ID | 25471 |
Package Name | container-selinux |
Version | 2.55 |
Release | 12.gitd248f91.fc29 |
Epoch | 2 |
Summary |
Description |
Built by | davidlt |
State |
complete
|
Volume |
DEFAULT |
Started | Tue, 15 May 2018 18:49:38 UTC |
Completed | Tue, 15 May 2018 18:49:38 UTC |
Tags |
|
RPMs |
src | |
|
container-selinux-2.55-12.gitd248f91.fc29.src.rpm (info) (download) |
noarch |
|
container-selinux-2.55-12.gitd248f91.fc29.noarch.rpm (info) (download)
|
|
Changelog |
* Tue Apr 17 2018 Lokesh Mandvekar (Bot) <lsm5+bot@fedoraproject.org> - 2:2.55-12.gitd248f91
- autobuilt commit d248f91
* Tue Apr 17 2018 Lokesh Mandvekar (Bot) <lsm5+bot@fedoraproject.org> - 2:2.55-11.gitd248f91
- autobuilt commit d248f91
* Mon Apr 16 2018 Lokesh Mandvekar (Bot) <lsm5+bot@fedoraproject.org> - 2:2.55-10.gitd248f91
- autobuilt commit d248f91
* Mon Apr 16 2018 Lokesh Mandvekar (Bot) <lsm5+bot@fedoraproject.org> - 2:2.55-9.gitd248f91
- autobuilt commit d248f91
* Mon Apr 16 2018 Lokesh Mandvekar (Bot) <lsm5+bot@fedoraproject.org> - 2:2.55-8
- autobuilt commit d248f91
* Mon Apr 16 2018 Lokesh Mandvekar (Bot) <lsm5+bot@fedoraproject.org> - 2:2.55-7
- autobuilt commit d248f91
* Mon Apr 16 2018 Lokesh Mandvekar (Bot) <lsm5+bot@fedoraproject.org> - 2:2.55-6
- autobuilt commit d248f91
* Mon Apr 09 2018 Lokesh Mandvekar (Bot) <lsm5+bot@fedoraproject.org> - 2:2.55-5
- autobuilt commit d248f91
* Mon Apr 09 2018 Lokesh Mandvekar (Bot) <lsm5+bot@fedoraproject.org> - 2:2.55-4
- autobuilt commit d248f91
* Mon Apr 09 2018 Lokesh Mandvekar <lsm5@fedoraproject.org> - 2:2.55-3
- autobuilt commit d248f91
* Mon Apr 09 2018 Lokesh Mandvekar <lsm5@fedoraproject.org> - 2:2.55-2
- autobuilt commit d248f91
* Thu Mar 15 2018 Dan Walsh <dwalsh@fedoraproject.org> - 2.55-1
- Dontaudit attempts by containers to write to /proc/self
* Wed Mar 14 2018 Dan Walsh <dwalsh@fedoraproject.org> - 2.54-1
- Add rules for container domains to make writing custom policy easier
- Allow shell_exec_t as a container_runtime_t entrypoint
* Thu Mar 08 2018 Dan Walsh <dwalsh@fedoraproject.org> - 2.52-1
- Add rules for container domains to make writing custom policy easier
* Thu Mar 08 2018 Dan Walsh <dwalsh@fedoraproject.org> - 2.51-1
- Allow shell_exec_t as a container_runtime_t entrypoint
* Wed Mar 07 2018 Dan Walsh <dwalsh@fedoraproject.org> - 2.50-1
- Allow bin_t as a container_runtime_t entrypoint
- Add rules for running container runtimes on mls
* Thu Feb 15 2018 Dan Walsh <dwalsh@fedoraproject.org> - 2.48-1
- Allow container domains to map container_file_t directories
* Sat Feb 10 2018 Dan Walsh <dwalsh@fedoraproject.org> - 2.47-1
- Change default label of /exports to container_var_lib_t
* Fri Feb 09 2018 Igor Gnatenko <ignatenkobrain@fedoraproject.org> - 2:2.46-3
- Escape macros in %CHANGELOG
* Wed Feb 07 2018 Fedora Release Engineering <releng@fedoraproject.org> - 2:2.46-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild
* Sat Feb 03 2018 Dan Walsh <dwalsh@fedoraproject.org> - 2.46-1
- Add support for nosuid_transition flags for container_runtime and unconfined domains
* Fri Feb 02 2018 Dan Walsh <dwalsh@fedoraproject.org> - 2.45-1
- Allow containers to sendto their own stream sockets
* Mon Jan 29 2018 Dan Walsh <dwalsh@fedoraproject.org> - 2.44-1
- Allow container domains to read kernel ipc info
* Mon Jan 22 2018 Dan Walsh <dwalsh@fedoraproject.org> - 2.43-1
- Allow containers to memory map the fifo_files leaked into container from
container runtimes.
