Re: systmd-analyze security as a release goal
On Monday, 3 July 2023 22:37:35 AEST Russell Coker wrote:
> https://wiki.debian.org/ReleaseGoals/SystemdAnalyzeSecurity
People have asked how hard it is to create policy for daemons. For an
individual to create them it's a moderate amount of work, 1-2 hours per daemon
which is a lot considering the dozens of daemons that people use. But for a
group of people it's not a big deal, it's almost nothing compared to the scale
of Debian development work. The work that I've done writing SE Linux policy
for daemons is significantly greater than what I'd like the collective of DDs
to do in this regard.
One thing that can be done to assist in this process is looking at SE Linux or
AppArmor policy. For example the following is an example of how to get the
capabilities needed for crond which shows that when you don't need to have
net_bind_service for NIS+ or { fsetid sys_admin } for polyinstantiation you
only need { audit_control audit_write chown dac_override dac_read_search
fowner setgid setuid sys_nice sys_resource }.
# sesearch -A -s crond_t -c capability
allow crond_t crond_t:capability net_bind_service; [ allow_ypbind ]:True
allow crond_t crond_t:capability net_bind_service; [ allow_ypbind ]:True
allow crond_t crond_t:capability net_bind_service; [ allow_ypbind ]:True
allow crond_t crond_t:capability net_bind_service; [ allow_ypbind ]:True
allow crond_t crond_t:capability { audit_control audit_write chown
dac_override dac_read_search fowner setgid setuid sys_nice sys_resource };
allow crond_t crond_t:capability { chown fowner fsetid sys_admin }; [
allow_polyinstantiation ]:True
Now this is NOT the sum of all access needed by everything that crond might
run, just everything that runs without running a setuid program etc. Also
there's nothing stopping regular users from using something like bwrap to wrap
their own cron jobs, and this would be a good practice that we should
encourage.
--
My Main Blog http://etbe.coker.com.au/
My Documents Bloghttp://doc.coker.com.au/
systmd-analyze security as a release goal
Someone said on Matrix that we aren't going to have official release goals in future. If so that doesn't stop people from doing the work just makes it less of an issue to release with some of the bugs unsolved. https://wiki.debian.org/ReleaseGoals/SystemdAnalyzeSecurity I think we should make it a release goal to have as many daemons as possible running with systemd security features to aim for a low score from "systmd- analyze security". If it can't be an official release goal we can still use the above wiki page to coordinate work. Anyone who's interested in this can edit that page to track their work. -- My Main Blog http://etbe.coker.com.au/ My Documents Bloghttp://doc.coker.com.au/
dh-translations
The package dh-translations in Ubuntu has the below description. Do we have something in Debian that does this? Do we need something in Debian to do this? Should we put this Ubuntu package in Debian to make it easier to build Ubuntu packages on Debian? License is GPLv2+. Description: debhelper extension for translation support This package provides a debhelper extension to perform common translation related operations during package build: . * Try to build a current PO template. . * Remove inline translations from *.desktop, *.server, *.schemas, and *.policy files and replace them with a link to the gettext domain, so that strings in them will get translated at runtime from *.mo files. This allows language packs to ship updated translations. -- My Main Blog http://etbe.coker.com.au/ My Documents Bloghttp://doc.coker.com.au/
warzone2100 video downloader
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=862973 Regarding the above bug report, I don't think that cut-scene videos add much to the game play, and I'm certain it doesn't add enough to justify a gigabyte or more storage on the Debian mirrors. I think it would be OK to have a video downloader package or a downloader script in the main package but I don't plan to write it. I welcome contributions to this, I'd be happy to upload a new package to Debian if someone sends me tested scripts that provide useful functionality for some people in this regard. -- My Main Blog http://etbe.coker.com.au/ My Documents Bloghttp://doc.coker.com.au/
Re: strange BD-Uninstallable
On Wednesday, 27 January 2021 1:40:56 AM AEDT Russell Coker wrote: > https://buildd.debian.org/status/package.php?p=libselinux > > libselinux isn't being built on ia64, it says "BD-Uninstallable (Extra- > Depends: python3-all-dev (>= 3.8.6-1))". > > https://buildd.debian.org/status/package.php?p=python3-defaults=sid > > python3-defaults is being built on ia64 with no errors. > > What does this mean and what do I have to do to make it build? Thanks to Paul Wise and Sebastian Ramacher for your answers. I'll contact the ia64 list about further details and I didn't read to the bottom of the page, I guess I got in the habit of ignoring comments on blog posts, disclaimers on corporate sites, etc). -- My Main Blog http://etbe.coker.com.au/ My Documents Bloghttp://doc.coker.com.au/
strange BD-Uninstallable
https://buildd.debian.org/status/package.php?p=libselinux libselinux isn't being built on ia64, it says "BD-Uninstallable (Extra- Depends: python3-all-dev (>= 3.8.6-1))". https://buildd.debian.org/status/package.php?p=python3-defaults=sid python3-defaults is being built on ia64 with no errors. What does this mean and what do I have to do to make it build? -- My Main Blog http://etbe.coker.com.au/ My Documents Bloghttp://doc.coker.com.au/
pager and upgrades
I just upgraded a Buster system to today's unstable and got the below. I think this should be regarded as a bug, but what is it a bug in? dpkg? Configuration file '/etc/smartd.conf' ==> Modified (by you or by a script) since installation. ==> Package distributor has shipped an updated version. What would you like to do about it ? Your options are: Y or I : install the package maintainer's version N or O : keep your currently-installed version D : show the differences between the versions Z : start a shell to examine the situation The default action is to keep your current version. *** smartd.conf (Y/I/N/O/D/Z) [default=N] ? d sh: 1: pager: not found diff: standard output: Broken pipe dpkg: error processing package smartmontools (--configure): conffile difference visualizer subprocess returned error exit status 127 -- My Main Blog http://etbe.coker.com.au/ My Documents Bloghttp://doc.coker.com.au/
Accepted refpolicy 2:2.20190201-7 (source all) into unstable
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Format: 1.8 Date: Wed, 15 Jan 2020 18:53:25 +1100 Source: refpolicy Binary: selinux-policy-default selinux-policy-dev selinux-policy-doc selinux-policy-mls selinux-policy-src Architecture: source all Version: 2:2.20190201-7 Distribution: unstable Urgency: medium Maintainer: Debian SELinux maintainers Changed-By: Russell Coker Description: selinux-policy-default - Strict and Targeted variants of the SELinux policy selinux-policy-dev - Headers from the SELinux reference policy for building modules selinux-policy-doc - Documentation for the SELinux reference policy selinux-policy-mls - MLS (Multi Level Security) variant of the SELinux policy selinux-policy-src - Source of the SELinux reference policy for customization Changes: refpolicy (2:2.20190201-7) unstable; urgency=medium . * Allow sysadm_r to bypass UBAC checks (experimental) * Make cron work for sysadm_t * Minor policy changes Checksums-Sha1: 6a09fa3fbeeecdf021e8cdfa0c55930e07bd3c34 2445 refpolicy_2.20190201-7.dsc cae791ffbcd6bf154c1617e7bcfcbf2369e894fa 76612 refpolicy_2.20190201-7.debian.tar.xz 78d55774df1c9c3a3d55e967c797027f4b1e957f 7883 refpolicy_2.20190201-7_amd64.buildinfo b4ae30c022e7c4e362ed24fcc799164f16747961 3377432 selinux-policy-default_2.20190201-7_all.deb f573520fc4bfebf8d7cd168a9744247dd5401b11 491264 selinux-policy-dev_2.20190201-7_all.deb 779073e9f30feb377bf3cc0aa7801452c6c701e0 465168 selinux-policy-doc_2.20190201-7_all.deb 93a4696468bf5244f8057bb23858744749948e27 3413204 selinux-policy-mls_2.20190201-7_all.deb de894dd11df61495da2c4b1c15ea9d519a7e3061 1290968 selinux-policy-src_2.20190201-7_all.deb Checksums-Sha256: 20e636aecfd50e826c17ddfdf961b25a0c98a51812f5087cb601d18f63572618 2445 refpolicy_2.20190201-7.dsc 9d084722e4d6e619195d7b2b772e55617fe2210f1e2ca530e5e71181d2eed61d 76612 refpolicy_2.20190201-7.debian.tar.xz 3ccafa8c4b502d55cbee94e95cbc0f1dd9438cea10d08f337e23003d2a8be383 7883 refpolicy_2.20190201-7_amd64.buildinfo f3591854dff30e53e854bab2fad7e3d7ff79131589caf7d7d7cde016bb2edbc9 3377432 selinux-policy-default_2.20190201-7_all.deb 1949c373afe1801a80e344fc7218accfc0074e72346a40acfb6a832831d6420b 491264 selinux-policy-dev_2.20190201-7_all.deb ed5783929cb77384de7c65d062a85f7ba9b559624b8c9e62b6d1010fbd674a6d 465168 selinux-policy-doc_2.20190201-7_all.deb f710e5082ba76fb164b0784e183a6022abd8adb92a333075a05dd1e759086b24 3413204 selinux-policy-mls_2.20190201-7_all.deb ee728cfe073052acfe46ed514ea692b1aa7fdea1a4e6a8fcac1c060a68b7ed7c 1290968 selinux-policy-src_2.20190201-7_all.deb Files: 431190b29ccbf27eaed597ed7524036b 2445 admin optional refpolicy_2.20190201-7.dsc 7f7e68e5f2bfcf3fdefd6d5553edc432 76612 admin optional refpolicy_2.20190201-7.debian.tar.xz 99c2a1330ca14a9a1d36ba5dbae30cec 7883 admin optional refpolicy_2.20190201-7_amd64.buildinfo 11c6675c55614bc40ccd7ed563e421d9 3377432 admin optional selinux-policy-default_2.20190201-7_all.deb cb21a65978c126f4024ca6526dfefac0 491264 admin optional selinux-policy-dev_2.20190201-7_all.deb e444aa865eb625d70942433523c0a1d4 465168 doc optional selinux-policy-doc_2.20190201-7_all.deb d048fd2f63a8a9162a4d8a65ff4ef379 3413204 admin optional selinux-policy-mls_2.20190201-7_all.deb 4a59dad1560f7a6a305e106b41e15309 1290968 admin optional selinux-policy-src_2.20190201-7_all.deb -BEGIN PGP SIGNATURE- iQIzBAEBCAAdFiEEn31hncwG9XwCqmbH0UHNMPxLj3kFAl4eyx4ACgkQ0UHNMPxL j3ly9g//XFamCntnl/T3y3SkB2b2k7QwwKe1SnXOMlqZWFpuBnAqSDFaAXulVtPd GnzIA35ErKOVCFmAhdprs4mO/6xCJHyS2yCHqJsuZdP10x0F1SIoXGt5MwZJjWJ1 ZRBciZqK49Dokf7Jy8zRsefmWebvUgmN6a2hLGtvdN2Hvr3RrME8adWDbuYVB9IQ n8h1iph7Nq0AfhpjFrDr0yZF6oiUDcl7YC22raRdb1gv0OdFiU4P7fAmOE+e6+gc hYfMGUQE+Va/Hnf1xrDCrAKESKPU8zmAZZ/GQjBPb3Riqgcptx+hSjcWbsIRO03r l5v3MQmPyuDOKgaQdiyc7ydRuRgwKJbf1xG0Uq6Db+Wil0UCba8DBCHtkiulHZsh /aYxaeuk+nfZO1iSudoPFC4995X0y8X/QQOcCr8l8PdMeAmbzxK1aTBjhdUthdgz ls4Q/JGpUSNMT5G8FypG5dK60bW9gxiK6ldLQo9eGeLhIaKgvfYE2c2/1g0yH4oG EWdXvnIMih3bMTle2IUhaDpALiO8YCHRILtNO1IS5SAsAm1EqJDAK2N1VVTx6/uj 4rUL87CZ6HnSveF1lC92D8FeBUhNLbfuKrOnffLGDrQX8EumGq6iem2Q2lbf5F49 wSJgWwjgi84vz+rFaX5E2F6uIds2JHFyRBzGzVRjEoAK7LP28zg= =pK1M -END PGP SIGNATURE-
Accepted etbemon 1.3.3-5 (source amd64) into unstable
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Format: 1.8 Date: Mon, 06 Jan 2020 17:04:00 +1100 Source: etbemon Binary: mon mon-dbgsym Architecture: source amd64 Version: 1.3.3-5 Distribution: unstable Urgency: medium Maintainer: Debian Mon Maintainers Changed-By: Russell Coker Description: mon- monitor hosts/services/whatever and alert about problems Changes: etbemon (1.3.3-5) unstable; urgency=medium . * Made loadavg.monitor check swap space and made the output nicer. * Made linux-temp.monitor display processes with top CPU use and give better summary. * Give better log errors from mon on userfile auth failures. * Added password authentication support to remote.monitor * Added deleted-mapped.monitor that checks for files that are memory mapped but have been deleted, experimental and may get false positives. Designed to deal with security updates to shared objects that are in use. Checksums-Sha1: 57eb7eb51ac2f53c68cee61244cecf5e5a5e9860 1939 etbemon_1.3.3-5.dsc 892b1845024eefa21f62a2deea715b3f4548d9e5 11319 etbemon_1.3.3-5.diff.gz 1abfa374ed7973f968a269397c48b61ee3c81897 5894 etbemon_1.3.3-5_amd64.buildinfo 91df92bb52be013940bdae0efe6a05afe14144b9 17216 mon-dbgsym_1.3.3-5_amd64.deb eae31d41d6cddde57d27245b2283bc3e2e41e1d6 287980 mon_1.3.3-5_amd64.deb Checksums-Sha256: 51e69d5e63446ad1d194cbf65069a407a7e8f5949e09b182c45f37b90a3f2359 1939 etbemon_1.3.3-5.dsc b2671f4285c7602ce4981cb5679727515a8b6f9fd899f51971b606c071fe66d4 11319 etbemon_1.3.3-5.diff.gz 3a06c8e6770b06ad6d0c5493c56dcd0a044dcee93db190f897bda898113b1f6e 5894 etbemon_1.3.3-5_amd64.buildinfo f9eee39284e4f88899d706f189b89a143ecac8e26571321a0d5aabc7c6bf6bcb 17216 mon-dbgsym_1.3.3-5_amd64.deb c5e03657cee21f28a6d5b13a32f33a82682357283e6c9a67446d199f20dbbb88 287980 mon_1.3.3-5_amd64.deb Files: 4b27ac80f984efef71b7e9b5952339e3 1939 admin optional etbemon_1.3.3-5.dsc 8108be1e66b002022ac4235510f17783 11319 admin optional etbemon_1.3.3-5.diff.gz 13ec597ef522324b38361a2f65312ec2 5894 admin optional etbemon_1.3.3-5_amd64.buildinfo 74fbd1f96e72bef52e2ee38a1da7d588 17216 debug optional mon-dbgsym_1.3.3-5_amd64.deb 7122cc4b18d559385264af628cf4d425 287980 admin optional mon_1.3.3-5_amd64.deb -BEGIN PGP SIGNATURE- iQIzBAEBCAAdFiEEn31hncwG9XwCqmbH0UHNMPxLj3kFAl4SzgkACgkQ0UHNMPxL j3nvew//eLbBmPoYAP6O7B/J/K695oijbZHeGdnEvfjwmP60CJ0Uf9RUkcfwhY+l 1r6r6i3AxOM8POtMmAjWJmMV0CIPlUMnb7rinA3KofAdz2lXa0lC5KpvkrBd77F7 vHMXtbni3VjFba149aX8ku2DFhqwSNSMKOzpBjR7PBFkcmh8qafXv9WbXTeSXRwQ XNcMGJlTq9Sqt32s6II0qP+80I8xKZS5QJLcyMKAVFVc1hNNhwKHhNpl9sE0y94+ rz3BwfgaulY78ILiQExrZN8bNlm9eAMcza59tuH3pVMiBzqdkqtCGbxK9cqR4CzY Gs9tkr5Zqn7w7WGGpxpmtZrxblCf8raFepR+zmLnFXl8Tn7mEt9j6aB0YZUddVtD yx7SFcTEWMA//AwEhU1pHSJnUdzxZcTZholbkVxcsGh3d7jnuOL/0cwO9JHdu4eM rlvVGtEvUcMb7vF/X5UcU7eO1dj1GzSHfcCTeEwxaK4NLFgbmpD3gZB/gqDsAMNq PmK5/oaFMijue+Adr2UzlqmKKvVI6z2CfiHe5wELhV/sLsZAhHbcK3q1OMp1aR6K NRh4ZJRwFurMfoPgVzjNC+WaQO8ZGPqsGdBNbEgyVviZiOF6VhF5LWHoLpx2QWEq 5hf/gcK5CmVXswig6T90bm7Hl3jTvRTwk3oFHmps9o+bp/CI+kQ= =EL1g -END PGP SIGNATURE-
Accepted refpolicy 2:2.20190201-4 (source all) into unstable
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Format: 1.8 Date: Thu, 30 May 2019 10:28:24 +1000 Source: refpolicy Binary: selinux-policy-default selinux-policy-dev selinux-policy-doc selinux-policy-mls selinux-policy-src Architecture: source all Version: 2:2.20190201-4 Distribution: unstable Urgency: medium Maintainer: Debian SELinux maintainers Changed-By: Russell Coker Description: selinux-policy-default - Strict and Targeted variants of the SELinux policy selinux-policy-dev - Headers from the SELinux reference policy for building modules selinux-policy-doc - Documentation for the SELinux reference policy selinux-policy-mls - MLS (Multi Level Security) variant of the SELinux policy selinux-policy-src - Source of the SELinux reference policy for customization Changes: refpolicy (2:2.20190201-4) unstable; urgency=medium . * Policy update, lots of little things and allows the signull access that systemd-journal from the latest systemd wants. Checksums-Sha1: 0683267f8057975c1344d0a770402fc3f7dc3e43 2453 refpolicy_2.20190201-4.dsc e8e631e403a70b4eb7ba8174e337b4969c163311 75472 refpolicy_2.20190201-4.debian.tar.xz fa17c5229e571bf79c54ec104dba7ca9d352ddd1 7749 refpolicy_2.20190201-4_amd64.buildinfo cb9088ea53e0ee941fc5a18f0ea80ff1961b8432 3376252 selinux-policy-default_2.20190201-4_all.deb ca1a728c6862cd28e4eaefaebfbedd1376efbc79 490816 selinux-policy-dev_2.20190201-4_all.deb 7b0f9b944b65b45e67433cc3f09e42052ea7a9b4 464488 selinux-policy-doc_2.20190201-4_all.deb cb8224220e06033ddb4ff6f3cda0f7f3c12c37c8 3413056 selinux-policy-mls_2.20190201-4_all.deb 19bc96b2375f52669e852d40ce04fc0803d9e6c4 1297988 selinux-policy-src_2.20190201-4_all.deb Checksums-Sha256: b136eb51db5e0ba97fd0c395c2bdf06bea422dc3b33f5ec300347e76286990bf 2453 refpolicy_2.20190201-4.dsc 2b030a2e72cbc6efa1a40cfe06421fd0f967c68863bcd1510e4c16a451d4c484 75472 refpolicy_2.20190201-4.debian.tar.xz 9b8ff38f417b96f55995a477c578a433be262ee655f8028f245fc0fedf01ceaf 7749 refpolicy_2.20190201-4_amd64.buildinfo 9eaef3fed1735e7d48f41b130bbb86e1a4cdbf96f55ff49340c3b3419a5e5d5f 3376252 selinux-policy-default_2.20190201-4_all.deb b30f83a923b5a0ef60f224f63e56407cde332651c993387a0da9d5943ee15cd3 490816 selinux-policy-dev_2.20190201-4_all.deb 71eb79a76e7ed690818500b5f48c0fcb4080b972e15c2a6452bfdfcb48a321bd 464488 selinux-policy-doc_2.20190201-4_all.deb bb0d837c47a0b3c35ad9d6a7e5a5fdb22e23a5be3d2a87b0303993d3ea019c3b 3413056 selinux-policy-mls_2.20190201-4_all.deb 48baba1be4708f53e1e56c4cb75a2c8bf91421baaf2cfab10f6f96197a2ca52c 1297988 selinux-policy-src_2.20190201-4_all.deb Files: b5adc9f9ea1f69e1642a754d36c5cc4f 2453 admin optional refpolicy_2.20190201-4.dsc 8600ac232a019b1435634a5689ed3a10 75472 admin optional refpolicy_2.20190201-4.debian.tar.xz a58a34d7bcf719ac83118da84d069a4e 7749 admin optional refpolicy_2.20190201-4_amd64.buildinfo 15fc0ab7c8960930a242d34120fd3317 3376252 admin optional selinux-policy-default_2.20190201-4_all.deb 60f0438c1fb974d2649c7f0a939ae5f5 490816 admin optional selinux-policy-dev_2.20190201-4_all.deb 50a7dc5efa2db813bb69b9e54e29ab85 464488 doc optional selinux-policy-doc_2.20190201-4_all.deb 48927c323ace6bfbb360decb3f4d0164 3413056 admin optional selinux-policy-mls_2.20190201-4_all.deb 2f4b51f437a699813686eaef8ee712be 1297988 admin optional selinux-policy-src_2.20190201-4_all.deb -BEGIN PGP SIGNATURE- iQIzBAEBCAAdFiEEn31hncwG9XwCqmbH0UHNMPxLj3kFAlzvJ34ACgkQ0UHNMPxL j3mSFhAArr0xUdugmiRB7tQre9P/U+Su7R/1r+PKH+23d/uXll7P3IgYtM+6dBpv FWzSmESew71Bt3cHcApkg2Qr8jkqfq4thMCd8xtp96xui3RIwe0SQMS1/y/0g229 b7gnXyaZzCequ75YiTIkdCsdX0S5ZwdyMlIX5TCDIv7ZuBbQoZ5e56S15ZuVTCYs AqRUAZcUd6U4Meo9baRpXnKhZ1Ku6H0vkkCzOAVtUz9Xng7gwJ+4/LIGDO34hHLs 8BodXxUIDJkRocWunFCWBbjm0NvFY2sdCmnavhnNTA7BhaA5Rr7M07bwyO0NSiIP W4W5Z2BgQ7nwa0Wvi+v7OxqUyVzizTLkiJIGLITR9ZqlE1aXDoAFH37y/7kHqPlx 6mYfwxwFwpboTrBl5Scj9JHIBvAngu64x1sXIvUhTQoQoAjtQjdKOkhjuIBFRNyX YoTCOF9Czcf5SPa5BGqd9A9pFOKe+5SX7/74hdZf0jeveUOuEwsq4SRWMzT88XLX yWr9UgLZ6jruv7+qwds2dtEOyh8LBuitXeIRyfuDKxJaF/89sK31oJm66gkbTSMa Fws8rT8Tkqk8kAn5maypPqMvVgJgSXuMgxzV94H3I2NRvzdb9MDqDyaaQCFTZYdm 2485u/8GyRxdTTK4Vo79GuMrasAcDEGm0HGwZTavdHRAwp5+0NY= =Uzq4 -END PGP SIGNATURE-
Accepted etbemon 1.3.3-4 (source amd64) into unstable
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Format: 1.8 Date: Tue, 30 Apr 2019 20:38:26 +1000 Source: etbemon Binary: mon mon-dbgsym Architecture: source amd64 Version: 1.3.3-4 Distribution: unstable Urgency: medium Maintainer: Debian Mon Maintainers Changed-By: Russell Coker Description: mon- monitor hosts/services/whatever and alert about problems Closes: 909854 910741 910743 Changes: etbemon (1.3.3-4) unstable; urgency=medium . * Make dns.monitor correctly display a summary when multiple queries are used * Stop loadavg.monitor from saying "Text read from file" * Make ps.monitor also check for lua5.2 * Link btrfs.helper with gcc instead of g++ to reduce dependencies. * Better comments in auth.cf and README.traps * Better logging of trap password issues * Fixed a username bug in trap.alert * imapnew.monitor now deletes messages even if there is a delay or clock skew * Make btrfs.monitor correctly handle count files and have better comments. * Fix the build to clean up the compiled helper programs, and build with correct diff. Closes: #909854 * Make trapbind default to 127.0.0.1. Closes: #910741 * Fix README.monitors. Closes: #910743 Checksums-Sha1: 1b48f4f2f8f156fd981b99c562121465f5010f83 1936 etbemon_1.3.3-4.dsc 1115fdf2b540a301acb63149f37202170263c565 330705 etbemon_1.3.3.orig.tar.gz 0d5f55b673db18589dfafe25ca3a5c75821fce53 7126 etbemon_1.3.3-4.diff.gz 38f5d91f9c7071f2bd6fa999aead5def7b5fc9e5 5756 etbemon_1.3.3-4_amd64.buildinfo a02de6123cd9f8933f6e8143cdeac724febbba57 17212 mon-dbgsym_1.3.3-4_amd64.deb 1d7cf69e26ad0576223eac3e3a998598bf4c9992 286328 mon_1.3.3-4_amd64.deb Checksums-Sha256: 0a6e38b8f85ee345d369a9e5d83deb498ffec5c279a26fb9f7f244a2b4369c4d 1936 etbemon_1.3.3-4.dsc 79197e0a0f17cdb976c2eef4eff93e6aae141523c807c674dd4508e23a95cafc 330705 etbemon_1.3.3.orig.tar.gz ba3c1b321496574b3f534d1d1f3d2643dbf3f2296ab4d6ba8e2b7b8af4f96a08 7126 etbemon_1.3.3-4.diff.gz 3451e63fe860cbdff7d45f3855a83c3b13bcebcb4af8dddea60f9a17b92c214a 5756 etbemon_1.3.3-4_amd64.buildinfo 4e0c37873d5cf2c6530fda54bbda849a920a6c053fd49b3f823cdc5f097e073b 17212 mon-dbgsym_1.3.3-4_amd64.deb e7107e1cd40822c9e2fda093c726d22c5965c20246d8855e0b289e321e3713aa 286328 mon_1.3.3-4_amd64.deb Files: 10c18cb4d35180e89339bb75c3103d27 1936 admin optional etbemon_1.3.3-4.dsc c07030053b819344216aa1706a8f283c 330705 admin optional etbemon_1.3.3.orig.tar.gz 1f18e7b8a2900ddfbd0a3626ff468a77 7126 admin optional etbemon_1.3.3-4.diff.gz 5dd7a6fde9d1782c2bd6db21c214185b 5756 admin optional etbemon_1.3.3-4_amd64.buildinfo ee04351af2bed0b8ce06c10c11e4105a 17212 debug optional mon-dbgsym_1.3.3-4_amd64.deb 544e7b7a2dcd12b55b7658842a6ec9ad 286328 admin optional mon_1.3.3-4_amd64.deb -BEGIN PGP SIGNATURE- iQIzBAEBCAAdFiEEn31hncwG9XwCqmbH0UHNMPxLj3kFAlzI4BkACgkQ0UHNMPxL j3mk3Q/9E3lsSFABVM/bSSINifQIfFWVW4FNLsvaQ8uoJ1Lf4idh9+1vKO5dtjSp GeFxBnKQsYX0kJfc1bmCaIy1IfkyWjBh4AQ5loaY+U+zg/Zzf0HM7Kx7kkiZlZiV Jc4m+Nha9bi9W6fEx2CXP/BJBFam4LkmfYAQxRwvi6fsfIJVcG6WCgNbO/vPi7Ea Hr2CxNve/bGhIRG2Kronvkus9WHqPlcrbuLiYh2OHYCRgkn0iLZBRNHj0arr+Jcn KXijX6PPzTtnBb34g0ZKID6qFE0U5AL8dY37vreGcmjWbOhLkumVorxL4Wo0TS8O s9PCqtTqqDpHF6aoVpnCGjmRkuLoMz0jvlP5j/7V7o2OvR04KGUa8AZsT2NBQfZR +yjCaq6xbsQf9uT8+gyKLCiiHogtm3+b5PHWZeNv2cATFtm/Z71J+DTyWaz1MnM/ txO5lhwVaaNCdJppu4yXzNHSKcRcqun0L9v0tbeLk/eDLc8zEKytl/2Eryd5jQF7 +lnM9f7lPkdZ4L1448p9RZ4+ndnGR0ECNG/rgqGYtOz13XgwqIItwJaUV5+tavIq e0K1uxVaFcZD64eAHC+otDj79HtOYewLUq2soMTwlBKzykvvC9+f6OhwhCC70M9G iRiJavidNpg6Dfar7TN1ocJkUq+iEeKbbb4TY+nN5mcFtQq/P9Q= =/huv -END PGP SIGNATURE-
Accepted refpolicy 2:2.20190201-3 (source all) into unstable
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Format: 1.8 Date: Sun, 03 Mar 2019 20:44:04 +1100 Source: refpolicy Binary: selinux-policy-default selinux-policy-dev selinux-policy-doc selinux-policy-mls selinux-policy-src Architecture: source all Version: 2:2.20190201-3 Distribution: unstable Urgency: medium Maintainer: Debian SELinux maintainers Changed-By: Russell Coker Description: selinux-policy-default - Strict and Targeted variants of the SELinux policy selinux-policy-dev - Headers from the SELinux reference policy for building modules selinux-policy-doc - Documentation for the SELinux reference policy selinux-policy-mls - MLS (Multi Level Security) variant of the SELinux policy selinux-policy-src - Source of the SELinux reference policy for customization Changes: refpolicy (2:2.20190201-3) unstable; urgency=medium . * Added policy for apt-cacher and apt-cacher-ng * Added policy for memlockd * Added type alias rules so you can upgrade from Stretch policy without a reboot if you manually relabel. * Lots of little changes too Checksums-Sha1: 140411166ff8414dc80d6837e1b9a9de654dba60 2453 refpolicy_2.20190201-3.dsc 883a33c7a94bdb75d051f7601a8127a70904cca9 73580 refpolicy_2.20190201-3.debian.tar.xz 67c2e7829be55a1ca8419c301c0e08262e774360 7761 refpolicy_2.20190201-3_amd64.buildinfo 97f6c7959176f40488d21cc2ea049db542fa8e5e 3376904 selinux-policy-default_2.20190201-3_all.deb f154774c747a6d540d3043cc26880198a272412d 490700 selinux-policy-dev_2.20190201-3_all.deb 10c979b19f158ee95c553de8026ca9d73422204f 464248 selinux-policy-doc_2.20190201-3_all.deb cffb8b671c7370c889429197cb0ad93a1f6869a5 3410760 selinux-policy-mls_2.20190201-3_all.deb c3ff3803c300c81102e098b0e6da8ac211068f03 1297124 selinux-policy-src_2.20190201-3_all.deb Checksums-Sha256: a27755987a88a6e249214cd1afe662c3b14cc674333a7d89e5cb892b5c205a0f 2453 refpolicy_2.20190201-3.dsc 3f6b090a30e8d076a723686ba804c57c21f0c27d241abf25aa5bd19aa81c12f3 73580 refpolicy_2.20190201-3.debian.tar.xz c57bbf4cc9b303efaf5436cf0b97cde8bd4cee7041790323e17f2541c0c56afd 7761 refpolicy_2.20190201-3_amd64.buildinfo f872d1b0cf70fa73dea6850616d69ab92e98e8bba2fe657390f96ac37cd5af65 3376904 selinux-policy-default_2.20190201-3_all.deb e2228ce76f4a4a60c10828196ac883cdfa924f1c1628606afe68c7cc59ab6464 490700 selinux-policy-dev_2.20190201-3_all.deb 509db17992de79f9eda6d7baeb0cb3f28b05251c3c4f85caab5adb8fc9697924 464248 selinux-policy-doc_2.20190201-3_all.deb 378893c6522d68620570fcb12ee6eaef56dfd6ec39384bcb32ae80aff31b9ed6 3410760 selinux-policy-mls_2.20190201-3_all.deb 5feb1c3557caf5c6c5a62603563d0401540c076e4402941cc79117728d422ec8 1297124 selinux-policy-src_2.20190201-3_all.deb Files: 44001824c0a6629aaa0cf498b7d4ce34 2453 admin optional refpolicy_2.20190201-3.dsc 8ff9ebcf0ae53f49e898a03f9b896286 73580 admin optional refpolicy_2.20190201-3.debian.tar.xz a795cc5ac27da6128d0bf47b23059ec5 7761 admin optional refpolicy_2.20190201-3_amd64.buildinfo b90eaa948b9fbfc83b5fcd0738c83414 3376904 admin optional selinux-policy-default_2.20190201-3_all.deb 6852d23c35ca3aca48a221ac4b320360 490700 admin optional selinux-policy-dev_2.20190201-3_all.deb bc965cc138f3a4f2ad5ebdb2cda80be5 464248 doc optional selinux-policy-doc_2.20190201-3_all.deb e82633f680587f89389c88ea322fb4fd 3410760 admin optional selinux-policy-mls_2.20190201-3_all.deb 02bad9f2cfeed19843bb552983bc 1297124 admin optional selinux-policy-src_2.20190201-3_all.deb -BEGIN PGP SIGNATURE- iQIzBAEBCAAdFiEEn31hncwG9XwCqmbH0UHNMPxLj3kFAlx7pHUACgkQ0UHNMPxL j3mzAg/+NmDJgU6PZmtcWV4EKig0oPb/0P/pfYaz6XHgLHC85orhgsuWenuTK8nH XFvtY0BMlYwDSwiJrnjeP4cT0dbBv9sg0kTEYO/t4BtlzrvXsgkF6qIR0u8PfqmW 9abmoZgbMcDxLXmmET8P0K/mfaSxsAtBWNfZiRY9PajSOXVJqzmAFd+haOMz7pr+ 6XvRFFLq3ocCAeLofw75fnWhPVzO014w1F4JYCt3webVsWKNTVoAGrNNUChc2N6Y VP5X7KcrjySh4Gx0k5Haa+2Juwtq/r9rJSyOU718qDMsmSVOVHnsq2W/ekeftvo8 KTkdajD5lWeqzo25Q8Flr3vFu6DQBH6rql5pZAZGZ/NEA7T0RIIqHi649mk1WaFr KokwRm9u54wB65hYjQAPxvBSgccAipq3Cx4KIDh3ht2Vu2BTaWEbr9U6XnAmxjFj M1Psf2qRsupXiFaSfpbjP3ZFgoK1Rq283sCfMUZJdc8LWoNPtXUjdiAiU4hfzu9i Dviq3zAfXkvTybevx7SVd4C15VCcJejXxYfEg0SLqhXxXvv+8Ekk/XB2b9Nbc06p VKM4lVq/q8au/pW8nrLfYfDnqQ8Z9E53YYYR6mE/MxHrXK/AqnLqCa6kjq4eoRO5 hHQZVVuIUQJUbg7VZhDo6R8vp5VY6TUFjRCXB571Z7HFwOW1iWU= =EaxC -END PGP SIGNATURE-
Accepted refpolicy 2:2.20190201-2 (source all) into unstable
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Format: 1.8 Date: Fri, 22 Feb 2019 00:09:29 +1100 Source: refpolicy Binary: selinux-policy-default selinux-policy-mls selinux-policy-src selinux-policy-dev selinux-policy-doc Architecture: source all Version: 2:2.20190201-2 Distribution: unstable Urgency: medium Maintainer: Debian SELinux maintainers Changed-By: Russell Coker Description: selinux-policy-default - Strict and Targeted variants of the SELinux policy selinux-policy-dev - Headers from the SELinux reference policy for building modules selinux-policy-doc - Documentation for the SELinux reference policy selinux-policy-mls - MLS (Multi Level Security) variant of the SELinux policy selinux-policy-src - Source of the SELinux reference policy for customization Changes: refpolicy (2:2.20190201-2) unstable; urgency=medium . * Lots of little changes, many for strict configuration. * Added policy for certbot AKA letsencrypt. Checksums-Sha1: b557e73b925df65e326cdbd9d55504ca25dc7a35 2453 refpolicy_2.20190201-2.dsc 7bef87ce3d41ace034c34e574ea2834f99442014 70088 refpolicy_2.20190201-2.debian.tar.xz 34535da1002dfeaa33ed43f9cff9ab316fdfcb7c 7700 refpolicy_2.20190201-2_amd64.buildinfo 5654d6b2f30f2faf1886798c085aada2de388899 3366972 selinux-policy-default_2.20190201-2_all.deb 79191b09721fef6304530a114c91e1b4b21c98db 489448 selinux-policy-dev_2.20190201-2_all.deb 83ccc2a9cfe6068e36e501780360d851209f4727 462956 selinux-policy-doc_2.20190201-2_all.deb df98125dfb421f1708608cf0d16462bccd7ab357 3397608 selinux-policy-mls_2.20190201-2_all.deb be0c075de7ac394c15d5c9fefed123eaa351ce59 1292908 selinux-policy-src_2.20190201-2_all.deb Checksums-Sha256: 0e84563976206123a407fe5abbd7d8c9bb916f96a84b3345fa5302d8fb8b25c1 2453 refpolicy_2.20190201-2.dsc abb87e7822ced8346c937f294ae456eeb53db5edcefa160bb69930717c13f11b 70088 refpolicy_2.20190201-2.debian.tar.xz d8d552f9c8f7e681c36f8aca4e52422a5017514d84c0944596eada44fa089819 7700 refpolicy_2.20190201-2_amd64.buildinfo 9d817e556dd74108656016137f33fdaff84bd15c96e8a39e53e9a66b9431f409 3366972 selinux-policy-default_2.20190201-2_all.deb e4cea1866197b86be10ebd35b767d122f802e9678b45cb8f987d0ce83c2218a8 489448 selinux-policy-dev_2.20190201-2_all.deb 9983a6dd79ca942c16258cd4c4b0129646277a1ecb156c865cae55fd3736c45c 462956 selinux-policy-doc_2.20190201-2_all.deb 461e4a54f5d4f9ef54c2857f4cfd37f85bd51b28f1bd09fc896b3ff0736efca4 3397608 selinux-policy-mls_2.20190201-2_all.deb 49fb765539dda5167147fbcad1324061f3be5e428ffa86dc7a37e26da40bbc7a 1292908 selinux-policy-src_2.20190201-2_all.deb Files: 054ed9b5b351c2547660b573e96a77ed 2453 admin optional refpolicy_2.20190201-2.dsc 967f303c3f4125682f6ceeadae9d57fd 70088 admin optional refpolicy_2.20190201-2.debian.tar.xz 9c07eb3b5ff85aa72f95835c3a8e6064 7700 admin optional refpolicy_2.20190201-2_amd64.buildinfo d42518b41615120aa77ff157c1a6c1d9 3366972 admin optional selinux-policy-default_2.20190201-2_all.deb 360675ee5c0dea49be0d32936d69968d 489448 admin optional selinux-policy-dev_2.20190201-2_all.deb 0f7dc2133ee947a432705ef869e8aac7 462956 doc optional selinux-policy-doc_2.20190201-2_all.deb 62b2e1fb281f643e1e65a25d4a2f8fce 3397608 admin optional selinux-policy-mls_2.20190201-2_all.deb e3decccde8a3da83e3abc2d7b0101c67 1292908 admin optional selinux-policy-src_2.20190201-2_all.deb -BEGIN PGP SIGNATURE- iQIzBAEBCAAdFiEEn31hncwG9XwCqmbH0UHNMPxLj3kFAlxupOMACgkQ0UHNMPxL j3m0ow//e23ntLQVYaNzfCJRw8s/yL7BU0I6HlrYzLqzlKFXkcWIW3Yf4U14fBZo 9StJv+lCk1s3rfjjKZk9zThM/v1e4w+kCKS+Lb77dd/r8bx2ZA/Rp5/Qio9n6Gp3 OvDxHbKoZtvq/P/mZe6qXwIc4+mfLBtWDxHljNHjh3cW8u7Q9Eu6YYxxrsLcbPsW AnjM/5dDVw+2mriRBpRsavCllnJDG/zFDygpHHRABnJjR3nUOzeTRzLJvfH2bl1P 9yK3Kv/cTf9mI+UEMaQ1lgbG9zQRQhgvt+GiLMvuL3g2l8L2L6qX6FzGNGA9CZOQ EXjhO6NWeOhTGDuvw6M0mXwXRrNCQw8vmPEuCKDs1aGxoX1N/YDZKqX07KHsYO2F FPSNVVHXqt3snZaLUWH04TTJlRdscvhDjdYCffkyzUx8sdiGTmzHf8HWatVF9CxY LmZvjjAOcg5jmILOSze+3tE2vwjUEwDYDa94MY5SlXZNNbBVAV/kGwUfwM34kOdq sXICGWY27RruXOrkUfeqE1JdN3fOsHgu34EMnazmZ8YlMhj9b706ChAWmK2fftTd 6OQoe91JTZ7zfPAFY6PV8I2Zz/NLbf9k9FdJsr6sb37dvDEJtFoAnp77gJl/+Rhq IfBQDrQ+D3shxR+ob45M0XNyznnYfUMFbtMcVpKEJfz3bDkshSg= =Drn8 -END PGP SIGNATURE-
Accepted refpolicy 2:2.20190201-1 (source all) into unstable
