diff options
author | Dominick Grift <dominick.grift@defensec.nl> | 2022-04-16 15:10:39 +0200 |
---|---|---|
committer | Daniel Golle <daniel@makrotopia.org> | 2022-05-03 20:32:48 +0100 |
commit | efc38b315e9bd59ab69ca212b7e444d4537260cc (patch) | |
tree | 069a419b836b67856dfa18e9500c98be69fd2882 /package/system/selinux-policy | |
parent | 6cb08b17979c93a7cc086127786ee813b3775783 (diff) | |
download | upstream-efc38b315e9bd59ab69ca212b7e444d4537260cc.tar.gz upstream-efc38b315e9bd59ab69ca212b7e444d4537260cc.tar.bz2 upstream-efc38b315e9bd59ab69ca212b7e444d4537260cc.zip |
selinux-policy: update to version 1.1
try to clean up some labeling inconsistencies
iwinfo loose ends
ucode loose ends
Makefile: adjust mintesttgt (adds blockmount/blockd)
nftables: reads inherited netifd pipe
ucode: reads inherited netifd pipes
mountroot: fowner
sandbox: writes inherited dropbear pipes
unbound related to /tmp/etc/ssl
unbound loose ends
adds a sslconftmpfile for /tmp/etc/ssl
README: maintain a wish list in the README
iwinfo: netifd forgot write
gptfdisk loose ends
iwinfo: netifd wpad reads/writes inherited netifd fifo files
netifd (mac80211.sh) executes iwinfo
luci: executes wireguard
luci-cgi: audits xtables execute access
rcuhttpd: lists ssl certfile dirs
iwinfo, wifi,nftables usage of ttyd pty if available
urandomseed: seedrng needs cap_sys_admin
iwinfo iwinfo, nftables and some chronyd rules related to ntp nts server
nftables, wifi and adds iwinfo skel
nftables, rpcd, ucode
nftables, ucode and seedrng ucode, fw3/nftables, luci
adds ucode skel and some fw3/nftables related
urandomseed: some seedrng rules
fw3 adds some support for fw4
urandomseed: /etc/seedrng is for seed.credit
hotplugcal: runs ucode which is interpreter like
adds a nftables skeleton and makes xtables optional
agent: allow all agents to write inherited dropbear pipes
urandomseed: this seems to be replaced by seedrng
kmodloader: label /etc/modules.conf kmodloader.conffile
Revert "shelexecfile: remove auditallow rule"
Makefile: sort the modules to process by secilc
Moves back to git.defensec.nl
unbound odhcpd (ip) reads net proc
tcp dump
shelexecfile: remove auditallow rule
rrd.cil: fixes indent
Target rddtool from cgi-io instead of runnit it without transition
rrd.cil related
rrd, rpcd, cgiio clean ups related to luci-app-statistics
Rules for rrd files and luci-statistics
unboundcontrol ordering
Several missing permissions
blockmount, dnsmasq, hotplugcall, rpcd, unbound
adds mctp_socket (linux 5.15)
ip: forgot tc-tiny type transition to go along with the fc spec
ip: adds a fc spec for tc-tiny (called by sqm)
adds ttyACM fc spec and various assorted loose ends
.gitattributes: do not export the github workflows
workflow use selinux 3.3
project moved back to https://git.defensec.nl/selinux-policy.git
Signed-off-by: Dominick Grift <dominick.grift@defensec.nl>
(cherry picked from commit 43794570986e33770d9039399d16a665f6c7c495)
Diffstat (limited to 'package/system/selinux-policy')
-rw-r--r-- | package/system/selinux-policy/Makefile | 6 |
1 files changed, 3 insertions, 3 deletions
diff --git a/package/system/selinux-policy/Makefile b/package/system/selinux-policy/Makefile index 0b85920170..10eff7be57 100644 --- a/package/system/selinux-policy/Makefile +++ b/package/system/selinux-policy/Makefile @@ -7,9 +7,9 @@ include $(TOPDIR)/rules.mk PKG_NAME:=selinux-policy PKG_SOURCE_PROTO:=git -PKG_SOURCE_URL:=https://github.com/DefenSec/selinux-policy -PKG_VERSION:=1.0 -PKG_MIRROR_HASH:=2358a064d1231d39e6292d646e1a38898d949b8bef6558ac1e0992d3b5bca33f +PKG_SOURCE_URL:=https://git.defensec.nl/selinux-policy.git +PKG_VERSION:=1.1 +PKG_MIRROR_HASH:=657ec1ff51ab946753fb3559384511a536ac1e018691f3e49cbab21c55d23e08 PKG_SOURCE_VERSION:=v$(PKG_VERSION) PKG_BUILD_DEPENDS:=secilc/host policycoreutils/host |