refpolicy (2:2.20110726-12) unstable; urgency=low
* Team upload.
[ Russel Coker ]
* Label ~/.adobe(/.*)? as mozilla_home_t for flash
* Label /usr/sbin/opendkim as dkim_milter_exec_t
* Label postalias as postfix_master_exec_t for newaliases
* Make postfix.pp not depend on unconfined.pp for "strict" configurations
* Label port 5546 as dhcpc_port_t and allow dhcpc_t to bind to TCP for
client control
* Label /usr/lib/kde4/libexec/* and /usr/lib/gvfs/* as bin_t for desktops
* Label /run/pm-utils(/.*)? as devicekit_var_run_t not hald_var_run_t
* Allow user roles access to mozilla_t classes shm and sem for sharing
the sound device
* Allow user roles access to mozilla_tmp_t
* Label /sbin/xtables-multi (the new iptables)
* Allow watchdog_t to read syslog pid files for process watching
* Allow lvm_t (systemd-cryptsetup) systemd_manage_passwd_run() access
* Allow systemd_passwd_agent_t access to search selinuxfs and write to
the console for getting a password for encrypted filesystems
* Label /usr/lib/dovecot/auth as dovecot_auth_exec_t.
Label /usr/lib/dovecot/dovecot-lda as lda_exec_t
Label /usr/lib/dovecot/libdovecot.*\.so.* as lib_t
Closes: #690225
-- Mika Pflüger <email address hidden> Fri, 30 Nov 2012 00:28:21 +0100