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Format: 1.8 Date: Sun, 03 Feb 2019 23:28:32 +1100 Source: refpolicy Binary: selinux-policy-default selinux-policy-mls selinux-policy-src selinux-policy-dev selinux-policy-doc Architecture: source all Version: 2:2.20190201-1 Distribution: unstable Urgency: medium Maintainer: Debian SELinux maintainers Changed-By: Russell Coker Description: selinux-policy-default - Strict and Targeted variants of the SELinux policy selinux-policy-dev - Headers from the SELinux reference policy for building modules selinux-policy-doc - Documentation for the SELinux reference policy selinux-policy-mls - MLS (Multi Level Security) variant of the SELinux policy selinux-policy-src - Source of the SELinux reference policy for customization Changes: refpolicy (2:2.20190201-1) unstable; urgency=medium . * New upstream, lots of Debian patches upstreamed. * More systemd support (moving target). * New upstream Chromium/Chrome policy. * Add xserver_allow_dri tunable for most X server programs to get DRI access. Checksums-Sha1: a04f3a26070f5e3a34e3f89eb92cbb68f562067d 2453 refpolicy_2.20190201-1.dsc 15045f12b17710bc194b081415bd0f57a9744264 552750 refpolicy_2.20190201.orig.tar.bz2 b5bfac1081a43cb3ea1e5c281a54c2a9f3fd6fc5 64104 refpolicy_2.20190201-1.debian.tar.xz ccac2235b406517d5bcf719c7eab5aec4062e923 7708 refpolicy_2.20190201-1_amd64.buildinfo 318f5f44e8ebd0246c70a275e5416e4acd74f529 3356224 selinux-policy-default_2.20190201-1_all.deb d190e4920de8cdc15d7286526f72c6aacac9f560 489092 selinux-policy-dev_2.20190201-1_all.deb 2536650ca62b75bf64512c668c63eba4454ca54c 462636 selinux-policy-doc_2.20190201-1_all.deb e3ff550c603197e60e5655a4f7eea2463b73da33 3395120 selinux-policy-mls_2.20190201-1_all.deb fb049a246c5367dbb9becd80a40be0f581a5 1289116 selinux-policy-src_2.20190201-1_all.deb Checksums-Sha256: 492facfbf3d7b9cfdd678d7c4b2c913da43052778cf65899b63597b05b7e813d 2453 refpolicy_2.20190201-1.dsc ed620dc91c4e09eee6271b373f7c61a364a82ea57bd2dc86ca1f7075304e2843 552750 refpolicy_2.20190201.orig.tar.bz2 0627a1bb0824ce86216bc3c9701d243ab5cc467366f8266bb793215b27a1f7dd 64104 refpolicy_2.20190201-1.debian.tar.xz 8d18d32d960e93dc0f5d4eacc1b014e5943a58472c0a7d81b4d44ba3803c3a1c 7708 refpolicy_2.20190201-1_amd64.buildinfo f24e7d77e2415b9690a98e846f0cba97ab83de0f866520084757ea31c7cd2b1e 3356224 selinux-policy-default_2.20190201-1_all.deb 0004e5cda0a6a0c3e85e9a97de5bd91d01ddbc78648865f4b6a3afb3fc996333 489092 selinux-policy-dev_2.20190201-1_all.deb 90baca183569e332330d73e4a0f1e8dd95135b5fdb77c3348b68fa4c8321284f 462636 selinux-policy-doc_2.20190201-1_all.deb 4d691aa3a51a9a812c0c2f6e3051cc49be61da0045ff23f52f1da2f10921d912 3395120 selinux-policy-mls_2.20190201-1_all.deb 086266dc86021c66e9520a52d36d43a003975c548bdd1c94d6e3b13cb9fe6d97 1289116 selinux-policy-src_2.20190201-1_all.deb Files: 268495ffad295d3757e87d97d31f0e00 2453 admin optional refpolicy_2.20190201-1.dsc babb0d5ca2ae333631d25392b2b3ce8d 552750 admin optional refpolicy_2.20190201.orig.tar.bz2 db3a5fad58a256c0904f068b28a5b00e 64104 admin optional refpolicy_2.20190201-1.debian.tar.xz f1c4fafb10df814e1352efd406878809 7708 admin optional refpolicy_2.20190201-1_amd64.buildinfo da4ab47808cb2b40d308e27b5a741b6f 3356224 admin optional selinux-policy-default_2.20190201-1_all.deb 6947fa99a783830be8e295d910234be1 489092 admin optional selinux-policy-dev_2.20190201-1_all.deb 4363910857288165222d41556f6add01 462636 doc optional selinux-policy-doc_2.20190201-1_all.deb 4d63e27e80fae45144dc1c08684827ca 3395120 admin optional selinux-policy-mls_2.20190201-1_all.deb 2fa36843c210c331b70909fe2f19563b 1289116 admin optional selinux-policy-src_2.20190201-1_all.deb -BEGIN PGP SIGNATURE- iQIzBAEBCAAdFiEEn31hncwG9XwCqmbH0UHNMPxLj3kFAlxW7XEACgkQ0UHNMPxL j3lXQRAAyC28sPOXJ+EtprjFp6HUztbJy2xmyGksMPMCIjqPIAPczL5MHRa0ju4N TjHRmRBxupMKx7YW0LyClvDQe3FmSx7M6qGTQmaZCtR2aH/Qw4nbFLb9r3YOPZQ+ aBgcV066ZJ+Knd4qOGGRKme+hT4cK4D420eyy3eyA+IVwqWZlCMp5fL+/9oFwZRS XB5bw9b9oNtAHGAtMgeY+jI3IIZx8UCoipozWAP2R2hiw5bI7v/0mlHnQ1FQeI/T ezrz8jTXp2vXIAZus3xoldkjpaFDFiVS7j5o0djiRzNvWUEDt2j2itxrouksQ1tN QBb802Qto81p/fPLB2AJcxi2bMdfdjTIVK2S+Z3JbFQcIGOXdJpGzWPux8BxyUJL dfwHrOWnlvFyIsNbcfwC/ZgmkIEiANctyVrbihtXLSre/t6hTSYlnCxkKuCCTTdC 3s31poGe4m4wkWQroS6NJY8uyLYp1o1vIr6zQYyKxGYkyslKK/nyjz3iSRl6SMxL hAUK8GCUGEMb7fRRVl8y62bO+Dw96XMm3eGG7gzfGYyDcT0lmxIAZoN4NwC1qNux dU1hK6zIlH08uDVcmCDsVqoPDo+1PIVjaQLcaHlC9z5gdijQCwRpg92A3atxkdbL KmP3FpypvXfdhNwtRmHc2HW6Z8w3QI0Ku9N8ERZ+5KSeqE0mhPw= =tpRG -END PGP SIGNATURE-
Accepted refpolicy 2:2.20180701-1 (source all) into unstable
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Format: 1.8 Date: Mon, 21 Jan 2019 14:05:59 +1100 Source: refpolicy Binary: selinux-policy-default selinux-policy-mls selinux-policy-src selinux-policy-dev selinux-policy-doc Architecture: source all Version: 2:2.20180701-1 Distribution: unstable Urgency: medium Maintainer: Debian SELinux maintainers Changed-By: Russell Coker Description: selinux-policy-default - Strict and Targeted variants of the SELinux policy selinux-policy-dev - Headers from the SELinux reference policy for building modules selinux-policy-doc - Documentation for the SELinux reference policy selinux-policy-mls - MLS (Multi Level Security) variant of the SELinux policy selinux-policy-src - Source of the SELinux reference policy for customization Changes: refpolicy (2:2.20180701-1) unstable; urgency=medium . * New upstream policy. * Depend on version 2.8 of utils. * Build new xdg module for X data types. * Lots fo policy changes Checksums-Sha1: 80fb226ffa6306f056d97f992b5c4b4581b7bf33 2453 refpolicy_2.20180701-1.dsc d937e7cca5f0ba8343fb5122e9955f3d78653c3b 753050 refpolicy_2.20180701.orig.tar.bz2 6850dc1711337167f2f93a6b6e508786cc0d2fff 79936 refpolicy_2.20180701-1.debian.tar.xz f789aa509f2dd509026eaacb8f7459e2e778f319 7711 refpolicy_2.20180701-1_amd64.buildinfo fff47725f2b2b2d5ad60adf90eb7dd1440d0cf09 3340548 selinux-policy-default_2.20180701-1_all.deb 16233ec3d5912d8f91ca0aeafcd0e28043bf61e2 484580 selinux-policy-dev_2.20180701-1_all.deb 96931253fe5e7261646dc692654e1993659fb595 458472 selinux-policy-doc_2.20180701-1_all.deb 56b72248c35d3a51dd54dd3a381376623f8ff3cd 3374580 selinux-policy-mls_2.20180701-1_all.deb 4efd033ac75f5a75724423e67c5827cd2d3daaf8 1264672 selinux-policy-src_2.20180701-1_all.deb Checksums-Sha256: b6381a65fd4b253471514c3b32efe9ed16d2dbc17fc7349fe3a5fc2d55c1cc20 2453 refpolicy_2.20180701-1.dsc dca99ee829b41f216474170c0e38aae99b01a0406a841bdc7347b49aa24f6c7d 753050 refpolicy_2.20180701.orig.tar.bz2 6a134eb69109036820126bf06bfa054204a6aa1f5814aec08fada77603f0fd23 79936 refpolicy_2.20180701-1.debian.tar.xz b9463d1ce89238a7b096f28661feadc590cef1c03337af553aed6a0b20d6e169 7711 refpolicy_2.20180701-1_amd64.buildinfo cff434cfe4a11a58d397f83a4a15987f6fb45d36fcadb8ab1263d2dfce3fe72a 3340548 selinux-policy-default_2.20180701-1_all.deb 7cf91f0d684c9bc96ca07b6ec9fbd031593945397b310b7836ba240d2ca3ab05 484580 selinux-policy-dev_2.20180701-1_all.deb 5a7c3d60aaeda08fc14ddfb8edf4bb3f630693ec3ae2c3e01c9c5558a5a7e8da 458472 selinux-policy-doc_2.20180701-1_all.deb a9d39f97c885b14187d8097230c0293c3455ff2c6c571e9a35c6051807513987 3374580 selinux-policy-mls_2.20180701-1_all.deb 45c94eba8157b242e7c816c4b3730a137a35068dab505bb827567486383e38b0 1264672 selinux-policy-src_2.20180701-1_all.deb Files: b624deeca84858e4d0fff9c662011046 2453 admin optional refpolicy_2.20180701-1.dsc 61e1c261e6698b6401d2f31129976bcd 753050 admin optional refpolicy_2.20180701.orig.tar.bz2 2f53456b15b0d3fc3c650f4793bf709c 79936 admin optional refpolicy_2.20180701-1.debian.tar.xz dae47b9ec9d7df94e1cecbc2eed8eed9 7711 admin optional refpolicy_2.20180701-1_amd64.buildinfo 13c2114185364050016f4094adaa9911 3340548 admin optional selinux-policy-default_2.20180701-1_all.deb 23950635893abfbe0de769ff1225560d 484580 admin optional selinux-policy-dev_2.20180701-1_all.deb ea29148a3faeec8857805ffe00b62213 458472 doc optional selinux-policy-doc_2.20180701-1_all.deb 098641ee6f572ad3f1f8e59e3aa46b27 3374580 admin optional selinux-policy-mls_2.20180701-1_all.deb 47c0526bd05d390e9c856609fdef3196 1264672 admin optional selinux-policy-src_2.20180701-1_all.deb -BEGIN PGP SIGNATURE- iQIzBAEBCAAdFiEEn31hncwG9XwCqmbH0UHNMPxLj3kFAlxFOmQACgkQ0UHNMPxL j3k95A//d+jEWha1whNpbw2hQLGlM5O7oJjhqwHZQqtR7e7AB1agsq+ni5/UJ/0N nDfeT6wylmuly07YPwpCfnpfHEZuHRlf3VfmxfLo09num8O0LZYT+cY9lwCC1EEK jvUoJxpbzyj1J3uEL1gogSShap1VsElIgAgstx73Ckp3+iEWiVNzTUQsDYS1GiKO S+lPK01bJPSYiMnV1m2F0hv99czRGC+yO7cWsx5Bg6YnXjU07mPJu9lvZfizmPAn R8Xju4jEkGeORU1qtl4Aq4+YUNYQlyyqeLMeUe4s+gL8XpjkSEvvoseOovjJJBuI hpPGMoOV4Nmt0ZHgDMsQzP8Ss1mG5pWhavwI62W97gsWaDGLYtNywBfVEskA2bd0 rCPsHm2kcZN3IoHUy9KYL2y+FUIAmJh+SwQWQytlzIESKaaSsDgiP+tnoo7h/LOV t+Eb70/KIboDDTKYtfyHv1s08Ai+94aSrH+Kob0tZEc9scbuGkL4zO1OSsDAy4J3 FIuUH0GJn5H7J4c/c87CMYkV6pn/QNOZ1XuOsjYfJwgk7jQTf8ExzHTAgfEy3XFf n7bdMZReZj8BGr+o9AGN6IV+H/4+9HZUJz7m3CzwIZrX5pA/NzzNapxiIrh5F45Y /+V5LP6AB0cnOxqMamK0oKt442WtaPI9tRku6BpKezY21ZPnpTs= =lifv -END PGP SIGNATURE-
Accepted refpolicy 2:2.20180114-5 (source all) into unstable
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Format: 1.8 Date: Wed, 02 Jan 2019 10:24:07 +1100 Source: refpolicy Binary: selinux-policy-default selinux-policy-mls selinux-policy-src selinux-policy-dev selinux-policy-doc Architecture: source all Version: 2:2.20180114-5 Distribution: unstable Urgency: medium Maintainer: Debian SELinux maintainers Changed-By: Russell Coker Description: selinux-policy-default - Strict and Targeted variants of the SELinux policy selinux-policy-dev - Headers from the SELinux reference policy for building modules selinux-policy-doc - Documentation for the SELinux reference policy selinux-policy-mls - MLS (Multi Level Security) variant of the SELinux policy selinux-policy-src - Source of the SELinux reference policy for customization Changes: refpolicy (2:2.20180114-5) unstable; urgency=medium . * Updated everything in debian/control to refer to version 2.7 of SE Linux packages. * Lots of little policy changes. Checksums-Sha1: 1c163123c025ee40979c8ca070c0a7194b8d9cc5 2447 refpolicy_2.20180114-5.dsc bd7e30d544c55652ddc587a312b0b9818b016bb8 82188 refpolicy_2.20180114-5.debian.tar.xz 388b92670e3c48cebf63cde13c13d787e62c326d 7712 refpolicy_2.20180114-5_amd64.buildinfo 81ac63bc7745ab1bd9d6e8db927022808303ef1f 3303480 selinux-policy-default_2.20180114-5_all.deb 25beae5cadb269e1abe17f383f8d3cdaf15f4ef4 475912 selinux-policy-dev_2.20180114-5_all.deb 29a66cb9ea67e42abd077b8722f10c1b888c284f 456780 selinux-policy-doc_2.20180114-5_all.deb 72da97740f85d1358325e744f85b7a6aad7ec43f 3346040 selinux-policy-mls_2.20180114-5_all.deb 4a1e15a741fbe8d1725aa0fb1ca2ea79265f8cfa 1276900 selinux-policy-src_2.20180114-5_all.deb Checksums-Sha256: 2eff3353c6321f6a29d3456e6a21e1fe20f16dddfa04cf1efc21b91775a5814a 2447 refpolicy_2.20180114-5.dsc 74efb7d015f75dc3e2734a0e4e751dcca7c0237bbc2bea56ed926c34526bd1b5 82188 refpolicy_2.20180114-5.debian.tar.xz e3793728d3cddaa5182dcf94e1cffec326e31f651cc7f8fbb3e84f6999ee854a 7712 refpolicy_2.20180114-5_amd64.buildinfo 91708086ea6149af9e304adb77ab8fa5685671e06335eb4744e5581c917416a8 3303480 selinux-policy-default_2.20180114-5_all.deb b74d64f451415f32e23f24ac7ed29b04813ae248f8e1c7f334d605398bd9433c 475912 selinux-policy-dev_2.20180114-5_all.deb 4ad19c7c141c203262778b9c41febfe9e11a862c1445e0899de2c8be3dc4a78e 456780 selinux-policy-doc_2.20180114-5_all.deb 22043f983335f6910558d83e1328885b9197603db9c4b279112a7f9605392d8b 3346040 selinux-policy-mls_2.20180114-5_all.deb f40086d2becf3286c403619040b40f3dc3cc93a38f7adcfd665343395b5e2bbf 1276900 selinux-policy-src_2.20180114-5_all.deb Files: f014954bd828d827c20eb5ee7e9848cc 2447 admin optional refpolicy_2.20180114-5.dsc 2501ca789a732c91d4645f053446074c 82188 admin optional refpolicy_2.20180114-5.debian.tar.xz 61e3758fd0ea44bd4c22d6937ab35a77 7712 admin optional refpolicy_2.20180114-5_amd64.buildinfo 8a75e5622c79f714acef89cb9cbff072 3303480 admin optional selinux-policy-default_2.20180114-5_all.deb e9e8f215f4e75a1ed2025df414ca1093 475912 admin optional selinux-policy-dev_2.20180114-5_all.deb 8925342d8b160fbb62ba9863b9a60201 456780 doc optional selinux-policy-doc_2.20180114-5_all.deb da2e70473be835226f50c85bcd081239 3346040 admin optional selinux-policy-mls_2.20180114-5_all.deb 77910c513c7e3208504d0eed2628c1ed 1276900 admin optional selinux-policy-src_2.20180114-5_all.deb -BEGIN PGP SIGNATURE- iQIzBAEBCAAdFiEEn31hncwG9XwCqmbH0UHNMPxLj3kFAlwr/VcACgkQ0UHNMPxL j3mdxw//ddJbunumm2OIB6YbqNDbFEBT2IOM8gyaBtuBGBi89W2jy7/MRemg/wK4 700WQk3HxaIxNK0igKPSJNy3bgEnjt1TiIc/zDRuXgRsMrB4E8A8J8nDuTCCDg5y xhO0GOPhznKx7ypx13JCYK61roEv4ik1QkflV7oPKkTmMhb3p6gFVjL/w7rkQuQc kACqIK7M3GOJ43P4cdTj7m3icE6a/2Z/OiNfYLXPnAK9vweKh1pR3+m0S54UMXj0 GuDekDLk9qE5A0ZsR3VF5JU7qxjyDfWd8zMBp98FCbNoOQAaG2oqzvVaZFTqOGtP Jcp7qFUwmoBsJHPSCh/rz/4CjDLmN+/TSo52IN158qhjNMM0/c+TXRf1GM3dAN6a GwIy1eJeL/NSrmCCe9upwWj7ewUPpqyUz0H9YSbZWNk3Eyfjku7vypGl10ckrJa9 tIeenVx5vYj0S51GciGXBWilhoC2ZAoz/5NUproHv13SA7zarMRGSQdNKrX/Ydyj dXW17o3eoO6oBcT7ntrYAB5cbbhlCjEqFHRVCxpbl5VbVTK+eX1O/X5EfvPx0Y/2 Wiq0CMUO/y9TH5/q1ArytMgive3X6q/GW4bscH6R7nztNiuNyrcfavlceZrhx3Ws GiQO9kcatwuG4YX3/fJrYQpBH0Va4/cHM50BKmD8l0sve1YOyrk= =lgfU -END PGP SIGNATURE-
Accepted bonnie++ 1.98 (source amd64) into unstable
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Format: 1.8 Date: Wed, 26 Dec 2018 15:14:28 +1100 Source: bonnie++ Binary: bonnie++ Architecture: source amd64 Version: 1.98 Distribution: unstable Urgency: medium Maintainer: Russell Coker Changed-By: Russell Coker Description: bonnie++ - Hard drive benchmark suite Changes: bonnie++ (1.98) unstable; urgency=medium . * Fixed macros in bon_csv2html.cpp that had lower case due to excessive matching on a regex. * Changed debian/compat to level 10 * Allow specifying the number of random seeks and the number of seeker processes and store that in the CSV. * Changed bon_csv2html and bon_csv2txt to take the new CSV format. * Changed the text output to use KiB/MiB/GiB as units of measurement so we can fit NVMe results on screen. * Changed the HTML to be in MiB/s for the bulk IO tests. * Changed the default size for getc_putc to work with faster CPUs and more optimised libc. Checksums-Sha1: 1a1981639a1d4ebed816ed69f5f99c71a94425ff 1410 bonnie++_1.98.dsc 0a6066c0aca248ce241d0b3637d4642ee9023801 100339 bonnie++_1.98.tar.gz a16d21ab9c1048369d5f57f66405c577fb6c1fe5 5417 bonnie++_1.98_amd64.buildinfo 2f5524badccb02a8d4cc5e0dfbcdb0137f3af404 62804 bonnie++_1.98_amd64.deb Checksums-Sha256: eccd0876ceada44d506c425fe89d98cde599a7db3c9d611d571ccdb88c6a2a5f 1410 bonnie++_1.98.dsc 6e0bcbc08b78856fd998dd7bcb352d4615a99c26c2dc83d5b8345b102bad0b04 100339 bonnie++_1.98.tar.gz 048966ddba40b878c4091019ed51e61e2c55a4c9a2fa7cbdd326ae4b12412cde 5417 bonnie++_1.98_amd64.buildinfo c27c9c8607ccc3b95b86b95c35d57c3569de6e1b6ac25be5c208c991a112513a 62804 bonnie++_1.98_amd64.deb Files: 801f85a35f7acbca11ef8451a85acb8e 1410 utils optional bonnie++_1.98.dsc 5bb79f393b4172a0d7014ce4125454cd 100339 utils optional bonnie++_1.98.tar.gz 3704e329a90944bc687f25ce46b2feb1 5417 utils optional bonnie++_1.98_amd64.buildinfo 76861ca5f96159c11d0f2d7b1c182ef0 62804 utils optional bonnie++_1.98_amd64.deb -BEGIN PGP SIGNATURE- iQIzBAEBCAAdFiEEn31hncwG9XwCqmbH0UHNMPxLj3kFAlwjAMsACgkQ0UHNMPxL j3lHfRAAzZ/iVLXw1fuLrR4dfs+bMQnINGI6kyfCgBcmV4Pb2zyU7HVmO1cXQDZ5 XvjJ17ngHLb2nY4FSGt0AbRFHbjona/XgVzcbm/mAHRwwGw1COZHMJYMG2gvaXKr tJwJ4/oBhQQ/AGXo97kyx2ITtLx81t5XTnCEmnz41Dq7GUx/YlXE/GlrJTZR0a9D WDUei6OAP424a2/zwKxoSrVuSd9H9WdRzv0qHXppHOIguUbRdPopS2/8q73vdUS4 eeT5mRkX6H94QX08PuxZawskE/nY/K0D1WxeaMZHSeExD0VOXbtOmqtIe32lEP4g ctG0kABbM45YHR69fj5oys1VIVtvf8EcpMIMYgxx1+XF5P2JrEqL+nn0XmfZWbSu ooYAaLugmYKJqDgmq+e262r43vyv/ZHVn3/dveKhCe9xchZTaGyXMrW+0vcn9Tsq Wc+NKX5gKE+tQQ/pP8ygBGCvDRtd1xIgGweugw5pIZVFNp+kqXkO5ImExRTMsSUM qeyoMfa+lwlv3LZ17LwsfBCJsBLK+k8IOaowfaQWbJ24lA6wkbhrXxAQfWYAqxgi 4pWDwYP4x945V3MKLnmDfmRLKmg2EA67EuMB7V+DC+Kew5TZ7bYdqvbDiYvRis5M fmGpxFdTBWKOrwl3LvmAM+ZGHLOImfKTSMQxghLyq70ij0J++So= =3Xg+ -END PGP SIGNATURE-
Accepted etbemon 1.3.3-3 (source amd64) into unstable
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Format: 1.8 Date: Mon, 23 Jul 2018 15:24:34 +1000 Source: etbemon Binary: mon Architecture: source amd64 Version: 1.3.3-3 Distribution: unstable Urgency: medium Maintainer: Debian Mon Maintainers Changed-By: Russell Coker Description: mon- monitor hosts/services/whatever and alert about problems Changes: etbemon (1.3.3-3) unstable; urgency=medium . * Make btrfs.monitor check for subvols and also use a SETUID helper instead of sudo Checksums-Sha1: 72eda72b71f6773621be9cdd96f2ec2b2d2e4ed2 1697 etbemon_1.3.3-3.dsc 2c4a8db50af6c6181fa461f5129162f564b48af7 1192051 etbemon_1.3.3-3.tar.gz 2804015f21ef889fe7138fc402cf0bb0980f2f9b 5880 etbemon_1.3.3-3_amd64.buildinfo 63f3d867640732f810e99237b7d863da76bba54e 15896 mon-dbgsym_1.3.3-3_amd64.deb 53baf55112faa53226e6015d72b8ec9c07d775a5 285808 mon_1.3.3-3_amd64.deb Checksums-Sha256: 81d5b84676ee454d174fbe0af4e33fb0f4f3b4b78859f1ad0c28e5ca94e58afb 1697 etbemon_1.3.3-3.dsc 631a9190329333aef01b29755d55399efb341d16ebe5c753697e6344179efba4 1192051 etbemon_1.3.3-3.tar.gz 939a4825de218ce7f7926fa9780f612792ab0b5b10f6cb78f421cb66b2b26c87 5880 etbemon_1.3.3-3_amd64.buildinfo 338984a1a1c7f6940d0d11a3f9014f2e79a685b3a2917a42dada081a32c960eb 15896 mon-dbgsym_1.3.3-3_amd64.deb 4274fae91c683da5170045ea8827858c40726a642fe7019ed452dd6e0ca4891f 285808 mon_1.3.3-3_amd64.deb Files: 0035c6e4c150b29acbb987d69f3cafee 1697 admin extra etbemon_1.3.3-3.dsc 5eaf1c443a56044560edea83349fb43e 1192051 admin extra etbemon_1.3.3-3.tar.gz c4ccd2f0a4a63a8c222d23be41eaea18 5880 admin extra etbemon_1.3.3-3_amd64.buildinfo 2775b1e86d9e4fb9129a31f4c95208c5 15896 debug optional mon-dbgsym_1.3.3-3_amd64.deb be7e3efca63cfbc04749ab903251f46c 285808 admin extra mon_1.3.3-3_amd64.deb -BEGIN PGP SIGNATURE- iQIzBAEBCAAdFiEEn31hncwG9XwCqmbH0UHNMPxLj3kFAltVZvMACgkQ0UHNMPxL j3kKyBAAhtTgR8RaguPf29fJD6Hqm+SPZXSEYemGl8lsp8G1uxGN0rIsfITS+nT2 sYBrv73NzUcSHLNuoCxT3EVkxEd6XBJh8oDP2qkGcCZ3iuZ/fcz/8d4G+yTu0aix TijFa+HK53Pmsd5u7KSUPWXd/1p3Fzulhqze4CRm7OFaNYeAma/UBMCZZ/qUHYxx DjjMRR+sGwX8Vi3b94Z2yDZkRlnifWAKjfFWppGZrHHv4RmnLRfuuRX4u8IJ7g5l 8ToU/9yb91Fc4PbymhxnhjUn/zNfUvNuNbKL1KWPyJkIH8z9seAJD/T4YsQJJ5ul J6Z0u+rq/PZfFY5yj0l1vtNc/SvXEv4U/ntFMIEy2mvP4uH0414yB5Ys/NkZAJgA CInP8p5FglljBIRUZ+eAibjYiU3fgq1MQW+TCEJ/gKm/afJOYZMRkBA+szWH5I/T brfJhZfUBj/jOAa/Fp3XNV3RMAMFJKnhLXC+AaWlISXEmHObQbvM/Ez5uRhngX/7 OyNwaEPP02pdHjNE4ZhSNkzj+2bzXpM+nKfIf3BE0KzKk8hdoQpL1SbCAuzn02KY NoDFbnW8K/JeoODHwlLTiZrgbZMNw95JL7jcKCcmC9nwVAAiEdbRHmCQsV5aLpsr KAxOVcT3S/Uts1BJEYeGnYw1ccAlaN1+Nn1Hs21+trvdCUMn37A= =ZXQm -END PGP SIGNATURE-
Accepted etbemon 1.3.3-2 (source amd64) into unstable
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Format: 1.8
Date: Wed, 11 Jul 2018 01:40:04 +1000
Source: etbemon
Binary: mon
Architecture: source amd64
Version: 1.3.3-2
Distribution: unstable
Urgency: medium
Maintainer: Debian Mon Maintainers
Changed-By: Russell Coker
Description:
mon- monitor hosts/services/whatever and alert about problems
Changes:
etbemon (1.3.3-2) unstable; urgency=medium
.
* Don't abort mon.cgi when $ONDS{$group} is invalid
* Removed defined() around hash and array checks not supported in recent perl
* Check Received: headers for long delays and clock skew in imapnew.monitor
Checksums-Sha1:
a2f0c29447fce90eaaa294f664706936ab52ad8f 1697 etbemon_1.3.3-2.dsc
18fd5393060d67c79adcfd10fea211908351ab2d 1153183 etbemon_1.3.3-2.tar.gz
09f31cf29684ad3ce90e087e216434d50d7daa15 5742 etbemon_1.3.3-2_amd64.buildinfo
aa57ccaa338db43b6c1a27e6c8707fe165d0c450 13284 mon-dbgsym_1.3.3-2_amd64.deb
afdf0f4cfdbe76563965fae0fba3810dfc2275b7 284392 mon_1.3.3-2_amd64.deb
Checksums-Sha256:
34c5ec610d3f69edb5464f55a432f8cf4ec3f06781422e0ab374df2f7703c9bf 1697
etbemon_1.3.3-2.dsc
b4fe2621839c445f194f6bbc6577dede6c3c355094cb72b8ead508aaa91413ee 1153183
etbemon_1.3.3-2.tar.gz
5a1aed2c8215cd3928a8f5d4024df2a8eda1ecc1626f550cd92b852abd85d380 5742
etbemon_1.3.3-2_amd64.buildinfo
c731a67b494e6636ec842804074850c00f34a933bcbf61b39fd1424bed881f4f 13284
mon-dbgsym_1.3.3-2_amd64.deb
a13c55c4b66287c5f4160763ea5a49d99efeee052475ed1eed5328cb55c5928b 284392
mon_1.3.3-2_amd64.deb
Files:
06a2c0bccbda724c5e120aa972e61f7c 1697 admin extra etbemon_1.3.3-2.dsc
4ce57d1bb8bea38fd58023241f62fdde 1153183 admin extra etbemon_1.3.3-2.tar.gz
a22aae4f618a93e3dd51287d2ccff5fe 5742 admin extra
etbemon_1.3.3-2_amd64.buildinfo
d14ab4205cde7a78bba2507051199311 13284 debug optional
mon-dbgsym_1.3.3-2_amd64.deb
0ed0b9cee0fb65cc696f7108de5b1d1e 284392 admin extra mon_1.3.3-2_amd64.deb
-BEGIN PGP SIGNATURE-
iQIzBAEBCAAdFiEEn31hncwG9XwCqmbH0UHNMPxLj3kFAltE09MACgkQ0UHNMPxL
j3m38RAAwvg0ncafe3QeXqcrvWShu0Mo2oI6LHyTA/uOln3Lo44bsVE+vnzFM5lB
0smrzJgVWAOT0ff6yAIxzrOkvrAqrCDMUMe2F6HBpigYn/mTeH3HluMwBlVC8kL4
pqVH0BHoVgd/kiVokDP61sVxAFv7IpQPgWVtbIHjY2s7+EEnMkQewvVIrOz3JTgg
hx3XzCcLPzA9YDXZeKClTseJwZIRR//reZZos3Qw83R9n3ErqOjACLR0Q9pp6F/m
qvYFZxPWiW6G976RZd06SuZAM8WIackgpsQ0xpryvsDj181dtAaz6/SIwLBvgJRy
gxSUZzTaE17Z47qZ5tSiuQejsn4H4A1rTDc0SbzfXmIWEjXr127SI4OLH1sn1Xht
N6WvBMfCJvDQ+8Yr27cHTMdq5iXP3OE0Dz6e/dKsKqu2mds6iAppDjiES1H9jeBl
AnnZ/Uea0XGXXhK6Ml6eBREWlcqlULEBmYVw/N++CEMujTibD1OTorEyxDbXqV65
HyIOhdvh5fSC+Q5fG7NTStQ5aRRbapRiPMhvLBfgsUo6kX1vfSdHRuyR7hPff897
5hUJhmXclxlPaMU65446LuWCcS5k2iK51Sg27xkqYlLvCFLIgpSItmWEIwUZBfcn
yEYXJJ2n5HL/Pa7qKUKSZ8+xZy3Z7+HQyeqAs4HfviHngUyqRKw=
=86Qj
-END PGP SIGNATURE-
Accepted refpolicy 2:2.20180114-3 (source all) into unstable
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Format: 1.8 Date: Sat, 19 May 2018 11:12:41 +1000 Source: refpolicy Binary: selinux-policy-default selinux-policy-mls selinux-policy-src selinux-policy-dev selinux-policy-doc Architecture: source all Version: 2:2.20180114-3 Distribution: unstable Urgency: medium Maintainer: Debian SELinux maintainers <selinux-de...@lists.alioth.debian.org> Changed-By: Russell Coker <russ...@coker.com.au> Description: selinux-policy-default - Strict and Targeted variants of the SELinux policy selinux-policy-dev - Headers from the SELinux reference policy for building modules selinux-policy-doc - Documentation for the SELinux reference policy selinux-policy-mls - MLS (Multi Level Security) variant of the SELinux policy selinux-policy-src - Source of the SELinux reference policy for customization Changes: refpolicy (2:2.20180114-3) unstable; urgency=medium . * Added git patch for 20180319. * Added git patch for 20180419, fixes lots of typos which changes the way things work. Also adds sctp protocol support. * Added git patch for 20180519. * Build-depend on version 2.7-2 of checkpolicy and libsepol1-dev and Depend on version 2.7-2 of libsepol1 for sctp support. * Changed all Build-depends and Depends to version 2.7 from 2.5 and 2.6 because there's no reason to try to build against ancient versions and we don't want to deal with annoying bugs later. * Allow mon_t to read generic certs for using SSL for notifications * Allow systemd_nspawn_t the mcs_killall if systemd_nspawn_labeled_namespace is enabled * Allow udev_t to run iptables in iptables_t * Some other little systemd stuff Checksums-Sha1: 97411dedc399d176d0504bb7afface28c58a65bd 2464 refpolicy_2.20180114-3.dsc 17ed1029da68d542fb211b6a88c092b4a804af55 79568 refpolicy_2.20180114-3.debian.tar.xz e357123372a3cdd2c311d2d42bd4b6c132541131 8050 refpolicy_2.20180114-3_amd64.buildinfo 63e4322b6ed480206dec702633cf895c55be9546 3301172 selinux-policy-default_2.20180114-3_all.deb 9564b20b6a027c5466cc9889acb22b0bc2b48a24 475260 selinux-policy-dev_2.20180114-3_all.deb 8a7f2de7188ed1e2b0cbf92c9045d90321cd7c48 455972 selinux-policy-doc_2.20180114-3_all.deb a5becc68fbc3ac719379d47fb3c52965365a10d1 3345752 selinux-policy-mls_2.20180114-3_all.deb 2782c12c8705c3c113ae85800142d4a0471e3719 1268428 selinux-policy-src_2.20180114-3_all.deb Checksums-Sha256: 182b27eccc23dc9f1f6db215eb51bee992bfa763a5ef5b9047e3304e141c672e 2464 refpolicy_2.20180114-3.dsc 0f1a6177ed9503fc8106cbab3f54d6138c0896d8528b3668cb61587cdc7a30ee 79568 refpolicy_2.20180114-3.debian.tar.xz ee041458b99fe0d07d6cbf9df97faa4c65145ff2a5aec40122ca21015b46c40b 8050 refpolicy_2.20180114-3_amd64.buildinfo 9af36fd0eded0ec2fcafebde76d76693013d4f9b2c6fd37166d0921c37a46d35 3301172 selinux-policy-default_2.20180114-3_all.deb 25c50170b72e6bc9618d615e848150f71bc79be5d4823447cec6764a8f800823 475260 selinux-policy-dev_2.20180114-3_all.deb 9982057ce32afff8e0b457ca47c883ff03d87623fef3548cd2617245ee1fc223 455972 selinux-policy-doc_2.20180114-3_all.deb f8b719a2516ed3d22fb8a169900483761e841273e59d908ffe1c4019663f7585 3345752 selinux-policy-mls_2.20180114-3_all.deb f602043032743f73f73f82cf541181b2454009779bc5de2ed0944c34bfb88ec2 1268428 selinux-policy-src_2.20180114-3_all.deb Files: 6596ecaadbe9a35292b24bcf4e23f1bd 2464 admin optional refpolicy_2.20180114-3.dsc b424dee4c322332e8cf171baf58d49e1 79568 admin optional refpolicy_2.20180114-3.debian.tar.xz d5f7f47663a39597b9d7bd5389a842c0 8050 admin optional refpolicy_2.20180114-3_amd64.buildinfo 81d837db2e0a7e74807a62d97b7ad9ed 3301172 admin optional selinux-policy-default_2.20180114-3_all.deb 5b251abe164b79c436b000b6dee4c0ea 475260 admin optional selinux-policy-dev_2.20180114-3_all.deb 992ab52595f06068c69960c9b8d276f5 455972 doc optional selinux-policy-doc_2.20180114-3_all.deb 82681f743d1d8d5173c06720010f4ce5 3345752 admin extra selinux-policy-mls_2.20180114-3_all.deb f4b6debc10c571d9a0b4ceb086dda3f0 1268428 admin optional selinux-policy-src_2.20180114-3_all.deb -BEGIN PGP SIGNATURE- iQIzBAEBCAAdFiEEn31hncwG9XwCqmbH0UHNMPxLj3kFAlr/xNIACgkQ0UHNMPxL j3k/Xg//apz3LO/O4drh+FQjcy2tm9qfbMxGqlKqMzVgj6kuBySq6Be7aZbE/hKi p/KmJhxHE1rwd3Pl6QOLcEXRytUep5uhARICP/OraKMx6iL8uW2ddKq/DjvRDxHE djv2pcJqHVxMHWz3075ft5Ht9RpZUW30OFvxON3UkRFYmqjYighwMNobrvrrH6FO NMlHrCEmXgbXN9TR1E+f1gxd1zms1Eh8ceMrHMwzlKqFHwPHxlJgSIG59p7fYokT sVEoBriSqvmHElshiL7OB+jqNviCUFfcW5xoWvy3YB/ro7J8OpGkL/P4oUGbHefh /+Z11jsY44kqnDJh3IE9nQ05rXmqr6PUkQEHn1fPDT6+8RnO+4/8wWCJxLbGskSZ SsV0wyz95C3Y1e9u52CYzLYoIbGg6LwYlU1uE1UbsuFMiYN1/ZW0yUUOVOcFSBCa vnQ8v3i6c9spCrqgiNPvHXQ7d23U327uSkJFz/hCz1RFhsx9NvdcTdn1aowZAtNM S6WB3sph711POBXp5ujkYSQU9NEmF99UHlEUcyc9Bl2P8QcH0np1NU5KD+0QfGKu uVxxKxgadCxEzin/j3N2+2J8WSWofotpqPJ1s/jV4HoxdjHp1iplYDQi6MTjVPJr 03ZbCny32H3C6wJXqikWzVOSMxPhgxh0vrOyRA0k80mPNBvnijo= =mfas -END PGP SIGNATURE-
Accepted checkpolicy 2.7-2 (source amd64) into unstable
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Format: 1.8 Date: Sat, 19 May 2018 10:16:15 +1000 Source: checkpolicy Binary: checkpolicy Architecture: source amd64 Version: 2.7-2 Distribution: unstable Urgency: medium Maintainer: Debian SELinux maintainers <selinux-de...@lists.alioth.debian.org> Changed-By: Russell Coker <russ...@coker.com.au> Description: checkpolicy - SELinux policy compiler Closes: 895988 Changes: checkpolicy (2.7-2) unstable; urgency=medium . * https://marc.info/?l=selinux=152078548332657=raw Add the above patch for sctp support and build-depend on >= version 2.7-2 of libsepol1-dev. Closes: #895988 Checksums-Sha1: 29918ced836a6a2e58fe44a34db737be665877c5 2039 checkpolicy_2.7-2.dsc f1027de3bcc4b3b9fd6925268a2c007279e1419f 8404 checkpolicy_2.7-2.debian.tar.xz 206f416181170fd99db7c954605874c4dd8ca3c3 242016 checkpolicy-dbgsym_2.7-2_amd64.deb 83116e86d541489143354bda760034cf75907beb 5812 checkpolicy_2.7-2_amd64.buildinfo b1780e69c773a98bc373641da2b7cad0cb37b8b5 221620 checkpolicy_2.7-2_amd64.deb Checksums-Sha256: fd1d508f180d81787a9e424c27487b343e8f1d2c9114774b7b886acacc6517db 2039 checkpolicy_2.7-2.dsc a1db77d22565852a85780d56c501363251992a6fa7a8db6d2e938dc968b8658a 8404 checkpolicy_2.7-2.debian.tar.xz c563681d1ab63e35956cc774d105110ff76716f241f49cd4f3e98aa71df8b2e4 242016 checkpolicy-dbgsym_2.7-2_amd64.deb b03796639e6d5c3aee13d2c96000966735207eafe3bbdf20a5968d2e1fca1af3 5812 checkpolicy_2.7-2_amd64.buildinfo b0b5cf3941f1a33233dea7925af8eb950bda9b1aec49439e606aa6ad932eaf5a 221620 checkpolicy_2.7-2_amd64.deb Files: 562ea08b1c845a13b9ad647f5f8d2528 2039 utils optional checkpolicy_2.7-2.dsc 9db93994937c4a606261c6f210d35588 8404 utils optional checkpolicy_2.7-2.debian.tar.xz 3ac049b64d04429fc77a68db89792df8 242016 debug optional checkpolicy-dbgsym_2.7-2_amd64.deb 19b6538b765523ffb71e4f0adacc22c8 5812 utils optional checkpolicy_2.7-2_amd64.buildinfo 006f4b32937568bc392f96df5b358e4a 221620 utils optional checkpolicy_2.7-2_amd64.deb -BEGIN PGP SIGNATURE- iQIzBAEBCAAdFiEEn31hncwG9XwCqmbH0UHNMPxLj3kFAlr/vxMACgkQ0UHNMPxL j3mKHRAA1Z3sWaQfwl6R766sJs/pI5Kz8LHa/rGVLy5IIB17t/7Z4cCMyO5tFPvE R+UQuRCz6Sx2R7i8zwkAWpbn6UdAekiWe6DaWKIUicQqqp98vymuEDOApXNqhexQ pZQst6APNM2MnzQ0Ojhxlittd/xNdvYzXdMV1m5HULYxXtmPwWbaBSao9/K67TfA cb4phsAbdydvdAis3KsbrpR/zYImJueXvq/Eg1DjdKsq0GpZL+4LF1lKrsoPK6qI fwyuBIei7eZ16HdUMbpJVPHDiTWbbHaoHwwbX+ExJhEW57XeIFSmAOdW6/9lMUhy aVCaOXA/PtAb7POZHHaMLnPUx1c3DTD3HG5iDVuzPnv61dI7+S6yB3ZqLUfZuoKh /0ADUaOcupKKolqYp6xaTjcDCYMReCvbLcXpxywFJanco+8b+WJJYDWYADKX7g8N TDy9rdPa/6rE1E3Yj8cLPEqwdCeXg//Ge0DJHvezUnIuIHy3jSenbT2koU1Utedm 3VssadWZztYV68WlkcEbfI/vXZNgPDtUBD3AFqF9RLmQQMk/DCpJ53Sdj8EobJzq ICToXqqPjLvrr4xP5Q8oxRrP3oTx6EXwhauxZGY/+b3+ouq5OJ4IB6XTEKkhtki4 GkY7UfWiA1+VylN/j73So5ujbpxIt58qRtJNGeDy2tQZ97vF6EE= =bw60 -END PGP SIGNATURE-
Accepted libsepol 2.7-2 (source amd64) into unstable
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Format: 1.8 Date: Sat, 19 May 2018 10:08:20 +1000 Source: libsepol Binary: sepol-utils libsepol1 libsepol1-dev Architecture: source amd64 Version: 2.7-2 Distribution: unstable Urgency: medium Maintainer: Debian SELinux maintainers <selinux-de...@lists.alioth.debian.org> Changed-By: Russell Coker <russ...@coker.com.au> Description: libsepol1 - SELinux library for manipulating binary security policies libsepol1-dev - SELinux binary policy manipulation library and development files sepol-utils - Security Enhanced Linux policy utility programs Changes: libsepol (2.7-2) unstable; urgency=medium . * https://marc.info/?l=selinux=152078548332657=raw Add the above patch for sctp support as part of fixing bug 895988. Checksums-Sha1: 013b9df6f6ef5a558bab3db075045c1735c60506 2135 libsepol_2.7-2.dsc 55adf1c6e2ebaf6e648a2f7639d420d9e678ec49 15452 libsepol_2.7-2.debian.tar.xz 56e63f9ee47de9a792bffdc67c04967749e598cd 921992 libsepol1-dbgsym_2.7-2_amd64.deb 503da9c7a599dd3043fd4580cdaac8d04b54da2c 335524 libsepol1-dev_2.7-2_amd64.deb 7a4384b4dd89673ba6ba011cee20ef5653482c06 260740 libsepol1_2.7-2_amd64.deb e5aa336f27f73ab7fd305cdb51137c14bbea92c0 6456 libsepol_2.7-2_amd64.buildinfo 338ffbb63521581fb9949e8d7422c27aa8135477 4824 sepol-utils-dbgsym_2.7-2_amd64.deb 9861f926e5be454a7070b77203ed97a3b64c55fa 17780 sepol-utils_2.7-2_amd64.deb Checksums-Sha256: 4924bc3a4f0d5251d95ecd4b26f78a7648589b7b770df6c86a20754aad4d6e0a 2135 libsepol_2.7-2.dsc bd5e286d86d861ec397e55b64f14588d5418a772106264661cf7ad3c7fbc7d1e 15452 libsepol_2.7-2.debian.tar.xz 9e79991e2d265c886fc49dafe02d49c7e2a218b7f2da4d038038e4df7c1ea40f 921992 libsepol1-dbgsym_2.7-2_amd64.deb 7e078166ae40aeef8497d51183f4076dc32f0110774753d6570accc261155512 335524 libsepol1-dev_2.7-2_amd64.deb c95a4befad4497dae593ec6c2bb02058fa6cc8c3d3d4303ac115bc1183bed7ab 260740 libsepol1_2.7-2_amd64.deb 3ef25f302fcb4a73d752b0c4f91bc04632bb7b6a2b84d516d22e7e8a40b9211e 6456 libsepol_2.7-2_amd64.buildinfo 816580bf2c45a7391f7da2ca2895a6220171f7c9022dfca4b08b0978a05442a6 4824 sepol-utils-dbgsym_2.7-2_amd64.deb 9d1f98aff02e2e696f4266bc263af7e88f331bbe837e4797ca69bb17ce9bb9fd 17780 sepol-utils_2.7-2_amd64.deb Files: abe28c5e646d2e66d906b2c10109a981 2135 libs optional libsepol_2.7-2.dsc f2695aefeb6dff50a8c9187bb1bb6560 15452 libs optional libsepol_2.7-2.debian.tar.xz 5f59254e51e3bb0e12b946f1f06770d7 921992 debug optional libsepol1-dbgsym_2.7-2_amd64.deb aab1fd4b90ba56de17664b02adfeead3 335524 libdevel optional libsepol1-dev_2.7-2_amd64.deb b491e8b7f60a9eb1731ce16c966c4f72 260740 libs required libsepol1_2.7-2_amd64.deb df133aaa721ec5590a2ab40ca43e 6456 libs optional libsepol_2.7-2_amd64.buildinfo 0d1a822d22b293d0a4ad23bee6f9b3fd 4824 debug optional sepol-utils-dbgsym_2.7-2_amd64.deb 8fa00ebd0f98647f19ad6e2e3ea3bf01 17780 admin optional sepol-utils_2.7-2_amd64.deb -BEGIN PGP SIGNATURE- iQIzBAEBCAAdFiEEn31hncwG9XwCqmbH0UHNMPxLj3kFAlr/qRoACgkQ0UHNMPxL j3ntJA/+P0paTshDkgeisd6eoVR5dwDfZ28WvDSlHLJScPOgXO1tMzq8WJFJIXsa pv3FyUVvt54vhawifW8aiDiz9BW+q5SxXlXKlO1/Bqo/lgO+s64M4o5t6kCgJjZR vyVKI9BKP4B6t5F13LmfMu8yjX5Q8XLwlF1qgk9JTZ7g/PsvOQPIqwwVWSCK3rEq bYZvTmasbJh/Yno6Ze4MOtM0RjNXFFCiAKoUlifEtysLJ1CiPJquSkPM144cjgwD rBJcFZ77oBGz0wL1ZpAdb4REMLPv0yAy4mOubWew6EPIAKL0VOCzACsqGZNctYtn 75DVe/HXsMDXuNs/F9a2fHK37IdIdCe9ePsK29CKR4U1FymWMJSYCXxX+iz5lYh/ 2J7ohk9K/5lU+AVskhRUXk7y4YQHjVtIAuQQcnVw1ZdDJQeNTXjb/jV10oQDPR65 KqzUzjRkG1ZTWPOPmoFo6k+iG45j/hksNv/zkB77fMa2yQNnfQ5yKuv+vA8EOTqM ui4T4ZiFZ4JVwdFnrpMLyrcaNtRM7ebbCiN45JES72uRFAkk6CtvfhY0iACjTiDc Fd0nKHXeLL4ztvdwj4UB0B35OpX/MpOhS0Bqo5Ayd8w/x/ATQ351WgQgwuoOVsmF OcQSmeztTMiUlZOgf2RNU4h9L55h+VFpctJvxpVHDAFKpMugtiM= =gPJI -END PGP SIGNATURE-
