Ubuntu
refpolicy package

refpolicy 2:2.20161023.1-10 source package in Ubuntu

Changelog

refpolicy (2:2.20161023.1-10) unstable; urgency=medium

  * Add patch for typebounds. This patch was rejected upstream, to quote
    Chris PeBenito:
    NAK.  This has already been fixed with the upcoming nnp_transition
    nosuid_transition permissions in refpolicy.  I'm afraid distros will
    have to carry policy patches until they can roll out kernels that
    support these permissions.
    https://marc.info/?l=selinux&m=150151037511601&w=2
    Closes: #874201
  * Allow systemd-tmpfiles to delete /var/lib/sudo files.
    Closes: #875668
  * Allow brctl to create files in sysfs and correctly label
    /usr/lib/bridge-utils/.*\.sh
    Closes: #875669
  * Give bootloader_t all the access it needs to create initramfs images in
    different situations and communicate with dpkg_t.
    Closes: #875676
  * Allow dnsmasq_t to read it's config dir
    Closes: #875681
  * Build-depend and depend on version 2.7 of tools and libraries.
  * Allow systemd_tmpfiles_t to manage lastlog_t
    Closes: #875726
  * Allow udev_t to talk to init via dbus and get service status in strict
    configuration
    Closes: #875727

 -- Russell Coker <email address hidden>  Wed, 13 Sep 2017 23:47:21 +1000

Upload details

Uploaded by:
Debian SELinux maintainers
Uploaded to:
Sid
Original maintainer:
Debian SELinux maintainers
Architectures:
all
Section:
admin
Urgency:
Medium Urgency

See full publishing history Publishing

Series Pocket Published Component Section

Builds

Bionic: [FULLYBUILT] amd64

Downloads

File Size SHA-256 Checksum
refpolicy_2.20161023.1-10.dsc 2.4 KiB c4a16344a37780651aef6252ccc80de43a30759ad1a4de155a38c1e355556488
refpolicy_2.20161023.1.orig.tar.bz2 705.6 KiB f056de551c17bbbd2775dfa63a94434538548c90ed1e0f0b6c2be6bf9b123e4f
refpolicy_2.20161023.1-10.debian.tar.xz 113.3 KiB e78017997bf1418dad78cf70bd14c9f5b30b054b03b947e90517df4258c9ca39

No changes file available.

Binary packages built by this source

selinux-policy-default: Strict and Targeted variants of the SELinux policy

 This is the reference policy for SE Linux. In the default configuration it
 will provide the functionality previously known as the "targeted" policy. If
 the module "unconfined" is removed then it provides the functionality
 previously known as the "strict" policy.
 .
 This uses the MMCS system of categories.

selinux-policy-dev: Headers from the SELinux reference policy for building modules

 The SELinux Reference Policy (refpolicy) is a complete SELinux
 policy, as an alternative to the existing strict and targeted
 policies available from http://selinux.sf.net. The goal is to have
 this policy as the system policy, be and used as the basis for
 creating other policies. Refpolicy is based on the current strict and
 targeted policies, but aims to accomplish many additional
 goals:
  + Strong Modularity
  + Clearly stated security Goals
  + Documentation
  + Development Tool Support
  + Forward Looking
  + Configurability
  + Flexible Base Policy
  + Application Policy Variations
  + Multi-Level Security
 .
 This package provides header files for building your own SELinux
 policy packages compatible with official policy packages.

selinux-policy-doc: Documentation for the SELinux reference policy

 The SELinux Reference Policy (refpolicy) is a complete SELinux
 policy, as an alternative to the existing strict and targeted
 policies available from http://selinux.sf.net. The goal is to have
 this policy as the system policy, be and used as the basis for
 creating other policies. Refpolicy is based on the current strict and
 targeted policies, but aims to accomplish many additional
 goals:
  + Strong Modularity
  + Clearly stated security Goals
  + Documentation
  + Development Tool Support
  + Forward Looking
  + Configurability
  + Flexible Base Policy
  + Application Policy Variations
  + Multi-Level Security
 .
 This package contains the documentation for the reference policy.

selinux-policy-mls: MLS (Multi Level Security) variant of the SELinux policy

 This is the reference policy for SE Linux built with MLS support. It allows
 giving data labels such as "Top Secret" and preventing such data from leaking
 to processes or files with lower classification.
 .
 It was developed for Common Criteria LSPP certification for RHEL. It will
 probably never be well supported in Debian and is only recommended for
 students who want to learn about the security features used by the military.

selinux-policy-src: Source of the SELinux reference policy for customization

 The SELinux Reference Policy (refpolicy) is a complete SELinux
 policy, as an alternative to the existing strict and targeted
 policies available from http://selinux.sf.net. The goal is to have
 this policy as the system policy, be and used as the basis for
 creating other policies. Refpolicy is based on the current strict and
 targeted policies, but aims to accomplish many additional
 goals:
  + Strong Modularity
  + Clearly stated security Goals
  + Documentation
  + Development Tool Support
  + Forward Looking
  + Configurability
  + Flexible Base Policy
  + Application Policy Variations
  + Multi-Level Security
 .
 This is the source of the policy, provided so that local variations of
 SELinux policy may be created.