| Commit message (Expand) | Author | Age | Files | Lines |
* | Update generated policy and doc files2.20221101-r4 | Kenton Groombridge | 2023-03-31 | 1 | -806/+944 |
* | Merge upstream | Kenton Groombridge | 2023-03-31 | 1 | -1/+1 |
* | systemd: allow systemd-resolved to search directories on tmpfs and ramfs | Yi Zhao | 2023-03-31 | 1 | -0/+2 |
* | kubernetes: allow kubelet to read etc runtime files | Kenton Groombridge | 2023-03-31 | 1 | -0/+2 |
* | glusterfs: allow glusterd to bind to all TCP unreserved ports | Kenton Groombridge | 2023-03-31 | 1 | -0/+1 |
* | fstools: allow fsadm to read utab | Kenton Groombridge | 2023-03-31 | 1 | -1/+1 |
* | raid: allow mdadm to create generic links in /dev/md | Kenton Groombridge | 2023-03-31 | 1 | -0/+2 |
* | raid: allow mdadm to read udev runtime files | Kenton Groombridge | 2023-03-31 | 1 | -0/+2 |
* | init: allow initrc_t to create netlink_kobject_uevent_sockets | Kenton Groombridge | 2023-03-31 | 1 | -0/+1 |
* | systemd: allow systemd-resolved to bind to UDP port 5353 | Kenton Groombridge | 2023-03-31 | 1 | -0/+1 |
* | init: allow systemd-init to set the attributes of unallocated terminals | Kenton Groombridge | 2023-03-31 | 1 | -0/+1 |
* | fs, init: allow systemd-init to set the attributes of efivarfs files | Kenton Groombridge | 2023-03-31 | 2 | -0/+21 |
* | systemd: allow systemd-pcrphase to read generic certs | Kenton Groombridge | 2023-03-31 | 1 | -0/+2 |
* | systemd: add rules for systemd-zram-generator | Kenton Groombridge | 2023-03-31 | 1 | -3/+6 |
* | files, systemd: allow systemd-tmpfiles to relabel config file symlinks | Kenton Groombridge | 2023-03-31 | 2 | -1/+21 |
* | logging, systemd: allow relabelfrom,relabelto on systemd journal files by sys... | Kenton Groombridge | 2023-03-31 | 2 | -0/+20 |
* | fs, udev: allow systemd-udevd various cgroup perms | Kenton Groombridge | 2023-03-31 | 2 | -2/+44 |
* | logging: allow systemd-journald to list cgroups | Kenton Groombridge | 2023-03-31 | 1 | -0/+2 |
* | systemd: allow systemd-userdbd to getcap | Kenton Groombridge | 2023-03-31 | 1 | -1/+1 |
* | init: allow initrc_t to getcap | Kenton Groombridge | 2023-03-31 | 1 | -1/+1 |
* | init, systemd: allow init to create userdb runtime symlinks | Kenton Groombridge | 2023-03-31 | 2 | -0/+19 |
* | various: make /etc/machine-id etc_runtime_t | Kenton Groombridge | 2023-03-31 | 3 | -0/+9 |
* | init: make init_runtime_t useable for systemd units | Kenton Groombridge | 2023-03-31 | 1 | -0/+1 |
* | zfs: add runtime filetrans for dirs | Kenton Groombridge | 2023-03-31 | 1 | -1/+1 |
* | zfs: allow sending signals to itself | Kenton Groombridge | 2023-03-31 | 1 | -1/+1 |
* | kernel, zfs: add filetrans for kernel creating zpool cache file | Kenton Groombridge | 2023-03-31 | 2 | -0/+21 |
* | netutils: fixes for iftop | Kenton Groombridge | 2023-03-31 | 2 | -0/+3 |
* | podman, selinux: move lines, add missing rules for --network=host | Kenton Groombridge | 2023-03-31 | 2 | -3/+44 |
* | redis: add missing rules for runtime filetrans | Kenton Groombridge | 2023-03-31 | 1 | -0/+2 |
* | node_exporter: various fixes | Kenton Groombridge | 2023-03-31 | 1 | -1/+8 |
* | container: fixes for podman run --log-driver=passthrough | Kenton Groombridge | 2023-03-31 | 1 | -0/+3 |
* | container: fixes for podman 4.4.0 | Kenton Groombridge | 2023-03-31 | 1 | -0/+7 |
* | container, init, systemd: add policy for quadlet | Kenton Groombridge | 2023-03-31 | 4 | -1/+34 |
* | container: Allow user namespace creation for all container engines. | Chris PeBenito | 2023-03-31 | 1 | -0/+1 |
* | systemd: Allow user namespace creation. | Chris PeBenito | 2023-03-31 | 2 | -0/+3 |
* | mozilla: Allow user namespace creation. | Chris PeBenito | 2023-03-31 | 1 | -0/+1 |
* | chromium: Allow user namespace creation. | Chris PeBenito | 2023-03-31 | 1 | -0/+1 |
* | Define user_namespace object class. | Chris PeBenito | 2023-03-31 | 2 | -0/+7 |
* | systemd: allow systemd-sysctl to search directories on ramfs | Yi Zhao | 2023-03-31 | 1 | -0/+1 |
* | systemd: add capability sys_resource to systemd_userdbd_t | Yi Zhao | 2023-03-31 | 1 | -1/+1 |
* | Set label systemd-oomd | Luca Boccassi | 2023-03-31 | 1 | -0/+1 |
* | portage: add misc mising rules | Corentin LABBE | 2023-03-31 | 2 | -2/+11 |
* | portage: cleanup duplicated file contexts | Kenton Groombridge | 2023-02-13 | 1 | -9/+0 |
* | Merge upstream | Kenton Groombridge | 2023-02-13 | 1 | -1/+1 |
* | sysnetwork: Rename sysnet_dontaudit_rw_dhcpc_unix_dgram_sockets() | Chris PeBenito | 2023-02-13 | 1 | -1/+1 |
* | Signed-off-by: George Zenner <zen@pyl.onl> | George Zenner | 2023-02-13 | 1 | -0/+19 |
* | container: add missing filetrans and filecon for containerd/docker | Kenton Groombridge | 2023-02-13 | 2 | -1/+2 |
* | lvm: Add fc entry for /etc/multipath/* | Chris PeBenito | 2023-02-13 | 1 | -0/+2 |
* | iscsi: Read initiatorname.iscsi. | Chris PeBenito | 2023-02-13 | 1 | -0/+2 |
* | openvpn: Allow netlink genl | David Sommerseth | 2023-02-13 | 1 | -0/+1 |