Accepted refpolicy 2:2.20180114-2 (source all) into unstable
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Format: 1.8 Date: Tue, 06 Mar 2018 14:17:33 +1100 Source: refpolicy Binary: selinux-policy-default selinux-policy-mls selinux-policy-src selinux-policy-dev selinux-policy-doc Architecture: source all Version: 2:2.20180114-2 Distribution: unstable Urgency: medium Maintainer: Debian SELinux maintainers <selinux-de...@lists.alioth.debian.org> Changed-By: Russell Coker <russ...@coker.com.au> Description: selinux-policy-default - Strict and Targeted variants of the SELinux policy selinux-policy-dev - Headers from the SELinux reference policy for building modules selinux-policy-doc - Documentation for the SELinux reference policy selinux-policy-mls - MLS (Multi Level Security) variant of the SELinux policy selinux-policy-src - Source of the SELinux reference policy for customization Changes: refpolicy (2:2.20180114-2) unstable; urgency=medium . * Included changelog entry 2:2.20161023.1-10 Checksums-Sha1: db1cbda9d0d474c9eb0d5044cf6d6af3a4dff849 2472 refpolicy_2.20180114-2.dsc ca7e592d307a2eb79c81b2d9b5092999ab5e7da7 67888 refpolicy_2.20180114-2.debian.tar.xz 7f23dbf5c033ad8db4f2d6b72248bbd9d856 7946 refpolicy_2.20180114-2_amd64.buildinfo 4551f086d05fe55e501fa603c032c507206fd78f 3272236 selinux-policy-default_2.20180114-2_all.deb d0420f4cecd1310ecfe7ac0106891829de6a1fff 473488 selinux-policy-dev_2.20180114-2_all.deb 8fbc96894ec13601e07acb6c0e707c2a38acebdd 453972 selinux-policy-doc_2.20180114-2_all.deb 4c145c629522fdac9a3b1116ef17b8daad142542 3318712 selinux-policy-mls_2.20180114-2_all.deb ae45fd051050e30839084f0a83cfb8f9a8152a44 1266368 selinux-policy-src_2.20180114-2_all.deb Checksums-Sha256: 307fec64cd539df9c6cb0748329ce761101ebe313d213f4b227c9a89f339 2472 refpolicy_2.20180114-2.dsc 359fbffc5197f4dfa5ae5c652b2db5a9e313a4d9d973872b896fffe3fc456f14 67888 refpolicy_2.20180114-2.debian.tar.xz 6986ca9fc79de00a295b7b209e29d42041cae1e5abe090533c8898bf26a25fb3 7946 refpolicy_2.20180114-2_amd64.buildinfo c06c528c970976589265c957e2bf9cdcea69ea327e123001cd39220f7cbb8769 3272236 selinux-policy-default_2.20180114-2_all.deb 57d48456cd9fb4c01a7e8c15df38dffd932b8ad52cd104ed5ee39f47c73c0224 473488 selinux-policy-dev_2.20180114-2_all.deb 879f9b26db145868aa797a999643430c73e15d6b4ae82729b696acf6b8bf213b 453972 selinux-policy-doc_2.20180114-2_all.deb 6f856eceb1e3db3f826127333e6ce21f37f76aeacfb73f4eb4dc4c02af16aa5d 3318712 selinux-policy-mls_2.20180114-2_all.deb 48367cc8da8fbe426abb258f4b0eb32e7200c868f899bad22ab08fe8fb0ebe4d 1266368 selinux-policy-src_2.20180114-2_all.deb Files: c6905c40a3100ae6208fe25c79823fdf 2472 admin optional refpolicy_2.20180114-2.dsc 276bb961d80754c8829963e4c5f9e381 67888 admin optional refpolicy_2.20180114-2.debian.tar.xz 5eaa571f18658dfce8429b01ccb81cfb 7946 admin optional refpolicy_2.20180114-2_amd64.buildinfo 292e8a9296d89d33bb971689e14cf609 3272236 admin optional selinux-policy-default_2.20180114-2_all.deb 26846bd8f8e4b5fa47463d8dd5dc1d75 473488 admin optional selinux-policy-dev_2.20180114-2_all.deb d1a83eef5540e5558ac980592191cf7c 453972 doc optional selinux-policy-doc_2.20180114-2_all.deb 42009c2caf01926b487e40c9ea25c8c5 3318712 admin extra selinux-policy-mls_2.20180114-2_all.deb 2837d2ce4e96ffe963f69bc5c80c1765 1266368 admin optional selinux-policy-src_2.20180114-2_all.deb -BEGIN PGP SIGNATURE- iQIzBAEBCAAdFiEEn31hncwG9XwCqmbH0UHNMPxLj3kFAlqeCjMACgkQ0UHNMPxL j3kN/w//f+pX1si54rjt3jiBJcLYA4O+1E/GtefSFf5c/qx2rcw+eARZh3A1vNd7 CqxAbLDUQ3zhAVoytTq+AC+vWmRPQb9g7WV46dCFFg6Om2MFGTi7892qqTD/TwpE 0U8L2Kd7xuM9EA9TQXJsYbYscuoA1PP5uZU65UGi+b+KyNPrSDDCwmmXNjE6YQ7w luWRUUh9HJQDQVGp0xxwPO73fjhwJBgW0ZeVEes1DnlUZeCIxDIyau3JdJbr2AbQ 5nzq2UYWKPBN0hivkMHg8KES0kTxrj/UfH1Ko3dTnUW5B/8N2vY58Fbpt8q5rvAb PYt7xuLP8XGba5RW1rMyzHZ+3vu7TruPcdfWn1CEXMkdb09MmHbZjogTlK4pApeX BqFPWo7RoiasrNpHmdN2If0R1G1rTpkPOXfPwXixDdR04l3NMgezh2yRMYtpS/+/ LvmI/YnWkflbZ1Z6ypgLp5dffPUZVDehBlAAx3veLnmB4IbvMAKsnIr6lNm8fd6L ffA+IZiZ+Tv2yGkVv6jRcmSLXxSGglJPp1y7SYUXespTAbhZWPf8J2Mn7nAyO2Fi m9pJqtaG82TBhKW6wJ1ua+sPsXtALBVpkof9VpRuYxeMWt2DepPK4CaQYn8JGNpB WW3fnGt9yltC7wPqFD18MzTGf2wcr+PliPaj42VI9LX2RN1wObA= =9wOM -END PGP SIGNATURE-
Accepted refpolicy 2:2.20180114-1 (source all) into unstable
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Format: 1.8 Date: Mon, 26 Feb 2018 23:25:27 +1100 Source: refpolicy Binary: selinux-policy-default selinux-policy-mls selinux-policy-src selinux-policy-dev selinux-policy-doc Architecture: source all Version: 2:2.20180114-1 Distribution: unstable Urgency: medium Maintainer: Debian SELinux maintainers <selinux-de...@lists.alioth.debian.org> Changed-By: Russell Coker <russ...@coker.com.au> Description: selinux-policy-default - Strict and Targeted variants of the SELinux policy selinux-policy-dev - Headers from the SELinux reference policy for building modules selinux-policy-doc - Documentation for the SELinux reference policy selinux-policy-mls - MLS (Multi Level Security) variant of the SELinux policy selinux-policy-src - Source of the SELinux reference policy for customization Closes: 875546 885771 Changes: refpolicy (2:2.20180114-1) unstable; urgency=medium . * New upstream 2.20180114 with patch from git version 2.20180220. Took that patch because a lot of it was policy I developed. * Delete the deprecated macro mmap_file_perms, anyone who uses this should change to mmap_exec_file_perms instead. Closes: #885771 * Now build-depend on recent toolchain. Closes: #875546 * Removed typebounds patch that upstream didn't like, seems to work ok without it now, but we can use nnp_transition if necessary. Checksums-Sha1: 0ac3e23678d44955e5541eeda557336ef9b838b7 2472 refpolicy_2.20180114-1.dsc 0a497cd28980ef9b5b0d0555eaff952a194be251 743725 refpolicy_2.20180114.orig.tar.bz2 025d34342a9759381ad9ab97a5fa14c5e7fe9e86 67568 refpolicy_2.20180114-1.debian.tar.xz 90a52d47d40f31cb2fd6ead39806f4ac27e80b38 7924 refpolicy_2.20180114-1_amd64.buildinfo 2d74833b26694ccc8d6c31b71a99bd67895dcb30 3271868 selinux-policy-default_2.20180114-1_all.deb a42a84b6c0931d26e5336860d25d552161b5eeb3 473100 selinux-policy-dev_2.20180114-1_all.deb e2b4fd0312c8935ee90ea83e5cd3e86bafce297e 453560 selinux-policy-doc_2.20180114-1_all.deb 6798a4443697130496cf88ba2e6d863e78a0c013 3318308 selinux-policy-mls_2.20180114-1_all.deb febe66a26e7c044ab312ea86e5e6798b04484213 1263796 selinux-policy-src_2.20180114-1_all.deb Checksums-Sha256: 5f9a64695bc2c32bc006e3a47bed45cafe31f34290af830b8dd728cac26d2dd6 2472 refpolicy_2.20180114-1.dsc e826f7d7f899a548e538964487e9fc1bc67ca94756ebdce0bfb6532b4eb0d06b 743725 refpolicy_2.20180114.orig.tar.bz2 9adc460f3fda67d886d83689af2ca028524fc415c4a06bab6b8fe6b12bb4e6a4 67568 refpolicy_2.20180114-1.debian.tar.xz fdd6778ef39c5cd9e505840fafd0401783a2e383239d2892a4844a239c7e07f2 7924 refpolicy_2.20180114-1_amd64.buildinfo 635a351ca81ae9ce1946bad599627c2d80deab78110209e497b6e6f3feae7b31 3271868 selinux-policy-default_2.20180114-1_all.deb 64ca50c8bf32697be2d89b7efcd54947ced09ab8415cde0b745e9e97d360f31d 473100 selinux-policy-dev_2.20180114-1_all.deb 152875d53a17bf2f50d6eaee3cd09caab26e7055dfa81f0d72bba16654dccd26 453560 selinux-policy-doc_2.20180114-1_all.deb c795a0eb8733e7cd24bd8e70017cf0c9ac78ce806a8a4d8520a96c8024231deb 3318308 selinux-policy-mls_2.20180114-1_all.deb a9ea4f2040e4d898f7c649adfad7fd91f9805ad737b5d41e59fa82e002c21f6f 1263796 selinux-policy-src_2.20180114-1_all.deb Files: 2fb50558edd3ddccbc34b6eb2d4ee8f9 2472 admin optional refpolicy_2.20180114-1.dsc 151ef30c8d0a10a4f6eb1c865a85040a 743725 admin optional refpolicy_2.20180114.orig.tar.bz2 df0c940811ae4e9567b55a76a38bcd3d 67568 admin optional refpolicy_2.20180114-1.debian.tar.xz b1a6f4c7aaf92f86ff29a359cfeaa317 7924 admin optional refpolicy_2.20180114-1_amd64.buildinfo ce755f2d79dd0ad6791b1b262ba5578a 3271868 admin optional selinux-policy-default_2.20180114-1_all.deb 91c6f3ccd7f7ac4b3b3bd15cb663cc2a 473100 admin optional selinux-policy-dev_2.20180114-1_all.deb cf3a2299a3869d7b510690a25a3c4dd6 453560 doc optional selinux-policy-doc_2.20180114-1_all.deb 291ce209fcb5405ec47ee838fffb7966 3318308 admin extra selinux-policy-mls_2.20180114-1_all.deb d35d3832f751306cfa8bfc50c2e0f6f2 1263796 admin optional selinux-policy-src_2.20180114-1_all.deb -BEGIN PGP SIGNATURE- iQIzBAEBCAAdFiEEn31hncwG9XwCqmbH0UHNMPxLj3kFAlqT/WUACgkQ0UHNMPxL j3miyhAA0Xx9iqOh7J0qHLN0IeoH9wm2aVG52dgST3WYCxlKBXlrgkcTxjzeODq1 u2pQYGd930xEhkJnWdffV467lAWvnXPJIh07W1LgnAhotNqFl7wp2I3ubX0boIX2 hK3x8cwAi9e3T81mUKA4copVgHqf8W/vVu7l5Wbh4+CgiVDBQzeS9SA9UZz4cc0i iDmvisokW/IZFDTLyAk9BmcPixf7a/xX8pFx7AVi1l+VepjQy+qvtSEtFMMCl4DD w/iuRPM7rAeizet58jlPL5A0TCfvO5/D19V7F+kbk5FRMo/3raUHyyq9dlsBdr0G 3c0OQhXhsZsft46t3zcev/DUBBSYFcBeB3g9S2lPqYCIZxWuGixZleoQdR6nQdhe J+oAM0ThFHI1aGMZQ2kv/qMD3qplqz3PWdyaSzl2zcqD8VgGihp2U4tlyfnXqEdC ghyrC/WLBc9byCVO9MKevpRxyU458RRBtAb4qrRW3JMWqDTvhFu1L20bSTo7y351 x1krMwx9T/b+126G2DKox/pdjp67nHviR1bvMDMoVbeOD91xvNaxwSbz2VvW/VvF 4qosZWQjQCCHZMqqOXJLvSSEm11ue79TNxh/C7M06RVeCFwq9UDFL2b7TXH7IH8u zVqEgbOsazWphauZYj7WUruB+K8hMm3DFYc8ZqkIOwyavXfc2U8= =xOaA -END PGP SIGNATURE-
Accepted etbemon 1.3.2-3 (source amd64) into unstable
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Format: 1.8 Date: Mon, 01 Jan 2018 15:25:22 +1100 Source: etbemon Binary: mon Architecture: source amd64 Version: 1.3.2-3 Distribution: unstable Urgency: medium Maintainer: Debian Mon Maintainers <pkg-monitoring-maintain...@lists.alioth.debian.org> Changed-By: Russell Coker <russ...@coker.com.au> Description: mon- monitor hosts/services/whatever and alert about problems Changes: etbemon (1.3.2-3) unstable; urgency=medium . * Make smtpswaks.monitor use long form swaks arguments for ease of searching the man page * Made mailxmpp.alert set a CPU time limit Checksums-Sha1: 9144ca2096a8e955d8b7cd34c44f8cc6e08e9d6e 1932 etbemon_1.3.2-3.dsc 40db6ebe8321004f179b8c42a34675df530a256d 2301 etbemon_1.3.2-3.diff.gz 0cfcdf0545628b15c9de4cdfaa70253827764f19 5576 etbemon_1.3.2-3_amd64.buildinfo 74fd80b894c73deb27f6e5ad938b155634edfb5a 13304 mon-dbgsym_1.3.2-3_amd64.deb c5cc79d9b78ce2997bc3b6ef62e757a706189205 283632 mon_1.3.2-3_amd64.deb Checksums-Sha256: caa4e97fe4d3bf843ff9a0db6f38da20ab2e4a5ad03568c9f71a863f28af9adf 1932 etbemon_1.3.2-3.dsc 8af691d1c06e273feb8443d8c58b096613ce74d47b35340997f2ca7b40462f3d 2301 etbemon_1.3.2-3.diff.gz 9bb5631ef2527c8da93342d50b96876a54da9d8dc4c7beb4f48c759bd710237d 5576 etbemon_1.3.2-3_amd64.buildinfo 392eb2d351cc39815a025cbaa98919e01c097bb6ebe70ca125a4ed9928f5e90e 13304 mon-dbgsym_1.3.2-3_amd64.deb b1114c89d21faf5a99e58397b5e6d1418084269a95f300fd6e88cbba50a11833 283632 mon_1.3.2-3_amd64.deb Files: c8bad1d787d5c1fb8bec31e290f5d0cf 1932 admin extra etbemon_1.3.2-3.dsc 86ffa6c0939a8b279369ebea055fe21f 2301 admin extra etbemon_1.3.2-3.diff.gz 4140b171fa0d988ae5b3ed7df938c888 5576 admin extra etbemon_1.3.2-3_amd64.buildinfo 24e0a7ba75ab95d827fb4239ff5b9a9c 13304 debug optional mon-dbgsym_1.3.2-3_amd64.deb 0bd0c57ced98d5d0b45b44c8cd248e60 283632 admin extra mon_1.3.2-3_amd64.deb -BEGIN PGP SIGNATURE- iQIzBAEBCAAdFiEEn31hncwG9XwCqmbH0UHNMPxLj3kFAlpJuE8ACgkQ0UHNMPxL j3k3QA//bEegVKw8AUljhB6+V5HCVvAtNVhq3qsF6sI4sHVvLHStyFbHrnOseLii WPCKzC8a2vwxh1ogK4esN37HiWtDNUqGtx9vIZ7VoYgkBjiEXXMZceZA16yQf5PV BHKuIIwjZCF0lUwqz+KJ4p1CsbMxOdz6yFo6Z8ySjZ1v3RyfxjZOHEvXXb6GbxPH RkmohZDQmGUeQHJG8P1lZU3fiQ9roflVMzz2BRHfr2xtzgBbaMTUAN+r5pIj6pfJ WlrunUeKqltvpDXOsRc7SB/4n4YEM+37G6S7JXhOOfsKw7Q2pp4LKqMqO1vCgmRl j0foy6btmUfzVJJgkovOtMAnvqvEJYcMA8L1yXfsXKzG/AFbDDciPrUS2f8AXH3u FsEbup02IjfRVQU8ZaENG1fRAbgmZj/JPcaONAGK4DB/yitpfiGckfZm8LsIIHgt BEs3hMjSDZmEyMbWuFdOuriuzJmdO+dLqsss23FqQ2EeTGxlRRdK85fq03O1nkcF PMN6HCU5iOEFkZXbd6FbWqGbzRwFmTk8Axy6ZRtXgYBXcF7Xgfhy4PUwLVzzXDAr NmR68x/8PZtOlBp7aB5i8VKwNMd3u8CtUHKCRg9FlBdHCRs2YGaaGhpOhvqMO1en Egbz+e+q6wum4SXci9vNhncfRPHuvEeWiKs7NIVxR1eD4J4V1GU= =GRiu -END PGP SIGNATURE-
Accepted refpolicy 2:2.20171228-1 (source all) into unstable
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Format: 1.8 Date: Thu, 28 Dec 2017 17:46:57 +1100 Source: refpolicy Binary: selinux-policy-default selinux-policy-mls selinux-policy-src selinux-policy-dev selinux-policy-doc Architecture: source all Version: 2:2.20171228-1 Distribution: unstable Urgency: medium Maintainer: Debian SELinux maintainers <selinux-de...@lists.alioth.debian.org> Changed-By: Russell Coker <russ...@coker.com.au> Description: selinux-policy-default - Strict and Targeted variants of the SELinux policy selinux-policy-dev - Headers from the SELinux reference policy for building modules selinux-policy-doc - Documentation for the SELinux reference policy selinux-policy-mls - MLS (Multi Level Security) variant of the SELinux policy selinux-policy-src - Source of the SELinux reference policy for customization Changes: refpolicy (2:2.20171228-1) unstable; urgency=medium . * New upstream from git with lots of Debian patches merged. This policy is not a candidate for Buster or anything, I'm uploading it to facilitate SE Linux development. The next time Tresys make an official release I'll put it in Debian Git and make it a candidate for Buster. * Removed authbind policy * Set WERROR=y to remove deprecated interfaces * Enable UBAC for mcs policy * Use compat level 11 Checksums-Sha1: d7ea4a1775afac71757b130a3d2e5fc7a7c4b5de 2472 refpolicy_2.20171228-1.dsc 3b8c7c5a946fc6810e727ac114b0d3c9c7d7830f 541907 refpolicy_2.20171228.orig.tar.bz2 846ab643ccb414c64283beb3473d94820cd2eba5 62828 refpolicy_2.20171228-1.debian.tar.xz 50f0622fa6cde317fe1f7ce4be43acceb3a24056 7874 refpolicy_2.20171228-1_amd64.buildinfo 128c8aabb478eb226761be424dd6ae7eef303663 3265840 selinux-policy-default_2.20171228-1_all.deb 5c20ea567c7f08e0998e88638a188a655ac1e36b 470388 selinux-policy-dev_2.20171228-1_all.deb e3eea1880582391bc776f06fb40406b41081c9d3 450924 selinux-policy-doc_2.20171228-1_all.deb 734efe6640d6e2a29d57800f9d014e855cde86dd 3316500 selinux-policy-mls_2.20171228-1_all.deb cbbe1e6b0be5f0b5c52abe28da9ed79620e50de8 1264032 selinux-policy-src_2.20171228-1_all.deb Checksums-Sha256: e331e806cf29f090bd3c477008f1dd7fd81848f07d2a1b4b3d6c1cfde64a8226 2472 refpolicy_2.20171228-1.dsc 8d03e4c1244aa2571efb20ad88cda2d46de07aab71e155a57e71a4675815c7ac 541907 refpolicy_2.20171228.orig.tar.bz2 0f34da8c7250fe2a2c6fd7551e46a1689025c5901571cf254bd717bb7b85cfa3 62828 refpolicy_2.20171228-1.debian.tar.xz 7bf33eb479fc430ddd1c2da5157fcc75799d524a381eb4244ee6752a7319ea74 7874 refpolicy_2.20171228-1_amd64.buildinfo c4e5ffe42766f3438cbc742190cde8085530a8d21bb34d20393a49113f97b38e 3265840 selinux-policy-default_2.20171228-1_all.deb 9dfbbab8de4600b78c32467f91c4fccafb9d822ea8634e73f5a01b223e25fe23 470388 selinux-policy-dev_2.20171228-1_all.deb b9456c2d79ba22acc3fc5e751903f597e5df64c4438b2a218c5316d620718c2d 450924 selinux-policy-doc_2.20171228-1_all.deb dc1b1faaa586a68e7ac291720de286f492bf18851ef23f16e2d649e7ca4a 3316500 selinux-policy-mls_2.20171228-1_all.deb 80a197d40209b6ca01b033f2235e34ee044656185cb341f27d30aada04cdc7f1 1264032 selinux-policy-src_2.20171228-1_all.deb Files: 294edcf31892141e18861df0f9c93bc3 2472 admin optional refpolicy_2.20171228-1.dsc 4df29cd2339dda0e745ccd2c5dc4a962 541907 admin optional refpolicy_2.20171228.orig.tar.bz2 0efbdfd86ddd61791b09455561ec2bcb 62828 admin optional refpolicy_2.20171228-1.debian.tar.xz 188248fac8414ff9a3fa423c13155998 7874 admin optional refpolicy_2.20171228-1_amd64.buildinfo 5cb1ee2d0124e457b71a717b05aa4620 3265840 admin optional selinux-policy-default_2.20171228-1_all.deb 566d7dc8af1d59bfe7e72405bad7f92e 470388 admin optional selinux-policy-dev_2.20171228-1_all.deb 9fbe236ea19c6fbc7e3f4ac438179487 450924 doc optional selinux-policy-doc_2.20171228-1_all.deb 0f5c5eb45741ee45cb65910ab9aeb629 3316500 admin extra selinux-policy-mls_2.20171228-1_all.deb 9b8d36ae3713b31ac697609febd57b43 1264032 admin optional selinux-policy-src_2.20171228-1_all.deb -BEGIN PGP SIGNATURE- iQIzBAEBCAAdFiEEn31hncwG9XwCqmbH0UHNMPxLj3kFAlpElbkACgkQ0UHNMPxL j3mVhg//SlJ2bRaP1YgpDHb98oRvVjEDhmEz0h4lf+vTuW7WfuUDoE7uA0oXI+wp 5/8iSkYIpMj/RY7Us+jh92mo6VqLv7mYWHISMhK+uyGiQMQ4yAN/F/bvv71XCuVE 6680GMpCt+vKiHbO6oZphZ7nTnxsvmsMaU33cmy906qufveYekw8Kz8w4hE8Rc/v wTNb6fK9cl1eWNSpPsjwZCHACUeYCroJxHktQH1JIiU7DbM6NJgZjKwoiFzqbg+g rX0ueaCvBrG1iWmoc4rw3S1ST4kxu9ohxK8764CCQ29J9QqeurWEp41aaOJkldPM SaW1LJmyvjxNx7xH8BFZJ3qx/+HnbMwUI6HCFKNv+hLX3m104Sk2h7+XOUPkfXJo +6z3MnhvHi/zsixg4mCQJ6LNf8yPiICzlGKNTY068Z47bRwjL+YDRD8qhnVdn83X mHhXaavRBaP7KEoDQoAzGxt1wd25LyAGl2Gb4d6vD3EoAgx4k5x9BEuR5oaCrKPS HURfZiaBOwLmyVRcJ5ZcM61ntELOFs52YnztFS5081OJgV9jemDJ9YcV8N60Q8Py zLkbcvUIrKufm841XLU43WsT96mBsA5vPLn2oDjw6CyAM2yExZh52H+groq2SvnX UICp67u3MfbA0UE0bpanhBXMz8biikyvdk4zNixQ3RxtM6NWaPQ= =Szmk -END PGP SIGNATURE-
Re: recommends for apparmor in newest linux-image-4.13
One thing that would be good to have is a set of profiles for Puppet or something similar for installing a variety of common Debian configurations. This could be used for testing SE Linux as well as anything else one might want to test. If we had automated tests for the most common webapps, mail server configurations, and all the other most common server packages (maybe based on popcon) it would significantly reduce the scope of problems users experience. But as noted SE Linux in Debian is me and Laurent, more help would be appreciated. Also I've seen AppArmor and Systemd both prevent reasonable configurations that aren't uncommon from working. I don't think that it's possible to provide useful security benefits without the risk of stopping operations you desire. This principle has a much wider scope than software, you can see it in all manner of physical security systems. -- Sent from my Huawei Mate 9 with K-9 Mail.
Accepted etbemon 1.3.2-2 (source amd64) into unstable
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Format: 1.8 Date: Thu, 07 Dec 2017 01:57:42 +1100 Source: etbemon Binary: mon Architecture: source amd64 Version: 1.3.2-2 Distribution: unstable Urgency: medium Maintainer: Debian Mon Maintainers <pkg-monitoring-maintain...@lists.alioth.debian.org> Changed-By: Russell Coker <russ...@coker.com.au> Description: mon- monitor hosts/services/whatever and alert about problems Closes: 876088 878850 Changes: etbemon (1.3.2-2) unstable; urgency=medium . * Conflict with mon-contrib (<= 1.0+dfsg-3+nmu1), Closes: #876088 * Use dh_installsystemd to comply with latest debhelper, Closes: #878850 * Recommends libtimedate-perl for imap test * Added support for authentication to smtpswaks.monitorm, for relay tests. Checksums-Sha1: 137eed06997d949465a122668d1772697c5cca42 1932 etbemon_1.3.2-2.dsc c0a4769c2fd978e1f53bc6ec5b49a0ecbb5abef8 1632 etbemon_1.3.2-2.diff.gz 2dd0f70b62720cdba59ede2ff0a28c958bd29d85 5587 etbemon_1.3.2-2_amd64.buildinfo 452d1fc4bee204358ee2e376bb128145b7b082e6 13288 mon-dbgsym_1.3.2-2_amd64.deb e1ef7534744f5b7058d9ee1d560e667ccaac7ac2 283516 mon_1.3.2-2_amd64.deb Checksums-Sha256: 4a1adda7058c85677444664d2aff31ddcaf4e950ff6d0fc4f38c69b808a9d6c3 1932 etbemon_1.3.2-2.dsc ca4ef91a3a847e4a5bcfbcb7a80530553b03328e9795bd4a1f98d391bf722903 1632 etbemon_1.3.2-2.diff.gz ae6f1eb62e8123f13bf26c8e01e99f8f383d6513f6894650f885ad3a6f95b932 5587 etbemon_1.3.2-2_amd64.buildinfo 819eaa3578543d0a1154779fb1540fc610aeb12d84345d7bde975635e769dcfc 13288 mon-dbgsym_1.3.2-2_amd64.deb 09978060617b08a07a6f9bf869c61a0152f2912708b46a8bc9b994f3b403dd06 283516 mon_1.3.2-2_amd64.deb Files: 8bba35373aeee56de0dc4be754cedb25 1932 admin extra etbemon_1.3.2-2.dsc 2ebeab205bdc7b8f0d238a231d1066a8 1632 admin extra etbemon_1.3.2-2.diff.gz 87309d8c8f7cdb331ca5c45fe6c8f23f 5587 admin extra etbemon_1.3.2-2_amd64.buildinfo efdaf88bc9cffdddee1731029cf10be3 13288 debug optional mon-dbgsym_1.3.2-2_amd64.deb a1bf52f0de98cdacbf24378cceca5e8e 283516 admin extra mon_1.3.2-2_amd64.deb -BEGIN PGP SIGNATURE- iQIzBAEBCAAdFiEEn31hncwG9XwCqmbH0UHNMPxLj3kFAlorecoACgkQ0UHNMPxL j3m9ehAAr6TIX/2FYHPcqa2zUrcGkdDKDUiO9+Pw9g89aUmRl5kvN4DlA9otwhO6 BfywR4VCmQSAF5+U1QlMxqLA4rqjYRt+/4Tp5HHHaQ+R5Gz3VF9RnlBMvOjv78jJ ozhfQQoIZxcaKt05d1BRGCXTUmLBFkHnZ0Mh6uengfOAIDm70uXwqm/39GunDDjQ pZaNuGzg/hvRbcbtLNUFQUyWgCcHPWilq/wzQaZOoaWUNNVS4Vb05Bddd8PFJaho INgSyVnreQcCGAadSBJF25BakhLenxtikHUfvTvvXheMEcbQvMvK94s8sNLD9xMI nYzDnLMFWeuoN7luD7cmD6ATIk7uOIzHBTcZ9+fSar+MCMSkSSWjPFC3CDfuOiAI NrWt198Z5ilVcffkRS3VsJSGWV2EZerd0JBkkzfgIrq+YQjxKOAXIapc8Rk5wZRN wKciza3vkShV8OSv4Khy19CG34Uh2XW+VorasLvzgtgA84m6nWXElVB9c7N8zYV0 BYKil4V0c55e9/M8hks4f+VWXb+sAqewlYDXcNYgC0d1FLdQsaL4o3x5AteXVpHq XAgBe3M3VBfolNKja+5ynDLvb+3y5iSysRjj3mmLfBubjhCTT7lXEKu3FZEDdsP+ ZMjzX+5BS/bm+liXrOZxKDeLq7lPZzeFj/1h49gwsX+3Rucf3tk= =O7xh -END PGP SIGNATURE-
Accepted etbemon 1.3.2-1 (source amd64) into unstable
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Format: 1.8 Date: Sun, 17 Sep 2017 16:19:34 +1000 Source: etbemon Binary: mon Architecture: source amd64 Version: 1.3.2-1 Distribution: unstable Urgency: medium Maintainer: Debian Mon Maintainers <pkg-monitoring-maintain...@lists.alioth.debian.org> Changed-By: Russell Coker <russ...@coker.com.au> Description: mon- monitor hosts/services/whatever and alert about problems Changes: etbemon (1.3.2-1) unstable; urgency=medium . * Made http.monitor use strict and made it not give an error if the server doesn't close the connection after sending the data. * Made dns.monitor give a more detailed summary. * Made zfs.monitor give a summary of the error count when it's deemed to be OK. * Rename softraid2.monitor to softraid.monitor * Make freespace.monitor check for Inodes free if filesystem supports it and recommend libfilesys-df-perl which it now uses. * Remove all configuration options from /etc/default/mon for Debian and put them in the sample mon.cf file. * Moved sample configuration files out of the debian directory for the benefit of other distributions. * Added new systemd subdirectory for systemd config files * Added systemd service file and use debhelper compat level 11 to get automatic dh_systemd stuff * Rewrote sslcert.monitor in perl and made it give better messages and also status on no error. * Made loadavg.monitor not display D status heading if there are no D state processes, only display the first 120 characters of the process details, and not display processes using less than 5% CPU. * Made mailxmpp.alert use TLS for XMPP Checksums-Sha1: 3f90cd87733a8548702f17566c854d1ed48b99e2 1929 etbemon_1.3.2-1.dsc 363f5ee461686361679130e2c4a496035323ba64 333987 etbemon_1.3.2.orig.tar.gz 85b5cf0284b6f93c046865e4ebeb99204f1d7f80 375 etbemon_1.3.2-1.diff.gz c16b07a0b18adee6467d77d89c79a3dd7e08560b 5535 etbemon_1.3.2-1_amd64.buildinfo 09367765538efbdf6c949227025b4b4dfe22054a 13176 mon-dbgsym_1.3.2-1_amd64.deb e103c29e7492a9a17f57d809fe66b285038fe5a1 283636 mon_1.3.2-1_amd64.deb Checksums-Sha256: b296b60b24196aa843aa90a187f39a5177c0abadbc876b9a20500c2688d2f64b 1929 etbemon_1.3.2-1.dsc 679469fbad6f58a99d874c8002f715272b824d7a2eba2b21147be4113224bc6a 333987 etbemon_1.3.2.orig.tar.gz 268f8aaca532c38f8f6cb4fbdab6183e4ec22517c3a85072d0c5686e18ef3b01 375 etbemon_1.3.2-1.diff.gz 55aa09ed47383a20b47cd5ccfc13ff11dc746c409d4d3786e070787738f4a259 5535 etbemon_1.3.2-1_amd64.buildinfo 5c68a9808eae669e65a4c62b09e736720aeb7c137e2a8a75b3ef9eadd2d20bba 13176 mon-dbgsym_1.3.2-1_amd64.deb bd568899c7e877f4736a8e908f2d79bcc135e62b129783602d90ea071b8b033e 283636 mon_1.3.2-1_amd64.deb Files: d30e05c5cd59ee3d9082760ac998e454 1929 admin extra etbemon_1.3.2-1.dsc d559b2a4747a514019a8eafb00d79cba 333987 admin extra etbemon_1.3.2.orig.tar.gz f10e04a40718f2858c7e378c1b5b6189 375 admin extra etbemon_1.3.2-1.diff.gz bad0d5754b7275f10619baa247dd762e 5535 admin extra etbemon_1.3.2-1_amd64.buildinfo f2ffe0a82759322fdc3300f06893c87f 13176 debug optional mon-dbgsym_1.3.2-1_amd64.deb b09998fa91c091b6be879d6daf0ea4da 283636 admin extra mon_1.3.2-1_amd64.deb -BEGIN PGP SIGNATURE- iQIzBAEBCAAdFiEEn31hncwG9XwCqmbH0UHNMPxLj3kFAlm+FOsACgkQ0UHNMPxL j3kJFxAAyY2Sa3pWtsB+FdoSYQeQwxD8kbzAjgFAhi6SleaNk/qelTIe/Zryh64C s91oXjsnYtP4b5toiyMeS9KG9Rp9/CbhrMkOo+qe077cWYJEHfrvYiHWbYf9yGDs 89WQcn1bac2+RLEdDIdQMEPXZzsHFBHKgMF8tYZRCY8mSnI99Xut0e24B13jM6eB wHGKJnT3OI7X3sVkxjMMHBvnp0fTK99+jMLGLALBuCAgOylOz8KHkmf8xwSkt1vs zBmemENdNkE+ibpdHue+6f2LyiH1PYXYxTmY9KIRR6JLxKxzG5XqMueqwtE9bobY XfpWKARzam4CW3K9+tpXbJug6SK9x1DQb2tMkpZhjDqIcEnvlx1pvbYb/AyuaM2v pjeiuUvN7wGLn7siQ8uutQIVAnS1MhB7fYHa3DE51DXEdepV/FH062rrn4fK88As 8nYFF0pnbuUAdTEv8CxwIV/XCrlShVE2/zwOV/VcR2dACD2oYj+uwR3gpd4noJ4V AutpbrCF2DAMavUayVpFV6R8qds5noWR/v46kf22Y11IAgMK53u+hWSlFeaYtpwV 4SEQUsWo3+7KVTdTJFRdtMr+zQWjXFzELe6SzJ0hZUnBmGsg+V4gB3PVtBcXcYNa EySi10mYulEP9femQf8AlG1CUlalwzHBJtuXd//EgFSuk742XEw= =S+s8 -END PGP SIGNATURE-
Accepted refpolicy 2:2.20161023.1-10 (source all) into unstable
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Format: 1.8 Date: Wed, 13 Sep 2017 23:47:21 +1000 Source: refpolicy Binary: selinux-policy-default selinux-policy-mls selinux-policy-src selinux-policy-dev selinux-policy-doc Architecture: source all Version: 2:2.20161023.1-10 Distribution: unstable Urgency: medium Maintainer: Debian SELinux maintainers <selinux-de...@lists.alioth.debian.org> Changed-By: Russell Coker <russ...@coker.com.au> Description: selinux-policy-default - Strict and Targeted variants of the SELinux policy selinux-policy-dev - Headers from the SELinux reference policy for building modules selinux-policy-doc - Documentation for the SELinux reference policy selinux-policy-mls - MLS (Multi Level Security) variant of the SELinux policy selinux-policy-src - Source of the SELinux reference policy for customization Closes: 874201 875668 875669 875676 875681 875726 875727 Changes: refpolicy (2:2.20161023.1-10) unstable; urgency=medium . * Add patch for typebounds. This patch was rejected upstream, to quote Chris PeBenito: NAK. This has already been fixed with the upcoming nnp_transition nosuid_transition permissions in refpolicy. I'm afraid distros will have to carry policy patches until they can roll out kernels that support these permissions. https://marc.info/?l=selinux=150151037511601=2 Closes: #874201 * Allow systemd-tmpfiles to delete /var/lib/sudo files. Closes: #875668 * Allow brctl to create files in sysfs and correctly label /usr/lib/bridge-utils/.*\.sh Closes: #875669 * Give bootloader_t all the access it needs to create initramfs images in different situations and communicate with dpkg_t. Closes: #875676 * Allow dnsmasq_t to read it's config dir Closes: #875681 * Build-depend and depend on version 2.7 of tools and libraries. * Allow systemd_tmpfiles_t to manage lastlog_t Closes: #875726 * Allow udev_t to talk to init via dbus and get service status in strict configuration Closes: #875727 Checksums-Sha1: b74999476c8290bd13022a9b701bd36e2bbd933a 2481 refpolicy_2.20161023.1-10.dsc 919c4e8369dae9301cbc53fd17eb8ab1371a1bc8 116036 refpolicy_2.20161023.1-10.debian.tar.xz bef5d2e9d1c53c53c07f065fec4da8096b6d0dfb 7824 refpolicy_2.20161023.1-10_amd64.buildinfo e1474ff57d5c56d4afca57b6c41ec5655cd2f0bb 3038020 selinux-policy-default_2.20161023.1-10_all.deb 32609abc0514f0acc9f16cd173ca902bf1c61753 469400 selinux-policy-dev_2.20161023.1-10_all.deb 90afb9a479d55432c062b6fdd6b79ba7d05f50b9 450262 selinux-policy-doc_2.20161023.1-10_all.deb f10c9bc20587f6c51f37d5ddbb33af9fcbb8f2cf 3073796 selinux-policy-mls_2.20161023.1-10_all.deb 596d3a947a1d005bda8de00f0f461e945d068a1f 1255652 selinux-policy-src_2.20161023.1-10_all.deb Checksums-Sha256: c4a16344a37780651aef6252ccc80de43a30759ad1a4de155a38c1e36488 2481 refpolicy_2.20161023.1-10.dsc e78017997bf1418dad78cf70bd14c9f5b30b054b03b947e90517df4258c9ca39 116036 refpolicy_2.20161023.1-10.debian.tar.xz 92422ea25dbd679097a80397b4a5421436a53a194d636ecb86d5586315b8c193 7824 refpolicy_2.20161023.1-10_amd64.buildinfo 1308334ea3fe20eb6475a1cda8d8dce4d555dc55a1d37be7d9d3f8c2b06eb4c5 3038020 selinux-policy-default_2.20161023.1-10_all.deb 6a0007bf6912edfb7c5eedc3711e64104244c8f42abef33570336c1a5d2454b7 469400 selinux-policy-dev_2.20161023.1-10_all.deb f0342c35b46c5b3900d8deeeff7bf87dbe0eed060c4028142cf5ed48cedd3093 450262 selinux-policy-doc_2.20161023.1-10_all.deb bb8a342882c7f2764bf057f2376c0b3255483ff9783bb265be9d980077b4b3c6 3073796 selinux-policy-mls_2.20161023.1-10_all.deb 6cc353cfb2fc1522efe6fc5403d1023fc0f6b4d13f6fbd916c66fc61c9923c3b 1255652 selinux-policy-src_2.20161023.1-10_all.deb Files: b77fe09ea3904161654607a083caf298 2481 admin optional refpolicy_2.20161023.1-10.dsc f08ac3740dcb61d52a4cfda5710efac3 116036 admin optional refpolicy_2.20161023.1-10.debian.tar.xz df575c10d535bd48c2547b6e58fa6608 7824 admin optional refpolicy_2.20161023.1-10_amd64.buildinfo e406b7f7450a2e52bf7cc2648d734ce5 3038020 admin optional selinux-policy-default_2.20161023.1-10_all.deb daba76c67201be0da2df7790f7d2e535 469400 admin optional selinux-policy-dev_2.20161023.1-10_all.deb 721b1099d495250c9b0679b12e9b7927 450262 doc optional selinux-policy-doc_2.20161023.1-10_all.deb 0b395df9e9e4f70fad15be3797d4e4ff 3073796 admin extra selinux-policy-mls_2.20161023.1-10_all.deb 85fd2022eceb0388306517e78bf338ca 1255652 admin optional selinux-policy-src_2.20161023.1-10_all.deb -BEGIN PGP SIGNATURE- iQIzBAEBCAAdFiEEn31hncwG9XwCqmbH0UHNMPxLj3kFAlm7XfAACgkQ0UHNMPxL j3l/0g/+No7hu/luVi4JSyZ9gzY4+/vQj+EaGDqhGuI9KvmhN2/NqDDsf6sYiVnO kGifgtsNzAp97jfEhYwwo7uurY8a98JgtCqIhokZ0fPgRl3mnMGp9f7OPtQazlMr HvC9zK+mfmJhcR5YmwjEvpXZedR5mHBRJIqGQkrmjZ6tP/0fqczCdxgYmGVVzqAe 2TAetKPvbCI0unseZfVdwA7+VdphuWZaSsJoTYJLvWlSS6xROyvErcejXGkGyBA3 B7oRgaVG+d/UDlyWIE+Kk9cg1b17hilmBPbrWjoFiKKkY6BwbPnw
Accepted etbemon 1.3.0-1 (source amd64) into unstable, unstable
