/modules/services/smartmon.te: make fstools optional 2023-11-29 08:37:25 +01:00
smokeping.fc
smokeping.if
smokeping.te
smstools.fc
smstools.if
smstools.te
snmp.fc
snmp.if
snmp.te xen: Drop xend/xm stack. 2024-04-29 14:20:19 -04:00
snort.fc
snort.if
snort.te
soundserver.fc
soundserver.if
soundserver.te
spamassassin.fc
spamassassin.if Under request from Christopher PeBenito, merge the 2023-09-18 15:40:11 +02:00
spamassassin.te policy patches for anti-spam daemons (#698) 2023-09-21 12:01:24 -04:00
squid.fc
squid.if
squid.te
ssh.fc
ssh.if init: allow systemd to use sshd pidfds 2024-05-09 10:00:18 -04:00
ssh.te
sssd.fc
sssd.if
sssd.te
stubby.fc
stubby.if
stubby.te
stunnel.fc
stunnel.if
stunnel.te
svnserve.fc
svnserve.if
svnserve.te
switcheroo.fc switcheroo is a daemon to manage discrete vs integrated GPU use for apps 2023-09-14 23:41:57 +10:00
switcheroo.if switcheroo is a daemon to manage discrete vs integrated GPU use for apps 2023-09-14 23:41:57 +10:00
switcheroo.te switcheroo: Whitespace fix. 2023-09-18 09:21:26 -04:00
sympa.fc
sympa.if
sympa.te
sysstat.fc
sysstat.if
sysstat.te
systemtap.fc
systemtap.if
systemtap.te
tcpd.fc
tcpd.if
tcpd.te
tcsd.fc
tcsd.if
tcsd.te
telnet.fc
telnet.if
telnet.te
tftp.fc
tftp.if
tftp.te
tgtd.fc
tgtd.if
tgtd.te
thunderbolt.fc
thunderbolt.if
thunderbolt.te
timidity.fc
timidity.if
timidity.te
tor.fc
tor.if
tor.te
tpm2.fc
tpm2.if
tpm2.te
transproxy.fc
transproxy.if
transproxy.te
tuned.fc
tuned.if
tuned.te
ucspitcp.fc
ucspitcp.if
ucspitcp.te
ulogd.fc
ulogd.if
ulogd.te
uptime.fc
uptime.if
uptime.te
usbmuxd.fc
usbmuxd.if
usbmuxd.te
uucp.fc
uucp.if
uucp.te
uuidd.fc
uuidd.if
uuidd.te
uwimap.fc
uwimap.if
uwimap.te
varnishd.fc
varnishd.if
varnishd.te
vdagent.fc
vdagent.if
vdagent.te
vhostmd.fc
vhostmd.if
vhostmd.te xen: Drop xend/xm stack. 2024-04-29 14:20:19 -04:00
virt.fc virt: label qemu configuration directory 2024-02-23 17:16:44 +01:00
virt.if
virt.te xen: Drop xend/xm stack. 2024-04-29 14:20:19 -04:00
vnstatd.fc
vnstatd.if
vnstatd.te vnstatd: update 2024-02-23 17:55:29 +01:00
watchdog.fc
watchdog.if
watchdog.te
wdmd.fc
wdmd.if
wdmd.te
wireguard.fc
wireguard.if
wireguard.te
xfs.fc
xfs.if
xfs.te
xserver.fc Merge branch 'main' into x_fixes_pr2 2023-09-19 01:31:50 +02:00
xserver.if SELint userspace class tweaks 2024-01-10 17:02:41 +01:00
xserver.te debian motd.d directory (#689) 2023-09-21 10:21:25 -04:00
zabbix.fc
zabbix.if
zabbix.te
zarafa.fc
zarafa.if
zarafa.te
zebra.fc
zebra.if
zebra.te
zfs.fc
zfs.if
zfs.te zfs: allow zfs to write to exports 2024-02-21 15:30:53 -05:00
zosremote.fc
zosremote.if
zosremote.te