* Tue Jan 16 2018 Dan Walsh <dwalsh@fedoraproject.org> - 2.42-1
- Allow unconfined domains to transition to container types, when no-new-privs is set.
* Tue Jan 09 2018 Dan Walsh <dwalsh@fedoraproject.org> - 2.41-1
- Add support to nnp_transition for container domains
- Eliminates need for typebounds.
* Tue Jan 09 2018 Dan Walsh <dwalsh@fedoraproject.org> - 2.40-1
- Allow container_runtime_t to use user ttys
- Fixes bounds check for container_t
* Mon Jan 08 2018 Dan Walsh <dwalsh@fedoraproject.org> - 2.39-1
- Allow container runtimes to use interited terminals. This helps
satisfy the bounds check of container_t versus container_runtime_t.
* Sat Jan 06 2018 Dan Walsh <dwalsh@fedoraproject.org> - 2.38-1
- Allow container runtimes to mmap container_file_t devices
- Add labeling for rhel push plugin
* Tue Dec 12 2017 Dan Walsh <dwalsh@fedoraproject.org> - 2.37-1
- Allow containers to use inherited ttys
- Allow ostree to handle labels under /var/lib/containers/ostree
* Mon Nov 27 2017 Dan Walsh <dwalsh@fedoraproject.org> - 2.36-1
- Allow containers to relabelto/from all file types to container_file_t
* Mon Nov 27 2017 Dan Walsh <dwalsh@fedoraproject.org> - 2.35-1
- Allow container to map chr_files labeled container_file_t
* Wed Nov 22 2017 Dan Walsh <dwalsh@fedoraproject.org> - 2.34-1
- Dontaudit container processes getattr on kernel file systems
* Sun Nov 19 2017 Dan Walsh <dwalsh@fedoraproject.org> - 2.33-1
- Allow containers to read /etc/resolv.conf and /etc/hosts if volume
- mounted into container.
* Wed Nov 08 2017 Dan Walsh <dwalsh@fedoraproject.org> - 2.32-1
- Make sure users creating content in /var/lib with right labels
* Thu Oct 26 2017 Dan Walsh <dwalsh@fedoraproject.org> - 2.31-1
- Allow the container runtime to dbus chat with dnsmasq
- add dontaudit rules for container trying to write to /proc
* Tue Oct 10 2017 Dan Walsh <dwalsh@fedoraproject.org> - 2.29-1
- Add support for lxcd
- Add support for labeling of tmpfs storage created within a container.
* Mon Oct 09 2017 Dan Walsh <dwalsh@fedoraproject.org> - 2.28-1
- Allow a container to umount a container_file_t filesystem
* Fri Sep 22 2017 Dan Walsh <dwalsh@fedoraproject.org> - 2.27-1
- Allow container runtimes to work with the netfilter sockets
- Allow container_file_t to be an entrypoint for VM's
- Allow spc_t domains to transition to svirt_t
* Fri Sep 22 2017 Dan Walsh <dwalsh@fedoraproject.org> - 2.24-1
- Make sure container_runtime_t has all access of container_t
* Thu Sep 07 2017 Dan Walsh <dwalsh@fedoraproject.org> - 2.23-1
- Allow container runtimes to create sockets in tmp dirs
* Tue Sep 05 2017 Dan Walsh <dwalsh@fedoraproject.org> - 2.22-1
- Add additonal support for crio labeling.
* Mon Aug 14 2017 Troy Dawson <tdawson@redhat.com> - 2.21-3
- Fixup spec file conditionals
* Wed Jul 26 2017 Fedora Release Engineering <releng@fedoraproject.org> - 2:2.21-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Mass_Rebuild
* Thu Jul 06 2017 Dan Walsh <dwalsh@fedoraproject.org> - 2.21-1
- Allow containers to execmod on container_share_t files.