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Format: 1.8 Date: Tue, 25 Jul 2017 22:37:33 +1000 Source: etbemon Binary: mon Architecture: source amd64 Version: 1.3.0-1 Distribution: unstable Urgency: medium Maintainer: Debian Mon Maintainers <pkg-monitoring-maintain...@lists.alioth.debian.org> Changed-By: Russell Coker <russ...@coker.com.au> Description: mon- monitor hosts/services/whatever and alert about problems Changes: etbemon (1.3.0-1) unstable; urgency=medium . * Forked upstream and renamed it to etbemon Checksums-Sha1: 7b0496f0436f47b99769e5230eb10c2753423350 1964 etbemon_1.3.0-1.dsc 36f97dc411bfac4e0816b190199ae1e06bde6f5f 266588 etbemon_1.3.0.orig.tar.bz2 3255710f4c5f4d10594bb269f8038cc30a988acb 15452 etbemon_1.3.0-1.debian.tar.xz fe1fda1c9f09c571977e24d0b5c9a502e5595135 5533 etbemon_1.3.0-1_amd64.buildinfo ce95c8eb7ea3d4f078cbb12e78326e75a5e4cba7 13288 mon-dbgsym_1.3.0-1_amd64.deb 9e3310ba9e03b828c31e9fcb39fbaa6c57872348 281094 mon_1.3.0-1_amd64.deb Checksums-Sha256: 4279ff4fab91a22f38ff840d7ad6cf0101265b48756ae3cac5e1fa1f3126a16c 1964 etbemon_1.3.0-1.dsc 341cf3ee0d3d6439083373b97ca3dd1100ba8e3cfe8db7f2e6a4efb3d9051eb9 266588 etbemon_1.3.0.orig.tar.bz2 9fe3bf191638755994a8a99eb6c4155d94e7f23c568e76d2df9b581fcf3fefe5 15452 etbemon_1.3.0-1.debian.tar.xz 8f5ea59c22988e2744b94a3a6d19e286387f6dabb353659d79a5226bed606637 5533 etbemon_1.3.0-1_amd64.buildinfo 8f80a53458457456bc1711bafed121d76d39ce9bdda8d355a1343aa8e7e2d421 13288 mon-dbgsym_1.3.0-1_amd64.deb 0d223809b478d7d5e432f10bbabdd7282efeacae246e17bd3dc8d7b70f4bed0d 281094 mon_1.3.0-1_amd64.deb Files: c07bfdff0ea8e36ed1e0c168e71a9d34 1964 admin extra etbemon_1.3.0-1.dsc bdc289f7e7067b00ccc89249b03e4374 266588 admin extra etbemon_1.3.0.orig.tar.bz2 ff6f1c70efd88a46db229d5e1b25def6 15452 admin extra etbemon_1.3.0-1.debian.tar.xz 920985485723b980a063407a48bb1e89 5533 admin extra etbemon_1.3.0-1_amd64.buildinfo 5e9e2cd945373f34d558241eaae98e9f 13288 debug extra mon-dbgsym_1.3.0-1_amd64.deb c1a5b45f8bfb12883748e4ea269be278 281094 admin extra mon_1.3.0-1_amd64.deb -BEGIN PGP SIGNATURE- iQIzBAEBCAAdFiEEn31hncwG9XwCqmbH0UHNMPxLj3kFAll3P2oACgkQ0UHNMPxL j3lCSw//VkaU9sPb+qo5CS2A99vRz3OXkwoayFDId8mAbaAChQqnchBHTwpE7Ju9 3onGDBv3AnqWUXHZZFIqI0/Lfl76fwIe1k/wtpVENG8KFQ4EohCg9oPWLnETaUD2 HGPrH8lHgs00T3tYDaabHOSyUJzPltm6hk1Vvhof1MKlBVMivzujop7YvchIuLry Hf/9TiP2Mr6+4Y4vHF37NXtzmRvmdkjKt8GRA4q9zsVvFkaC7CL5bGF0JqFYbuJd GxNG1OU/nceaquYFDzork5DhPz0iay5dQeLmIjwUm7hGKOrSwE3NUc23nXXJSc8a y6NThuxYso86sOYe8y425O+nRSPk+c9s2FKH7a/mIPtWKzpI9nJub9wgxti9XOW7 +zL2Gc1baPGL1eRmhfkop9HCdy/2IIrS/8eRnZOu0PhnWLfgTWlx3BmrjnsdHHAW uWw5U3/pwxMmvmP/Fbmh8ShzE/1/CG1s+cCxo6z5zin/jMo5ySRYCtdZN77O4yvg oPXLlkmqZTk6X4ybKQl7/HBJo7Nj/KItNPd+NRH1M1wFN5VGTeoAgdjTu2Ij3wfU YW2TF0EhCbvZLIUPN27bgLJGC03LOxmgZB+Em0KvrFid2Xk1wzoT590XlQBRSgen R3rfdBJ5Wp4S9xrRU0K1taoQZFTPXk9GvKgPSsmbmzZWn3Oo8iA= =ie1n -END PGP SIGNATURE-
Accepted etbemon 1.3.1-1 (source amd64) into unstable, unstable
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Format: 1.8 Date: Thu, 10 Aug 2017 10:42:03 +1000 Source: etbemon Binary: mon Architecture: source amd64 Version: 1.3.1-1 Distribution: unstable Urgency: medium Maintainer: Debian Mon Maintainers <pkg-monitoring-maintain...@lists.alioth.debian.org> Changed-By: Russell Coker <russ...@coker.com.au> Description: mon- monitor hosts/services/whatever and alert about problems Closes: 870238 870239 Changes: etbemon (1.3.1-1) unstable; urgency=medium . * Fixed up the hack for freespace.monitor. * Stop using quilt as upstream will be identical to Debian in almost all cases. * Made remote.monitor correctly report an error on connect timeout Closes: #870239 Made the exclude option on remote.monitor work correctly * Made loadavg.monitor correctly sort by CPU time and ignore 0.0% and ps header Closes: #870238 * Removed the hack for freespace.monitor * Changed the summary-len in monshow to 80, as we already line wrap on a 80 column terminal might as well go big * Made the password option in msql-mysql.monitor read from a file if the first character is / Checksums-Sha1: 5e0283422896521bdf5ecd417cb39172fd365384 1926 etbemon_1.3.1-1.dsc 550e7ab54865d1c0607ef528e3f41a313d7a31a5 331409 etbemon_1.3.1.orig.tar.gz a0fddd5458378c1bf3c10dd2f5c060d1347741ed 20 etbemon_1.3.1-1.diff.gz 638b9733172fd878edb893df9e2c82ad7bc69757 5587 etbemon_1.3.1-1_amd64.buildinfo a8416ad6cc18d09c390127034f713cb1dfab2ca1 13186 mon-dbgsym_1.3.1-1_amd64.deb 46654b4281a4446b134ac05a54bd09ac40696244 281466 mon_1.3.1-1_amd64.deb Checksums-Sha256: a6c1627b57025e549e4308271ce4326e6d30288f8fdc86ff1da932ae7f024ac3 1926 etbemon_1.3.1-1.dsc 7eda24f6699adf8292dcd5c79cea7fe46aac46fe36fe0786d9491d76d8502a4e 331409 etbemon_1.3.1.orig.tar.gz f61f27bd17de546264aa58f40f3aafaac7021e0ef69c17f6b1b4cd7664a037ec 20 etbemon_1.3.1-1.diff.gz 7dcb704f9b2a26cd051acd6e80ea6baf6e05b49b0e7cfd85270b45d6b9297030 5587 etbemon_1.3.1-1_amd64.buildinfo 4b1299528356ba737b88065ace619e03d9ea0f07c88665ddd42909ac6710c7ce 13186 mon-dbgsym_1.3.1-1_amd64.deb 0264ac5cb235d544a453ec61f9d6b42dfc0faebce8bed6c14e18c5ffcde38559 281466 mon_1.3.1-1_amd64.deb Files: 5ac2ba13343117320157204a6a28ba1c 1926 admin extra etbemon_1.3.1-1.dsc 840962ed8b9693d95f04e33b673b8409 331409 admin extra etbemon_1.3.1.orig.tar.gz 4a4dd3598707603b3f76a2378a4504aa 20 admin extra etbemon_1.3.1-1.diff.gz 2dfba5ba913f7993184bf8ed4d32cce6 5587 admin extra etbemon_1.3.1-1_amd64.buildinfo 22a4070f8813c24c7d3539dc6ce9ad52 13186 debug extra mon-dbgsym_1.3.1-1_amd64.deb ba9752d9fe93fac20bc33756ee1f8189 281466 admin extra mon_1.3.1-1_amd64.deb -BEGIN PGP SIGNATURE- iQIzBAEBCAAdFiEEn31hncwG9XwCqmbH0UHNMPxLj3kFAlmLs44ACgkQ0UHNMPxL j3nppQ/6AnjcKdymWhrvBuwwti90U0dRcYPlZo820C2k9LwWQ/dFnrvqquNSj87J uYd1QZAXvcbaEzzWbnfVQ1TeCKzP6Dq3d5WvFIlYhv/FdjJcaXEaPNVL5a1mdr6V XO5z2M1/4DnX1T5550ECzeuGtxtobHo5LjImzszT2zM6F6/aNzgR6Gbfmv9yXXCQ AoCqCVkWpLMTr+2x38fYMjagfPk0GLuL+CY4HoJkt6aakeQ/+JWiNteXQmwqPxd5 lDOxHOmb3IbdKi/MGarOTyDUOfdHE5Sw5iu2MYlvfpzqFwxKyvgTBB8N7aIBgnNr 2GbFH9N2DCqV+2gpwSM/unbjX0XrOwL0/2pcFovodaKzvghau9+fXkGw0fYqDW9Y 0TpMXieutxqHqXowBSBowtAefZX2k18M6VU6pWoepKwSl4rvWcqGySj/M1XZnvnT A9wLQwS/bZ8il9VeO0r83GGydXh73ANXseplxicy2VJYqPPEqF4Lohi0v+4TjxuQ XFF5TOWeY7r9Iz6NS8K9si6SVod6lRc3ngfWs2nc9IgMsn4XjUAZkSwaeGYOoBOK hfduXA05NV+dSJ19CvFt9nK4tgKkqxPSBJsVl17D5v4eU3CHOAJfSZgLTlr7XFnW F60GVlm4KkvR6QPXcdN787T0JkLagUiJ/kpC3JfgvFbCOSGty0Y= =ZH0W -END PGP SIGNATURE-
Accepted mon-contrib 1.0+dfsg-4 (source amd64) into unstable
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Format: 1.8 Date: Sun, 27 Aug 2017 14:57:17 +1000 Source: mon-contrib Binary: mon-contrib Architecture: source amd64 Version: 1.0+dfsg-4 Distribution: unstable Urgency: medium Maintainer: Dario Minnucci <mid...@debian.org> Changed-By: Russell Coker <russ...@coker.com.au> Description: mon-contrib - contributed tools, monitors and alert for mon Changes: mon-contrib (1.0+dfsg-4) unstable; urgency=medium . * Remove softraid.monitor because we have a better one in etbemon 1.3.2. Checksums-Sha1: 2e7c0e4d39f9e099088ba924512b7ee5116527c3 1929 mon-contrib_1.0+dfsg-4.dsc 7c9fb7bd4a87c40934cf9efd17b3e89f07995c66 17120 mon-contrib_1.0+dfsg-4.debian.tar.xz 01735e3b761bdf53f886e6acd35e3957476c0141 5237 mon-contrib_1.0+dfsg-4_amd64.buildinfo a7cc39ab56631b20287b7b482a8751210709cbbf 74612 mon-contrib_1.0+dfsg-4_amd64.deb Checksums-Sha256: a98e7a4b256bbd825a52240971c859f08fceea8ba012fd1fba98f5c167bc4881 1929 mon-contrib_1.0+dfsg-4.dsc d92a8791ed1fa1a733572a551aae8574b0376226853f4a3cb62c783085d0584a 17120 mon-contrib_1.0+dfsg-4.debian.tar.xz fe2afae86c4a2e0ae711dcad6dff2d0624bfa75c2f84ce48466f337e2cc72979 5237 mon-contrib_1.0+dfsg-4_amd64.buildinfo 1068d42804f10796995c657d9effefbc78c67336c0f5bfc31cb81a51eca863ce 74612 mon-contrib_1.0+dfsg-4_amd64.deb Files: df1db227520f6e2db25baec9e2f0a3eb 1929 admin extra mon-contrib_1.0+dfsg-4.dsc 0f3dacc79e1554dd04aefd57c66c4b11 17120 admin extra mon-contrib_1.0+dfsg-4.debian.tar.xz 7dd0d02dd5f24cb6089fab8b619f131d 5237 admin extra mon-contrib_1.0+dfsg-4_amd64.buildinfo 6461c9921f16d8b4592a3cd54760ca3c 74612 admin extra mon-contrib_1.0+dfsg-4_amd64.deb -BEGIN PGP SIGNATURE- iQIzBAEBCAAdFiEEn31hncwG9XwCqmbH0UHNMPxLj3kFAlmiVE0ACgkQ0UHNMPxL j3lWuQ/+IudiQchz8UDuaubivhqveKrsvZK1mS8rfsWXqGKBRh7V+ednBBxucw8x RtCe/46Zbfa9IV5M33SKSH3E332zbH98eanS4ZRJTLDnSCugxVvxEWJGwaNmDbV5 acDIokw8Q7+L1bVuzv537ZgfbmrIHuE7VJ4VV0ki+dTo7Q3hm6K79vCasotHYWP9 BSRuGf97htYxZc5wOExD2aYfhXxdrBZP098ObVJVIVQmD0v+Os5MeoRncsLbS7wu ai3XSLtnedOjtRVHeqNMdyD33YMszAwmolTgJWKRA6jYHEENlNxHXQMQNoAMMaGB S6XuqwaW/x7Gq42m0UEQBxu4zJr/9DnL0LBgZPAHLGjKHQvoLVF9Aw+StHS9rwav qmhxVHCk//7vax/LqiOXqcFxAail8NtsQ7/Q4023m+wN7NY6S6ltxdQ0KbGf0oG4 8nVLESvlRRwZ0aNtSzzFZnyn3PcyGZ8IsZQ+AeJKUmn/PfXh5mZ62ZYUnwOAg5Vg xEqWr9avf/aENBj9jo4M+aTpcaPGTv69dK9KLUc5+cLUkw8CoVH5USagUSowIBZM DP3+iCMD5gYLw4ohZfpMZ/6pSId47masUWbOOJXvR0P1PGdEpuNlngQlxhwhzUEe FK0xZ5PMmnLM/oIKN8WszkSdNq0jkKt6nnAWoOBFsU4eftMf90Q= =2Jv+ -END PGP SIGNATURE-
Accepted mon 1.2.0-12 (source amd64) into unstable
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Format: 1.8 Date: Wed, 12 Jul 2017 23:15:01 +1000 Source: mon Binary: mon Architecture: source amd64 Version: 1.2.0-12 Distribution: unstable Urgency: medium Maintainer: Debian Mon Maintainers <pkg-monitoring-maintain...@lists.alioth.debian.org> Changed-By: Russell Coker <russ...@coker.com.au> Description: mon- monitor hosts/services/whatever and alert about problems Changes: mon (1.2.0-12) unstable; urgency=medium . * Made btrfs and zfs checks accept low and high numbers for error counts. * Add softraid2.monitor which doesn't use diff, has no problems with drive ordering, and allows specifying which arrays must exist. Checksums-Sha1: f0cecf0a4325abfd9aff9761a21417ca74083f76 1937 mon_1.2.0-12.dsc 5d77cc999a07a833f2498add6f63812fd6cabbce 28416 mon_1.2.0-12.debian.tar.xz d87cfe17c440faa22efc7c8553ceddfd00627b5e 13260 mon-dbgsym_1.2.0-12_amd64.deb b15f399ed01342d9f815e13e27dc82320692a89a 5546 mon_1.2.0-12_amd64.buildinfo d79e117f12a5d8e3f01f8c2bb0b5bfb6e91f 281024 mon_1.2.0-12_amd64.deb Checksums-Sha256: 2e8c2b48236f9a0267510b21df55820f0ccf20769d71657028e3d1308c6d72f0 1937 mon_1.2.0-12.dsc f6f576668e056c621c9be0d1bed39120cf27d3b50758c8220a997c8a7e0d6b59 28416 mon_1.2.0-12.debian.tar.xz 3739a9d1e883970933db3cdc836e348b35caf8d547d0af72d7064d3628a73483 13260 mon-dbgsym_1.2.0-12_amd64.deb 1ea9ac8ac333423e0bd7e57b1513e1bdb299b5d60eb441cecdac332e395f1b04 5546 mon_1.2.0-12_amd64.buildinfo a1c654246d8a3ee74611ab9dc9214d1985ad5db264aa5b05e3113f39e806f07e 281024 mon_1.2.0-12_amd64.deb Files: ba55f3d8ec9fe19c13116dd6191d93c5 1937 admin extra mon_1.2.0-12.dsc 5f5a747014317459b4c3c60e9a264fd0 28416 admin extra mon_1.2.0-12.debian.tar.xz 7dbe9dcfef91bfe5409126a38782875b 13260 debug extra mon-dbgsym_1.2.0-12_amd64.deb cb5dc9f63d67eee31a92c8d2de64d25f 5546 admin extra mon_1.2.0-12_amd64.buildinfo 5b5ef59a6a932440535ef14ef5b9495c 281024 admin extra mon_1.2.0-12_amd64.deb -BEGIN PGP SIGNATURE- iQIzBAEBCAAdFiEEn31hncwG9XwCqmbH0UHNMPxLj3kFAllmIRQACgkQ0UHNMPxL j3ldBQ//YmkfJcGZOa+HcIy+WuG+4COrTiAQW36RWhGpumXb0yqvDVx7qECRSSr3 23eqs69uTvsnlwQeliNwsTr0LqMdcF05ty2nnpQOJj7AsG/uAmKZ/uvcia0VJq3h Aw5xB2VSnNH3D4vXuX09KXV3a1X/F4E0toxP8svmWpA/QOjHQ9McxcLz4+nfY/o2 lafT4C4yKNLomuxnazHup34NpHmXyZmCkAuDOiKKZYtTl4mTPeqrOskz/EB0h7EE 3sjG/Q52rpO/pIxosMHJdP3Nab0zTcCuKvVJbd3rYwdWLaAnS9ugQJpRxwGLOA7A FbPoXy5qPMWJ+oEZ8co45MBk/zKcfWkOTfDEs2udVtv3u6NzE1BjOuNr4Xk8SB5n Woxcz/kDhtiCabzg9ov4s2pGmaa9nRLE20fztcs1acqFUJwBsaSgytB28ZxIAVqD 5PXyBmO1jzjpPpf6p+HQRqLg2rQjEIX5YJQKF0PQXcm7fLDIqagYVVOlRR/Fy3FA +8QXmm5z1abKk2V1FztQBNjJDViRaFi3bzSUih13pmuTkl9ueH2vorCXn+DMzfPb LDzFflJ1bFcJd/ws1mAjpzIP7a2lhOEr5XzzFPEqRRoh2uUyTtTHjfGkWOHICDhY p0vZwx9/2DSn0BG3r0YRiLPC/yK2L2cewOmunE1ffhNrSDzqFM0= =ZD/Z -END PGP SIGNATURE-
Accepted mon 1.2.0-11 (source amd64) into unstable
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Format: 1.8 Date: Sun, 18 Jun 2017 18:52:20 +1000 Source: mon Binary: mon Architecture: source amd64 Version: 1.2.0-11 Distribution: unstable Urgency: medium Maintainer: Debian Mon Maintainers <pkg-monitoring-maintain...@lists.alioth.debian.org> Changed-By: Russell Coker <russ...@coker.com.au> Description: mon- monitor hosts/services/whatever and alert about problems Changes: mon (1.2.0-11) unstable; urgency=medium . * Make zfs.monitor and btrfs.monitor alert when you forget to fix the okcount after fixing an error. * Made loadavg.monitor correctly sort the CPU time and send a sort error to /dev/null * Tweaked the output of imapnew.monitor * Made the remote.monitor have better debugging and put it in a separate patch, also added --exclude option * Use /run instead of /var/run * Recommend swaks for smtpswaks.monitor * Recommend libcgi-pm-perl for monshow * Recommend bc for sslcert.monitor * Recommend libproc-processtable-perl for ps.monitor Checksums-Sha1: 1d0ee71c0fe2067e87f6bc1b5ed444826e143c92 1937 mon_1.2.0-11.dsc 17356b3cd0abeaa3a57d99bb89348fdde513f6a0 27776 mon_1.2.0-11.debian.tar.xz 394a3a008a157d5cafe2768a582be93c7f027ea0 13276 mon-dbgsym_1.2.0-11_amd64.deb e9ea3910b60a88d4f9fe8f99a172f6e3bc91b747 5673 mon_1.2.0-11_amd64.buildinfo de568d427c3c84141c7be4c0e249c710c9c4930b 280254 mon_1.2.0-11_amd64.deb Checksums-Sha256: 228b508dc7c227a862b02fe1abf063e8dc683697a97fc7c1855082cf68349252 1937 mon_1.2.0-11.dsc 7ed2e38ba8408e25e810069fbf0cdedaca32264561c7f74c8c013f2bcbf58aef 27776 mon_1.2.0-11.debian.tar.xz 2c8dc73339795a7234c4e4c7a04c92629a767e81026a88f9a04260f82597ed88 13276 mon-dbgsym_1.2.0-11_amd64.deb a8fe0dc30d13e2022570da27e597c4b81a65ff5cf13b118b48350859f1cf3e14 5673 mon_1.2.0-11_amd64.buildinfo c44f5d8cb4edbea707a930fc69693671afaa013837b127e00903782040f1e7e7 280254 mon_1.2.0-11_amd64.deb Files: d62ab57f994ec141a1388c399b34cdd6 1937 admin extra mon_1.2.0-11.dsc 2033d6992ea3ceafffef0d117c7ea0ff 27776 admin extra mon_1.2.0-11.debian.tar.xz de06ec532f00e7f197f2a3f1ac57f034 13276 debug extra mon-dbgsym_1.2.0-11_amd64.deb f205d68e49b722c1fe6a1258ecc79549 5673 admin extra mon_1.2.0-11_amd64.buildinfo 37789d18b4a2693abdbcf75383ccff59 280254 admin extra mon_1.2.0-11_amd64.deb -BEGIN PGP SIGNATURE- iQIzBAEBCAAdFiEEn31hncwG9XwCqmbH0UHNMPxLj3kFAllGQBcACgkQ0UHNMPxL j3mnlQ//QfOvlsy0Z2FeknZcyEdkmldsuDm6VIBlbnH+oLasLCQl/X9ydvrycoOv MK3Pur4HFWxLCjWMFgmzlVSsQTi6Rkg9z/FhwZt6CkP/iqSs/969/FYo6emPYlkv WKSahoEN1y9TWqkAxfw+2KitdQLaSe6as0AoCGK+E75TXiSRoLVWODmERBLhvhLA HiEJ00B8+4Gm7TYmp1bXZLXZ/GqFFg1stuziMdDe3feZ5MYdFRNOipR6rJkDVbKH JdlOwjhb4VtIYKo2skUkhGmWz10q7gR0WQVsKShFNFRz95+MaTVlxMhWeZFPfqgk yBZz+Xvp/LtQ9uIGVKvscWtqxYV/CWJ3BPH5FsFKN0lsz83BdbvYMamCqlN0lD0E G6DLIenoLGaLTu0UTP7+fPn1Foyhe144axl3OsYQRK6XA0wfXPyiigKzlhoV+pQ5 gmQBJeYpdPUomsYC7Uzwp4L0bYMPXj66klnjCw0Ip0JFHj53Uc3sF7GF1s2RwHxQ 8R5T/21ve7c7VSISI9+qJmkw3jRFvYYFuzzRGYk5O/25W2mWFcG/Mj9gHJuFW7jf Q1BPT/5NnAZCC5dNQVA5EXO3htyR/MWuWdoRbSOzHqtGjnrqymnUCC/v9PTKjhjv 8XozhRLfLxIOJDUt7sr9pJ8AKOU3bd4y2KpleKkgrAJv9ku7jOA= =9Q6n -END PGP SIGNATURE-
Accepted mon 1.2.0-10 (source amd64) into unstable
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Format: 1.8 Date: Tue, 23 May 2017 18:46:51 +1000 Source: mon Binary: mon Architecture: source amd64 Version: 1.2.0-10 Distribution: unstable Urgency: medium Maintainer: Debian Mon Maintainers <pkg-monitoring-maintain...@lists.alioth.debian.org> Changed-By: Russell Coker <russ...@coker.com.au> Description: mon- monitor hosts/services/whatever and alert about problems Changes: mon (1.2.0-10) unstable; urgency=medium . * Change to team maintainership. * Make loadavg.monitor report on D state processes and processes using the most CPU. * Added imapnew.monitor to check for new messages via IMAP and recommends libmail-imapclient-perl for it. Checksums-Sha1: e94dc9c67b576cdfc37dc3826ce613ae5962cb0b 1937 mon_1.2.0-10.dsc fe762898c379e807b3dabf5a727c83b9d4e942a8 26960 mon_1.2.0-10.debian.tar.xz 1eaf2e0da5c8a4575842b152763a17af510e6237 13272 mon-dbgsym_1.2.0-10_amd64.deb 89bebc7aa06e2658cdb8b7de87ba4e41bf32e91b 5673 mon_1.2.0-10_amd64.buildinfo 758a2b70540f347fb5c5811f05763cf165a313cc 279842 mon_1.2.0-10_amd64.deb Checksums-Sha256: c4e68e4acf1b976f44ae9dffc21d91f83940bb9396c643db95c435d2be00807a 1937 mon_1.2.0-10.dsc 06dd34745d20e7f6e7109265c1e4d9dadfec5af294c458bbf97eacaf90fbd2c5 26960 mon_1.2.0-10.debian.tar.xz 4d51139389032182ad9ac393bbc1339fbb873266a023486e4eeca31c14b53594 13272 mon-dbgsym_1.2.0-10_amd64.deb de7320492d46b96bed62847fb4d2b175699699fc4acd0e698cbf5852ba67de8c 5673 mon_1.2.0-10_amd64.buildinfo 348164d389bc2aab61a5ed99eeadfa815d8c80c973b47f94b3f24b2754925a56 279842 mon_1.2.0-10_amd64.deb Files: 9f473ea899c5c1cc4bb6b37f42988963 1937 admin extra mon_1.2.0-10.dsc 0caf7fa5b82f76b392b7967b97b9a58b 26960 admin extra mon_1.2.0-10.debian.tar.xz fbdea9a4974b05327c173bdc0e5853da 13272 debug extra mon-dbgsym_1.2.0-10_amd64.deb 8df3aaed46d5e3f6948a241cbd45cbcf 5673 admin extra mon_1.2.0-10_amd64.buildinfo 18c7106a02f2a401422f9ba077931abc 279842 admin extra mon_1.2.0-10_amd64.deb -BEGIN PGP SIGNATURE- iQIzBAEBCAAdFiEEn31hncwG9XwCqmbH0UHNMPxLj3kFAlkkEVEACgkQ0UHNMPxL j3lHcQ/7BDFkzp9RaBV9hC0qYI1qEzsnQ8QzcOed+FqY1aFEel8iqieZV60PNpxb dWFUwhdf0FwEAtdcn/xEbI2SAnLzDqlWGwl85BDCShB5rMiZ5CqzmPm61RKLx2AC JEHtb9hecD4f4BKLrYrUrmXftwX2i7Q8nUCZwsIYnlQc6vpEtommlk1zX4KyDVjp 8q86ybMaxXb8ioLqSZoPEqEzZ48XyW+rY1mj1J1Yd+Jv5lO3ANxhnFP2+LgFro91 QjktnqU39mNUQPvJyMM92OCmtiSIt3JKaoJATmFw/DbZLZz7Mwl258IVwlmIyo7a 6XYWWsWyGhX/JeQ7uvP+jEp0F0Id9zi226XdaK1BgyUIH8KHhHj0JYoS2+Ie2048 bkcIYQyuaBCmlOsl270+ezTFqkeu8akDqv0MU5781dXg2HOgoYG6pdIB3k4dlrGH ZLAiXz51U3/N7FMBC4Kwvaq4uoVydaPg+n2g6GaiaPDWGMJ2vnaGkNZXtV1wA7tO c6emH9e6GbQ7c96GzAtwXG4JJT4hkMShCSeCvC0pU4F/RsRYl4NmNhTYmnfXh9N1 K6hTyrpBz9o7SRpevmeX4jEVAvTylKa+aVhcUsEdlaKMqfxl5bes/MHumGA886Uh 3lJ7DcwX96y4tum2lQBLe8/75MuMRkdyr5xbRTNTF9kEdHyYE1k= =5TGp -END PGP SIGNATURE-
Accepted refpolicy 2:2.20161023.1-9 (source all) into unstable
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Format: 1.8 Date: Thu, 26 Jan 2017 00:52:00 +1100 Source: refpolicy Binary: selinux-policy-default selinux-policy-mls selinux-policy-src selinux-policy-dev selinux-policy-doc Architecture: source all Version: 2:2.20161023.1-9 Distribution: unstable Urgency: medium Maintainer: Debian SELinux maintainers <selinux-de...@lists.alioth.debian.org> Changed-By: Russell Coker <russ...@coker.com.au> Description: selinux-policy-default - Strict and Targeted variants of the SELinux policy selinux-policy-dev - Headers from the SELinux reference policy for building modules selinux-policy-doc - Documentation for the SELinux reference policy selinux-policy-mls - MLS (Multi Level Security) variant of the SELinux policy selinux-policy-src - Source of the SELinux reference policy for customization Changes: refpolicy (2:2.20161023.1-9) unstable; urgency=medium . * Dontaudit dkim_milter_t binding to labeled udp ports * Allow passwd_t to inherit fd from unconfined_t for package scripts * Allow httpd_sys_script_t to talk to itself via unix datagrams and send syslog messages * Allow logwatch_mail_t to rw system_cronjob_t pipes Allow logwatch_t to run mdadm * Label /etc/postfixadmin as httpd_config_t * Allow system_cronjob_t to create directories under /tmp * Allow spamass_milter_t to read the overcommit sysctl * Allow unconfined domains the capability2:wake_alarm. * Added ~/DovecotMail to the list of mail_home_rw_t directories * Allow systemd_logind_t to get dpkg_script_t process state and talk to it via dbus * For https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=851933 allow udev_t to read default_t. Still need that udev bug fixed! Checksums-Sha1: c1519976e8c2f161f3603aba545ebf848861eb97 2477 refpolicy_2.20161023.1-9.dsc 7cbabeceee55b21b59e701099145842ee01f8027 112772 refpolicy_2.20161023.1-9.debian.tar.xz a3fa5e2245289d693e00b0851043557835f07db4 6828 refpolicy_2.20161023.1-9_amd64.buildinfo de58e949d4e675e4b7a4f2dd6a3a2dd58b439eb2 3025968 selinux-policy-default_2.20161023.1-9_all.deb 3d42c6c9f0fa194bb53dd5965dbded6b6e62986e 468762 selinux-policy-dev_2.20161023.1-9_all.deb 7a1bf4c8cd83a308186b007b69640cc0d1f177d6 449408 selinux-policy-doc_2.20161023.1-9_all.deb 8f9626bb95604f91ac4c240362118d98adf0f4b1 3068022 selinux-policy-mls_2.20161023.1-9_all.deb 0324bd29fc8f11424e2fe6471d4532883f2da49b 1252860 selinux-policy-src_2.20161023.1-9_all.deb Checksums-Sha256: 2fddb76595e2a458575d4266e4e8cb537c71cec157b57af3e593d05dcff4d8be 2477 refpolicy_2.20161023.1-9.dsc 8b538de2f54da8bf0012e05ae29d3877cf8848b475d676f10f7484d9d55712bf 112772 refpolicy_2.20161023.1-9.debian.tar.xz 05e940b38c99cca34ef71924a07e9bdae987637e9976b63e50eff3a0e8e1c6fe 6828 refpolicy_2.20161023.1-9_amd64.buildinfo 2b9b2dbe2437586af2d2f0d0309c67ec80cf82d0ca6a750f2ede7ebdad349fe2 3025968 selinux-policy-default_2.20161023.1-9_all.deb a61d42ff82a97b4d56892053c6442d3e57989f48392c18bbce7d867e0db45115 468762 selinux-policy-dev_2.20161023.1-9_all.deb 5886a4717503bbebb70353e7141fb3ce409aaac50bebe2a2304a1e6fe7879b66 449408 selinux-policy-doc_2.20161023.1-9_all.deb 4668d92de1f0cf1cdadc5c7024eb6b9cda5020e62ead1124de860c540f0c16b7 3068022 selinux-policy-mls_2.20161023.1-9_all.deb ca7c5a0ce165eee2b0a55069136feff0340e22147918cf16d88fe9675882c59f 1252860 selinux-policy-src_2.20161023.1-9_all.deb Files: 0b066c2b6aa126d64a387fc808ae117d 2477 admin optional refpolicy_2.20161023.1-9.dsc 30785b1d6e26ebf0a1cbf52913085698 112772 admin optional refpolicy_2.20161023.1-9.debian.tar.xz 2a6f480f2176506e5a4215bd634545cb 6828 admin optional refpolicy_2.20161023.1-9_amd64.buildinfo da0e83dd276abed0972524f21bfd38e9 3025968 admin optional selinux-policy-default_2.20161023.1-9_all.deb bdac563c7e4f80f297712a4b44543b8c 468762 admin optional selinux-policy-dev_2.20161023.1-9_all.deb da62142b80c7cbe5b7803ff255fda7d0 449408 doc optional selinux-policy-doc_2.20161023.1-9_all.deb 6a7bf60de5e8d04366bbbfc53d1752cf 3068022 admin extra selinux-policy-mls_2.20161023.1-9_all.deb 1fa476ed471645bca1c650d4c24f00c3 1252860 admin optional selinux-policy-src_2.20161023.1-9_all.deb -BEGIN PGP SIGNATURE- iQIzBAEBCAAdFiEEn31hncwG9XwCqmbH0UHNMPxLj3kFAliIrigACgkQ0UHNMPxL j3kX5hAA2PBolCuPS1cIkAQZ/qdrOlY6GHAoe5cQ+RrcKIwz5dvxOWB4sL9YXww5 ii5w6UZtIYER0q/SfQWRdJe/GQOjbmD/q+XZDeEFkCPq0/gowEAOuzRmx//MxQ2L Eo+dmwU/pzy6gzK4fCF3I1qdintjCoMdfp7NIa+BIpuBKC7M3nobCy2xZBsDwPmc WtRzOXfMAairUm2SzLcPQntWJ3C3Q5+d1XSEFqmDSx5PDEo+1j02v1WjbqSMWgjv Q+XST5nGNbfrAOEPyLpP2VD18Xh6jRO+LEFc8BWhJgyk2xoH+dUrY3o6zDGSR6Nf Bv+K4V6IZjPorPdmFuB+8MwrYGVaMaBAEYCr42aenRazIcE9tfcMrKiDFh5W1EAE s4YKScV8TmqIjxBrLZrUiX45gDLUx4srtxvdIGiwsLlpjtVnsMw8waT+sLv64Qtq 4CRiyyUrSo0zPDnpk/2rPczw0ad/iDl8f0ge4OdMjc0sHKTaTeM4t08OKYdBvEZC x71eOFR1XsFMWdvdLfkWdtjwHAwld6zmpaauauSwsguG4khl48OxZ3T4C8ieQfWE mNpa4h4JkG219ImrhFqsZ3XVNyQDZi0VUJLKVj7Yn4w938iTNXnJ7je6IHYW5vkp e3Qe/QNL8qy23VTrQOAlTWltmtluzQVeubtZXy5
Accepted refpolicy 2:2.20161023.1-8 (source all) into unstable
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Format: 1.8 Date: Mon, 23 Jan 2017 01:55:57 +1100 Source: refpolicy Binary: selinux-policy-default selinux-policy-mls selinux-policy-src selinux-policy-dev selinux-policy-doc Architecture: source all Version: 2:2.20161023.1-8 Distribution: unstable Urgency: medium Maintainer: Debian SELinux maintainers <selinux-de...@lists.alioth.debian.org> Changed-By: Russell Coker <russ...@coker.com.au> Description: selinux-policy-default - Strict and Targeted variants of the SELinux policy selinux-policy-dev - Headers from the SELinux reference policy for building modules selinux-policy-doc - Documentation for the SELinux reference policy selinux-policy-mls - MLS (Multi Level Security) variant of the SELinux policy selinux-policy-src - Source of the SELinux reference policy for customization Changes: refpolicy (2:2.20161023.1-8) unstable; urgency=medium . * Fixed mistake in previous changelog (attributed a -7 change to -6) * Label /usr/sbin/apache2ctl as well. Allow apache to read overcommit sysctl * Allow clamd_t to read the overcommit sysctl * Allow postfix_postdrop_t to write to postfix_public_t socket, allow postfix_master_t to bind to udp generic nodes * Allow dovecot_auth_t to write to dovecot_var_run_t fifos and read selinux config (needed for pop/imap login) * Allow mon local tests to search /var/spool/postfix and autofs mountpoints, and to read nfs content. Allow mon net tests to read certs. dontaudit when mon local tests try to stat tmpfs files. Allow mon local tests to access /dev/xconsole and search mnt_t and boot_t * Allow mount_t to getattr nfs filesystems and manage mount_var_run_t dirs and files * Allow setfiles_t to getattr nfs filesystems. * Allow postgrey_t to exec bin_t files, to read netlink_route_sockets, and to access udp sockets * Allow login programs to share fds with systemd_passwd_agent_t * Allow postfix_master_t to stat the spamass_milter_data_t dir * Allow dpkg_script_t to tell init_t to stop services * Allow initrc_t to tell init_t to halt and get system status - allows poweroff!!! * Make port 8953 be rndc type for unbound. * Lots of policy for systemd_nspawn_t * More policy for systemd_coredump_t to do what it wants * Allow dkim_milter_t to read vm overcommit sysctl * Allow mandb_t to search init pid dirs for systemd * Allow initrc_t to reload systemdunit types * Make init_manage_all_units() include file:getattr access * Allow logrotate to init_manage_all_units for restarting daemons, to stat tmpfs filesystems, to get init system status, and capability net_admin that systemctl wants * Allow network manager to inherit logind pids * Allow devicekit_power_t to search init pid dirs * Allow named to read vm sysctls * Allow mysqld_safe_t to read dpkg db, it inherits cwd from dpkg_script_t alow is to read sysfs and kill mysqld_t Make mysql_signal interface include signull permission and grant that to logrotate * Allow rpcd_t to write /proc/fs/lockd/nlm_end_grace * Make apache use the new interfaces for nfs access and to read httpd_var_lib_t symlinks. Allow httpd_sys_script_t to search init pid dirs * Allow auth to send sigchild to xdm * Allow chkpwd_t to getattr the selinuxfs * Allow system_cronjob_t net_admin capability, manage acct data, and manage initrc services * Allow crontab domains fsetid capability. Use a separate $2_crontab_t domain for each role's crontab program. Give ntp_admin access to system_cronjob_t and allow it to manage var_log_t and cron log files * Label /var/lib/sddm as xdm_var_lib_t * Don't label acct cron job scripts as acct_exec_t * Allow systemd-tmpfiles to create /dev/xconsole * Create new type for /var/run/iodine * Allow logrotate to restart services * Made init_script_service_restart() include reload access * Dontaudit systemd_logind_t statting files under /dev/shm Allow it to setattr unallocated terminals and unlink user_runtime_t files * Added boolean allow_smbd_read_shadow for the obvious purpose Allow smbd_t to read cupsd_var_run_t socket as well as write to it * Allow NetworkManager_t to send dbus messages to unconfined_t * Grant access to dri and input_dev devices to system_dbusd_t, gdm3 makes it want this Checksums-Sha1: b90a71098a277bbe86f0fc0827d0c5161b2a9bc9 2477 refpolicy_2.20161023.1-8.dsc 9b11ccbf91f088e703a129d0ab93643c8fb609df 112188 refpolicy_2.20161023.1-8.debian.tar.xz 15cf87c10df5c553b985c9cc275ce0062cc89856 6805 refpolicy_2.20161023.1-8_amd64.buildinfo 49ba5884cab935fd65bb3fdd28f710875d24908a 3024310 selinux-policy-default_2.20161023.1-8_all.deb 125e567f4a81b61b54f447168bfa71f54a1e45fe 468450 selinux-policy-dev_2.20161023.1-8_all.deb a3dd49edaf11bc77158fb6a935988d8a78aaf4cc 449466 selinux-policy-doc_2.20161023
Accepted mon 1.2.0-9+nmu4 (source amd64) into unstable
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Format: 1.8 Date: Mon, 16 Jan 2017 12:16:21 +1100 Source: mon Binary: mon Architecture: source amd64 Version: 1.2.0-9+nmu4 Distribution: unstable Urgency: medium Maintainer: Dario Minnucci <mid...@debian.org> Changed-By: Russell Coker <russ...@coker.com.au> Description: mon- monitor hosts/services/whatever and alert about problems Closes: 851354 Changes: mon (1.2.0-9+nmu4) unstable; urgency=medium . * Use the correct name for the tmpfiles.d file Closes: #851354 Checksums-Sha1: 3f7360c0aee965d4357d5d83da805c3d77dc3c73 1828 mon_1.2.0-9+nmu4.dsc 0da3e2bbbade4f969a25b3b22095f1326ca697be 25788 mon_1.2.0-9+nmu4.debian.tar.xz 7d7a18355b80da56fb52ddb8dc3d0abd375c9875 13310 mon-dbgsym_1.2.0-9+nmu4_amd64.deb 64a11f4c26497991039a2f2f6ec85abba9c7b1ab 4794 mon_1.2.0-9+nmu4_amd64.buildinfo 02ba4db02a6dbf0be738e23d0c4964637d2ee068 278612 mon_1.2.0-9+nmu4_amd64.deb Checksums-Sha256: 2fb4e2981598a78924c3b0601e4c4e056eac3c95dddf0fdc6d51015ae97ff38f 1828 mon_1.2.0-9+nmu4.dsc 06288677818cba59bff8cd03254464fa6e3da59b17454b1fd140d398f10c3792 25788 mon_1.2.0-9+nmu4.debian.tar.xz f0c7f33cb809432ab065c409adafd0894dc7b7104219d52ee7c991bb29b81a66 13310 mon-dbgsym_1.2.0-9+nmu4_amd64.deb a7a58fa61237b19fb1e08b5da639543561c353384af82c97ec284d6252e91783 4794 mon_1.2.0-9+nmu4_amd64.buildinfo 969ad29e785a6c9ec14978aac24655c3e4111830d935fc849b6a7f2035f81845 278612 mon_1.2.0-9+nmu4_amd64.deb Files: 2b5ecaf276cb6ae81f8149c8d94677d4 1828 admin extra mon_1.2.0-9+nmu4.dsc 08d2978b9bf116401cf57190ffe90889 25788 admin extra mon_1.2.0-9+nmu4.debian.tar.xz c27da8d0be3b8b3aa9de3e7af7309738 13310 debug extra mon-dbgsym_1.2.0-9+nmu4_amd64.deb 52893c4f13bc2e6c29d0a88f96aa7d70 4794 admin extra mon_1.2.0-9+nmu4_amd64.buildinfo 04ae0c495f95a53fe43459c1919c55a5 278612 admin extra mon_1.2.0-9+nmu4_amd64.deb -BEGIN PGP SIGNATURE- iQIzBAEBCAAdFiEEn31hncwG9XwCqmbH0UHNMPxLj3kFAlh8HxEACgkQ0UHNMPxL j3nD/g/9Ej7q+WsWJwj+rp2rDraAnFXTM9aXRXqUDD19FkPBbhKpT62wogGIc12L 5GPL0jMSHmxJ8M257bW6dvUafnMFTa0NcCUTIFOAQVnWCc91Mx0qqr3JcQXL2PaF fzjELNvB7pZAOgZfEMklJYbUHRRlLilFU9XPMSh5UJwVn1czKT4n4j/6iRXm64ls MJ8BZubbjGtWVkfL7i9dabePIm3s/TT1OcinJnh7G3CVya90Q/YEsbMkY/QLWjN1 kJp+Pc/M5K3TmGbsiwzCpKgVBDZwjZOq3kOlOm4uo9CYsRG3mATUeEOGOPpTmmGT NyQDdGuHmROkm5oJMDGkX3r0rPSp9hw/phAgXlaZ8aQj41H28fpAfQtCSU1PRXu+ 39hM/XkvHfhFjDXWmEDvMGxhz3a6FkKRz2e+A9kL+AFdm0nganTOHe6WFaDKBetO YtSCNKSz8WrG0DIVjXdts/ovRRmzlZBVVHgpYP+ehBUtDWz1QZxB0nGQZBsEIttz 0kgRbJQKXFVL7kw9xFt3OhGlpSQ/DONZZ25r0PBHKFXqTv3benassEZATKdt+oBT xHa8H58SEXj0IH53e2Pe/4uXlv3s54W+stieDhW48c8B157bcfUNjMZf3pPrn2WP 17R+XfXKxIdl1U169mG+UOcNLPI7ush5KGi5nJHERXIZEUn9SQU= =w4Qg -END PGP SIGNATURE-
Accepted refpolicy 2:2.20161023.1-7 (source all) into unstable
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Format: 1.8
Date: Thu, 12 Jan 2017 18:01:40 +1100
Source: refpolicy
Binary: selinux-policy-default selinux-policy-mls selinux-policy-src
selinux-policy-dev selinux-policy-doc
Architecture: source all
Version: 2:2.20161023.1-7
Distribution: unstable
Urgency: medium
Maintainer: Debian SELinux maintainers <selinux-de...@lists.alioth.debian.org>
Changed-By: Russell Coker <russ...@coker.com.au>
Description:
selinux-policy-default - Strict and Targeted variants of the SELinux policy
selinux-policy-dev - Headers from the SELinux reference policy for building
modules
selinux-policy-doc - Documentation for the SELinux reference policy
selinux-policy-mls - MLS (Multi Level Security) variant of the SELinux policy
selinux-policy-src - Source of the SELinux reference policy for customization
Closes: 740685 781779 849637 850032
Changes:
refpolicy (2:2.20161023.1-7) unstable; urgency=medium
.
[ Laurent Bigonville and cgzones ]
* Sort the files in the files in the selinux-policy-src.tar.gz tarball by
name, this should fix the last issue for reproducible build
* Add genfscon for cpu/online. Closes: #849637
[ Russell Coker ]
* Make the boinc patch like the one upstream accepted and make it last in
the list.
* Label /etc/sddm/Xsession as xsession_exec_t
* Label ~/.xsession-errors as xauth_home_t and use a type-trans rule for it
* Allow devicekit_power_t to chat to xdm_t via dbus
* Allow rtkit_daemon_t to stat the selinuxfs and seach default contexts
* Allow loadkeys_t to read tmp files created by init scripts
* Allow systemd_tmpfiles_t to delete usr_t files for a file copied to /tmp
and to read dbus lib files for /var/lib/dbus
* Allow systemd_logind_t to list tmpfs_t dirs, relabelto user runtime,
relabel to/from user_tmpfs_t, and manage wireless_device_t
* Allow xauth_t to inherit file handles from xdm_t, read an inherited fifo
and read/write an inherited socket.
* Allow xdm_t to send dbus messages to unconfined_t
* Give crond_t sys_resource so it can set hard ulimit for jobs
* Allow systemd_logind_t to setattr on the kvm device and user ttys, to
manage user_tmp_t and user_tmpfs_t files, to read/write the dri device
* Allow systemd_passwd_agent_t to stat the selinuxfs and search the
contexts dir
* Make systemd_read_machines() also allow listing directory
* Make auth_login_pgm_domain() include userdom_read_user_tmpfs_files()
* Allow setfiles_t to inherit apt_t file handles
* Allow system_mail_t to use ptys from apt_t and unconfined_t
* Label /run/agetty.reload as getty_var_run_t
* Allow systemd_tmpfiles_t to relabel directories to etc_t
* Made sysnet_create_config() include { relabelfrom relabelto
manage_file_perms }, allow systemd_tmpfiles_t to create config, and set
file contexts entries for /var/run/resolvconf. Makes policy work with
resolvconf (but requires resolvconf changes) Closes: #740685
* Allow dpkg_script_t to restart init services
* Allow shell_exec_t to be an entrypoint for unconfined_cronjob_t
* Allow named to read network sysctls and usr files
* Label /lib/systemd/systemd-timedated and /lib/systemd/systemd-timesyncd as
ntpd_exec_t and allow ntpd_t to talk to dbus and talk to sysadm_t and
unconfined_t over dbus. Allow ntpd_t capabilities fowner and setpcap when
building with systemd support, also allow listing init pid dirs. Label
/var/lib/systemd/clock as ntp_drift_t
* Allow systemd_nspawn_t to read system state, search init pid dirs (for
/run/systemd) and capability net_admin
* Allow backup_t capabilities chown and fsetid to cp files and preserve
ownership
* Allow logrotate_t to talk to dbus and connect to init streams for
systemctl, also allow setrlimit for systemctl
* Allow mon_net_test_t to bind to generic UDP nodes. Allow mon_local_test_t
to execute all applications (for ps to getattr mostly)
* Label /var/lib/wordpress as httpd_var_lib_t
* Label apachectl as httpd_exec_t so it correctly creates pid dirs etc and
allow it to manage dirs of type httpd_lock_t
[ Russell Coker Important ]
* sddm is now working (gdm3 SEGVs, not a policy bug), closes: #781779
* Support usrmerge, lots of fc changes and subst_dist changes
Closes: #850032
Checksums-Sha1:
0800269bcc61552f85dc0060c788e0d8ce65e599 2477 refpolicy_2.20161023.1-7.dsc
13565daa8abfe0f0834bef69b3c0a65be4799745 105696
refpolicy_2.20161023.1-7.debian.tar.xz
c82a662c489488f8bfa77f78f951548b74100c2f 6816
refpolicy_2.20161023.1-7_amd64.buildinfo
fe0bcbc0df46a90f1fefae2a4fa662e56be5672a 3022420
selinux-policy-default_2.20161023.1-7_all.deb
c1c2a2cbb18bb37faaea1b7d18a0960b1b061ddf 466774
selinux-policy-dev_2.20161023.1-7_all.deb
cd28f2c8df216e1d1fdd9279374ff3c8c88f26d9 447792
selinux-policy-doc_2.20161023
Accepted refpolicy 2:2.20161023.1-6 (source all) into unstable
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Format: 1.8 Date: Sun, 01 Jan 2017 15:33:26 +1100 Source: refpolicy Binary: selinux-policy-default selinux-policy-mls selinux-policy-src selinux-policy-dev selinux-policy-doc Architecture: source all Version: 2:2.20161023.1-6 Distribution: unstable Urgency: medium Maintainer: Debian SELinux maintainers <selinux-de...@lists.alioth.debian.org> Changed-By: Russell Coker <russ...@coker.com.au> Description: selinux-policy-default - Strict and Targeted variants of the SELinux policy selinux-policy-dev - Headers from the SELinux reference policy for building modules selinux-policy-doc - Documentation for the SELinux reference policy selinux-policy-mls - MLS (Multi Level Security) variant of the SELinux policy selinux-policy-src - Source of the SELinux reference policy for customization Closes: 740657 849459 849460 849461 849463 Changes: refpolicy (2:2.20161023.1-6) unstable; urgency=medium . * Label /var/lib/unbound as named_cache_t, closes: #740657 * Merge patch for gbp.conf from cgzones <cgzo...@googlemail.com> closes: #849459 * Merge patch from cgzones <cgzo...@googlemail.com> to add new .basemodules file. Closes: #849460 * Make the package build fail when a file is missing. Closes: #849461 * Replaced domain_auto_trans with domain_auto_transition_pattern. Closes: #849463 * New type systemd_machined_var_run_t for /run/systemd/machines * Allow initrc_t to get the status of null device service files (for symlinks) and to reload systemd_unit_t services. * Allow systemd_logind_t to manage user_runtime_t directories. allow it sys_admin capability. Allow it to list udev_var_run_t dirs for /run/udev/tags/power-switch. * Label /run/console-setup as udev_var_run_t * Label lvmetad as lvm_exec_t * Made it conflict with mcstrans because we currently can't get mcstrans, dbus, and systemd to work together. * Allow systemd_logind_t to create /run/systemd/inhibit and to manage systemd_logind_var_run_t dirs and mount/umount,relabelfrom tmpfs_t * Allow systemd_machined_t to manage symlinks in it's pid dir * Allow systemd_machined_t to stat tmpfs_t and cgroup_t filesystems * Updated monit patch from cgzones. * Allow policykit_t to stat tmpfs_t and cgroup_t filesystems and to read urandom * Change auth_login_pgm_domain() to include writing to sessions fifo. and searching user_runtime_t * Allow systemd_logind_t and systemd_machined_t to read initrc_t files to get cgroup and sessionid * Allow systemd_logind_t to read xserver_t files to get cgroup and sessionid * Allow system_mail_t to access unix_stream_sockets inherited from init for error messages on startup * Allow system_cronjob_t to get systemd unit status * Allow logrotate to talk to dbus and talk to the private systemd socket for systemctl * Allow console_device_t to associate with devpts_t:filesystem for /dev/pts/0 * Allow systemd_logind_t to read all users state for cgroup and sessionid files * Label /var/run/sddm and /usr/bin/sddm * Allow systemd_logind_t to talk to policykit_t and xserver_t by dbus * Allow systemd_logind_t to send messages to initrc_t by dbus * Allow policykit_t to send dbus messages to all userdomains Checksums-Sha1: b994cb837cc6ae724f9a00235866538149046364 2459 refpolicy_2.20161023.1-6.dsc 861d83bad59960def25a3631286b7bea971928e7 95444 refpolicy_2.20161023.1-6.debian.tar.xz 34802fa9edec12f977362e1156612285e449e458 6808 refpolicy_2.20161023.1-6_amd64.buildinfo 6e5fe2f32c8303cb10fde11e639c3a4dd2be97bc 3023632 selinux-policy-default_2.20161023.1-6_all.deb 918e3cf1fa47abb29f8ffcb4bec078161de823ad 465378 selinux-policy-dev_2.20161023.1-6_all.deb a3dc642c1830a7dea3d510f4719d5c135c56c26d 446212 selinux-policy-doc_2.20161023.1-6_all.deb 47af5e45fe6f17f29a80af8c43da0f8d3d94b894 3059948 selinux-policy-mls_2.20161023.1-6_all.deb 918db7030c05ee9e29c15809c4a284721fcd1c6f 1258836 selinux-policy-src_2.20161023.1-6_all.deb Checksums-Sha256: 7bdaff3633d31dcc046c08285cb17665a7360664e3b58eb8b9012a3c21cf22d5 2459 refpolicy_2.20161023.1-6.dsc cd1bc6d6eec8849abf1fc2eecd29949e18618e2c46a3f9f7eb5a1e77a80c1363 95444 refpolicy_2.20161023.1-6.debian.tar.xz 81f5158b937da7d3791c2fe65730c545d09bfedb4c6c18ce493107526444f162 6808 refpolicy_2.20161023.1-6_amd64.buildinfo 8c0280e413bbe16852537d79827fd569667b44d5b5733257157e24efde23977b 3023632 selinux-policy-default_2.20161023.1-6_all.deb 54420ec7e35dfd6aec720f7dd4d46edfbc31bd01f23f4a010346f5aaa99a854f 465378 selinux-policy-dev_2.20161023.1-6_all.deb 1d60e0c49c18260ec811679a706488b66a606c1b25952a79ef77dc0b947ab115 446212 selinux-policy-doc_2.20161023.1-6_all.deb c7919a548411954e03e6893718330ec54b987b47bf4006675f417fdd7a219acb 3059948 selinux-policy-mls_2.20161023.1-6_all.deb c46d3209e7865202c020e9e69dbeb93f1041983b1f7d766f177797feefc389db 1258836 selinux-policy-src_2.20
Accepted cyclades-serial-client 0.93 (source amd64) into unstable
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Format: 1.8 Date: Sat, 31 Dec 2016 16:37:21 +1100 Source: cyclades-serial-client Binary: cyclades-serial-client Architecture: source amd64 Version: 0.93 Distribution: unstable Urgency: medium Maintainer: Russell Coker <russ...@coker.com.au> Changed-By: Russell Coker <russ...@coker.com.au> Description: cyclades-serial-client - Network Serial port client software for Cyclades terminal servers Closes: 800212 817327 Changes: cyclades-serial-client (0.93) unstable; urgency=medium . * Fix debhelper compatability level Closes: #800212 Closes: #817327 Checksums-Sha1: cd8e0595959a24d4e05667044235b00b2b3afa5d 1469 cyclades-serial-client_0.93.dsc 0962b8083b50f83d8c4f30747f06584c5cc8bf3a 124887 cyclades-serial-client_0.93.tar.gz b9b71b56feb4269c3779e7e23a0eede6dd951149 4597 cyclades-serial-client_0.93_amd64.buildinfo 5d4d18517aa12b186761d50201d8ad0746485bd1 31592 cyclades-serial-client_0.93_amd64.deb Checksums-Sha256: 11c7ac0a013a7c601ff1612303d42c3a3258c5604289bcaa141393cd085e8680 1469 cyclades-serial-client_0.93.dsc d0bf2f70cbc9ea28c9ad5da11aba8e96c136235bb2d1f2c28662d2197642fd8a 124887 cyclades-serial-client_0.93.tar.gz 315b7a3633b83ae3b6b4047e4a66adb008c09158d06db794a6b24010faab0d3e 4597 cyclades-serial-client_0.93_amd64.buildinfo caf9d3c1712a402f2d7352303464598b510ee1740faa8295b2aa9a2353dc4b17 31592 cyclades-serial-client_0.93_amd64.deb Files: 1428fc961ac05d44720d6b09b37d5e21 1469 comm optional cyclades-serial-client_0.93.dsc eb2f052281008a866ed8cb1cf624a98d 124887 comm optional cyclades-serial-client_0.93.tar.gz 662e79156eb65e818acb0ac0bdb1f686 4597 comm optional cyclades-serial-client_0.93_amd64.buildinfo 9190cfbefd140fa06340c96b8505927a 31592 comm optional cyclades-serial-client_0.93_amd64.deb -BEGIN PGP SIGNATURE- iQIzBAEBCAAdFiEEn31hncwG9XwCqmbH0UHNMPxLj3kFAlhnRF8ACgkQ0UHNMPxL j3kEPA/8CY2m1QmYUGXTAIWCwnD7uKBbS+fInZZ9dfCZJoc2+1tR0ntXwr8BINtL grIYFFl2Q/70zCB2ypriZe3juZRNadQ/SEAuYy3MDm+eJ0IN+MmzVJbmmS4VLXHc X0EETwQNPQWK9HoW/0D6V9mHV1WhUdcqgaIJal726R+HnEeLh2JtGPlqJFKhAmca 8FWd32lR2pgaAQNPmfhWNRSFZ8JvAMFNuORkk6s3mNfShLzdyY8b+xII6SMNDVwI 7I7PrtWBRqgkSyCVToVVzsRrTnewbEfu4TWFgV66Pgf7n9nl+qp5pIjECJn7wYN0 5bADzZSSWPy11bJpc6jopY13T50f06OcSYGEVP72OWUwc1xEVj9enhuhgL/774uH /IWWWmLzGRvVTyTbx8thuqA30wVHcDlgp6hD8/cKW/jns5p4Dq/PQaqIPmhYvRFM +kruUPC0MiLSVjMYosmT7ldieoEpff4PgUWbOxQjQhFk5sQBDYjTCQzOcyctjOFm sP2EKCHyB7+tFHFi/4WUR2GZ4G5ZmM5PnIYwHFFGPZQDiGyTl2+51qMxnQw7Uhcs Wf3JLRHbJXYe1ar9ew61Z3BNcPURycmzk3C0CZahDLX6TyxUsjUzwB1am84SwrG+ unJZzsMRdQwutBh2+GHd6hM+nYWwU2MjKZQ4NXffJO5e2Ed8zVA= =4i7c -END PGP SIGNATURE-
Accepted sredird 2.2.1-2 (source amd64) into unstable
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Format: 1.8 Date: Fri, 30 Dec 2016 15:44:42 +1100 Source: sredird Binary: sredird Architecture: source amd64 Version: 2.2.1-2 Distribution: unstable Urgency: medium Maintainer: Russell Coker <russ...@coker.com.au> Changed-By: Russell Coker <russ...@coker.com.au> Description: sredird- RFC 2217 compliant Telnet serial port redirector Changes: sredird (2.2.1-2) unstable; urgency=medium . * Merged NMU and updated to debhelper 9. * Changed to C++ compile mode for more warnings and fixed them. Checksums-Sha1: 165d833ae124656009f45939a12c38058c4f6098 1388 sredird_2.2.1-2.dsc 6c7ec8681493bcfebcee17dc988eca90358658fb 26473 sredird_2.2.1-2.tar.gz 48720584f5a0ff1e893186e8adabbf9e5732aad0 3372 sredird-dbgsym_2.2.1-2_amd64.deb 71bae918431064abf9531ccbaa30fba38605c376 4754 sredird_2.2.1-2_amd64.buildinfo 49605048af930a62ffde24ace86a6f85a67a543d 19420 sredird_2.2.1-2_amd64.deb Checksums-Sha256: da46f2a727c8b30e0707e7e45d9205acce4f9e86e83a1046a1fe536f44192df8 1388 sredird_2.2.1-2.dsc f5e5ac49cfb38e2edda5ae72ee0751cc1f9dc8f425dfb0b7b16720e72912c34b 26473 sredird_2.2.1-2.tar.gz c6d2f8c610a327ad6c243445de134eb50d1aaaca17bbfb5a16205ea03a1df04d 3372 sredird-dbgsym_2.2.1-2_amd64.deb 4d12543fd4bbaffc5ad30d07eabc7d52e643f4294ddd0812bf6be3ef9b0ce9ff 4754 sredird_2.2.1-2_amd64.buildinfo 3050db492f849b03391b4bf42c527cdb03903828528d6154766590e997f3af2b 19420 sredird_2.2.1-2_amd64.deb Files: 60759ddc9b74db1007e612d1b1e0730f 1388 comm optional sredird_2.2.1-2.dsc c0246bca63888c8b38e6d46529edd010 26473 comm optional sredird_2.2.1-2.tar.gz 87cf669f4e66424eff7f2a330b20ea83 3372 debug extra sredird-dbgsym_2.2.1-2_amd64.deb bb62c7e784780120eb50cd800ec3 4754 comm optional sredird_2.2.1-2_amd64.buildinfo 04d4854ec219a81501640c11e6ec98a3 19420 comm optional sredird_2.2.1-2_amd64.deb -BEGIN PGP SIGNATURE- iQIzBAEBCAAdFiEEn31hncwG9XwCqmbH0UHNMPxLj3kFAlhl6DYACgkQ0UHNMPxL j3mw/Q//WHiuh5uEo6argr7cF35xAaJBNw/m9aBpoNPUBdCc6DeksjluaQh/9MPT GMFewr4BU+Dj8wx4FUIhh7v11262xtIUSmwclWP7Qz2Tf7LTxETIRNBFj3+7zFxS pNtuur6tYukLJsZUUIExvzRkZp5zsyN+cxyGXPL6nWDnVH0/rxuywRA7HhDKzPDz LwP1H0mTNsE7nQ2BTP8scCaZgdcbXIMD6hKExMuqsdHlbjCXlanMltDQe+eviZtF tx0v6oXYcDeCAiyjv1R3nTduio8RN6gdIXOBVudXubNzrNG6yuUyzQDF8aCHWk/B H/uZdVRa5IYROL4gBMLUfscpNgod4VOfAjDZcQ8acQa375vQsYrFN+CopAvx9maA 8SVIn65r7aPZyHsPwnrpeiJQOJCpYUbmyr/x3JL7OmgcG82wOS/+dEqNI5xTP+0B WdYYtv1BzhDfxVJlX3gb3KtGHq2Utmi6W8J6U3/2LXQUV2bj/4ZY9BuZYFhnhmOH GQQiuYGlyrMbzsr5/EhBZeDIdCm7RS9lIebpKw4fvfnEDIG3iP172XiH4uFw63ya mYTqfG6J0F+NM0D6Mz8kYYuWrimaMoGv9h6+FXyypiufqP4PdIoNe8uVzHJO2dAA yONmrW/OhGpitaPxanXc0PBzk4bk6YX0Nl/dq8DzmAZ9vtjWM+0= =rc8K -END PGP SIGNATURE-
Accepted refpolicy 2:2.20161023.1-5 (source all) into unstable
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Format: 1.8 Date: Thu, 29 Dec 2016 01:08:24 +1100 Source: refpolicy Binary: selinux-policy-default selinux-policy-mls selinux-policy-src selinux-policy-dev selinux-policy-doc Architecture: source all Version: 2:2.20161023.1-5 Distribution: unstable Urgency: medium Maintainer: Debian SELinux maintainers <selinux-de...@lists.alioth.debian.org> Changed-By: Russell Coker <russ...@coker.com.au> Description: selinux-policy-default - Strict and Targeted variants of the SELinux policy selinux-policy-dev - Headers from the SELinux reference policy for building modules selinux-policy-doc - Documentation for the SELinux reference policy selinux-policy-mls - MLS (Multi Level Security) variant of the SELinux policy selinux-policy-src - Source of the SELinux reference policy for customization Closes: 619855 619979 697814 734192 757994 Changes: refpolicy (2:2.20161023.1-5) unstable; urgency=medium . * Allowed system_munin_plugin_t to read usr_t files and have capability net_admin for mii-tool. Thanks joerg <j...@joergschneider.com> Closes: #619855 * Allow rsync_t to stat all sock_files and fifo_files when rsync_export_all_ro is set. Thanks joerg <j...@joergschneider.com> Closes: #619979 * Allow bitlbee_t to read FIPS state. Closes: #697814 * Allow mono_t to be in role unconfined_r. Closes: #734192 * Allow dpkg_script_t to manage null_device_t services for service scripts linked to /dev/null. Closes: #757994 * Give systemd_tmpfiles_t sys_admin capability for adjusting quotas. * Included initrc_t as a source domain in init_ranged_domain() so that old XDM packages that lack a systemd service file will work. * Use xserver_role() for unconfined_t so the xdm can start the session. * Allow user domains to talk to devicekit_disk_t and devicekit_power_t via dbus * Label /run/lvm as lvm_var_run_t * Allow dhcpc_t to manage samba config Checksums-Sha1: ae6b01cff11af7e898ea3b17ba0d78e2ab5cff62 2459 refpolicy_2.20161023.1-5.dsc adf4156ab23ad78994e49a4bae7bdb1966acac11 92864 refpolicy_2.20161023.1-5.debian.tar.xz 4cf8c8cad9c9a4bb3fc063b98a815a62e6e27f5d 6808 refpolicy_2.20161023.1-5_amd64.buildinfo bd9835e93d788933d9515f2d6ebfc38a23ef729d 3019806 selinux-policy-default_2.20161023.1-5_all.deb 85ef46a33c168a4c2d00dfece347860204420627 463718 selinux-policy-dev_2.20161023.1-5_all.deb 07a17dbc173743ac5f2bf0e8adc624f35b094b61 444674 selinux-policy-doc_2.20161023.1-5_all.deb dd29bd354bc3828ce6159d8b5eb3268af6735939 3056326 selinux-policy-mls_2.20161023.1-5_all.deb b4e6bf37845ea80f82b9a8aa8e8eb6dfc3b34bf1 1255722 selinux-policy-src_2.20161023.1-5_all.deb Checksums-Sha256: 6fa61599a29a20cc42127c65149e2fbdaee2cc49a851103fba53b698cfb3d302 2459 refpolicy_2.20161023.1-5.dsc 26f9a6cbdf8c50478eff7a1a242bf1a12052867bd3186a9d9918b0ebad2316de 92864 refpolicy_2.20161023.1-5.debian.tar.xz 1ded073e0d6b35d307fd396dc5eecff38f724b3964c1f2243314bf6d896ba61e 6808 refpolicy_2.20161023.1-5_amd64.buildinfo 7982335b14445b9760decf6212fd25e8cb293758cf6aa3d9772705d18261 3019806 selinux-policy-default_2.20161023.1-5_all.deb 6f85f5e6c448606f0dbf37e7f2537037751e5a2ff25bf695c68070392b5a13fa 463718 selinux-policy-dev_2.20161023.1-5_all.deb df079a6be534504b267e5776441365cca414dbec16cab7c5e736d048d639e2d8 444674 selinux-policy-doc_2.20161023.1-5_all.deb e97ab8c42a2398ccd669f88901d44bd1fc4676b9fdd3b15689dc41d0d22ffeb4 3056326 selinux-policy-mls_2.20161023.1-5_all.deb 9268e70cfcb41793dfe0da91a5f7ed14fdbd7943257e3e4f6284532f643b4887 1255722 selinux-policy-src_2.20161023.1-5_all.deb Files: 7c794099f9741f1fa0ef640738c0922f 2459 admin optional refpolicy_2.20161023.1-5.dsc e7f4f8591e207b1e376e046dd8cc0b57 92864 admin optional refpolicy_2.20161023.1-5.debian.tar.xz 75bf1781f6c6361563c4bdb652d612e2 6808 admin optional refpolicy_2.20161023.1-5_amd64.buildinfo 8b4c47369bef30f1a2311d95161d9204 3019806 admin optional selinux-policy-default_2.20161023.1-5_all.deb d6a5c32f1cbd26bb98ee2ac4fa515d6f 463718 admin optional selinux-policy-dev_2.20161023.1-5_all.deb 335ed80025137290487fcf47331aaed0 444674 doc optional selinux-policy-doc_2.20161023.1-5_all.deb cb46b580643871284072f5040eeddaae 3056326 admin extra selinux-policy-mls_2.20161023.1-5_all.deb 80cd46e2ba3eff5242ec38360ff27c20 1255722 admin optional selinux-policy-src_2.20161023.1-5_all.deb -BEGIN PGP SIGNATURE- iQIzBAEBCAAdFiEEn31hncwG9XwCqmbH0UHNMPxLj3kFAlhj0aQACgkQ0UHNMPxL j3k4qw/7BLBCCrjJIWD/ZSKxb8NBfq8rzq6f4mrQyW9EffPL/hgKeN9xprfU0+2Q 1G+6PEHkygljzYlHxz5fE1atj2dBQauItXuYJYYAui3ljbovsXumLHPlz9wmj6eM sQFyXQc8So6hRuAHlXZObejsXWHVZvGcZeArEH+uNTtrhv8j2HfdUJdFhMezXFE2 tUkVmRXAn4FDWxf843dCqyskd4s39M2d6378eeYCAwHiiv2xQmEIe8NW8S7iFtPo Tq+U94h3PtQ3hV8j6NdJYHJcMbK9vl6NDVXkoCN/w9jhg1FgoajzZw2c+ZP/VTzN /KR+ia+9TsW4V20RcU64+N4r4FtgHBbq2QNb2WC7osh+2DLPzFZa3IuVuWbWCPpX 388ELIQDwwtp2eA0c0FFdZqrnSW6hP34lp0RJ7LoH1DVkHKA6UI1kR8fnwky
Accepted refpolicy 2:2.20161023.1-4 (source all) into unstable
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Format: 1.8 Date: Wed, 28 Dec 2016 00:36:11 +1100 Source: refpolicy Binary: selinux-policy-default selinux-policy-mls selinux-policy-src selinux-policy-dev selinux-policy-doc Architecture: source all Version: 2:2.20161023.1-4 Distribution: unstable Urgency: medium Maintainer: Debian SELinux maintainers <selinux-de...@lists.alioth.debian.org> Changed-By: Russell Coker <russ...@coker.com.au> Description: selinux-policy-default - Strict and Targeted variants of the SELinux policy selinux-policy-dev - Headers from the SELinux reference policy for building modules selinux-policy-doc - Documentation for the SELinux reference policy selinux-policy-mls - MLS (Multi Level Security) variant of the SELinux policy selinux-policy-src - Source of the SELinux reference policy for customization Closes: 691283 739590 Changes: refpolicy (2:2.20161023.1-4) unstable; urgency=medium . * Allow mon_t to read sysfs. * Made gpm_getattr_gpmctl also allow getattr on the fifo_file * Allow mount_t to getattr tmpfs_t and rpc_pipefs_t filesystems * Allow systemd_logind_t to change identities of files * Allow systemd_logind_t to read the cgroups files of all login processes * Added monit policy from cgzones <cgzo...@googlemail.com>. Closes: #691283 * Allow udev_t to transition to initrc_t for hotplug scripts, and label /etc/network/ip-ip.d/* etc as initrc_exec_t. Policy taken from Wheezy at the recommendation of Devin Carraway <de...@debian.org> Closes: #739590 Checksums-Sha1: 189499816c07f12a7f22442e8161be26f0156070 2459 refpolicy_2.20161023.1-4.dsc 15e3e677fa6775ad78f6559a20fe4ca1244b473f 92148 refpolicy_2.20161023.1-4.debian.tar.xz 1b9ae1b1eebc7c0d93d4adf5ec16357c4a09cbb6 6808 refpolicy_2.20161023.1-4_amd64.buildinfo 2a5ac782f1bd9fb908fc1b865ff466735b124042 3018858 selinux-policy-default_2.20161023.1-4_all.deb e88b981e8c7319b4439a0a6eaebe8d242b6fd66d 463366 selinux-policy-dev_2.20161023.1-4_all.deb 6ee154ade4cbc5708884606a098a4120037a0f37 443532 selinux-policy-doc_2.20161023.1-4_all.deb a846d0986bbb4a86ff1c39739d13496cb0a9e407 3053374 selinux-policy-mls_2.20161023.1-4_all.deb 3af0da62533e5fe3fd44edfc887377b17b766453 1255246 selinux-policy-src_2.20161023.1-4_all.deb Checksums-Sha256: 83edada4e484e9c15e7459fe3296e066734a54ed9866aa081b5588a4652a228f 2459 refpolicy_2.20161023.1-4.dsc acc91b5f643404328df9a4fcfab34930706b62891190943748ed54c770958404 92148 refpolicy_2.20161023.1-4.debian.tar.xz 4d116529c0f503fa30fbef09d413c46ede3d0794c91097fdd651929b5f1dd9d1 6808 refpolicy_2.20161023.1-4_amd64.buildinfo bd8727a26b5e563fdc6453e6a3de0e5eae16815b8a404f226163e2e7b4b96132 3018858 selinux-policy-default_2.20161023.1-4_all.deb 044f336c879e4f41c80dae8bc5f32f96b6726384aef74b7010d6b604f42af433 463366 selinux-policy-dev_2.20161023.1-4_all.deb c4299e8222d1ef0fdef2920096aa4af0d7fea2cb3dd75362f42237060098d076 443532 selinux-policy-doc_2.20161023.1-4_all.deb 2566c29480be009324402cecff33a23b0a0591d05e466036fa2bbc359d7e3cbd 3053374 selinux-policy-mls_2.20161023.1-4_all.deb a49d705eda1260dd33026997a9465fcc33de932afa22122cb535cfd4f29c440a 1255246 selinux-policy-src_2.20161023.1-4_all.deb Files: 85af5d7068806f3d768dfd4189938024 2459 admin optional refpolicy_2.20161023.1-4.dsc 5522f1f67806dab02aa4578a79348542 92148 admin optional refpolicy_2.20161023.1-4.debian.tar.xz 6dbebf637ed47e8386494aa65967cf2b 6808 admin optional refpolicy_2.20161023.1-4_amd64.buildinfo b861e3432a4a42c9a5c5f89e52d7c0fa 3018858 admin optional selinux-policy-default_2.20161023.1-4_all.deb 56dcb8f22a94d4c783ab11c81143a802 463366 admin optional selinux-policy-dev_2.20161023.1-4_all.deb 48aa236e31785e11440132dcc2528a5e 443532 doc optional selinux-policy-doc_2.20161023.1-4_all.deb 00696b51436912f8b8d49448a10c99c3 3053374 admin extra selinux-policy-mls_2.20161023.1-4_all.deb c32f304a057b35342538e8191c3fc803 1255246 admin optional selinux-policy-src_2.20161023.1-4_all.deb -BEGIN PGP SIGNATURE- iQIzBAEBCAAdFiEEn31hncwG9XwCqmbH0UHNMPxLj3kFAlhibz8ACgkQ0UHNMPxL j3klZRAAjCxJoLw163bF8WbqvfenGwYmbUrEWJ49EvcWLyn/o0iCcYttI3mWVB1f ODdOCc82UdhpLzy8ImpzyUzkZKOW/o9uBIoSRkmBQVbrmLylbUCTbR2i3ySNcDvG bYeU9D4tISK3zh5wBPofcluNkR8s+DdYBwEGASFh4drrODXDIzyN/JzrrKcB6uzE WPk5O/q7LOd5Rr/1oCkTFTIptFjQyrG4iz1R8MhplncAdyVuvA9mqgx8vBqbm71R zswNK7vtRSQEaaJ5rwczu3n9C5k8h3Hk2UHXHQjWsNfMtT7zamkocVQx1YKXJKLt 8uQVlZKjSWKESUvVeFJck5zE6sQs4kJJ/3JM5S9YzOZpiqXzJDqT6fTgT6qdFqLz 4CoZHZk9j8ejnXy6i9XWqRwaPFMpnBn4VN4wNMO1lcdzWB1mH/icBeZQk3nb4hGl N4LKScL0DpGb6d90Q7Zho+4GjTa7CcQgRTxY4BIaUM9xQ28uSIo6VshkVlrsq+7p nTt2qvOtxLaJkMb4LEs55EOkNxp5O6lhZi7xuhak3xj7dVHFJsTZFoae1+Wggs2v yYldcX161xPyTxDP6JseBLDgIVKSEe550NmZGCBQFwT5ZG47AQnMgoTfZNLnEc6Z 8ZM5ZBXeRZ6zlTMkfjofwSDYTtms7T9Iem167zKDR54qBE/TUN8= =sZHm -END PGP SIGNATURE-
Accepted logtools 0.13e (source amd64) into unstable
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Format: 1.8 Date: Mon, 26 Dec 2016 02:11:11 +1100 Source: logtools Binary: logtools Architecture: source amd64 Version: 0.13e Distribution: unstable Urgency: medium Maintainer: Russell Coker <russ...@coker.com.au> Changed-By: Russell Coker <russ...@coker.com.au> Description: logtools - Russell's misc tools for managing log files. Closes: 437492 660614 849126 Changes: logtools (0.13e) unstable; urgency=medium . * Fixes build problems with latest STL. Closes: #849126 * Added patch from Thijs Kinkhorst <th...@debian.org> for "verbose" mode in clfmerge. Closes: #660614 I wrote a similar change for clfdomainsplit. * Made DEB_BUILD_OPTIONS=nostrip work. Closes: #437492 Checksums-Sha1: 0314b071476e58ef3e1eb71ffbcdbe9badcd6715 1387 logtools_0.13e.dsc 4d989b1d9ec776467636fbe81e85753b703d2997 62468 logtools_0.13e.tar.gz f2ab4dd78035b01ce519963c6d1f8cb4ecad 174412 logtools-dbgsym_0.13e_amd64.deb 146b48bba16198a3235f04002dc0aff538f34620 4751 logtools_0.13e_amd64.buildinfo 87ab02d7ad3cbe87ab5d7467a62be04870168106 33082 logtools_0.13e_amd64.deb Checksums-Sha256: 79cfb4414d007592c34267245c2eb2a085c8f0d62f8666150765c733fcacfafc 1387 logtools_0.13e.dsc 919fe52497dad6783ad5e07f8b7bff596a486c7a24e00b005304007b6b54949b 62468 logtools_0.13e.tar.gz e9700921396d69cc714472d710f69c30a26fa669e24578524b66e6f64433c541 174412 logtools-dbgsym_0.13e_amd64.deb 5e136247269f7083806c2a2c1723c81a04846c9132e58eae16cf61e3b792e275 4751 logtools_0.13e_amd64.buildinfo f626c9f8a0fbbbd0473122621b062385883dc7fac1cdea84584cbc5784e0bf00 33082 logtools_0.13e_amd64.deb Files: 8598b6268ba86b8f3f22cae34f56dec6 1387 admin optional logtools_0.13e.dsc 2b4e1c418981e8440ce0af1616c7644d 62468 admin optional logtools_0.13e.tar.gz 6bde1f9d544fb9debe41d257a9c010c8 174412 debug extra logtools-dbgsym_0.13e_amd64.deb e29749445214d2764335d345d0c0f86d 4751 admin optional logtools_0.13e_amd64.buildinfo 95ffa258cd58e82931172c883be7d710 33082 admin optional logtools_0.13e_amd64.deb -BEGIN PGP SIGNATURE- iQIzBAEBCAAdFiEEn31hncwG9XwCqmbH0UHNMPxLj3kFAlhf4bAACgkQ0UHNMPxL j3nHOw//VqQuS5DbGb9WoD5rnTfzTSip3e2tuoI+iHPAQZZCjx4WyRbZh3GFKV2F t9DhCcom7uVt27GmALNs477feMIcuux4CahnqGBesaTdPw4y+/LaW6kEkJEvlbqC 8l597HDEBM1QK9cBTXSEI3UbZh2adu2vWOOIx2KWyeq+jVnupukKglcDDyMaiY9z 6J9M46+tIS/4njruUbsoBOzM5Crpby1yHMAGp6xpB6j9kiKjxtKf7A2o60iseZ0k 91e3IOhi8gH/D7FvB0nUKYU9BJn/26liRAxw6ZFjytFHJ3V/duDakBwYEDvqMQfx KLOYZzP8x3L6nHBil+un7lV6iOaTamsoV/Ix9EQ0Uo1kFb6oCivRf4FB9IvavrPU EWXC8x38YIZEm9n+d3Dt+txIWnChS2nIZjV1hlJwwK13Sn6ejlsx33Xn9dNPR5cC PcqFUZ8EadP8zGAlBSvXuYfBSfJcysu6G2jzweWfwuX0liEREC9Q3HxF224b9Um1 CE1v0nulVcYlb6TWwTiYeOsdZ1FkQpzt7RhNPRxClPkmZzH6t0YbNR99rSKMtAGz DbBNQTtJZVp/jsFYfgVkRjRxFfvd5riTks+Fxrh8NUxjqKR2D8VD4D2LUUXvKXth nIFkRkKEHZZtadmVLV4hqLaeTvyWt/togjFE57pJpkj+CIHPXiE= =0gte -END PGP SIGNATURE-
Accepted mon 1.2.0-9+nmu3 (source amd64) into unstable
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Format: 1.8 Date: Wed, 21 Dec 2016 21:08:11 +1100 Source: mon Binary: mon Architecture: source amd64 Version: 1.2.0-9+nmu3 Distribution: unstable Urgency: medium Maintainer: Dario Minnucci <mid...@debian.org> Changed-By: Russell Coker <russ...@coker.com.au> Description: mon- monitor hosts/services/whatever and alert about problems Changes: mon (1.2.0-9+nmu3) unstable; urgency=medium . * Add sslcert.monitor to check certificate expiry and smtpswaks.monitor to check mail servers with swaks Checksums-Sha1: ae4ad38dcf6aa9c75a329f4c1a2c742b1cd6bce4 1828 mon_1.2.0-9+nmu3.dsc 8219e11f12ece663c3793f4cd5e1223719bf1f9b 25744 mon_1.2.0-9+nmu3.debian.tar.xz d42c0266555de2ceeb6523b6ff40f0aa1e13 13270 mon-dbgsym_1.2.0-9+nmu3_amd64.deb 9ab2b51426764f9e8677866c1a10aa51098b788f 4801 mon_1.2.0-9+nmu3_amd64.buildinfo d55a37f70e4526646995504d6fbfc01ef0ad05be 278578 mon_1.2.0-9+nmu3_amd64.deb Checksums-Sha256: 7b1feb50a76ea9b668ae09d15446b0c34bd342ec98ac17527c18571dda4fa114 1828 mon_1.2.0-9+nmu3.dsc 58ffbb7ddfdf7c25a876af528def12e6b9ceda604f00fec1749a3968bc064772 25744 mon_1.2.0-9+nmu3.debian.tar.xz efcee9489abb5dc83878072ad2ccdf282d24f4ea34f956f7a20739d38f403f35 13270 mon-dbgsym_1.2.0-9+nmu3_amd64.deb 293c1345a348b13db162815e9ad8810a89cfdec5179b2f03f04b89fbe672f2a0 4801 mon_1.2.0-9+nmu3_amd64.buildinfo a0e8e115a33424b9498ba171d591663262d446d469b338bb251075f44e7d3dd5 278578 mon_1.2.0-9+nmu3_amd64.deb Files: 6c1c264d22a1d20806758ff153fdfaeb 1828 admin extra mon_1.2.0-9+nmu3.dsc 64b65ca3fce4f8115a5b518c5f229d4f 25744 admin extra mon_1.2.0-9+nmu3.debian.tar.xz 11e42d020f714f2cab1475b5ae4d6517 13270 debug extra mon-dbgsym_1.2.0-9+nmu3_amd64.deb ccbfdbfa15c3f433cbb0fedafc48a299 4801 admin extra mon_1.2.0-9+nmu3_amd64.buildinfo a49c261b6566ee03edfb2f70d1dbdb95 278578 admin extra mon_1.2.0-9+nmu3_amd64.deb -BEGIN PGP SIGNATURE- iQIzBAEBCAAdFiEEn31hncwG9XwCqmbH0UHNMPxLj3kFAlhaVPgACgkQ0UHNMPxL j3kYjBAAxdYdp13gGDrr2xTloTliVQaEXm3Eo8l2l5K0Sw75c9PYiMQF/qMFpOJl sajizE80gSqAKhmu73VZ2xuwp8PZa+FG4izZYmjEP2P270293UByhY+q+zu9Z40+ Ngyr4EKymOj6k7regFNe97lyjet5YRg2VZ30mC6GQ+FkaFoZPTzAoRq7ecyjgaMz 8q3Y+pBokmjKfKEXNF0K+OvDp5B3lGYOytgkLwYIrLtnHvZyRP0qgwSw+cAhEzmU YqqEs4ppyBWXQNgPoiyz+mt2AdIHRU+cc/Oc9HsxPFtSXCPmykdhTlA2KtaekJPy ZxIOITfoECsFEIdUI4DN2VUQf2qrjPaQZt9DC8aNF3ViCixlTGEBi5QqXbdVBzPd 7A4jPIzXsSifRgQol/0QUFRQ1tK2uguV8uzSiR/KqWUdVPDmI5K04bbZ893ORwbl lzWCdfn93MPfncI5Dwo19A1hHlOvmvBCb44iYvyt1D0PwlQSaO7TxcfpeMkt6fnO kSVAoZMeSN9vU86hdeLzqxzqE8vCvySnAw3CZ8tQId0EEI4sTytOxQxpt3Lst8ql MDsVBCJDclAGnLG5tSDUW7haf2yhFJIYH418w7phfbFKt9O98L9sOyi7bRxpXiBh Q/rAloITaXlxa1GckeN72XH3fGyojXnxI8eviF1fj55oxwmeUDE= =ktr3 -END PGP SIGNATURE-
Accepted mon 1.2.0-9+nmu2 (source amd64) into unstable
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Format: 1.8 Date: Wed, 21 Dec 2016 20:47:11 +1100 Source: mon Binary: mon Architecture: source amd64 Version: 1.2.0-9+nmu2 Distribution: unstable Urgency: medium Maintainer: Dario Minnucci <mid...@debian.org> Changed-By: Russell Coker <russ...@coker.com.au> Description: mon- monitor hosts/services/whatever and alert about problems Changes: mon (1.2.0-9+nmu2) unstable; urgency=medium . * Move freespace.monitor to local directory. Checksums-Sha1: 31680796d18196a8500bc1046343f6132e45214d 1828 mon_1.2.0-9+nmu2.dsc 974731d6dcc5cd48953c38cce31ce2597631d546 25120 mon_1.2.0-9+nmu2.debian.tar.xz be66e9dec0674a0b1d3e31bfc8fbd4e40e38e6c5 13266 mon-dbgsym_1.2.0-9+nmu2_amd64.deb e25ef2d52a2bb94e7e5304a13df40e0ad0d97092 4801 mon_1.2.0-9+nmu2_amd64.buildinfo 30dbdcd521bf806415a1e8b2da86d2d1b9864289 277856 mon_1.2.0-9+nmu2_amd64.deb Checksums-Sha256: 47d5d0b15e851d833522f3d413fe724a4fc59857d371639541177c82e1edb85e 1828 mon_1.2.0-9+nmu2.dsc aca271dd74b81b767a9bf62e3f8bf6ff49299ef0a3e7707843df67997875a4a1 25120 mon_1.2.0-9+nmu2.debian.tar.xz d61f2782b1632ab773c9007634ee60e12f012d3680a6550afff108fca954008a 13266 mon-dbgsym_1.2.0-9+nmu2_amd64.deb 45e221d4f52a59da065b30add61f5fd554e1a8a05c4c8fd2251c4c99ee655f7a 4801 mon_1.2.0-9+nmu2_amd64.buildinfo 18bc04300e7585180221b1d5c80f7fde48a13cd0855cfae6516a46b247090840 277856 mon_1.2.0-9+nmu2_amd64.deb Files: 29139d0e4cdf7fb334ba79b1c256cc04 1828 admin extra mon_1.2.0-9+nmu2.dsc 41a1ee11ba9920f0d43cd423105d4d74 25120 admin extra mon_1.2.0-9+nmu2.debian.tar.xz abec2de36bc40888e4effdfc2e680073 13266 debug extra mon-dbgsym_1.2.0-9+nmu2_amd64.deb f5a8c2868fe63317e05436dc7dd46655 4801 admin extra mon_1.2.0-9+nmu2_amd64.buildinfo 5f37bffbf167426feca0372e8d4eaf0f 277856 admin extra mon_1.2.0-9+nmu2_amd64.deb -BEGIN PGP SIGNATURE- iQIzBAEBCAAdFiEEn31hncwG9XwCqmbH0UHNMPxLj3kFAlhaUBUACgkQ0UHNMPxL j3mNkQ/+LWpwGXxzCXCBCRnIRLYe5lXKQO/KwvlMzLPd+KYUzC6ILZXkqVj5Y0/9 HlJKqx5bApYFKkZuPS8+3Xo0Dm2aJog0qC3mgFcO4EhxQK0Th4DTM2u6bdSEiSKV bmg8SkbZ4npylyn+y+RMd+UZ4V42jnUU/TU1gngIyKWxIBFz1BEfx/TlTlLCW65e DrN5EuQmsVSiTEaReMCDpOHf9jdhhNoqNm5hYDGjFZdnehrRO1nApDhvY/gTigVt H86OSlhZ5VUkY8oteLUITA0LvCEiA/cXccV5wC4JfKYHlqYLHftNlxCKKw7vhprS pI6rpFbPZp9w0WnatAnz3zV/xn8YtZqgvv/nYrMmGRYAgkfmhixCtdFa3LhYIcRh PxiNNc73syxZdrzV0q0UadbrTT7GECtUp29vVe8zNVohUdL+iWTA2ftX1IXxvbHR uUOF+Yzej/HH6DnsidXuXwZj30nFlvnMHA0XJOc8B/do55/9DJ8d/F/xOCfkH5TI sXwF88t/yyrSVNfMfxz1rbgDFLHymz45EZ7oEOdaRNjkpjZUprfVt/DZJ+LAwpnS Oaa5hlfCoe5FwwC0hVmiy7SJ4ygh1Vu7GEha+prmRo4se0WoAUYxIVrak18j6ENx tWhRKcFPApD5+dPUP7zQ8Ige7HjO6KLbnWLbdE4mPkPtfLCXY+U= =y+3N -END PGP SIGNATURE-
Accepted refpolicy 2:2.20161023.1-3 (source all) into unstable
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Format: 1.8 Date: Wed, 21 Dec 2016 18:35:33 +1100 Source: refpolicy Binary: selinux-policy-default selinux-policy-mls selinux-policy-src selinux-policy-dev selinux-policy-doc Architecture: source all Version: 2:2.20161023.1-3 Distribution: unstable Urgency: medium Maintainer: Debian SELinux maintainers <selinux-de...@lists.alioth.debian.org> Changed-By: Russell Coker <russ...@coker.com.au> Description: selinux-policy-default - Strict and Targeted variants of the SELinux policy selinux-policy-dev - Headers from the SELinux reference policy for building modules selinux-policy-doc - Documentation for the SELinux reference policy selinux-policy-mls - MLS (Multi Level Security) variant of the SELinux policy selinux-policy-src - Source of the SELinux reference policy for customization Changes: refpolicy (2:2.20161023.1-3) unstable; urgency=medium . * Allow ntpd_t to create sockets. * Allow systemd_hostnamed_t and systemd_logind_t to talk to NetworkManager_t via dbus. * Allow systemd_backlight_t to send syslog messages, read sysfs, read etc_t files, read init state, read udev_var_run_t files (udev data). * Allow systemd_machined_t to send messages to init_t and initrc_t via dbus, connect to the system dbus, read etc_t files, and start and stop init_var_run_t services and init_t system * Allow systemd_logind_t to talk to devicekit_power_t and unconfined_t over dbus * Allow systemd_tmpfiles_t to read proc_net_t * Use /sbin/ldconfig instead of /sbin/ldconfig.real * Give devicekit_disk_t wake_alarm capability * Write policy for systemd_coredump_t * Allow systemd_logind_t to read xdm_t files for XDM state and talk to xdm via dbus. * Change /lib/systemd/systemd-cryptsetup to /usr/lib/systemd/systemd-cryptsetup so file_contexts.subs_dist doesn't cause the wrong name to match. Allow lvm_t to load modules for systemd-cryptsetup * Allow mon_local_test_t to stat gpmctl_t socket. Generally allow the local tests to access most things that can't do any harm. * Allow systemd_passwd_agent_t to use getty_t fds and read init state. * Allow unconfined domains to start and stop etc_t units Checksums-Sha1: ebd1ab07a017a45f084b51013d7d5c77ac168fed 2459 refpolicy_2.20161023.1-3.dsc b66dcd7adf6b5b37607ddb83317703994a4c9ca9 91092 refpolicy_2.20161023.1-3.debian.tar.xz c21b72b160012eacb7039efa2ff3a12e7c2f7a3d 6807 refpolicy_2.20161023.1-3_amd64.buildinfo 17a4c0cab2accb26299258a684433c959c28b3f8 3012274 selinux-policy-default_2.20161023.1-3_all.deb 7be3b6a42e08085a52c14e61f19c0eca8ba22d87 463038 selinux-policy-dev_2.20161023.1-3_all.deb 14898bb963b4c0d18d8ee7c446c310630546d134 443968 selinux-policy-doc_2.20161023.1-3_all.deb ed2c76dfb4f66addf9b12f191eb5d39a4fc77bf6 3049396 selinux-policy-mls_2.20161023.1-3_all.deb cfff194d9c136f9d4212550fab71c757febff310 1254840 selinux-policy-src_2.20161023.1-3_all.deb Checksums-Sha256: 80f100fcc4ff1470269cc7541dd463a2392733e326fee030d3af09781464566e 2459 refpolicy_2.20161023.1-3.dsc 2fff57d5edfe04114be55cc190d4c01b38ac12dd4168c8c9e3495b6d537b1a32 91092 refpolicy_2.20161023.1-3.debian.tar.xz 05dd6d87dd198eb0eeba3f95ffce444174ebfc7ebfcb7c83e54900c05c4cade3 6807 refpolicy_2.20161023.1-3_amd64.buildinfo 3b835cf465addfc194dc182ae9a42161cb23db99e62af15e638c1750ffdcbc6d 3012274 selinux-policy-default_2.20161023.1-3_all.deb 8459e392c1763ecb4a48ff4f097fb84fa41db82ebf13783063a7c2fe01ca726b 463038 selinux-policy-dev_2.20161023.1-3_all.deb ef850518057cfc0572a01abc689d3643d1b1f9c3dea13a3b0b7975515df1d91c 443968 selinux-policy-doc_2.20161023.1-3_all.deb 03d93dd0f38767916fdf752d0c9ef5aba5ad474502a94b9fb5749e11043a2bd8 3049396 selinux-policy-mls_2.20161023.1-3_all.deb 8aaf51eb801c3704f5725cac1877ae3d88d8b77b211affcd537d0fe118389f48 1254840 selinux-policy-src_2.20161023.1-3_all.deb Files: 7f123722a6ae6da71405bc68190c40fc 2459 admin optional refpolicy_2.20161023.1-3.dsc 708cdea682dde0f796c2c4482e6c9e35 91092 admin optional refpolicy_2.20161023.1-3.debian.tar.xz 2a2d66228771ecca60c3e3506bcd669b 6807 admin optional refpolicy_2.20161023.1-3_amd64.buildinfo 715f23150c2597037f062e17306744da 3012274 admin optional selinux-policy-default_2.20161023.1-3_all.deb 2b670b96b9cccd80a0c95cc4f729d411 463038 admin optional selinux-policy-dev_2.20161023.1-3_all.deb e0523324fb62615ca056f80af2e9755a 443968 doc optional selinux-policy-doc_2.20161023.1-3_all.deb 51bd2b34003786ef16a1a212e5b5ffb5 3049396 admin extra selinux-policy-mls_2.20161023.1-3_all.deb 118d459e71a1517d4c72bb00048c09c4 1254840 admin optional selinux-policy-src_2.20161023.1-3_all.deb -BEGIN PGP SIGNATURE- iQIzBAEBCAAdFiEEn31hncwG9XwCqmbH0UHNMPxLj3kFAlhaMWUACgkQ0UHNMPxL j3l/6Q/7Bva8WzJ6xNRp3UQ+FSXcwGEdQPjhYWpY8wnE+CVrInrNMD1sEI/TvNlA i2ya6lrkx/qIQtxsBDJo2+S9MbritPXkCAd5Neqyr6oxdUaxO/c2xWKl26To8ngp iPuvz7hWvutDcu2VvMFP4VEzDBOUEKdWgYN+4wmI8D3yqbLiTRql