* Thu Jul 06 2017 Dan Walsh <dwalsh@fedoraproject.org> - 2.20-2
- Relabel runc and crio executables
* Fri Jun 30 2017 Dan Walsh <dwalsh@fedoraproject.org> - 2.20-1
- Allow container processes to getsession
* Mon Jun 12 2017 Dan Walsh <dwalsh@fedoraproject.org> - 2.19-1
- Allow containers to create tun sockets
* Tue Jun 06 2017 Dan Walsh <dwalsh@fedoraproject.org> - 2.18-1
- Fix labeling for CRI-O files in overlay subdirs
* Mon Jun 05 2017 Dan Walsh <dwalsh@fedoraproject.org> - 2.17-1
- Revert change to run the container_runtime as ranged
* Thu Jun 01 2017 Dan Walsh <dwalsh@fedoraproject.org> - 2.16-1
- Add default labeling for cri-o in /etc/crio directories
* Wed May 31 2017 Dan Walsh <dwalsh@fedoraproject.org> - 2.15-1
- Allow container types to read/write container_runtime fifo files
- Allow a container runtime to mount on top of its own /proc
* Fri May 19 2017 Dan Walsh <dwalsh@fedoraproject.org> - 2.14-1
- Add labels for crio rename
- Break container_t rules out to use a separate container_domain
- Allow containers to be able to set namespaced SYCTLS
- Allow sandbox containers manage fuse files.
- Fixes to make container_runtimes work on MLS machines
- Bump version to allow handling of container_file_t filesystems
- Allow containers to mount, remount and umount container_file_t file systems
- Fixes to handle cap_userns
- Give container_t access to XFRM sockets
- Allow spc_t to dbus chat with init system
- Allow spc_t to dbus chat with init system
- Add rules to allow container runtimes to run with unconfined disabled
- Add rules to support cgroup file systems mounted into container.
- Fix typebounds entrypoint problems
- Fix typebounds problems
- Add typebounds statement for container_t from container_runtime_t
- We should only label runc not runc*
* Tue Feb 28 2017 Dan Walsh <dwalsh@fedoraproject.org> - 2.10-1
- Add rules to allow container runtimes to run with unconfined disabled
- Add rules to support cgroup file systems mounted into container.
* Mon Feb 13 2017 Dan Walsh <dwalsh@fedoraproject.org> - 2.9-1
- Add rules to allow container_runtimes to run with unconfined disabled
* Thu Feb 09 2017 Dan Walsh <dwalsh@fedoraproject.org> - 2:8.1-1
- Allow container_file_t to be stored on cgroup_t file systems
* Tue Feb 07 2017 Dan Walsh <dwalsh@fedoraproject.org> - 2:7.1-1
- Fix type in container interface file
* Mon Feb 06 2017 Dan Walsh <dwalsh@fedoraproject.org> - 2:6.1-1
- Fix typebounds entrypoint problems
* Fri Jan 27 2017 Dan Walsh <dwalsh@fedoraproject.org> - 2:5.1-1
- Fix typebounds problems
* Thu Jan 19 2017 Dan Walsh <dwalsh@fedoraproject.org> - 2:4.1-1
- Add typebounds statement for container_t from container_runtime_t
- We should only label runc not runc*
* Tue Jan 17 2017 Dan Walsh <dwalsh@fedoraproject.org> - 2:3.1-1
- Fix labeling on /usr/bin/runc.*
- Add sandbox_net_domain access to container.te
- Remove containers ability to look at /etc content
* Wed Jan 11 2017 Lokesh Mandvekar <lsm5@fedoraproject.org> - 2:2.2-4
- use upstream's RHEL-1.12 branch, commit 56c32da for CentOS 7
* Tue Jan 10 2017 Jonathan Lebon <jlebon@redhat.com> - 2:2.2-3
- properly disable docker module in %post
* Sat Jan 07 2017 Lokesh Mandvekar <lsm5@fedoraproject.org> - 2:2.2-2
- depend on selinux-policy-targeted
- relabel docker-latest* files as well
* Fri Jan 06 2017 Lokesh Mandvekar <lsm5@fedoraproject.org> - 2:2.2-1
- bump to v2.2
- additional labeling for ocid
* Fri Jan 06 2017 Lokesh Mandvekar <lsm5@fedoraproject.org> - 2:2.0-2
- install policy at level 200
- From: Dan Walsh <dwalsh@redhat.com>
* Fri Jan 06 2017 Lokesh Mandvekar <lsm5@fedoraproject.org> - 2:2.0-1
- Resolves: #1406517 - bump to v2.0 (first upload to Fedora as a
standalone package)
- include projectatomic/RHEL-1.12 branch commit for building on centos/rhel
* Mon Dec 19 2016 Lokesh Mandvekar <lsm5@fedoraproject.org> - 2:1.12.4-29
- new package (separated from docker)
|