Accepted mon-contrib 1.0+dfsg-3+nmu1 (source amd64) into unstable
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Format: 1.8 Date: Thu, 08 Dec 2016 22:28:15 +1100 Source: mon-contrib Binary: mon-contrib Architecture: source amd64 Version: 1.0+dfsg-3+nmu1 Distribution: unstable Urgency: medium Maintainer: Dario Minnucci <mid...@debian.org> Changed-By: Russell Coker <russ...@coker.com.au> Description: mon-contrib - contributed tools, monitors and alert for mon Closes: 823840 823847 824980 Changes: mon-contrib (1.0+dfsg-3+nmu1) unstable; urgency=medium . * Non-maintainer upload. * Remove ps.monitor and remote.monitor as they are moved to the mon package. * Fix the path for the softraid stats file Closes: #823840 * Ignore softraid bitmap status to avoid false alerts Closes: #823847 * Make scripts not use /tmp in a possibly insecure way. Closes: #824980 Checksums-Sha1: 8a5982b3158d50779c1090d9d8e32108a38cf2e0 1949 mon-contrib_1.0+dfsg-3+nmu1.dsc d5bb83c71f9df6a80ed5f6b41c8060ceb403c7d2 18468 mon-contrib_1.0+dfsg-3+nmu1.debian.tar.xz b913f8c8fb96601e497e0450fd8637a67d21fb17 4590 mon-contrib_1.0+dfsg-3+nmu1_amd64.buildinfo 78d9d326962757ec1f47fe1906573adabc76cfe6 75686 mon-contrib_1.0+dfsg-3+nmu1_amd64.deb Checksums-Sha256: 49d5c81f17133dddf7b57aa782dec50d967f5a2094a28e3276ce57f775877b0d 1949 mon-contrib_1.0+dfsg-3+nmu1.dsc e4acc7778212e548bbd2d59845e5d3ba6dc5177a0302f4e0794137483d637dd3 18468 mon-contrib_1.0+dfsg-3+nmu1.debian.tar.xz adb4921dddc7ba5b38dc20a35a5786bc19233d5fa467a663314c6616112c743e 4590 mon-contrib_1.0+dfsg-3+nmu1_amd64.buildinfo 27825a87478d2dee71028849a16dc7ee1ee1b12750ccc6edb4b6d77a1f4b18b5 75686 mon-contrib_1.0+dfsg-3+nmu1_amd64.deb Files: bf314388b45ee3da2966d0dd36c45c06 1949 admin extra mon-contrib_1.0+dfsg-3+nmu1.dsc da3282b3fc02b6942a99527cc9b4ec74 18468 admin extra mon-contrib_1.0+dfsg-3+nmu1.debian.tar.xz cb8e93183dd9fb7fc02a82d734d5cf66 4590 admin extra mon-contrib_1.0+dfsg-3+nmu1_amd64.buildinfo 7a5d54194fce49eadda365a944f9e9bc 75686 admin extra mon-contrib_1.0+dfsg-3+nmu1_amd64.deb -BEGIN PGP SIGNATURE- iQIzBAEBCAAdFiEEn31hncwG9XwCqmbH0UHNMPxLj3kFAlhJRAYACgkQ0UHNMPxL j3nh5hAA0oLFXKmTxZQMWCzC2akKrQvozXQ+7WncIQNVCIugwG0JgudN44KKSk5g MvtCK8+esoM2SSUq5XLHNgmaqVJEF5BnL4/TkOQ94pAppbLeDCCcXCGYDBbin3QG 2pve7dSQJax040WBdaHVLtHEJyDad6nAJja3EMu0Hmw0YBkTuQugWC9pK1o34+wq d+3e4soSohK0Hh3qN9si/f4Re33JQLhoZoyvNX8/8+oJDTIpk0SdnINKcck5CI5d Iu/TOTxxoRgrGRCVDZQmO3xdTQW+T68cq6BakUt5CJV7JPZl3uYq/D9WKWFwgowf YK+8xBjsT9iyj0lRJh+kkS/RGm1N3jMLQK/kYMzZNM0PNxB2cm88s/bp6lEwmHfS 9sl6Gsyy/lVjgjsWQlerPzZOSCD46NJdZhyT3eySJZekcp67UYcV89/LeRoa6f8u afb6d6Kk+Z+oG4B5OHR8mDG2Zyp5/oFJPiY+qIlNA90NU+JK2PS52gjxV2l7IH2t +kocEvIqYNM6zCgLX6ACemy7XhHiCO3tx0Uq2Ozx9WNxz/RQCRrAiyoGMCFe9hND EpXw/toEgM2UP6AfJm0+czu7LR/Vqc3DB+bxBrLDEh7kGGH0T8McIqIG2TigYu+Y kGQuZafANq70nU8F61uQrzH8oSzecp/dmNje23L87jlAr5nl0xk= =UG2h -END PGP SIGNATURE-
Accepted mon 1.2.0-9+nmu1 (source amd64) into unstable
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Format: 1.8 Date: Mon, 12 Dec 2016 10:00:22 +1100 Source: mon Binary: mon Architecture: source amd64 Version: 1.2.0-9+nmu1 Distribution: unstable Urgency: medium Maintainer: Dario Minnucci <mid...@debian.org> Changed-By: Russell Coker <russ...@coker.com.au> Description: mon- monitor hosts/services/whatever and alert about problems Closes: 820712 821360 822606 824176 847437 847441 847444 Changes: mon (1.2.0-9+nmu1) unstable; urgency=medium . * Non-maintainer upload. * Make default config bind to 127.0.0.1 Closes: #820712 * Add restorecon and tmpfiles.d file Closes: #822606 * Don't specify config options on both the default command-line and the default configuration file Closes: #821360 * Move local monitor scripts to /usr/lib/mon/mon-local.d to separate them from network checks Closes: #847437 * Added remote.monitor to this package and made it strict. Closes: #847441 Fixed the problems with it Closes: #824176 * Added ps.monitor and made it strict. Also made it handle perl, python, and lua5.1 interpreters correctly. Closes: #847444 * Conflicts with mon-contrib <= 1.0+dfsg-3 because of remote.monitor and ps.monitor * Added mailxmpp.alert, an alert that sends mail and XMPP messages * Added linux-temp.monitor for local system temperature and loadavg.monitor * Extended ping.monitor to support ipv6 and specifying the ping count Checksums-Sha1: 8899ed9f8ce0bbd8946f27067e26687916f6be21 1828 mon_1.2.0-9+nmu1.dsc b237fe8b66d86953ed8ab9f43aed89650db2dc04 25084 mon_1.2.0-9+nmu1.debian.tar.xz 60b0e92957829882de48236aa9feb3fbb6e7e856 13262 mon-dbgsym_1.2.0-9+nmu1_amd64.deb 31dbf6e9ff094f91e7622c40b0bf3c6d791fe88b 4799 mon_1.2.0-9+nmu1_amd64.buildinfo 40cc98f0b786cf54f50f9f2598f79297531fc2f9 277794 mon_1.2.0-9+nmu1_amd64.deb Checksums-Sha256: d99fb8f309f7f568aeba1ef21a901e63064257b1e82dfb7a3cf09f6ea61dfa64 1828 mon_1.2.0-9+nmu1.dsc 5cce09cfe71dc4a36e1a5b63a1a7334c8032b32a5fabfe25d1075fc42145b211 25084 mon_1.2.0-9+nmu1.debian.tar.xz 7625ddd831ee073e245982224a07ebbbe645d85fe1403618841a6deed92dc948 13262 mon-dbgsym_1.2.0-9+nmu1_amd64.deb ab6ab55311a01da078601f66e21e748005c39a114c437b067e15901accfd79f0 4799 mon_1.2.0-9+nmu1_amd64.buildinfo b06914d5c496a689d3c5cbdc7823d1660e212aa620d2751d8b95e437fc54a888 277794 mon_1.2.0-9+nmu1_amd64.deb Files: 87be35cc133e028239864e8b9b7bf8fd 1828 admin extra mon_1.2.0-9+nmu1.dsc ec2b5405133dbe51df8a1ca011e56126 25084 admin extra mon_1.2.0-9+nmu1.debian.tar.xz d8848d6d34d5bab17231a38e8b0b726e 13262 debug extra mon-dbgsym_1.2.0-9+nmu1_amd64.deb 41222e04ad32002294561097e965e887 4799 admin extra mon_1.2.0-9+nmu1_amd64.buildinfo 2f96f8aa12d6e5b9208f9517b082a880 277794 admin extra mon_1.2.0-9+nmu1_amd64.deb -BEGIN PGP SIGNATURE- iQIzBAEBCAAdFiEEn31hncwG9XwCqmbH0UHNMPxLj3kFAlhN2qIACgkQ0UHNMPxL j3nhwg/+P6TAkbsJsO9ErSMEWPX1oRr4oyIpA1TeJGbdsnSt8sPwXnrynspiRaho riPnFcS2BEJWIinCCWEvIF0cbGlXSWL7dCDV7lDnqKzRA/3WST6ylnkdiokaTDAg AocUH/s3nW6P46czsH7sCPPwMKFHvA5EMqZ5TJkfVsdukplSsqqTCdMNFEh/BgNp sMt0/GGol1MESE3Ln6//Kx4yGE8zmul4uZNkqzw2jDHkwlH8QR8RKKQ9j99a2BxH 5Y1UVwherJzTF3Tej9KYwlgydxAV9JHusDH2JgYn+r9BqeO6D1kTKcawUgrz/0hc ia+9zAA9yCzScfKsXI/h9DSoAQmI+ILfe3NQPHYujDfGiSx9TRPDiXnL230XBhjE xxChaMTuPLoCtAqlr9ADZ/mz2zVBS95rsBYff+72O9h7hT+B1FzRkaPxEOSdEz5f W5hiIAuse/br3Zy8eSwCidg7gR9lcmUXTePskyRSp8nVhlrcqEbmFJf3sSY2yNJL XU11egk0jBz0foztEPuUJl+4Tg9g7C4Zx9Nk8HKUK2iaAp126m2dUiE++w4cg6pV 8xN6fTDJr9XwDYNfKMo9wnsBxBPYA37vCJhHDbbUaSxkSPL383eTBMRJT6lG4pfF 1axkOl6xTgIP0DpDHmIpkOosqPvELq34hmtK/UZVniFIPKvwkR0= =m1JN -END PGP SIGNATURE-
Accepted libfilesys-diskspace-perl 0.05-16+nmu2 (source all) into unstable
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Format: 1.8 Date: Thu, 08 Dec 2016 19:12:52 +1100 Source: libfilesys-diskspace-perl Binary: libfilesys-diskspace-perl Architecture: source all Version: 0.05-16+nmu2 Distribution: unstable Urgency: medium Maintainer: Dario Minnucci <mid...@debian.org> Changed-By: Russell Coker <russ...@coker.com.au> Description: libfilesys-diskspace-perl - fetch filesystem size and usage information from Perl Closes: 821103 Changes: libfilesys-diskspace-perl (0.05-16+nmu2) unstable; urgency=medium . * Non-maintainer upload. * Add support for BTRFS and ZFS filesystem types Closes: #821103 Checksums-Sha1: c83399e948452e1eda0022f22f271d5d94dbefef 2060 libfilesys-diskspace-perl_0.05-16+nmu2.dsc b07164a6f420b316d75d85e046c7da96191bd012 7084 libfilesys-diskspace-perl_0.05-16+nmu2.debian.tar.xz 29ac4ddb6934f5549a5a5424762fdb044d4c51d1 9806 libfilesys-diskspace-perl_0.05-16+nmu2_all.deb 2593d4d983352f40e9cbfcbce1fd9ccdd330bfcd 4670 libfilesys-diskspace-perl_0.05-16+nmu2_amd64.buildinfo Checksums-Sha256: 13fa2f21e5b16960ca21b8ac58abdd1a2c7f6917d4c0aa04f3910f28d665ad8d 2060 libfilesys-diskspace-perl_0.05-16+nmu2.dsc 3f5747123a55b3b9a18817d11ec6727644789518f48a7b0c49c664c137c04a4b 7084 libfilesys-diskspace-perl_0.05-16+nmu2.debian.tar.xz f6d402d79ad5451bcbf2b3354a6ae9437c73ef189591308fdb9dc415b6deda79 9806 libfilesys-diskspace-perl_0.05-16+nmu2_all.deb 168e42216c0cf0d4327001c332e0f789a2e1d177867ebf56bc7ee8bd147d753c 4670 libfilesys-diskspace-perl_0.05-16+nmu2_amd64.buildinfo Files: 1a3f6c14560e24968580432e0881c06a 2060 perl optional libfilesys-diskspace-perl_0.05-16+nmu2.dsc ca3ea4e82ba6f858ae243f769ad6c773 7084 perl optional libfilesys-diskspace-perl_0.05-16+nmu2.debian.tar.xz 33ec2b59b0383120208e6d85a7ce9464 9806 perl optional libfilesys-diskspace-perl_0.05-16+nmu2_all.deb 3346db5ebb73abdb9fc6d385de0d5d40 4670 perl optional libfilesys-diskspace-perl_0.05-16+nmu2_amd64.buildinfo -BEGIN PGP SIGNATURE- iQIzBAEBCAAdFiEEn31hncwG9XwCqmbH0UHNMPxLj3kFAlhJFhkACgkQ0UHNMPxL j3mOcBAApHg3U7jXg767u7TDxR96A8NJflCydsKlmryt4SA4v240Npn43vWCsmQy ilT1Y+FrovQT5wrJ76+TO6V5D/z6R0h4KjfMzGuGULI7NGeNcVjvoWv+wPnUF6ny Pleq75yjjICJCRgErQ1gBF3ct097dHHE/MbGFpMUynRp6WAX0Zf9bdFlK6UBKLnX MV2XCFkh3xbn22KawMHxzxqAjSlDQmOZGU9kV2HecT3yRnZs+z+kBR8pkHbiyXlF kOr5S3/VZURjvV3wVOWDlhCcYQDK5bLSFFmQ/vChzDVsR7MJCYVPO78vYF9ckpeJ LMA1JvNEf4gjDNPkcYLAH9CCrS9thHkqYRnZKiN0lJNTWudppjpRHncUkOvX0dfx 6cNb6VnI/SHO/K0+LGQjao4L2JyoSTDL6CekUHy0N8CnXmMlm5W/zwpnpnQSQ9vc yiD5gXHXnHcDiMYsVcA4MDJptKLtlmltqp3CwATcZhnFij6aPRQHh401B0EcD+wH 2BCgeaR+2VtKJW72v44W9LbJoHgSCc4lSXizxHKCao6Ik6fET1DRmWXKLgQSpeX3 MJhHN2eNo11dkLZ3dl4a2InhkiFHfq1e+2n1Q67KfHGzLZJVwp2airoBIWynTNHz lXZ2YsSb0RcRaReFJxFzr+XfdffvA1jP7KdSOYEvQfH6C80LKjE= =RYr7 -END PGP SIGNATURE-
Accepted memlockd 1.2 (source amd64) into unstable
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Format: 1.8 Date: Wed, 14 Dec 2016 13:55:24 +1100 Source: memlockd Binary: memlockd Architecture: source amd64 Version: 1.2 Distribution: unstable Urgency: low Maintainer: Russell Coker <russ...@coker.com.au> Changed-By: Russell Coker <russ...@coker.com.au> Description: memlockd - daemon to lock files into RAM Closes: 714957 Changes: memlockd (1.2) unstable; urgency=low . * debian/control: Add dh-systemd (>= 1.4) to Build-Depends - required to use dh_systemd helpers * debian/rules: Add dh_systemd_enable and dh_systemd_start in proper places Thanks Michał Zając <quinta...@kubuntu.org> for the above. Closes: #714957 * Changed to Debhelper compat level 9. * Removed readdir_r() as it's deprected and readdir() now does everything we need. * Added $ARCH as a config option for specifiying the host architecture according to uname(2). * Compile with -O2 Checksums-Sha1: 0a3e57e109aff7073b447fc25a260b841ec38c0f 1400 memlockd_1.2.dsc 011e8ed3844fb82b5aa80edcbbe512e0e97c9099 10179 memlockd_1.2.tar.gz 82d5ee31786cfa5771e699bf572c26439a5f99f8 2918 memlockd-dbgsym_1.2_amd64.deb 6a9e46a1b9ee480cb60d94189c51bbf9b9dd6f58 4747 memlockd_1.2_amd64.buildinfo a53fc82ee48078550633b5d6c4fe4ed7878bca15 12836 memlockd_1.2_amd64.deb Checksums-Sha256: 1ba3adbefaa85d31a37ba06cbbcee6e5b53aeebc26cee6fd6a54da7fd8d6eb54 1400 memlockd_1.2.dsc 3b99fd33793b5b870519189a4640f7b06601dd24e727b466a5c26c6bf0b7ac3a 10179 memlockd_1.2.tar.gz 1ce5c68d92830e249af646d89c071d37641b378465b6cdfae4c808a6b298a0bb 2918 memlockd-dbgsym_1.2_amd64.deb 56385086dd7ee84313bdff6b1e9d46ba9b288e8891cdf14d9b2ebaa10be12b43 4747 memlockd_1.2_amd64.buildinfo 4ce721d4f0fcf1326a53cf000df4561419a3b21335d1e0de257cef04ed65bb88 12836 memlockd_1.2_amd64.deb Files: 21c85b89337bf38c55840b96ffb57dea 1400 admin optional memlockd_1.2.dsc 8e2a9f8371d4d06fcb4ff79a5cff34e0 10179 admin optional memlockd_1.2.tar.gz 8b1450d59e8f8009b79d77c82a72f5f8 2918 debug extra memlockd-dbgsym_1.2_amd64.deb 9fd9ac0a45ec8d90ae43f7b3a542ae3c 4747 admin optional memlockd_1.2_amd64.buildinfo 096e0692cedce7e8653039e0b60e5e93 12836 admin optional memlockd_1.2_amd64.deb -BEGIN PGP SIGNATURE- iQIzBAEBCAAdFiEEn31hncwG9XwCqmbH0UHNMPxLj3kFAlhQtKsACgkQ0UHNMPxL j3k3Cw//Yu5US/kcfwLsHTkQc3NdShua3M4k+NUwXV/baIV8/xa3LySfT3etlwcK +tCEmkEy8+MwcC5TVXnwgGoBntLxPaaEoCJTCzshqY/h1uUAq4OihFztegJzOnBD M3eelM8iAyuMLxpAXMdIz2fUmNBnlqzNQG7LY3Omwl531XQbG440Hqp/Zu7B55ht AQ+BYw7f4H9WPo3kULz0XCjASrfkIk05xRXBDwaIeq1FKaQuUz2goZviX/chCAWo pE1h0gw4D9tTvaVAO7H6G1XGqZMCIkJlO5zjrR9jwLpo8SEgF3vGDqVw6k6JAlJJ fmYkKRpYwvBMQ2ZTaPONUO7byIQNQs3Es4lad+y/pWA9l6x97+qZxuffW5B8z5nT M18eod6lDARASH2IOjNw0qf088VXA0fD0jJqkvpuUPr9OOsqbhC6hp8G6QmAATlg zKSIywcUmkKE6azW6GWy+ohN7AHh135gWaKS3dh3HPNkesBKC3+SeO97QIm8BmGu THe6Ia+UPAweJUxk3bDEL/eUHPkmsP5ixk+AmolCRj7c2tM4WRyIRSxNgGXGZLU6 biNoG/erdW0mV0Y6c9eHcYzKGOThCRtKTr4HiUZKwf6v3yQsZMVSsDGqtCJEYFMZ l+PFfg+hy1SjlfH+2hoBKhdiYna5HTavaSPswUjGZ4zoeluKzKA= =VGk5 -END PGP SIGNATURE-
Accepted memlockd 1.1.2 (source amd64) into unstable
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Format: 1.8 Date: Wed, 14 Dec 2016 12:06:09 +1100 Source: memlockd Binary: memlockd Architecture: source amd64 Version: 1.1.2 Distribution: unstable Urgency: low Maintainer: Russell Coker <russ...@coker.com.au> Changed-By: Russell Coker <russ...@coker.com.au> Description: memlockd - daemon to lock files into RAM Closes: 714957 Changes: memlockd (1.1.2) unstable; urgency=low . * debian/control: Add dh-systemd (>= 1.4) to Build-Depends - required to use dh_systemd helpers * debian/rules: Add dh_systemd_enable and dh_systemd_start in proper places Thanks Michał Zając <quinta...@kubuntu.org> for the above. Closes: #714957 * Changed to Debhelper compat level 9. * Removed readdir_r() as it's deprected and readdir() now does everything we need. Checksums-Sha1: 2af42063a31d8395a4c05ad6911220f374963ee5 1405 memlockd_1.1.2.dsc 389b016bb6b960323e04cee2a76867142de92973 9737 memlockd_1.1.2.tar.gz 5640db5f23137bdd09414287a02df8d9e94a73e6 2918 memlockd-dbgsym_1.1.2_amd64.deb 1223e78469482f3262b1eec911f56f4b55671a82 4767 memlockd_1.1.2_amd64.buildinfo 9d4ba5dfc0499e29a516fe628a7f809af001ac7b 12344 memlockd_1.1.2_amd64.deb Checksums-Sha256: 9052af1c7cf32ecda2a08f26a0a5ccae5059f0629e0b82ee6db4b6e8eba4b100 1405 memlockd_1.1.2.dsc d3b68954ba8a65977da3b466adaec46fe69254049190bdeea6fd1ae43db67d39 9737 memlockd_1.1.2.tar.gz 2fdff87785ff576060dc80dce6f8877995a02cb2dfa9a769f305ee886eee9647 2918 memlockd-dbgsym_1.1.2_amd64.deb a5770e854d8383a183dfed5da86fb731575d27935f0b156ec19a73b60dedac96 4767 memlockd_1.1.2_amd64.buildinfo b9af2fb49702731bd0b867acc5f39bef9e987aa6c431d4f2f71197903243e253 12344 memlockd_1.1.2_amd64.deb Files: b4e79c579f362323c1c1f56e193f6f27 1405 admin optional memlockd_1.1.2.dsc a457e325d13f71fd252d1874705a78bd 9737 admin optional memlockd_1.1.2.tar.gz 650d7f1da159402cec26fc2830123770 2918 debug extra memlockd-dbgsym_1.1.2_amd64.deb 4fac7f050f355d4531fcdcc5c5fcdd21 4767 admin optional memlockd_1.1.2_amd64.buildinfo 68af923a8eb7a935e8000ae59bb19436 12344 admin optional memlockd_1.1.2_amd64.deb -BEGIN PGP SIGNATURE- iQIzBAEBCAAdFiEEn31hncwG9XwCqmbH0UHNMPxLj3kFAlhQnm0ACgkQ0UHNMPxL j3kG4xAAvrnVSpghfaLtI4VDP35oYL+kFaarEQIdUmHl1CwhgUOV0YNlbNgVA55u lB4wLez0l4293RAXYfBbyVA5nBkIAFQTMJ3xrI9G/2YvdOlkSUqb4jCdA6WkyEgg Sa/HO7320BIx+ZQWi6pCk9t/YUEYxJV33THijX/tQkOiBYnhCTu7HzcTtFn6vIYv ZoznAUkFFNnqGiYZj9P4wyv3P1ul//h4tMFUYbQY+A0Ip2mlhBcGI1QoH/ZLICYA 8axRVsLgljHx+LcAXumhztQNdccohsWvkTtPRJRlOsi74OKIgrtSeTaX5uCgro+L SALVM4BjMzWhSE4uUWtO/ygEmLHrSlmT1YrFyrYI/OaxJ9RmoOj226/zuxEM0vE9 gECn1t5FfMWHh+C04WRnfVEyUe4NsW2K7uAlkF6b1E2GyRiApE2kO22GG7k1lzlk I+tFmXyd59YdOD5ycAKj20vG5bHMlNcgmB1Vq19Rf7iwsrE/XNGf4HaJvZgGEIb4 wJgd5BKS+SOVbZSyQITCZ8v84uB0ijg43GvrW2oGECoMUQ/MdPRtayMD7UcVJArh VDiu3GKW0zvDxF41Fb6iKz9vf1TDNfSePyMQkhNVMzfSkoSgkkLwOwnZ5mjB8qgG fMcib4wof52ZzcDi/UvbCB+FvBjUz+agdkLBSl/cOgEt8jeOJjs= =4ZBG -END PGP SIGNATURE-
Accepted selinux-basics 0.5.6 (source all) into unstable
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Format: 1.8 Date: Wed, 14 Dec 2016 10:01:32 +1100 Source: selinux-basics Binary: selinux-basics Architecture: source all Version: 0.5.6 Distribution: unstable Urgency: medium Maintainer: Debian SELinux maintainers <selinux-de...@lists.alioth.debian.org> Changed-By: Russell Coker <russ...@coker.com.au> Description: selinux-basics - SELinux basic support Closes: 504412 Changes: selinux-basics (0.5.6) unstable; urgency=medium . [ Laurent Bigonville ] * debian/gbp.conf: Sign tags by default [ Russell Coker ] * Make postfix-nochroot remove rsyslog socket. Closes: #504412 * selinux-activate now doesn't add selinux=1 as it hasn't been supported by kernels for years. Fixed a regex bug that made it not remove security=selinux if there was no preceding space. Checksums-Sha1: 6f8cbf6fdab3f0e0f7ca6f21f87735f4c6a48071 1706 selinux-basics_0.5.6.dsc 38c364a8678c7ef5e09a2f8640d83e8c2ad8d065 10980 selinux-basics_0.5.6.tar.xz 368a4ebfc36dddb4e9e0fcd3ccc6ebe73e344e34 15018 selinux-basics_0.5.6_all.deb 5c9852e43adbdd615a97d141a87c4d03f2e52a22 4861 selinux-basics_0.5.6_amd64.buildinfo Checksums-Sha256: 57b38ca6c72faa67a1d50b9f63a682a1744d6d4984be836ea0f73899e231d1ed 1706 selinux-basics_0.5.6.dsc 2f418509f10b6d919b47a2ce7f25ab4c938c751c8dbd71ab72800480ee84802e 10980 selinux-basics_0.5.6.tar.xz 28e2df3fed5b08492e4cffc3b93ff52e3e09ad074d258592b5d47002646b28ba 15018 selinux-basics_0.5.6_all.deb a01eb7c4fe7ac65e22c821e72f617a1a98fc231cf529a43451ae9a4dc98356e4 4861 selinux-basics_0.5.6_amd64.buildinfo Files: 43711c987abeb9b75f5439ba7f09060d 1706 admin optional selinux-basics_0.5.6.dsc 146fe08c97933ad1f071632866713989 10980 admin optional selinux-basics_0.5.6.tar.xz 07aa6e95eaf50b7d45ce73363a9030d5 15018 admin optional selinux-basics_0.5.6_all.deb dedad7676331d70617a1ab8a1ba8fb30 4861 admin optional selinux-basics_0.5.6_amd64.buildinfo -BEGIN PGP SIGNATURE- iQIzBAEBCAAdFiEEn31hncwG9XwCqmbH0UHNMPxLj3kFAlhQf64ACgkQ0UHNMPxL j3nhHw/+Lmi0HZVzpvtgmvSBXgi8qL6IJs0xXJ10zjVaG/jBgQaOtmVjx66H1AeX Zbnd9Xaxi7a9MgOcpI2lJFnf6QqXP9H7mW32uZY5Qlm2Dk4nkFE50IvbqKBqKgB5 vcKRpQx2dfg+znWoYHqTDaABi6dKGyvHVoLWRtih3qPK5c88C57vxZ1FO+ptcODw Ixqg9JqA1vdKLzHDFad7wMUV3vVSGGXyV3tp4hqYcIvs4Dz1ARlpOZ0yE2fixkzN wnKQEw0zwB3hDSPQirnwIA6aT7VunSilfSlb1zl3oIm0RfjOccbbO9vJzEJk+RUW 43Jomgm1IbFWmZwScJ18f47+oactx4UNocr/+D2fBpX+5xsF3RugryG8EDx16AXx nkWXYM9d8XdK7UBk6/rrkOz05/XsayEOOAJOS6lU4emcloCRi3H8KDZBNG/ju5ED +Cbvxz6ybdW5WLz4N1x8qihHO8FtPW6qaEU1YF7/bcxlN5TB59IpJj2GniAigd8+ hPiywz9HlIBobTcHiJFJ8Y5bU7jx2ESYkMgZhRfaLx1pOXxGDTI4IXtR4xcic2jn 39ciCUU+fXWgUVFAfmI6aAq48NDpCNWyYKdhqvjr6HGnyt6Wsq8XdJzTzSmwVGWn yNtqyDnOU+03ocrLa0j8A31ODD6I6++y7wvzVh4N/E+IOIU/kVQ= =PcPC -END PGP SIGNATURE-
Accepted postal 0.75 (source amd64) into unstable
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Format: 1.8 Date: Tue, 13 Dec 2016 23:00:46 +1100 Source: postal Binary: postal Architecture: source amd64 Version: 0.75 Distribution: unstable Urgency: medium Maintainer: Russell Coker <russ...@coker.com.au> Changed-By: Russell Coker <russ...@coker.com.au> Description: postal - SMTP benchmark - the mad postman. Closes: 437782 Changes: postal (0.75) unstable; urgency=medium . * Fix some compiler warnings. * Stop autoconf controlling stripping. Closes: #437782 Checksums-Sha1: c6127eedb16d31fda87797d36b2434d1b67ac81e 1391 postal_0.75.dsc cd5ce102e90c4b49b6a61eea710bd073fe68f012 105922 postal_0.75.tar.gz cc1adb9c6cdc48eab63c5bff6a9ac484e777818c 503444 postal-dbgsym_0.75_amd64.deb eb00ea5e28e14f49058243ac5b405d5f29d0a989 5240 postal_0.75_amd64.buildinfo 6aceceee74defd0d7a252c4c29292d62b42838d8 56014 postal_0.75_amd64.deb Checksums-Sha256: 4bd09871b85d3b8fe6c68835756f16ddc08bae8cab2a7b773c52d7236a252488 1391 postal_0.75.dsc 9ee7badfc4d29f4584fe000ab4e6f9366560a7955acc53ff994e1f0b493dd855 105922 postal_0.75.tar.gz b22a46e168bf05b052e37436a6503389bb7782be6dc23e486065a928b8f0a1c9 503444 postal-dbgsym_0.75_amd64.deb 6d4bda32a41947f6f6b1f74f956ac4c0138e846f24f7fdf04d0e00440ba57996 5240 postal_0.75_amd64.buildinfo dc7a8fd803d2983d025ec29b0aaee864d6b301857a94d6fbd5c6ec05b07b16c5 56014 postal_0.75_amd64.deb Files: ef207a52d43b1fa526e183a7373417f3 1391 utils optional postal_0.75.dsc b9c8a66f92cc2bb4164a9fb0d317ef46 105922 utils optional postal_0.75.tar.gz 60e9c622e2979ccae7931894ac12e16b 503444 debug extra postal-dbgsym_0.75_amd64.deb 118d1483114e220957100435a241888c 5240 utils optional postal_0.75_amd64.buildinfo 188fbde49b0b0de7d9eea888ea2b903e 56014 utils optional postal_0.75_amd64.deb -BEGIN PGP SIGNATURE- iQIzBAEBCAAdFiEEn31hncwG9XwCqmbH0UHNMPxLj3kFAlhP66wACgkQ0UHNMPxL j3mD7BAAyVgM/QxFxqF0+IgrVrSh7//GxSQ/jEBC2NnvtoEY0TOVu/pgPoEQl807 hvNQlNw8T+EBy4aFU7Q464NiROKZp7LDyL49s6exfFGUiu5zSuc8LsDGjn9fLr81 F92N1gvBaOpgQgLJPJOFnNvjTigOBSTDD7UBBazUu/a4URkY+Q0as3SY+B3Q34Ey zLALa42WxfmaspKRORTfc6nfTtO68Kx48dQg8B6U09GSArhcmRJgkR/KRdxOWmsA Km2JEeqY/n5SvxCCMnwSOh3YljNi6B8fUrJ+y+Y8W2TqTMu2IRcH19oeYpCXOLUM E3ErunXNpdFUM2WcElD3/DwEv6xQuZCtV2U4EU32MwowkG5Vj9r8oodzsnbGeldp N/qWeNfKunFJBCMf5IhtCrxAMsQ3lKRXDjDJHh2uFfttG5YZMV6zPR4TGjcirIYv Mg28Cr0M4BAWFEzCDFMm54eFYjqN54NHazBpZ0iUO3pY4Dl73RjolD5uUXiR8zDm VMY9FQa1ULAF6vxGKhn1lEcRh4KJwnu+VtUnT2/zCeo2G350b3wAX1XNPVpLt9RY 5UcnN/a3NVzzojnQHHJnnaS6S2bbYcocA9NzQ28/XBkIWkSEiWELpQIgja1fjQM8 OSBAymaKhH5oPTm7WgtCrPQRPPp866i0pFTqk+wX0N7RNLo5NnU= =MdJq -END PGP SIGNATURE-
Accepted bonnie++ 1.97.3 (source amd64) into unstable
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Format: 1.8 Date: Tue, 13 Dec 2016 13:37:51 +1100 Source: bonnie++ Binary: bonnie++ Architecture: source amd64 Version: 1.97.3 Distribution: unstable Urgency: medium Maintainer: Russell Coker <russ...@coker.com.au> Changed-By: Russell Coker <russ...@coker.com.au> Description: bonnie++ - Hard drive benchmark suite Closes: 242878 639452 717285 823882 Changes: bonnie++ (1.97.3) unstable; urgency=medium . * In bonnie++.8 documented -c option. Closes: #639452 #631484 Noted that for latency lower is better. Closes: #717285 * Fixed the symlink creation. Closes: #823882 * Change backgroundcolor to background-color for correct CSS. Closes: #242878 Checksums-Sha1: f9b2b051718a4925cc4f7f1e408e93184d4ea3de 1417 bonnie++_1.97.3.dsc 47ce25f21146a63bb007ba94e26adb49c4c15de7 100166 bonnie++_1.97.3.tar.gz 18bdba594353f4473cf335f2108aaabbcb01f3a4 4497 bonnie++_1.97.3_amd64.buildinfo 44eaad6c914cccf5b9ca92ca6a1b30387200e529 61418 bonnie++_1.97.3_amd64.deb Checksums-Sha256: 60ec29e30c33c594d824c5efa1bba4435f2f6b8dfd0354280ef12afaa0adf38e 1417 bonnie++_1.97.3.dsc e27b386ae0dc054fa7b530aab6bdead7aea6337a864d1f982bc9ebacb320746e 100166 bonnie++_1.97.3.tar.gz 2c7e232c10faa63b5283e445356299e1ca104c88a7e413e443e29122f24c7e18 4497 bonnie++_1.97.3_amd64.buildinfo 2df8bf1cd9b883831402619a69bacee09b9c50176fd9cc87a1f982b868ac8a7d 61418 bonnie++_1.97.3_amd64.deb Files: 4925fb3a1acda042d1f83bbd52ae4742 1417 utils optional bonnie++_1.97.3.dsc e4be8977e8f7e6d4375a8d1dadda8d9e 100166 utils optional bonnie++_1.97.3.tar.gz ee65abdc8ca11a3f565ddd845633eb25 4497 utils optional bonnie++_1.97.3_amd64.buildinfo 2bf19aa47b1aec7e60393703f123645c 61418 utils optional bonnie++_1.97.3_amd64.deb -BEGIN PGP SIGNATURE- iQIzBAEBCAAdFiEEn31hncwG9XwCqmbH0UHNMPxLj3kFAlhPaLEACgkQ0UHNMPxL j3nQRhAAyasFOIQiIuqC0godAwVSd2FKDFe+Mg3WAnuEnSft8wVml1ODVTFsw94a tQB++Pf/F0G3kDY4cn59dLofxZZmOg3J3/jRldjh0RJn/7Q5mmPjOx4CsNi7Mmv0 GUiK+i99jH+aHGdSE/AX1qkfnX8lPTiBIcwIuEqOZrnSpVb4NSX7eojYdswWpYYT peAhwbVVfOVQGY62ct1z9oDyMWHFsCUokwm7gnUi9RD6zGa+Ek3Y9iOP19xECJ9B c3/FRMsVQZSkY+g0CUmT0s2fwtMVrdZLTxvFWcnQOsGcnXgngNgWxg/GF0pbEbKk Iq0iq8VAkvBkZGQ38btCCQyJQjlz2LGksMyAsStr08f3I9wWpnXfZwow70qxGkdJ /qryEprS4vLK53NGbfYRdME8bfakbpQF6dl+X304K98J5DnfW+BeX0eovaSxcieW 6l7W1FUcGO7O2tAvGBzvTEl5pxKY/rGIMWfcBhV6CwoYZrtw36/1ltk/s324Tatv 8bbQiegENwZBnTu080kHX1wSX0uPP9YRy1DUuezEChvEtMEtzsBYL7hdc8SgtSsC AjK9FO89stjhq8kMuXlA2SjUXsqlOyNUtcxsteZ0rd3OvZGCZ8ZeSzGjHVhajwxZ paX0FMXo8p7q86elH6IGsdieL8z+haB+boOd+OEuorXTU/Fujv0= =Om3e -END PGP SIGNATURE-
Accepted refpolicy 2:2.20161023.1-2 (source all) into unstable
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Format: 1.8 Date: Thu, 08 Dec 2016 23:16:14 +1100 Source: refpolicy Binary: selinux-policy-default selinux-policy-mls selinux-policy-src selinux-policy-dev selinux-policy-doc Architecture: source all Version: 2:2.20161023.1-2 Distribution: unstable Urgency: medium Maintainer: Debian SELinux maintainers <selinux-de...@lists.alioth.debian.org> Changed-By: Russell Coker <russ...@coker.com.au> Description: selinux-policy-default - Strict and Targeted variants of the SELinux policy selinux-policy-dev - Headers from the SELinux reference policy for building modules selinux-policy-doc - Documentation for the SELinux reference policy selinux-policy-mls - MLS (Multi Level Security) variant of the SELinux policy selinux-policy-src - Source of the SELinux reference policy for customization Closes: 834228 Changes: refpolicy (2:2.20161023.1-2) unstable; urgency=medium . * Only label files as NetworkManager_initrc_exec_t * Use separate domains mon_net_test_t and mon_local_test_t for network and local tests * Allow boinc to read xdm tmp dirs and connect to the X server, allow it to read crypto sysctl for some of it's libraries * Allow unconfined_t to request init to reload it's config * Make bin_t an entrypoint for inetd_child_t * Allow systemd_tmpfiles_t to read selinuxfs and selinux_config_t to find correct context Closes: #834228 * Allow systemd_cgroups_t to read selinux_config_t * Allow systemd_sessions_t to get contexts for sessions and default contexts for files for correct labeling * Allow systemd_logind_t to read cgroup files and getattr cgroupfs, and to start and stop user sessions * Allow systemd_tmpfiles_t to read kmod_var_run_t for /run/tmpfiles.d/kmod.conf * Allow syslogd_t to read SE Linux config * Allow dpkg_script_t to reload systemd configuration and to restart initrc_exec_t units. * Allow sulogin to read crypto sysctls and set booleans * Allow cron jobs append and ioctl access to crond_tmp_t * Allow systemd_hostnamed_t to read sysfs * Policy to allow systemd_backlight_t and systemd_machined_t to do things * Give initrc_t, xserver_t, and devicekit_power_t wake_alarm capability. * Allow tor to search tmpfs. * Allow system_mail_t to inherit file handles from init. Checksums-Sha1: 6ecc7bc022ac6b7dc160a3c28dda2908b6976f7c 2459 refpolicy_2.20161023.1-2.dsc 834571d898a19bb319d160955c7ac512a69998ad 90340 refpolicy_2.20161023.1-2.debian.tar.xz e7e6b733ded357b46796f484b7048a2bbf38e266 6824 refpolicy_2.20161023.1-2_amd64.buildinfo c021f3b17b2d51f6fb36e205132be1d5b1e72e2e 3013810 selinux-policy-default_2.20161023.1-2_all.deb 59b709d031980244a1a999fc8f5800b23779250b 462796 selinux-policy-dev_2.20161023.1-2_all.deb 9903f84ffd5cee7d86937606aafdff157631f57f 443280 selinux-policy-doc_2.20161023.1-2_all.deb c653ed6c6fa9dd5523e4c5a593f7ff5e73b3e557 3048804 selinux-policy-mls_2.20161023.1-2_all.deb b5fb74d5ea01bcfbcea3354f448ae4b14b0385e4 1254618 selinux-policy-src_2.20161023.1-2_all.deb Checksums-Sha256: 4764ef56a8529f63a07a06c221b44dfd783d6900eacc1fcd7341a9965e9fd0b9 2459 refpolicy_2.20161023.1-2.dsc 6536c1c1b7290abca9a6117a373779488178692fb13a9dfb7214e55876fd41d1 90340 refpolicy_2.20161023.1-2.debian.tar.xz 736061df18f63c7721889ab9517685b8eca08e6392065e17a564b56c519f7fe2 6824 refpolicy_2.20161023.1-2_amd64.buildinfo 31361d8879dba4412d82d645c7a64c2d452fe9942b5f1a4b225c9a9004a0292a 3013810 selinux-policy-default_2.20161023.1-2_all.deb c5e4ff854c0c592bcaa02745609ed40259e797a024796cdb40b7f7253217b532 462796 selinux-policy-dev_2.20161023.1-2_all.deb 036e6ccf59c580378623c84311294e08c76e479226e2aa9594f5c5664493422d 443280 selinux-policy-doc_2.20161023.1-2_all.deb bf63b8f59c0e38cebff32ac67550db6b8a79278c53b711ea5626345bedf50b4b 3048804 selinux-policy-mls_2.20161023.1-2_all.deb 549d8c635370bb563e752a7f297369a4e7e07e2cb8d1ba2799f7e125d2febec3 1254618 selinux-policy-src_2.20161023.1-2_all.deb Files: 35b3cfffd121c54ab8d5898c423b65f3 2459 admin optional refpolicy_2.20161023.1-2.dsc 02a8065517bce2eafad2e25e7ae7f66e 90340 admin optional refpolicy_2.20161023.1-2.debian.tar.xz dd18d4d2bf9aff9f0b9b58a5a9d17bd7 6824 admin optional refpolicy_2.20161023.1-2_amd64.buildinfo 45388e423a7581f6a7fde99aebebd368 3013810 admin optional selinux-policy-default_2.20161023.1-2_all.deb 64548040b1a1f1cfef0dceade6047d50 462796 admin optional selinux-policy-dev_2.20161023.1-2_all.deb 1947d3f58982f153b26cf57078b73975 443280 doc optional selinux-policy-doc_2.20161023.1-2_all.deb 41afb14b0b6f39295bde9261c63cbad8 3048804 admin extra selinux-policy-mls_2.20161023.1-2_all.deb b6a63422d9b11070a9778a933670a518 1254618 admin optional selinux-policy-src_2.20161023.1-2_all.deb -BEGIN PGP SIGNATURE- iQIzBAEBCAAdFiEEn31hncwG9XwCqmbH0UHNMPxLj3kFAlhJT/8ACgkQ0UHNMPxL j3lAtxAA3Tv8hr+Zckgvsq0J0++oAoit/OoBFuCLmJUJVqb8aOwsqf
Accepted refpolicy 2:2.20161023.1-1 (source all) into unstable
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Format: 1.8 Date: Sun, 04 Dec 2016 22:41:31 +1100 Source: refpolicy Binary: selinux-policy-default selinux-policy-mls selinux-policy-src selinux-policy-dev selinux-policy-doc Architecture: source all Version: 2:2.20161023.1-1 Distribution: unstable Urgency: medium Maintainer: Debian SELinux maintainers <selinux-de...@lists.alioth.debian.org> Changed-By: Russell Coker <russ...@coker.com.au> Description: selinux-policy-default - Strict and Targeted variants of the SELinux policy selinux-policy-dev - Headers from the SELinux reference policy for building modules selinux-policy-doc - Documentation for the SELinux reference policy selinux-policy-mls - MLS (Multi Level Security) variant of the SELinux policy selinux-policy-src - Source of the SELinux reference policy for customization Changes: refpolicy (2:2.20161023.1-1) unstable; urgency=medium . * New upstream to remove unwanted files from the archive. * Type mon_test_exec_t for /usr/lib/mon/helper/* * Give init_t and udev_t capability2:wake_alarm for systemd and systemd-udevd * logging_manage_generic_logs(systemd_tmpfiles_t) for /var/log/?tmp * Make bin_t an entrypoint for mon_test_t for scripts run from sudo. * Allow postfix_master_t to getsched for sort and other programs from startup shell scripts Checksums-Sha1: 2b8185f3b70a741d8f3d4ab1af40fd02cc6ac425 2459 refpolicy_2.20161023.1-1.dsc 3b706e2067aa2b4595669624c81bb3656754b686 722546 refpolicy_2.20161023.1.orig.tar.bz2 e254eee10b0278f60ff05aed54adfee37e8cad34 88096 refpolicy_2.20161023.1-1.debian.tar.xz 427bf30add4e602ff16bf8a7b6d7ea62692cff2c 6811 refpolicy_2.20161023.1-1_amd64.buildinfo aa6675a1794ee264558687595d40c4c0de12352d 3010806 selinux-policy-default_2.20161023.1-1_all.deb 759cc93d21a859671764a8c0d3850afe4af8ee4c 461954 selinux-policy-dev_2.20161023.1-1_all.deb 73cd0d2cb44c39bc9a769a23019d947ab2b05d0a 442470 selinux-policy-doc_2.20161023.1-1_all.deb dff2aee7dab00664035124cae7120a55f0f93ce4 3046560 selinux-policy-mls_2.20161023.1-1_all.deb 8ded5f82bba984f2fbfe5aa6c50fe7a6035e9c7b 1253934 selinux-policy-src_2.20161023.1-1_all.deb Checksums-Sha256: 499100ffb58cdb174e4a19667b8b5b335471941c0c00656baa4c0bd15bde6860 2459 refpolicy_2.20161023.1-1.dsc f056de551c17bbbd2775dfa63a94434538548c90ed1e0f0b6c2be6bf9b123e4f 722546 refpolicy_2.20161023.1.orig.tar.bz2 253c7189e64c7fae0947aa478eba0a2db7838fb806a7bdc3e00fef30d19ccefc 88096 refpolicy_2.20161023.1-1.debian.tar.xz 64cfa1aa6d4e7d10923566ab98519d63beb801709e00ceb100e85750d605b18d 6811 refpolicy_2.20161023.1-1_amd64.buildinfo 5331a5868d3987e48e4e7ccc7f4acb14594345497235d9611b3a114aa62512f0 3010806 selinux-policy-default_2.20161023.1-1_all.deb 16ca5ddd4304fc521eece3c4ad1ba2eebe87270c4bf832ec4ed35855d1de839a 461954 selinux-policy-dev_2.20161023.1-1_all.deb 8d35ba2776c559237537b9252e866a895bc4d5f7e17086aa376c52e43ead910b 442470 selinux-policy-doc_2.20161023.1-1_all.deb 839f7d5babce5be6e7dd8f97a372682dcbce2a946c8593564eb58846924a92f8 3046560 selinux-policy-mls_2.20161023.1-1_all.deb 16a02aab48497742d9764644380ab6a8529683cb914e42e33342877fe917e3f6 1253934 selinux-policy-src_2.20161023.1-1_all.deb Files: 9e12e381950b1fd51bea8bd1ecf2ed5d 2459 admin optional refpolicy_2.20161023.1-1.dsc 563c52896fdf5995afa49ca5b28314c7 722546 admin optional refpolicy_2.20161023.1.orig.tar.bz2 4ec68ba675daa48386293b895a8e63db 88096 admin optional refpolicy_2.20161023.1-1.debian.tar.xz 5758b7ec92a288f8852e520d7da3c3dc 6811 admin optional refpolicy_2.20161023.1-1_amd64.buildinfo bcd8245837912ed2477e6dddbbaa56df 3010806 admin optional selinux-policy-default_2.20161023.1-1_all.deb c9029c087fb3fffbb0378c786493d414 461954 admin optional selinux-policy-dev_2.20161023.1-1_all.deb 854bc964ac77ae5856722dfea4072a8a 442470 doc optional selinux-policy-doc_2.20161023.1-1_all.deb 9fdea80625347064c0a6a268fd8dd929 3046560 admin extra selinux-policy-mls_2.20161023.1-1_all.deb b4b095797a9d3e9f1ccbb2a2316d36c9 1253934 admin optional selinux-policy-src_2.20161023.1-1_all.deb -BEGIN PGP SIGNATURE- iQIzBAEBCAAdFiEEn31hncwG9XwCqmbH0UHNMPxLj3kFAlhEAa0ACgkQ0UHNMPxL j3mreRAA0LZT3GW6C8WU0848J+mLRBPvoQgtYFLMAknY4i4mA+ev7zyfshAeSQwA xjqkzsLYz1QCfbjazC2UJ47WkeTY2dq9/kJNvO917OkQDczvosYZ/w+rAoYc8O+b 9+O4TxoIzen3MGMWWZauhyJzKQsgTjH/I02d9AuFVv+YltnyHwMzM3PuusgvmvZH a7tIqHmKbgrrG70spRcVPZ+X4+hsr1I+Af2My+nOJmbhZsTqbuRso/kQJjMdrRho ZLNIFZ6haq2owVYnHNY2zRt9QHqW7P0nqUnjkMDZUZtiLi4hj8F3x9D3yVFzx5mw kTU9KvlOR3qEZje1uQvYsVucsI47+EWVBU9WbzphI3e8B+0WDVHZgyR3j0co4YTc YNpgnBVRbbqgahH7knHV+zDJuFekxwoTQmRd3W4BQNEI85YsmhOD9U4yRWiNfkIJ Q4OrtmudkZ7nlCQFaduKycR+6I/TpryF3/KJczshGdzBPaTPHBftAAtjTn5KPUTs TZsOGB9cVf4ERfae5xpvUvWI1Ah+qqIPj6BQLcv7srS+ygryjqS97y8E/yJvAUUV EogIHUa3ICe3t9YlYEHC+JHMbCF+FKf7qNVRjP1nRPHDVWoIVb93MkGm2eVwqKhH 6cBVpeWhyC/hShogmMtlx14HNBzcjEJiouXUogD6mRvzgFVpogI= =ELga -END PGP SIGNATURE-
Accepted refpolicy 2:2.20161023-1 (source all) into unstable
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Format: 1.8 Date: Wed, 02 Nov 2016 15:15:07 +1100 Source: refpolicy Binary: selinux-policy-default selinux-policy-mls selinux-policy-src selinux-policy-dev selinux-policy-doc Architecture: source all Version: 2:2.20161023-1 Distribution: unstable Urgency: medium Maintainer: Debian SELinux maintainers <selinux-de...@lists.alioth.debian.org> Changed-By: Russell Coker <russ...@coker.com.au> Description: selinux-policy-default - Strict and Targeted variants of the SELinux policy selinux-policy-dev - Headers from the SELinux reference policy for building modules selinux-policy-doc - Documentation for the SELinux reference policy selinux-policy-mls - MLS (Multi Level Security) variant of the SELinux policy selinux-policy-src - Source of the SELinux reference policy for customization Changes: refpolicy (2:2.20161023-1) unstable; urgency=medium . * Rebase to new release Checksums-Sha1: 3d2054f3ab7c70fcfcd13dc87d248ada8a895929 2416 refpolicy_2.20161023-1.dsc 1f47dd6d8456040dc6e7aa731ee25489004f99dd 1768667 refpolicy_2.20161023.orig.tar.bz2 767e4837d40ac021874e65729faaf3ef62d80fbc 87760 refpolicy_2.20161023-1.debian.tar.xz d8a5d8a5f4ce82a5fb036626763eb002878bfe46 3005200 selinux-policy-default_2.20161023-1_all.deb 19f163aa1b1311d0a97b86cf46feac615dc8386b 461806 selinux-policy-dev_2.20161023-1_all.deb ef7175d1fb340fcbccbc4c51f3ae983912a678bf 442896 selinux-policy-doc_2.20161023-1_all.deb c615ac0e7f40785ceab11d4137c209063590efa7 3044200 selinux-policy-mls_2.20161023-1_all.deb 3ea2c9f49a9ef4f86bc262dc7fb138e594b1b6e9 1245092 selinux-policy-src_2.20161023-1_all.deb Checksums-Sha256: 4ee6a2189462a27a7aaf25638baaedd6dda27b307aa0e8701c96dd373def1f6e 2416 refpolicy_2.20161023-1.dsc 14c9576e2cdf0ecf656134bc59cba99589dbba2895344d2fc226bdb5d8e541c7 1768667 refpolicy_2.20161023.orig.tar.bz2 7c22cbe18ac007aee836b1ef140dde31d486d813b2d17c91ab8bec32b029e219 87760 refpolicy_2.20161023-1.debian.tar.xz 824f7772efac14841f4c6241235fa0b76378562c7cff103985361fa1e8986525 3005200 selinux-policy-default_2.20161023-1_all.deb 8eb5d24ab62483b4ecf37be9163233c7129827b6d9e853c9955c96d9fade8e79 461806 selinux-policy-dev_2.20161023-1_all.deb 469e48ab518bd8069f04a49f951819ef78c1b81a1871e1a613decab49dac89c7 442896 selinux-policy-doc_2.20161023-1_all.deb 31860f63cc94c95529f43082baf1e36a586dafb4e7ba2cce490822b95400bd01 3044200 selinux-policy-mls_2.20161023-1_all.deb adf0c6b664f0fff8be48600558254322f9c99ba90c05b5065b128c4b0728f4e6 1245092 selinux-policy-src_2.20161023-1_all.deb Files: eab9a3562d3ebcd38d881842494d810a 2416 admin optional refpolicy_2.20161023-1.dsc 0cafb3782cc1397af030d29762fbe266 1768667 admin optional refpolicy_2.20161023.orig.tar.bz2 805bed09d73752fb85e87e0cfc1d0e17 87760 admin optional refpolicy_2.20161023-1.debian.tar.xz 7c3ec0eaf4eafa0526dd1b4db61393e1 3005200 admin optional selinux-policy-default_2.20161023-1_all.deb d2296baf043a41648c4e00c7dcd57ddf 461806 admin optional selinux-policy-dev_2.20161023-1_all.deb b3b61737df93c7b11494c77386752509 442896 doc optional selinux-policy-doc_2.20161023-1_all.deb c5d2a449c8aecc30984310b6ffc84607 3044200 admin extra selinux-policy-mls_2.20161023-1_all.deb 25c203e84df98c398bbf242c1a020a33 1245092 admin optional selinux-policy-src_2.20161023-1_all.deb -BEGIN PGP SIGNATURE- iQIcBAEBCAAGBQJYGXDxAAoJENFBzTD8S495LM0QAJGBrdYuIxlq3trzeyeOKFF8 FlFGvF6xkE0xdvLwFgdUdSbV0K8EbnZqwp1hOLvZ/n/9m9vJ64+3hjLG99S+xZ0/ TQz3+c+FHvz9oUJBDOkYDFC0tCktpt64edPi3WKUsIm/2MPrRk9A2FuJ2/b9qGjI 6F62lDAlFobVOfRuPfEJJ5mktjXeniKOnT1rh6kvdnNNz4nwA05eHOVzPbMKfMLR 4GGqEVVbFtNPY50KEGkrbNChpy3hB4eK6fto2oZufa57vsts3fe3yb8L7lOel5I+ WpwhYtliEXTTS3TIfTsdLlb2sXO1gYIa6gVtdLOqhrxXmSsZBNUfNsJAgegYht4s V4EcuAZSP/DvMcvvvEefALvKjX2tZ5rIYpnYqUo3yLC0uF5L2YG4oLdGT4qbctB0 hn0sTyet7Jw6CgGSf9eVTowxpD2panEfTmhrXtNk0yUslGCelRqVnqH7LOgSo/6n f+fAfv71g9LAsQXrfsbc51XQ73OJpLaPGNdFMxoRWwHOpmRO2kUeQsgae3TO4plq GdYkHFY6iGzMbUnHe/Ln7lEAHQiOKcWMBBWAq/15zSF/r8x+DZQeAuN+alxHrruv xRQ9vnAT3k3Mzpv7ecfSq504wp7eX3Xqq0xhW8HeoPI8kA3snUtcB1CwKXLn8nLc Z16Wgfd6cW0q3YiDnGlg =4cE3 -END PGP SIGNATURE-
Accepted refpolicy 2:2.20151208-1 (source all) into unstable
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Format: 1.8 Date: Wed, 03 Aug 2016 10:42:57 +1000 Source: refpolicy Binary: selinux-policy-default selinux-policy-mls selinux-policy-src selinux-policy-dev selinux-policy-doc Architecture: source all Version: 2:2.20151208-1 Distribution: unstable Urgency: medium Maintainer: Debian SELinux maintainers <selinux-de...@lists.alioth.debian.org> Changed-By: Russell Coker <russ...@coker.com.au> Description: selinux-policy-default - Strict and Targeted variants of the SELinux policy selinux-policy-dev - Headers from the SELinux reference policy for building modules selinux-policy-doc - Documentation for the SELinux reference policy selinux-policy-mls - MLS (Multi Level Security) variant of the SELinux policy selinux-policy-src - Source of the SELinux reference policy for customization Changes: refpolicy (2:2.20151208-1) unstable; urgency=medium . * Rebase to new upstream * Move locallogin, sysadm, udev, and modutils to base * Add /lib/systemd to file_contexts.subs_dist and remove duplicate fcontexts * Allow unconfined_t to manage all init units * Allow dmesg_t and sysadm_t to read /dev/kmsg * Label /usr/lib/selinux/hll/pp as bin_t * Allow udev_t to create /var/run/network with type net_conf_t * Allow auditctl_t to getcap * Allow auditd_t setattr on /var/log/audit * Allow semanage_t to search policy_src_t dirs for /usr/lib/selinux/hll * Label /lib/systemd/libsystemd-shared-.*.so as lib_t * Allow systemd_tmpfiles_t and systemd_cgroups_t to read /proc/1/environ and /proc/cmdline, and have capability net_admin * Allow systemd_tmpfiles_t to create and relabel var_t directories * Allow systemd_cgroups_t to send unix dgrams to init. * Label /var/run/alsa as alsa_var_lock_t and use type trans for alsa_t to create it * Allow syslogd_t to create syslogd_var_run_t dirs for /run/systemd/journal/streams/ * Allow alsa_t to manage directories and lnk_files of type alsa_var_lock_t for directories under /run/alsa . * This policy works well for a VM but is known to not work on bare metal. I'll upload a new version that fixes this soon. Checksums-Sha1: 8efee66f3dd41ca0d92eb64aaba464e9254a7081 2431 refpolicy_2.20151208-1.dsc dd9b288f64cd691f7910cdf419befb24ce323654 698182 refpolicy_2.20151208.orig.tar.bz2 5cfe6ef0d85768435a934b7f7568a1ecfa65fe27 91664 refpolicy_2.20151208-1.debian.tar.xz d200a09e0af0cb089e75249c89f24d9b78006c96 2944566 selinux-policy-default_2.20151208-1_all.deb ec25529bd97f73781473ee9db4297b59111bfd0e 452788 selinux-policy-dev_2.20151208-1_all.deb ffa6b4e45dc796f8cb202041532e130ece002b26 433120 selinux-policy-doc_2.20151208-1_all.deb 5bb4dee24e56fbc9a6b252f5f087cc2fd5a7e354 2984058 selinux-policy-mls_2.20151208-1_all.deb e54685f0ebbf04ad9adae60cd8edac8c31324e50 1213928 selinux-policy-src_2.20151208-1_all.deb Checksums-Sha256: da3d22bf8b34c44d2ad121f4b695c6ac4d6a683329dd30f02213989d67458716 2431 refpolicy_2.20151208-1.dsc 2dd2f45a7132137afe8302805c3b7839739759b9ab73dd1815c01afe34ac99de 698182 refpolicy_2.20151208.orig.tar.bz2 28a68d9318efb42620b3a2d83d1bc3183a29566bab4ca3b5010b8778c6cfe948 91664 refpolicy_2.20151208-1.debian.tar.xz c857b6f31d511f1d258d5e75eab848709be8cb4f3a466ae3206f78253cfabad4 2944566 selinux-policy-default_2.20151208-1_all.deb cb7030a422750163b6fb44e7c523f35e6ca88f53021bc2f5729a9eef1cf70e55 452788 selinux-policy-dev_2.20151208-1_all.deb f3f0e288f77759435e046b54e080ce98436493380e5a59fe9b3be50e3ef0975f 433120 selinux-policy-doc_2.20151208-1_all.deb 84678b179499dcdfd4b4fcbd7cc0cba60370310cf94811ebeeed963734c06d67 2984058 selinux-policy-mls_2.20151208-1_all.deb c0b1d285021155c33c508d95a5da2d24620a7609a5133f1afd97cacc0142c18e 1213928 selinux-policy-src_2.20151208-1_all.deb Files: 01e17776d686cb6ce4055baf49a29b8a 2431 admin optional refpolicy_2.20151208-1.dsc 7b1ca12e9ea0254508391559cb8f2c41 698182 admin optional refpolicy_2.20151208.orig.tar.bz2 6862c2ab7db4cb06f8336f7861c796cb 91664 admin optional refpolicy_2.20151208-1.debian.tar.xz c9ec741fddb0fd8b8da00e44b3054e1e 2944566 admin optional selinux-policy-default_2.20151208-1_all.deb b54e6823443da9b55e338506f7f948a4 452788 admin optional selinux-policy-dev_2.20151208-1_all.deb 4d60d5237b978b67db92f395d4e336e6 433120 doc optional selinux-policy-doc_2.20151208-1_all.deb edff651848064f364f5070b30a9f9e2f 2984058 admin extra selinux-policy-mls_2.20151208-1_all.deb 448a242b71873af19400222b5f599197 1213928 admin optional selinux-policy-src_2.20151208-1_all.deb -BEGIN PGP SIGNATURE- Version: GnuPG v2 iQIcBAEBCAAGBQJXoUGPAAoJENFBzTD8S495PnQP/j5JGliGw1PLLe9LiT7ddjvs z37UQh/m4tpL1ehTg6TLx0jmRV4qDmRybyuuy8qHJnqIlbNPKZxLcm6mdmJb3ydp FcfFUbI0WoIepv3/2zDuL7LIgcURB7REbw+X8hdN5GJ9R42BrCGJxEhGB3wSgnsf sks/9l91TjTO2HgjesIWEd2eVM4DRY9tdGaHmEunmggkwRHiSZKvjDuVtgduxUct 4agSgRlIZETEl0/p5oxlYTdepeuUwFd9sTgYiJ/A3xhU4vQc9ve+DmeTdUCKZ8dk 1h6y/K296zcsXHie+Yj8kG43I0v+ETR
Accepted postal 0.74 (source amd64) into unstable
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Format: 1.8 Date: Thu, 30 Jun 2016 18:07:19 +1000 Source: postal Binary: postal Architecture: source amd64 Version: 0.74 Distribution: unstable Urgency: medium Maintainer: Russell Coker <russ...@coker.com.au> Changed-By: Russell Coker <russ...@coker.com.au> Description: postal - SMTP benchmark - the mad postman. Closes: 784704 811884 Changes: postal (0.74) unstable; urgency=medium . * Add -b option to bind to an address to bhm * Add changes from NMU and use Debhelper compat level 9. * Fix buffer underrun. Closes: #784704 * Made it build with GCC-6. Closes: #811884 Checksums-Sha1: 7cce62be370d2b9d370e623499c42295ff70949f 1377 postal_0.74.dsc f12f964c9029bf5de26c39591639eb19677d5b42 105223 postal_0.74.tar.gz d82f0868d59203365c3a00e734c0ea977f6b7a0d 54740 postal_0.74_amd64.deb Checksums-Sha256: d071cfb3718576751cfbab9a2a2f5074d35dfbd011996702ef3cc270c9bc1c25 1377 postal_0.74.dsc 77f6c43fdfeca4c83441a55b99c7dac6aaeff8d85edb841cef5bed45e07bc5ce 105223 postal_0.74.tar.gz 12cbee63689e83082ec1c98432b9f1ad5968829f44759e3683f0e03d71029d6d 54740 postal_0.74_amd64.deb Files: bb22ecf66ad484c5fdd86d6e40ddc275 1377 utils optional postal_0.74.dsc 2f7938602a57fceb59fb7ad0df8b0660 105223 utils optional postal_0.74.tar.gz e261b4a047ff2699bd7450c256dcfc7d 54740 utils optional postal_0.74_amd64.deb -BEGIN PGP SIGNATURE- Version: GnuPG v2 iQIcBAEBCAAGBQJXdODqAAoJENFBzTD8S495EjMQAIDcXp+IB94p8F1rl5St4KzL Dvru3HMAPdQBzWsQM2KuStXezlt1YPNB6t6pdp7tq3F9/c7I3JezkWIVmUVh+x/G UACTWVqTOQ59U0vB1d0CfQ66xLa+OaNWBrYL62HJf5WpNgYx5YPhMAMw8AmUmgvH fj/4tZTTv8FFmFxNyIbiCfT9F9E3uxcMbLCqOTlfyd7D6RoDRTTHaRZwD+36etFG VXYoLMSu2rc7sDg0g0LpUeq9VqIMhAkbAhplFnAEi5b8YNjdVyZsQ95FXRLoLYLv sLFO7O2hKdDdcKbCZCM0/dKb12IPFWH0ZRU4qqNF8VVqrhIGLzESNWxsuiCOLx6r NPXIT10qIaXDyJxGMC807HD8r2VR3dNRKNckG2oSoX5meQKq+IK+jh9AecGuj7sC Vh4njMFO2MNOUMBHJxheaMHb4sVLW4T0S1A7KQAKEyYl7Q+1xyBl4uBW/WxMStrW ZSKrGN6ss8AIQCCLZ4j/+836FlSn4RyEBdPN+Ng/k/q3VsyR/fqDrEvUfm+xpNqj V5S1fEGdwg5Rq8jKz55hhH2L4WrF5c6Z60hcaqKCxoiqnjzc1BgT9lFZcWDZz0FH ZAi8Ik3uqwR77Vj2aGEdo0UigB9TBY68UjwFPxasTbrzySSlVRIOQ/i67GFb5WTj n4U3vizTByLXQjW7US77 =oTE+ -END PGP SIGNATURE-
Accepted refpolicy 2:2.20140421-9 (source all) into unstable
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Format: 1.8
Date: Fri, 06 Feb 2015 02:31:05 +1100
Source: refpolicy
Binary: selinux-policy-default selinux-policy-mls selinux-policy-src
selinux-policy-dev selinux-policy-doc
Architecture: source all
Version: 2:2.20140421-9
Distribution: unstable
Urgency: medium
Maintainer: Debian SELinux maintainers selinux-de...@lists.alioth.debian.org
Changed-By: Russell Coker russ...@coker.com.au
Description:
selinux-policy-default - Strict and Targeted variants of the SELinux policy
selinux-policy-dev - Headers from the SELinux reference policy for building
modules
selinux-policy-doc - Documentation for the SELinux reference policy
selinux-policy-mls - MLS (Multi Level Security) variant of the SELinux policy
selinux-policy-src - Source of the SELinux reference policy for customization
Changes:
refpolicy (2:2.20140421-9) unstable; urgency=medium
.
* Allow dovecot_t to read /usr/share/dovecot/protocols.d
Allow dovecot_t capability sys_resource
Label /usr/lib/dovecot/* as bin_t unless specified otherwise
Allow dovecot_auth_t to manage dovecot_var_run_t for auth tokens
* Allow clamd_t capability { chown fowner fsetid }
Allow clamd_t to read sysctl_vm_t
* Allow dkim_milter_t capability dac_override and read sysctl_vm_t
allow dkim_milter_t to bind to unreserved UDP ports
* Label all hard-links of perdition perdition_exec_t
Allow perdition to read /dev/urandom and capabilities dac_override, chown,
and fowner
Allow perdition file trans to perdition_var_run_t for directories
Also proxy the sieve service - sieve_port_t
Allow connecting to mysql for map data
* Allow nrpe_t to read nagios_etc_t and have capability dac_override
* Allow httpd_t to write to initrc_tmp_t files
Label /var/lib/php5(/.*)? as httpd_var_lib_t
* Allow postfix_cleanup_t to talk to the dkim filter
allow postfix_cleanup_t to use postfix_smtpd_t fds (for milters)
allow postfix_smtpd_t to talk to clamd_t via unix sockets
allow postfix_master_t to execute hostname for Debian startup scripts
* Allow unconfined_cronjob_t role system_r and allow it to restart daemons
via systemd
Allow system_cronjob_t to unlink httpd_var_lib_t files (for PHP session
cleanup)
* Allow spamass_milter_t to search the postfix spool and sigkill itself
allow spamc_t to be in system_r for when spamass_milter runs it
* Allow courier_authdaemon_t to execute a shell
* Label /usr/bin/maildrop as procmail_exec_t
Allow procmail_t to connect to courier authdaemon for the courier maildrop,
also changed courier_stream_connect_authdaemon to use courier_var_run_t
for the type of the socket file
Allow procmail_t to read courier config for maildrop.
* Allow system_mail_t to be in role unconfined_r
* Label ldconfig.real instead of ldconfig as ldconfig_exec_t
* Allow apt_t to list directories of type apt_var_log_t
* Allow dpkg_t to execute dpkg_tmp_t and load kernel modules for
dpkg-preconfigure
* Allow dpkg_script_t to create udp sockets, netlink audit sockets, manage
shadow files, process setfscreate, and capabilities audit_write net_admin
sys_ptrace
* Label /usr/lib/xen-*/xl as xm_exec_t
Checksums-Sha1:
6ac7a2a56b0203e51667c87daa961c41f3b4d462 2398 refpolicy_2.20140421-9.dsc
dd1941f462cce86ef0c06a43d0023bb9b522e640 82372
refpolicy_2.20140421-9.debian.tar.xz
ea8774413457a635858ba28dfe9e8f4a9190defb 2818670
selinux-policy-default_2.20140421-9_all.deb
dec1f80581a2b3f27cb925b1c9036ab8da6b0a1b 2873588
selinux-policy-mls_2.20140421-9_all.deb
6edcee2d79501c45f0f9c0b06fdd6d353c155456 1199346
selinux-policy-src_2.20140421-9_all.deb
36f9a87039a57a0b1224e1a620b4e3e94167ce5f 440406
selinux-policy-dev_2.20140421-9_all.deb
d1ef508db03f76f34b2a702fb798c834ed93c691 417484
selinux-policy-doc_2.20140421-9_all.deb
Checksums-Sha256:
6ea68faf19973309cc52729075134d846ef6e3d1ef1d309e00fd1176b1ff8eba 2398
refpolicy_2.20140421-9.dsc
a12cf7892cdfdb3ee851469731d655892d519d4797b7e3e2e6568e2305f7d888 82372
refpolicy_2.20140421-9.debian.tar.xz
178f40e6c4768cdb72ba90070f58c0cc661267afa34d58121d713de44bce44c8 2818670
selinux-policy-default_2.20140421-9_all.deb
275e3cc831137634d79a61fbfd104385dc45fad12dc98c5a22ba210f7de75957 2873588
selinux-policy-mls_2.20140421-9_all.deb
ba71cb7bfb89fafa58a5ad9aa13cd3fa0f2c63b485170ed785f1d70dd760b51c 1199346
selinux-policy-src_2.20140421-9_all.deb
c9520db329d53cfaef9eee7d4ea0c4237b4c082a1e9a93e261971b4a612e2106 440406
selinux-policy-dev_2.20140421-9_all.deb
b9bf69c2e40106bf215a478a12d136a15728e0464537b546c14d0a838522e70b 417484
selinux-policy-doc_2.20140421-9_all.deb
Files:
a50be26a4e92464bd74c37863ebc2b57 2398 admin optional refpolicy_2.20140421-9.dsc
ad4ee805d2376f7faf4ecf6739656b68 82372 admin optional
refpolicy_2.20140421-9.debian.tar.xz
6cd2df5acd55b444d06c42d202994acf 2818670 admin optional
selinux-policy-default_2.20140421
Accepted refpolicy 2:2.20140421-7 (source all) into unstable
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Format: 1.8 Date: Mon, 13 Oct 2014 09:41:44 +1100 Source: refpolicy Binary: selinux-policy-default selinux-policy-mls selinux-policy-src selinux-policy-dev selinux-policy-doc Architecture: source all Version: 2:2.20140421-7 Distribution: unstable Urgency: medium Maintainer: Debian SELinux maintainers selinux-de...@lists.alioth.debian.org Changed-By: Russell Coker russ...@coker.com.au Description: selinux-policy-default - Strict and Targeted variants of the SELinux policy selinux-policy-dev - Headers from the SELinux reference policy for building modules selinux-policy-doc - Documentation for the SELinux reference policy selinux-policy-mls - MLS (Multi Level Security) variant of the SELinux policy selinux-policy-src - Source of the SELinux reference policy for customization Changes: refpolicy (2:2.20140421-7) unstable; urgency=medium . * Label /run/systemd/journal/dev-log and /run/systemd/journal/stdout as devlog_t * Allow bootloadter_t to load kernel modules and run apt-cache * Allow systemd_cgroups_t to read /proc/cmdline * Allow sshd net_admin capability * Allow systemd_logind_t to read kernel sysctls, list tmpfs, and mount on /var/auth, and systemd_unit_file_t:service stop. * Allow dpkg_script_t to restart systemd unit files of type init_var_run_t * Allow local_login_t and user_t to talk to systemd_logind via dbus * Allow user_ssh_agent_t to read/write it's own fifo files * Allow user_t to talk to gconfd_t via dbus * Allow gpg_agent_t to send sigchld to xdm_t, to be a system dbus client, to use nsswitch, and to read user xauth file * Allow $1_dbusd_t domains systemd_login_read_pid_files access * Remove gpg_helper_t, merge gpg_pinentry_t with the main gpg domain, and create user_gpg_t, staff_gpg_t, etc. * Allow userdomains to talk to kerneloops via dbus * Allow sysstat_t to search all mountpoints * Allow udev_t self:netlink_route_socket nlmsg_write for interface rename * Allow systemd_tmpfiles_t to read kernel sysctls for boot_id * Allow setfiles_t to read /dev/urandom * Label /var/run/blkid as etc_runtime_t . * TLDR: Make everything work with latest systemd and allow KDE login with latest X11 configuration. Checksums-Sha1: 1dadceb4f922aa3a897a6874e5a66838abe93809 1758 refpolicy_2.20140421-7.dsc ab940c7f1d4427b30cf39d2173952ca0ff29182b 78900 refpolicy_2.20140421-7.debian.tar.xz 05ba67bd9029b6d9b2517ddaa7de22ee066dd117 2823320 selinux-policy-default_2.20140421-7_all.deb fd59dbb88c41715a78b50eb8d369be98c150afbe 2879542 selinux-policy-mls_2.20140421-7_all.deb dcf4298563a3cfd7e2d0ffd1a8a04525f9e7d1cb 1199600 selinux-policy-src_2.20140421-7_all.deb a25f4943980c8e59700e646f42ab9097b18a41bf 438878 selinux-policy-dev_2.20140421-7_all.deb 3e884b802abe986caaf5008d62f95d8dd9c4ad49 415196 selinux-policy-doc_2.20140421-7_all.deb Checksums-Sha256: 264020fb6312a8a1a39bebcb2430cc22539eb90708aeb402e6447c0581f328f7 1758 refpolicy_2.20140421-7.dsc ba7e1b14d1d9524758cba1f540d6f10f1929c858b2d5788a9a4c6302c75044c6 78900 refpolicy_2.20140421-7.debian.tar.xz f84001ac58673957710bc0e6a64969647c88dec3591e4ee277dd43affc73ea49 2823320 selinux-policy-default_2.20140421-7_all.deb 6d616911cec06a87c795d927753eea4a09139854df8746b01c64ba1eb1faeaf4 2879542 selinux-policy-mls_2.20140421-7_all.deb e3b31ccb77ac9ab1748e236055f8fc3615a8c7daadc76580c4dee87b75e59971 1199600 selinux-policy-src_2.20140421-7_all.deb 173936f0782ade40418d4cb2a055dda97e84c7254eae1c1d50e1d09c4ea2e932 438878 selinux-policy-dev_2.20140421-7_all.deb 4251b7111b7ef5fa2f52b3af21e1ca207ea20e7121a1be5001beb72fd11cc6c0 415196 selinux-policy-doc_2.20140421-7_all.deb Files: d83614223aa3642f3d9d7a2f8371cf6e 1758 admin optional refpolicy_2.20140421-7.dsc 9497a6e8233fbb09077a1c653b51d3a4 78900 admin optional refpolicy_2.20140421-7.debian.tar.xz e975badfeec9988f6780bdaf75797dc5 2823320 admin optional selinux-policy-default_2.20140421-7_all.deb f646b98de5b74d78f5e8d1c0603fd095 2879542 admin extra selinux-policy-mls_2.20140421-7_all.deb 199d03a5be2122c600c8497cf97e1d4a 1199600 admin optional selinux-policy-src_2.20140421-7_all.deb 90bfcbfc1279cc799f8db0283a032472 438878 admin optional selinux-policy-dev_2.20140421-7_all.deb d02246c37472737c3f2615691da46cf3 415196 doc optional selinux-policy-doc_2.20140421-7_all.deb -BEGIN PGP SIGNATURE- Version: GnuPG v2 iEYEARECAAYFAlQ7BksACgkQwrB5/PXHUlY01ACgm7wR1kv7QlD+r9KcerDax1XM 2NgAnilZ1FMBQIvk/BF7EtJM6iGLnqRm =Qwb2 -END PGP SIGNATURE- -- To UNSUBSCRIBE, email to debian-devel-changes-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/e1xdsps-0007k3...@franck.debian.org
Accepted refpolicy 2:2.20140421-6 (source all) into unstable
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Format: 1.8 Date: Sat, 13 Sep 2014 16:15:12 +1000 Source: refpolicy Binary: selinux-policy-default selinux-policy-mls selinux-policy-src selinux-policy-dev selinux-policy-doc Architecture: source all Version: 2:2.20140421-6 Distribution: unstable Urgency: medium Maintainer: Debian SELinux maintainers selinux-de...@lists.alioth.debian.org Changed-By: Russell Coker russ...@coker.com.au Description: selinux-policy-default - Strict and Targeted variants of the SELinux policy selinux-policy-dev - Headers from the SELinux reference policy for building modules selinux-policy-doc - Documentation for the SELinux reference policy selinux-policy-mls - MLS (Multi Level Security) variant of the SELinux policy selinux-policy-src - Source of the SELinux reference policy for customization Changes: refpolicy (2:2.20140421-6) unstable; urgency=medium . [ Laurent Bigonville ] * debian/patches/0046-misc-not-systemd: Remove duplicate dev_associate(hugetlbfs_t) rule . [ Russell Coker ] * Allow dpkg_script_t to restart all daemons under systemd * Allow ndc_t the block_suspend capability * Allow systemd_logind_t self:process signal access * allow systemd_logind_t systemd_unit_file_t:service start; * allow systemd_tmpfiles_t and systemd_cgroups_t capability net_admin * allow systemd_tmpfiles_t process getcap * storage_getattr_fixed_disk_dev(xend_t) for running lsscsi * Allow xenstored_t to search bin_t * New type systemd_journal_log_t for /var/log/journal and /var/run/log/journal * Added audit_read to capability2 class * Allow kerneloops_t, systemd_tmpfiles_t, and systemd_logind_t to read /dev/urandom * Allow all user domains to read /var/lib/dpkg * Allow udev_t to read kernel module files for systemd-udevd * Allow alsa_t to search locks * Allow systemd-tmpfilesd to setattr many device types and create /dev/xconsole * Allow unconfined_t to get statyus of systemd jobs * Add FC entry for /var/run/wd_keepalive.pid and /var/run/sm-notify.pid Checksums-Sha1: 4eee0540e45371657fb1cf3c3c4e70b2454b6909 1758 refpolicy_2.20140421-6.dsc dc4331c313bbfdc3b78e9fcc56a702c7a26edd16 73788 refpolicy_2.20140421-6.debian.tar.xz 2f455d4272a6c71f5e77fd167b0ef61b279f1525 3419976 selinux-policy-default_2.20140421-6_all.deb 9cbd47a84fb2565f50e13c438b7f439a7bda347d 3515820 selinux-policy-mls_2.20140421-6_all.deb 457f46557d650cd10e50bccca5c5ff456f20726e 1204960 selinux-policy-src_2.20140421-6_all.deb d45d04cd66306886deeefa2c0e8505ac6640f737 531412 selinux-policy-dev_2.20140421-6_all.deb 0c02931b19234754d41c1e7e624d8636a9a7b441 1509958 selinux-policy-doc_2.20140421-6_all.deb Checksums-Sha256: a91e45fca419077006d0073d816dfd77a32e0db7da935d7fc9dd96c1baf281a3 1758 refpolicy_2.20140421-6.dsc a84d96078ca5d8668660b21a36ac43a7490362c7b6014d5abaee8afeebfca17c 73788 refpolicy_2.20140421-6.debian.tar.xz d36215c60e4648b25df79dcd575bca95b81f2e72517e2172ead891150641cd9b 3419976 selinux-policy-default_2.20140421-6_all.deb 1b1e070ae01dad37f7518b808c2045d30c01b048b016a17c2f0a268553659093 3515820 selinux-policy-mls_2.20140421-6_all.deb 77629fe6b9995f322118106c6a4884310abf363dbac9ba844fbc66fa4b4a4f5c 1204960 selinux-policy-src_2.20140421-6_all.deb c85b9ddcf0c1677e09de980af52b97996349726aa1430c2cff8906e7239a4b89 531412 selinux-policy-dev_2.20140421-6_all.deb a3ed688a34f5c5cfbb6ca7796b0fb3b077d27879b2ec271b05c276a9d50e2559 1509958 selinux-policy-doc_2.20140421-6_all.deb Files: 5114bf4e7605cc5a4862cadd110c51b7 3419976 admin optional selinux-policy-default_2.20140421-6_all.deb a9e4f20cc30343e90d4fc659f8490b06 3515820 admin extra selinux-policy-mls_2.20140421-6_all.deb 45a6aa9e507311b311d91050b89c2e7e 1204960 admin optional selinux-policy-src_2.20140421-6_all.deb 5b42ca6880df743ad3c1ec33f0829f24 531412 admin optional selinux-policy-dev_2.20140421-6_all.deb 445d28a6f6b618c51de0e1e2e0c93c23 1509958 doc optional selinux-policy-doc_2.20140421-6_all.deb 8a07f0f07b44d4391e1f7021d4f9597f 1758 admin optional refpolicy_2.20140421-6.dsc f986f9273af14e2c02427cdb68859cdf 73788 admin optional refpolicy_2.20140421-6.debian.tar.xz -BEGIN PGP SIGNATURE- Version: GnuPG v1 iEYEARECAAYFAlQT4qEACgkQwrB5/PXHUlZd0QCgovlPlfiLJWuihV4OaOCEHLvM /l0AnAjDHCDSPYKmRh2AEuR+A+UMjkz6 =EQEd -END PGP SIGNATURE- -- To UNSUBSCRIBE, email to debian-devel-changes-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/e1xuxut-0003pq...@franck.debian.org
Accepted refpolicy 2:2.20140421-5 (source all) into unstable
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Format: 1.8 Date: Thu, 03 Jul 2014 20:45:34 +1000 Source: refpolicy Binary: selinux-policy-default selinux-policy-mls selinux-policy-src selinux-policy-dev selinux-policy-doc Architecture: source all Version: 2:2.20140421-5 Distribution: unstable Urgency: medium Maintainer: Debian SELinux maintainers selinux-de...@lists.alioth.debian.org Changed-By: Russell Coker russ...@coker.com.au Description: selinux-policy-default - Strict and Targeted variants of the SELinux policy selinux-policy-dev - Headers from the SELinux reference policy for building modules selinux-policy-doc - Documentation for the SELinux reference policy selinux-policy-mls - MLS (Multi Level Security) variant of the SELinux policy selinux-policy-src - Source of the SELinux reference policy for customization Changes: refpolicy (2:2.20140421-5) unstable; urgency=medium . * Allow system_cronjob_t to read apt_var_lib_t and ntp_conf_t. * Allow init_t to create /dev/log and netlink_audit_socket accesss * Allow init_t to manage systemd_passwd_var_run_t links * Allow freshclam_t to talk to http_cache_port_t * Allow system_cronjob_t to talk to init socket for restarting daemons under systemd * allow init_t setsched access for (tmpfiles) from systemd * Allow dpkg_t to transition to dpkg_script_t when running dpkg_var_lib_t (postinst etc scripts) * Allow init_t netlink_selinux_socket access for commands like halt in strict mode * Allow initrc_t to perform service operations on init_script_file_type * Label /opt/google/chrome/cron/google-chrome bin_t * Make Chrome/Chromium run in the correct domain * Add domain systemd_cgroups_t for kernel executing /lib/systemd/systemd-cgroups-agent * Allow dpkg_script_t to read the policy * Allow systemd_passwd_agent_t to write to /dev/kmsg and log to syslogd * Allow init_t to write to watchdog_device_t for systemd shutdown * Allow initrc_t to write net_conf_t for network boot scripts * Allow init_t to create var_auth_t directories for systemd * Allow initrc_t to read postfix config on Debian * Allow initrc_t to talk to init_t via unix sockets * Allow init_t to read udev_var_run_t files for systemd to read udev output * Allow init_t to read all pidfiles, for systemd * Allow postfix_postqueue_t to send sigchld to all userdomains Checksums-Sha1: a28d25758d970bc33bfe8adaaa75e28d5174ac72 1758 refpolicy_2.20140421-5.dsc d1c604f9471bb78c66dfddb1de1ab3556b810d61 72524 refpolicy_2.20140421-5.debian.tar.xz 912053eb911d53e18094c0b33838301a719c6c64 2801078 selinux-policy-default_2.20140421-5_all.deb d42ddd74b7d2b5f74840afe2cae8988d1ac686a7 2854038 selinux-policy-mls_2.20140421-5_all.deb ca59055ecf067ec6ab4977e6d955bf3b64676c86 1203016 selinux-policy-src_2.20140421-5_all.deb 43a44f4641746dd50f276f2fb086608c113cb42a 436912 selinux-policy-dev_2.20140421-5_all.deb 6b586e04d8528365710061c8c5dee025cd1b696e 413964 selinux-policy-doc_2.20140421-5_all.deb Checksums-Sha256: 56d1a7842ff2e59c5cbf378477d2559b1f0932db9d81540f0dad5dd37020e5c5 1758 refpolicy_2.20140421-5.dsc 376487dc6f796be7b1f27046e90db551c2b501314210fe2c045b6aba021dae44 72524 refpolicy_2.20140421-5.debian.tar.xz e9a5c29c07240a67815cc58e75530fa2a4222d84c5355769c3d57f22a779f75e 2801078 selinux-policy-default_2.20140421-5_all.deb aa0336006dac6b7ddb46e6a0f4601ae17092a1985c9625b3971567d63b948166 2854038 selinux-policy-mls_2.20140421-5_all.deb bfa7c1d31ff73c15fbab2bffb4669d561250a53b7563b5cac1509719dd2deffe 1203016 selinux-policy-src_2.20140421-5_all.deb d8501b6b91a1605bfa011776a4f849e1919e69121e0574a7964c5791e4677849 436912 selinux-policy-dev_2.20140421-5_all.deb c1162096c79b3ae23085f060bad019cd16e347016ed46c3c72650c0963f65d3d 413964 selinux-policy-doc_2.20140421-5_all.deb Files: 35bd756bbcb78ab435338bdb2a2ab2a9 2801078 admin optional selinux-policy-default_2.20140421-5_all.deb 0ff9c77b10415bf77cb1fa8ac84b3b54 2854038 admin extra selinux-policy-mls_2.20140421-5_all.deb 13b190dad23bfba45bf7c8e169fc6350 1203016 admin optional selinux-policy-src_2.20140421-5_all.deb 7d9f8ae2b8e0e17022595b83cf683906 436912 admin optional selinux-policy-dev_2.20140421-5_all.deb 8d4c742a0d0d196c5b0a4090e60d282b 413964 doc optional selinux-policy-doc_2.20140421-5_all.deb d73caa7dd655eab753ae30bb69a3f643 1758 admin optional refpolicy_2.20140421-5.dsc 4c54793831f7bd1751d54289f4a0eb12 72524 admin optional refpolicy_2.20140421-5.debian.tar.xz -BEGIN PGP SIGNATURE- Version: GnuPG v2 iEYEARECAAYFAlO1NnkACgkQwrB5/PXHUlbQXQCdEjZ2uJALA+Rio6pYr2t9KltM WjIAnAtAMiLWSLB+6wFe+yc2htYKwaKG =dyLt -END PGP SIGNATURE- -- To UNSUBSCRIBE, email to debian-devel-changes-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/e1xhlpt-00050p...@franck.debian.org
Accepted goplay 0.5-1.2 (source amd64) into unstable
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Format: 1.8 Date: Mon, 28 Jul 2014 16:45:05 +1000 Source: goplay Binary: goplay Architecture: source amd64 Version: 0.5-1.2 Distribution: unstable Urgency: medium Maintainer: Debian Games Team pkg-games-de...@lists.alioth.debian.org Changed-By: Russell Coker russ...@coker.com.au Description: goplay - games (and more) package browser using DebTags Closes: 755404 Changes: goplay (0.5-1.2) unstable; urgency=medium . * Non-maintainer upload. * Build against latest libept Closes: #755404 Checksums-Sha1: aca8d64147b7abb797f2d3670df0d4f94065bddf 1365 goplay_0.5-1.2.dsc 6504595ecc5e10d9636817aa4f988d7f232453ba 6040 goplay_0.5-1.2.debian.tar.xz df34e5356c0b22be4283b7a5bb328083457f53c5 215644 goplay_0.5-1.2_amd64.deb Checksums-Sha256: 80ad7f4e0b7ce4db7759f9dfa8f5b43f1fd21a307cd061b614ded2ec01f4120b 1365 goplay_0.5-1.2.dsc edd608ba508be47a488cb2fbbdddaf4b53efaa9e3576c5b087b5329cc037 6040 goplay_0.5-1.2.debian.tar.xz 66afdfa1aa2bd194f1a356f86324f6c38cbfd3b59feeb592dab02c84a8226668 215644 goplay_0.5-1.2_amd64.deb Files: 0c1936a91c0858125851660ccfc0d24f 215644 admin extra goplay_0.5-1.2_amd64.deb 0c50f593c15893ae99421efd2034ca90 1365 admin extra goplay_0.5-1.2.dsc 13a4339e8f09c8dc74b464fce60d04b7 6040 admin extra goplay_0.5-1.2.debian.tar.xz -BEGIN PGP SIGNATURE- Version: GnuPG v1 iEYEARECAAYFAlPV+eEACgkQwrB5/PXHUlaEEgCfcFQ59OaM5P28f1/JOFfOVan8 uz4An3u2yz83rjksOxrzVsXcjn1UhJO7 =zPNP -END PGP SIGNATURE- -- To UNSUBSCRIBE, email to debian-devel-changes-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/e1xeeqg-00088s...@franck.debian.org
Accepted refpolicy 2:2.20140421-3 (source all)
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Format: 1.8
Date: Sun, 29 Jun 2014 19:11:45 +1000
Source: refpolicy
Binary: selinux-policy-default selinux-policy-mls selinux-policy-src
selinux-policy-dev selinux-policy-doc
Architecture: source all
Version: 2:2.20140421-3
Distribution: unstable
Urgency: medium
Maintainer: Debian SELinux maintainers selinux-de...@lists.alioth.debian.org
Changed-By: Russell Coker russ...@coker.com.au
Description:
selinux-policy-default - Strict and Targeted variants of the SELinux policy
selinux-policy-dev - Headers from the SELinux reference policy for building
modules
selinux-policy-doc - Documentation for the SELinux reference policy
selinux-policy-mls - MLS (Multi Level Security) variant of the SELinux policy
selinux-policy-src - Source of the SELinux reference policy for customization
Changes:
refpolicy (2:2.20140421-3) unstable; urgency=medium
.
* Allow sysadm_t to read policy
* Make systemd_login_list_pid_dirs() call init_search_pid_dirs() as it
doesn't work without it
* Added chromium/google-chrome policy
* dev_getattr_sysfs(sysstat_t) for Debian cron job
* Allow sysstat_t to manage it's log files
* Allow dpkg_script_t to config all systemd services and get init status
* Allow dpkg_script_t to dirmngr_admin
* really added systemd_login_list_pid_dirs(system_dbusd_t) (somehow missed
this last time)
* Allow sshd to chat with systemd via dbus
* Allow unconfined_t to restart services
* systemd_write_inherited_logind_sessions_pipes(system_dbusd_t)
* systemd_dbus_chat_logind(sshd_t)
* Allow xend to read vm sysctls
* Allow udev_t to manage xenfs_t files for xenstore-read
* Allow system_dbusd_t systemd_login_read_pid_files access for
/run/systemd/users/* files
* Allow systemd_logind_t to stat tmpfs_t filesystems for /run/user
* Remove the genfscon selinuxfs line from selinux.if in selinux-policy-dev
to stop sepolgen-ifgen errors.
* Make udev_relabelto_db() include lnk_file relabeling
* Allow kernel_t to fs_search_tmpfs, selinux_compute_create_context, and
kernel_read_unlabeled_state for booting without unconfined.pp
* Allow system_cronjob_t to manage the apt cache
* Allow modutils_read_module_config(init_t) and create cgroup_t links for
strict config. Allow it to relabel from tmpfs_t symlinks
* Allow init_run_all_scripts_domain (initrc_t) the service { status start
stop } for all the daemon _initrc_exec_t scripts.
* Allow sysadm_r to have domain system_mail_t for strict policy
* Allow init_t to relabel device_t symlinks and pstore_t dirs, load kernel
modules, manage init_var_run_t sock_files, read /usr, read /dev/urandom,
systemd_manage_passwd_run, and domain_read_all_domains_state
Checksums-Sha1:
2d0a86bdb4f55d81bed35e4cd14eca2b59895552 1758 refpolicy_2.20140421-3.dsc
009ee151d0e35a13176c124b97e3cfcabbf485d8 71128
refpolicy_2.20140421-3.debian.tar.xz
b4ae9fd6ecc9a4daec6685d1953ccdb6e8ed4920 2800446
selinux-policy-default_2.20140421-3_all.deb
67d6948daa54734480b3a899a990b0ea0edeaf5d 2851542
selinux-policy-mls_2.20140421-3_all.deb
81ef6b6f76c925993afa08dc0b81dd1c3c8158f8 1202722
selinux-policy-src_2.20140421-3_all.deb
1281b41fd1f5643d39451b70c77a8b1e6cf0fd56 436260
selinux-policy-dev_2.20140421-3_all.deb
0148f48a8cb765e6ab0910150d52439a36bfe369 412982
selinux-policy-doc_2.20140421-3_all.deb
Checksums-Sha256:
2b524f9a889bb3acf335296ff1fccf26b3210aa388a7a5a92fde41d1dd41dcfa 1758
refpolicy_2.20140421-3.dsc
8abada0a0291e7ecb539e1b8b3197a43705e28e879898950c8f13ede403ff130 71128
refpolicy_2.20140421-3.debian.tar.xz
1c3be2de6b310ff3aef9c0ee1912123ca19674059f98baad5ebb1783c5d7cb91 2800446
selinux-policy-default_2.20140421-3_all.deb
fba0afd74721a0d0f73da57e4628e6592bd0ed91e256804c3346d072451d9f52 2851542
selinux-policy-mls_2.20140421-3_all.deb
bc50d6d98e5473d3660736320366c9abacbdaacd8602675c6576668d2fc12677 1202722
selinux-policy-src_2.20140421-3_all.deb
4ff3d49ce3ffe94a8f0f1683a28347d87238964ea0c921d5cba6ccca20407a5c 436260
selinux-policy-dev_2.20140421-3_all.deb
b742124b29c533e9505c01cb96ee7b1971274589905c9f2ea31e20bddbe708c9 412982
selinux-policy-doc_2.20140421-3_all.deb
Files:
927023db57701b7cad5cc5be087cdea5 2800446 admin optional
selinux-policy-default_2.20140421-3_all.deb
027b75a8c713d4913869b03144e402ac 2851542 admin extra
selinux-policy-mls_2.20140421-3_all.deb
ba44fb327d8008139b1f52687fb813f0 1202722 admin optional
selinux-policy-src_2.20140421-3_all.deb
f2481b58b3b1934864a865cdb76b9bb0 436260 admin optional
selinux-policy-dev_2.20140421-3_all.deb
0640d8373d687fc01d06526456fbac62 412982 doc optional
selinux-policy-doc_2.20140421-3_all.deb
c8e657fc931fdf81ed6b38638f37ae73 1758 admin optional refpolicy_2.20140421-3.dsc
92ed25bebce64e4a8a0de95738bd96f0 71128 admin optional
refpolicy_2.20140421-3.debian.tar.xz
-BEGIN PGP SIGNATURE-
Version: GnuPG v1
iEYEARECAAYFAlOv2wUACgkQwrB5
Accepted refpolicy 2:2.20140421-2 (source all)
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Format: 1.8 Date: Wed, 25 Jun 2014 15:38:58 +1000 Source: refpolicy Binary: selinux-policy-default selinux-policy-mls selinux-policy-src selinux-policy-dev selinux-policy-doc Architecture: source all Version: 2:2.20140421-2 Distribution: unstable Urgency: medium Maintainer: Debian SELinux maintainers selinux-de...@lists.alioth.debian.org Changed-By: Russell Coker russ...@coker.com.au Description: selinux-policy-default - Strict and Targeted variants of the SELinux policy selinux-policy-dev - Headers from the SELinux reference policy for building modules selinux-policy-doc - Documentation for the SELinux reference policy selinux-policy-mls - MLS (Multi Level Security) variant of the SELinux policy selinux-policy-src - Source of the SELinux reference policy for customization Changes: refpolicy (2:2.20140421-2) unstable; urgency=medium . * Fix systemd support * Made init, logging, authlogin, application, userdomain, systemd, dmesg, dpkg, usermanage, libraries, fstools, miscfiles, mount, selinuxutil, storage and sysnetwork be base modules - some of this is needed for systemd, some just makes sense. * Disabled modules anaconda, authbind, kudzu, portage, rhgb, speedtouch * Allow syslogd_t to read /dev/urandom (for systemd) * Change unit files to use .*\.service * Default trans syslogd_tmp_t for name /run/log (for systemd) * Make /var/auth a mountpoint * Allow systemd_tmpfiles_t to relabelto xconsole_device_t * Allow init_t to start and stop service systemd_unit_file_t * Allow udev_t to write to init_t stream sockets for systemctl * Allow syslogd_t to read udev_var_run_t so systemd_journal can get seat data * Allow systemd_logind_t to read udev_var_run_t for seat data * Allow syslogd_t setgid and setgid for systemd_journal * Allow udev_t to read cgroup files for systemd-udevd to read it's own cgroup * Give logrotate_t the systemd_systemctl_domain access to restart daemons * Make transition from unconfined_t to insmod_t for running modutils and remove all unused modutils domains. Make unconfined_t transition to insmod_t, this makes depmod run as insmod_t. Make insmod_t write modules dep files with the correct context. * Allow udev_t to load kernel modules for systemd-udevd * Allow initrc_t to systemd_config_all_services * Allow lvm_t to talk to init_t via unix socket for systemd * Allow allow lvm_t to read sysctl_crypto_t * Allow udev_t to read modules_object_t for systemd-udevd * Allow udev_t to search /run/systemd for systemd-udevd * Allow systemd_tmpfiles_t to relabel man_cache_t * Allow initrc_t to get status of init_t for systemd * Allow udev_t to get initrc_exec_t service status for when udev runs hdparm script . * Allow ifconfig_t to load kernel modules * Allow named_t to read vm sysctls * Allow tor_t capabilities chown dac_read_search dac_override fowner * Allow fetchmail_t to manage dirs of type fetchmail_uidl_cache_t * Allow mysqld_t to connect to itself on unix_stream_socket * Allow mysqld_t kernel_read_vm_sysctls for overcommit_memory * Allow sysstat_t read and write access to crond_tmp_t (for cron to capture stdout/stderr). * Allow sysstat_t to read it's own log files and read shell_exec_t * Included file context for /run/kdm.pid * Allow kerneloops_t to read /proc/filesystems * Label /var/cache/dirmngr as dirmngr_var_lib_t * systemd_login_list_pid_dirs(system_dbusd_t) Checksums-Sha1: 605f00c3db9af4fb13fff7d1292d60c1fdbf7d8b 1758 refpolicy_2.20140421-2.dsc f4812456246aee744b806cf82ea52999359b68c3 67824 refpolicy_2.20140421-2.debian.tar.xz 66bb4329c6e2e89e22789202f2af911fa24771ee 2805706 selinux-policy-default_2.20140421-2_all.deb 388dffa8914472528aebe06682941befc1afa94c 2845368 selinux-policy-mls_2.20140421-2_all.deb 4ee9d154bba94dd6f026f96c20c42543939b06bd 1201664 selinux-policy-src_2.20140421-2_all.deb 5446a7d7a65d20eb2b4d528867e9700d81e952b0 435268 selinux-policy-dev_2.20140421-2_all.deb 47332be59a4889a04a1f3b4b42d856b437876292 412362 selinux-policy-doc_2.20140421-2_all.deb Checksums-Sha256: bbf6275973b688a8e6f0dc9fdad39629b4ea32fb98b0b6fd2116c366e15d4aaf 1758 refpolicy_2.20140421-2.dsc 232bc394236b20c04825985e71ed54b65ab65293abf9de477642e5e3337a5a6d 67824 refpolicy_2.20140421-2.debian.tar.xz 36a3f97eaee638f7146115faa0cbd4ec5778fe22f96b8d4ad28f61e608cdc075 2805706 selinux-policy-default_2.20140421-2_all.deb c91721adbe094d7f7c1a2e12e0ffd0f4dc29c7211bc5fb0ef277a00bc53cb1c7 2845368 selinux-policy-mls_2.20140421-2_all.deb 73573d1f76c034b8aa6ccd41ed06781d9010c96841b3b35a1e96ff65e93bdb61 1201664 selinux-policy-src_2.20140421-2_all.deb 2903318fb6b06beee1dc99a735c7e5c9161391e3d83188d9966832b6ef36100a 435268 selinux-policy-dev_2.20140421-2_all.deb 37377f34e63b4ac70b79871db945347818e3597d3f3ed300033e9684f70c061a 412362 selinux-policy-doc_2.20140421-2_all.deb Files
Re: socket-based activation has unmaintainable security?
On Thu, 7 Feb 2013, Thomas Goirand z...@debian.org wrote: I think he's referring to allowing processes which require listening to a port under 1024 to run without superuser privileges. I believe our implementation on Debian (e.g. Apache) is to have the process start as root, start listening, and then setuid to an unprivileged user. Which would be the wrong way of doing things / wrong reason for using root as running user, since you can set the CAP_NET_BIND_SERVICE capability... (man capabilities ...) Such capabilities allow the process to bind to all low ports, which usually isn't what you desire. If you want to permit a daemon to bind to exactly one reserved port and no others then it seems that the options are systemd (if the daemon supports socket based activation) and SE Linux. -- My Main Blog http://etbe.coker.com.au/ My Documents Bloghttp://doc.coker.com.au/ -- To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/201302071028.28586.russ...@coker.com.au
Re: Feedback
On Tue, 25 Dec 2012, Mistikos Nik kolus...@yandex.com wrote: Debian use to be really popular. Now only old people use it. Why because new comers will choose a well documented distro over one that doesn't make sense. Life is too short to fuck around. In private mail he said Being anonymous on the internet gives me a thrill that I can do what ever I want without consequence. The user in question is a troll. I also know what I believe to be his real name, address, and phone number. -- My Main Blog http://etbe.coker.com.au/ My Documents Bloghttp://doc.coker.com.au/ -- To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/201212282357.56854.russ...@coker.com.au
Re: Accepted bonnie++ 1.97 (source amd64)
On Fri, 23 Nov 2012, Adam D. Barratt a...@adam-barratt.org.uk wrote: On 23.11.2012 08:47, Russell Coker wrote: Format: 1.8 Date: Fri, 15 Jan 2010 20:26:55 +1100 Really? That was a mistake. I'm afraid I've removed that upload from testing-proposed-uploads. Testing and unstable (and stable!) all have the same version of the package currently, so any updates need to go via unstable, not directly to testing. Sure. Sorry for the inconvenience. I'll upload a new one for unstable. -- My Main Blog http://etbe.coker.com.au/ My Documents Bloghttp://doc.coker.com.au/ -- To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/201211232015.46644.russ...@coker.com.au
Accepted bonnie++ 1.97.1 (source amd64)
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Format: 1.8 Date: Fri, 23 Nov 2012 20:12:46 +1100 Source: bonnie++ Binary: bonnie++ Architecture: source amd64 Version: 1.97.1 Distribution: unstable Urgency: medium Maintainer: Russell Coker russ...@coker.com.au Changed-By: Russell Coker russ...@coker.com.au Description: bonnie++ - Hard drive benchmark suite Changes: bonnie++ (1.97.1) unstable; urgency=medium . * Fixed the changelog and aim it at unstable not wheezy. Checksums-Sha1: eb109126e7e4f5b2d48dfd59d0f6a0810606ea09 745 bonnie++_1.97.1.dsc 7b0ed205725a6526d34894412edb7e29bb9df7b4 102604 bonnie++_1.97.1.tar.gz 57e0a1df68ad2bb26ddf62ae560f2ef2613a1b60 74084 bonnie++_1.97.1_amd64.deb Checksums-Sha256: 1b3f6a5e641a9ac10a5139b0d545f56037c0fcb5b18e22298c0bbc787949f922 745 bonnie++_1.97.1.dsc 44f5a05937648a6526ba99354555d7d15f2dd392e55d3436f6746da6f6c35982 102604 bonnie++_1.97.1.tar.gz be9951ee8f2f43aa585e23c73ef766ae36d38afe86cb7e5168118cdef999e0f6 74084 bonnie++_1.97.1_amd64.deb Files: f6d0722283cb8fa70202955e96b91574 745 utils optional bonnie++_1.97.1.dsc d6cf9703242998b2ddc2d875b028b3c6 102604 utils optional bonnie++_1.97.1.tar.gz 4d207bf606966066b58ffe34e627b81c 74084 utils optional bonnie++_1.97.1_amd64.deb -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.12 (GNU/Linux) iEYEARECAAYFAlCvPpYACgkQwrB5/PXHUlbT4wCfSCiPujiSctzIn0azVYHYe8iQ LiQAnipPQfmGG/TZMZaQEnBQG8x020RY =XbzA -END PGP SIGNATURE- -- To UNSUBSCRIBE, email to debian-devel-changes-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/e1tbpcz-0008g5...@franck.debian.org
Re: systemd
On Thu, 22 Nov 2012, Nikolaus Rath nikol...@rath.org wrote: I read through some of the systemd man page and a little of the original design document. I think I have a rough idea of what systemd thinks it is. But I am not able to form a sound foundation from the ideas systemd describes. No, you are wrong. Your rough idea of systemd is not enough for a useful discussion of systemd or init systems in general. Most of the questions One thing to note is that systemd works reasonably well in Wheezy right now. There are some bugs in some situations, but nothing that makes it difficult to get it going for a quick test. It would be best if everyone who wants to discuss systemd on Debian would just install a Debian test system with systemd and try it out. Reading man pages is no substitute for running a system. Also if anyone wants to criticise systemd then they could start by filing one well researched bug report concerning it. If systemd is that bad then it should be easy to find a bug and file a report. If however it's so good that one can't easily find a bug then criticism probably doesn't make sense. -- My Main Blog http://etbe.coker.com.au/ My Documents Bloghttp://doc.coker.com.au/ -- To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/201211221245.06910.russ...@coker.com.au
Re: Systemd
On Thu, 22 Nov 2012, Kevin Toppins kevin.topp...@gmail.com wrote: I respect that you are free to make up your mind, and I do not want that fundamental freedom to go away. So I ask you, please, just give this more than a passing thought. I know that this is debian's list, but please just look at what I am trying to get you to see. Please install systemd on Debian/Wheezy and tell us how it goes. I've installed it on lots of Debian systems, due to having some problems I don't install it on systems that lack console access at this time. But apart from that case (which I will debug and will be solved before Wheezy+1) I haven't had any problems. It offers some significant benefits for boot time and for daemon reliability. There are still some things we need to work on, the difficulty of managing the journal is one thing that needs to be improved IMHO. But I'm not aware of any impossible problems or changes that inherently require significant new user skills. -- My Main Blog http://etbe.coker.com.au/ My Documents Bloghttp://doc.coker.com.au/ -- To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/201211221533.54125.russ...@coker.com.au
Re: Gentoo guys starting a fork of udev
On Sat, 17 Nov 2012, Paul Wise p...@debian.org wrote: Maybe systemd is faster, but i think being unable to do a normal reboot is an important drawback. systemd reboots just fine. It also kills all processes just like sysvinit does. I have also had problems with systemd not rebooting as fast as sysvinit and sometimes hanging on a reboot or shutdown request. I haven't filed bug reports because I haven't had enough time to investigate it properly (sorry, fixing bugs in my own packages is my priority). We should keep in mind that systemd is still relatively new and should be expected to have some bugs. Some of my virtual servers use sysvinit in Dom0 and systemd in the DomUs. That gives the fast reboot for virtual servers that is convenience and the reliability for the Dom0 which I haven't yet got from systemd. -- My Main Blog http://etbe.coker.com.au/ My Documents Bloghttp://doc.coker.com.au/ -- To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/201211171343.43856.russ...@coker.com.au
Re: major linux problems summary 2012
On Sun, 4 Nov 2012, Salvo Tomaselli tipos...@tiscali.it wrote: Linux/open source developers are usually not interested in fixing bugs if they cannot easily reproduce them. This problem plagues virtually all Open Source projects. Well in proprietary software you are usually required to blindly purchase an upgrade and hope that the bugs afflicting you have been fixed. It's actually worse than that. Sometimes a major upgrade to commercial software is impossible due to dependencies on other software and the vendor refuses to provide a minor fix. One example that I encountered was a memory leak in syslogd on Solaris 2.6. It probably would have been easy for me to fix if I had the source, but it was proprietary. It couldn't be upgraded because major upgrades to a working system are always painful and because we weren't sure that the proprietary applications would work well. So I put in a cron job to restart the buggy daemon. After upgrading the network in question to Linux there were no problems like that. On Sun, 4 Nov 2012, Russ Allbery r...@debian.org wrote: These sorts of articles seem to always be written as if the author honestly expects the list to be some sort of profound revelation. That no one even realizes these problems exist, and that now that they've been identified and put into a list, this will somehow be helpful in solving them. For every difficult problem there is a simple solution which is wrong. -- My Main Blog http://etbe.coker.com.au/ My Documents Bloghttp://doc.coker.com.au/ -- To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/201211041023.13700.russ...@coker.com.au
Re: Discarding uploaded binary packages
On Thu, 18 Oct 2012, Michael Gilbert mgilb...@debian.org wrote: Maybe someone would be interested in writing a lintian check for these issues? Something a bit more advanced than this $ strings /sbin/dhclient | grep ^PATH PATH=/home/zero79/source/git/isc-dhcp/debian/tmp/usr/sbin:/sbin:/bin:/usr/s bin:/usr/bin would have caught the issue (advanced aspect being that reasonable paths are ok'd). Having a PATH set isn't a problem if it's set to something like /sbin:/bin or something else restrictive. The PATH isn't the problem here anyway it's the use of a directory under /home which would potentially be a problem if it's used for configuration files or data files. We could have a lintian warning for any occurance of the string /home in a packaged file and have error conditions for /build and the current value of $HOME for the account running lintian. -- My Main Blog http://etbe.coker.com.au/ My Documents Bloghttp://doc.coker.com.au/ -- To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/201210181320.44098.russ...@coker.com.au
Re: Discarding uploaded binary packages
On Thu, 18 Oct 2012, Paul Wise p...@debian.org wrote: On Thu, Oct 18, 2012 at 10:20 AM, Russell Coker wrote: We could have a lintian warning for any occurance of the string /home in a packaged file and have error conditions for /build and the current value of $HOME for the account running lintian. Based on a quick grep of /usr/bin on my laptop, this is going to have a fair number of false positives; commented out paths, paths in POD documentation, URLs, paths outside of /home that include /home in their name somewhere. For a warning it doesn't matter much if we have a few false-positives. For the error conditions that I suggest for /build and $HOME I find it difficult to imagine false-positives except the case where a DD uses their own home directory as an example in help text, and that can't be a good practice anyway. -- My Main Blog http://etbe.coker.com.au/ My Documents Bloghttp://doc.coker.com.au/ -- To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/201210181337.00861.russ...@coker.com.au
Re: Discarding uploaded binary packages
On Tue, 16 Oct 2012, Jakub Wilk jw...@debian.org wrote: * martin f krafft madd...@debian.org, 2012-10-16, 08:21: This is my opinion but I admit I have not followed previous discussions on the subject http://lists.debian.org/debian-security/2004/09/msg00014.html We have not cared enough for almost 20 years that 9 out of 10 binary packages in use (i386 until 2005, amd64 since then) are built on machines that are individually maintained according to widely varying security standards to do anything about it, AFAICT. What makes a buildd more secure than a machine of J. Random Developer? I'm honestly curious. I believe that the sysadmin skill of the people who run the build servers is greater than that of most DDs. The Debian servers are run in relatively secure environments as opposed to DD workstations being laptops that are often stored in hotel rooms and other fairly insecure environments. There are a fairly small number of Debian servers. So even if the probability of system compromise for a Debian server was the same as for a laptop owned by a random DD the fact that DD workstations outnumber Debian servers by at least 200:1 makes them more of a risk. One final think to note is that if an attacker manages to compromise a Debian server they will probably start by compromising the workstation used by a random DD. So I don't think that the case of a compromised server with thousands of secure workstations is a case to prepare for, but the case of compromised workstation(s) before a compromised server is one to prepare for. -- My Main Blog http://etbe.coker.com.au/ My Documents Bloghttp://doc.coker.com.au/ -- To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/201210162300.31295.russ...@coker.com.au
Re: Discarding uploaded binary packages
On Tue, 16 Oct 2012, Arno Töll a...@debian.org wrote: On 16.10.2012 14:00, Russell Coker wrote: There are a fairly small number of Debian servers. So even if the probability of system compromise for a Debian server was the same as for a laptop owned by a random DD the fact that DD workstations outnumber Debian servers by at least 200:1 makes them more of a risk. Not a strong argument. The impact of a compromise of a buildd [or J Random Developer's machine running the buildd] is substantially higher given the compromise would affect 30k source packages, as opposed to [1, $whatever_gregoa_maintains_today[ of packages distributed amongst 950+ individual machines. An attacker wouldn't want to compromise all 30K packages, that would increase the risk of detection without increasing the benefit. They would want to compromise a very small number of relatively common packages. For example they could compromise Apache or a library it depends on, some library that is used by both KDE and GNOME, dash, bash, or a library used by shells. Compromising 100% of systems with a high probability of detection would be a lot less useful than compromising 50% with a low probability of detection. So compromising the workstation of a random DD who packages only some programs that aren't particularly popular wouldn't be a very effective attack in the short term. But using such an attack to target other DDs would be easier than using it to target build servers. For example an attacker who compromised a single program could file a bug report saying that it gave a SEGV when run with a new version of a particular library and have a good chance that the maintainer of the library would do a test... Moreover, if you go down that path, you do not win anything of the state being, as an attacker can still make a sourceful upload which enters the archive unaudited as well. The advantage for the good people is that source can be audited. While it is difficult to audit source it's possible without huge effort, particularly as the changes made in the process of Debian packaging are generally small when compared to the upstream source. Currently we have no certainty of the version of the libraries and compiler used for building a package. So if a package has a different binary when it's rebuilt that isn't evidence of attack. Determining what parts of the binary change might be due to actual differences in operation of the program as opposed to the same logic with different compilation is going to take some work. Comparing two different versions of a Debian package at the source level to determine if the changes appear to match the changelog shouldn't be THAT difficult. Comparing two different binaries is going to be a lot harder. -- My Main Blog http://etbe.coker.com.au/ My Documents Bloghttp://doc.coker.com.au/ -- To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/201210170023.43896.russ...@coker.com.au
Re: Discarding uploaded binary packages
On Wed, 17 Oct 2012, Barry Warsaw ba...@python.org wrote: I also think allowing source-only uploads makes for easier contributions, and thus hopefully more contributions. Why would it be easier? Surely we still want people to build packages first to ensure that we don't needlessly get FTBFS bugs. -- My Main Blog http://etbe.coker.com.au/ My Documents Bloghttp://doc.coker.com.au/ -- To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/201210171136.24758.russ...@coker.com.au
Re: nacl and CPU frequency.
On Sun, 23 Sep 2012, Thomas Preud'homme robo...@celest.fr wrote: Le dimanche 23 septembre 2012 01:42:01, Ben Hutchings a écrit : So the build process is trying to determine which method will work? Then what if it settles on some method that is available on the build machine's kernel, but not the target distribution's kernel? I think you need to either (1) make it defer this to run-time or (2) force the decision at build-time, and be conservative. If I understood correctly he is ready to patch the build system to use a specific method for this precise reason but is asking which method would work on all Debian system. How can build-time recognition of CPU features be useful in any way for Debian? We can usually be certain that most systems which run the code will have different CPUs to the system used for building. If hard-coding the number to some reasonable value isn't good enough then code needs to be written to detect it at run-time. -- My Main Blog http://etbe.coker.com.au/ My Documents Bloghttp://doc.coker.com.au/ -- To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/201209232052.27861.russ...@coker.com.au
Re: nacl and CPU frequency.
On Sun, 23 Sep 2012, peter green plugw...@p10link.net wrote: In order to build successfully nacl needs to determine the CPU frequency (the CPU frequency determined at build time is not used in the final binaries afaict but if it's not determined then the build will fail as it will consider the implementation broken and if it can't find any non-broken implementations it won't build). If the build process is trying to discover information that it then discards then why not just patch it to not do so? Surely you as the DD can determine which architectures aren't broken and configure the package to only build on them. -- My Main Blog http://etbe.coker.com.au/ My Documents Bloghttp://doc.coker.com.au/ -- To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/201209230117.50039.russ...@coker.com.au
Re: greater popularity of Debian on AMD64?
On Sat, 8 Sep 2012, Henrique de Moraes Holschuh h...@debian.org wrote: If 64-bit PC is too vague, the alternative designator for the amd64 arch is the vendor neutral x86-64. The vendor-neutral designator for all of i386, i486, i586, i686, amd64 and x32 is x86 (i.e. it is for both 32-bit and 64-bit). i286, i186 and 8086 are too old to bother with :-) Why should we be vendor-neutral? AMD invented the AMD64 instruction set. Intel invented the 386 instruction set and we call it i386. Why be vendor-neutral for things that AMD invents when we aren't vendor- neutral for things that Intel invents? -- My Main Blog http://etbe.coker.com.au/ My Documents Bloghttp://doc.coker.com.au/ -- To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/201209091016.07379.russ...@coker.com.au
Re: CD sizes again (and BoF reminder!)
On Mon, 23 Jul 2012, Adam Borowski kilob...@angband.pl wrote: You tested ext4. On btrfs, dpkg is around an order of magnitude slower, making using it without eatmydata a laughable idea. And that's on a filesystem whose features include: * transactions (so all dpkg processing could be done without a single fsync) How would it do that? Presumably we need some dpkg changes to get that result. * writeable snapshots (if you happen to get a power loss right during an untransacted dpkg run with eatmydata, all you need is a [re]boot with subvol=my_last_checkpoint) How would we do that? Make a snapshot and modify the boot loader configuration before the installation and then fix the boot loader afterwards? Also if you have a separate filesystem for /usr or if a postinst script does something to /var on a separate filesystem then using a snapshot might not get the result you desire. Of course you could snapshot other filesystems (as long as /var doesn't happen to contain a live database or something else you don't want to lose). I don't think we can easily solve these problems automatically unless we can put some BTRFS specific code in dpkg. I agree that it would be good to have a configuration option to have dpkg not call sync, the data integrity of a system is the responsibility of the sysadmin and we should respect their choices. As an aside, I haven't had a serious problem with BTRFS root yet. I've got one system that's been running wheezy for a couple of weeks and there haven't been any updates that have been big enough to be a problem. -- My Main Blog http://etbe.coker.com.au/ My Documents Bloghttp://doc.coker.com.au/ -- To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/201207231030.48469.russ...@coker.com.au
Re: EFI in Debian
On Tue, 10 Jul 2012, Thomas Preud'homme robo...@celest.fr wrote: When the flaws was exploited, then the attacker had sufficient access to change e.g. EFI and could thus have done whatever nasty things he wanted on the system. And as long as the system is not rebooted, nothing can prevent it to do so. http://etbe.coker.com.au/2011/12/28/secure-boot-protecting-against-root/ I've written a blog post about some of the issues related to secure boot at the above URL. Some of the problems include the fact that workstations have a lot of uptime nowadays (so a machine that has a trojan in RAM is likely to stay that way for a while) and that an attack which is performed once can be performed on every boot. http://www.coker.com.au/selinux/play.html Also in that post I address the apparently common misconception that secure boot makes it impossible for a remote root user to damage the system. As an aside I have a Wheezy based SE Linux Play Machine online right now, it demonstrates root as an account that can't damage the system - but that root account also can't be used for system administration... From this, I came to the conclusion that secure boot only provides additional security when the administrator discover the flaws, either via a CVE/DSA/whatever announce, or because he realized the system is having a strange behavior (ex: something suspicious in the logs). Then, he will try to patch the flaw by upgrading its kernel and want to be sure at reboot that the malware didn't manage to infect the patched kernel in the mean time. In other words, the administrator want to be sure at reboot that the problem is solved (at least for this flaw, there could be other flaws of course but they need to be found). The problem with that is the wide variety of ways that the system is configured. We would need some way to verify, inspect, or revert every change to a security sensitive config file to restore a compromised system. Signing every config file isn't viable as you can't sign it locally (and taking every changed config file from a disconnected system is a PITA). Inspection isn't good as even competent sysadmins will have a hard time recognising every potential mistake in a config file. Reverting changes (IE wiping /etc on upgrade) is unpleasant, but maybe we could have a patch management system to treat all changes to /etc as patches. This might be viable. At last, there is the question of what to sign. If we want secure boot to be really useful then we should sign all the way from the bootloader to the kernel modules. No. The easiest way of doing that properly would be to have a filesystem that includes signing and not allow high integrity processes (either processes with a high integrity label according to Biba or a system domain in SE Linux) to read files that weren't signed. The harder way of doing that would be to have the system dynamic loader, every interpreter (the shell, Perl, etc), and every important process that reads a config file (IE most daemons) check signatures on all files. There's really not much benefit in having a signed kernel and modules if you can have a trojan loaded from /root/.bashrc ! -- My Main Blog http://etbe.coker.com.au/ My Documents Bloghttp://doc.coker.com.au/ -- To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/201207102108.57283.russ...@coker.com.au
Re: EFI in Debian
On Sun, 8 Jul 2012, Wookey woo...@wookware.org wrote: The distinction is between x86 and ARM, and the Windows 8 cert requirements for ARM appear to have as their goal to prevent any other OS to be bootable on that hardware. Which is pretty outrageous IMHO and may well become a serious problem once PC-like ARM hardware becomes widely available (laptops and capable tablets). It is very disappointing that once they agreed to free-up x86 everyone said, 'oh that's alright then', failing to appreciate that ARM hardware will (likely) be just as ubiquitous as x86 quite soon. Hopefully enough people will produce hardware that isn't crippled in this way, but if Windows 8 is a popular platform one may get a greatly restricited choice. I expect that by most metrics Android phones outsell PCs nowadays (largely because phone contracts encourage replacement every 2 years and some portion of the phones break before then). A significant portion of the Android phones sold are locked down such that you can't change which version of the kernel you run and can't get root access in any reasonable manner. The iPhone has a comparable market volume to Android phones and is uniformly locked down. In terms of making ARM systems less free it doesn't seem to me that the MS initiative in this regard is making things much worse than they are at the moment. Also it should be noted that while porting Linux to an ARM device designed for Windows (such as a Windows phone) would probably take a lot of work it's relatively easy to get your own Linux build on an Android phone if it's not locked down. -- My Main Blog http://etbe.coker.com.au/ My Documents Bloghttp://doc.coker.com.au/ -- To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/201207090034.03088.russ...@coker.com.au
Re: Proposal for stage-1 boot loader for use with SecureBoot [Re: [Long] UEFI support]
On Fri, 6 Jul 2012, Rick Thomas rbtho...@pobox.com wrote: We need a stage-1 boot loader, signed by somebody trusted (FSF? SFLC?) with a key that will be recognized by the SecureBoot BIOS. This is an un-changable binary blob, so it can't be GPL (is this a problem?) There is no reason why GPL source can't be used for an unchangable binary. As long as the source is supplied then it's not a problem. Every Debian package is an unchangable binary, we don't change binaries we just replace them with newer versions. There is a huge range of embedded devices with the Linux kernel (and other GPL software) in ROM which almost never get updated. A Linux kernel in a mobile phone which has a locked boot loader is no different in terms of license from a secure boot loader under the GPL. Using GPL licensed software to enforce signature checks is not a problem either. We have GPG (and many other programs) for checking signatures and doing encryption and we have SE Linux (and many other options) for access control. -- My Main Blog http://etbe.coker.com.au/ My Documents Bloghttp://doc.coker.com.au/ -- To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/201207061458.32921.russ...@coker.com.au
Re: Improving our response to duplicate packages in Debian
On Sat, 30 Jun 2012, Michael Hanke m...@debian.org wrote: I think this is approaching the problem from the wrong end. Instead of preserving the status quo and asking oracles to predict the future we should have better means of removing software that has proven to be inferior of an equivalent alternative in Debian. The advantage is that we have objective criteria to be able to make an informed decision -- not a guess based on heuristics and opinion. The disadvantage is that it imposes work on other volunteers -- but see below... More automated bug filing systems would be a good thing. If a package doesn't get used much then it tends not to get bug reports or NMUs so it can quietly languish without anyone noticing. If you maintain more than a few packages it's easy to forget about some that don't get bug reports. We really need to find better ways to involve new users in core teams, and that means removing from our collective consciousness the idea that you come in Debian to package your new favorite piece of software. I have to disagree -- and I would even make the bold claim that packaging your favorite piece of software is a very common (if not the most common) entry point for people into Debian. One could see the pet projects as the price we need to pay to make participation in Debian very attractive (not even talking about the role that pet projects play in the context of perceived universality of Debian) . Getting people to participate in Debian, make them become confident and experienced is IMHO a requirement for increasing the chance of anyone joining core teams. Yes. Also I don't think that the members of core teams really want to have people learning while maintaining their packages. When people inevitably stuff up while learning things it's good to do so while working on something that's not so important. -- My Main Blog http://etbe.coker.com.au/ My Documents Bloghttp://doc.coker.com.au/ -- To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/201206301716.05650.russ...@coker.com.au
Accepted portslave 2010.04.19.1 (source amd64)
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Format: 1.8 Date: Sat, 30 Jun 2012 17:05:33 +1000 Source: portslave Binary: portslave Architecture: source amd64 Version: 2010.04.19.1 Distribution: unstable Urgency: high Maintainer: Russell Coker russ...@coker.com.au Changed-By: Russell Coker russ...@coker.com.au Description: portslave - Terminal server that does PPP and authenticates via RADIUS Closes: 679603 Changes: portslave (2010.04.19.1) unstable; urgency=high . * Needs to be recompiled to work with the wheezy pppd. High urgency because it currently entirely fails to work. Closes: #679603 Checksums-Sha1: 29dd7a60e4ae6e48698f08c050722aa05c4cd3e6 799 portslave_2010.04.19.1.dsc f6d06bcdae11d031632f5b5cd6eea49526bacbdb 173232 portslave_2010.04.19.1.tar.gz b465a81556f18429afb43b6316bad810eec09c01 89328 portslave_2010.04.19.1_amd64.deb Checksums-Sha256: 9d9cd7a7c21b1d9e64b9159c0b76fb615d8c363aa896fb79afdb416d81290639 799 portslave_2010.04.19.1.dsc 23bbfc85895a263a4f3f8aa658ce9ca173ebaf80a6eaaa6a38dae7be79d9b1a4 173232 portslave_2010.04.19.1.tar.gz 700f0c1771cd9fd8543757a78c9a729b9e9bee96e6cafdb9ea8624241e7f335b 89328 portslave_2010.04.19.1_amd64.deb Files: 7ff836c9aae944c98a9bc950980b6c34 799 comm optional portslave_2010.04.19.1.dsc ce5db3389330dbc35f8b3bbca93f7c88 173232 comm optional portslave_2010.04.19.1.tar.gz d1022d73a4470cb675776ce871e567fe 89328 comm optional portslave_2010.04.19.1_amd64.deb -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.12 (GNU/Linux) iEYEARECAAYFAk/updAACgkQwrB5/PXHUlaOHgCgn45XWZABkcAQ6vrHcmoUFyBa fgwAn2T9OoirYSJBHNm5pDPUt5kKDMQX =kmWp -END PGP SIGNATURE- Accepted: portslave_2010.04.19.1.dsc to main/p/portslave/portslave_2010.04.19.1.dsc portslave_2010.04.19.1.tar.gz to main/p/portslave/portslave_2010.04.19.1.tar.gz portslave_2010.04.19.1_amd64.deb to main/p/portslave/portslave_2010.04.19.1_amd64.deb -- To UNSUBSCRIBE, email to debian-devel-changes-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/e1skrxm-0002th...@franck.debian.org
Accepted refpolicy 2:2.20110726-9 (source all)
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Format: 1.8 Date: Sat, 30 Jun 2012 19:19:57 +1000 Source: refpolicy Binary: selinux-policy-default selinux-policy-mls selinux-policy-src selinux-policy-dev selinux-policy-doc Architecture: source all Version: 2:2.20110726-9 Distribution: unstable Urgency: high Maintainer: Debian SELinux maintainers selinux-de...@lists.alioth.debian.org Changed-By: Russell Coker russ...@coker.com.au Description: selinux-policy-default - Strict and Targeted variants of the SELinux policy selinux-policy-dev - Headers from the SELinux reference policy for building modules selinux-policy-doc - Documentation for the SELinux reference policy selinux-policy-mls - MLS (Multi Level Security) variant of the SELinux policy selinux-policy-src - Source of the SELinux reference policy for customization Closes: 678392 679277 Changes: refpolicy (2:2.20110726-9) unstable; urgency=high . * Enable UBAC as roles aren't useful. I recommend using only roles user_r and unconfined_r and using UBAC (constraining users from sharing files between identities) where you would previously have used roles. * Made cron jobs run in regular user domains such as unconfined_t and user_t Closes: #679277 * Had the wrong timestamp on the last upload, corrected it for the record. * Allow ftpd to create sock_file objects under /var/run for proftpd * Change readahead policy to support memlockd. * Allow devicekit_power_t, devicekit_disk_t, kerneloops_t, and policykit_t to send dbus messages to users. * Grant systemd utilities access to selinuxfs so they can correctly label directories Closes: #678392 * Assigned type consolekit_var_run_t to /var/run/console(/.*)? because it's created and managed by consolekit nowadays. * Created tunable allow_ssh_connect_reserved_ports to allow ssh client to connect to reserved ports. * Correctly label all perdition binaries, give perdition_t dac_override, and allow perdition_t to create it's own pid directories. * Label /etc/dansguardian as squid_etc_t * Allow devicekit_power_t to access acpi device and read udev tables and allow devicekit_disk_t to read udev tables. * Allow sshd_t to write to fifos inherited from systemd * High urgency because we really need to have working cron jobs!!! * Removed the postinst code to upgrade from pre-squeeze packages. Checksums-Sha1: 5443578c79f62c55398d57b766ab7358652a202f 1702 refpolicy_2.20110726-9.dsc 7eb68a563dd802a79007bbae38d3e8f20b2fd71f 204748 refpolicy_2.20110726-9.debian.tar.gz b10d48e9235eefbbfe84e625f9fa1044bd7679f9 4296828 selinux-policy-default_2.20110726-9_all.deb 674e6454a2f7cff331df4c02570e12022be6a05e 4337300 selinux-policy-mls_2.20110726-9_all.deb fd611e0e914fa7d04a4cfd7ab28e3994acc5847f 1058068 selinux-policy-src_2.20110726-9_all.deb 06d6d8cd93bd8447c43effe5625cca9675f6c572 888388 selinux-policy-dev_2.20110726-9_all.deb c4a68338e95d3947d2fca271a2ff7d4a8d1011a0 518472 selinux-policy-doc_2.20110726-9_all.deb Checksums-Sha256: adad55dc0c4c20acc52aa6db1819a23dbbc6c3bb8e67e7e0c02959c9e475b31f 1702 refpolicy_2.20110726-9.dsc 200dc23da2d462038a4955ac87ebf2235e95bcdb03c33c8dba1d4f45b870ad87 204748 refpolicy_2.20110726-9.debian.tar.gz 1f860b526e2fc9a538a743ccf82ddc9ed9106ebbe71571a281a67c8666773353 4296828 selinux-policy-default_2.20110726-9_all.deb cc471ba95f275ce9f1315846ac7739ed13026022f69ca88eb2ad59fade0f3f3c 4337300 selinux-policy-mls_2.20110726-9_all.deb 6db1ad3d95992885d873f0a483f3268dce502bd0c1e625c4ca4951515ec2db5d 1058068 selinux-policy-src_2.20110726-9_all.deb 2bab7d16b1b362e160a9b75bdf589b14d5b9553fa325bd6ae93721cb447a 888388 selinux-policy-dev_2.20110726-9_all.deb eec7463f78f2370278e0e1945c1e5697a7a707ba419c9d63071ccda2f9911971 518472 selinux-policy-doc_2.20110726-9_all.deb Files: b7464fa40795bb6182ebde0e697fff5a 1702 admin optional refpolicy_2.20110726-9.dsc a8035cf66083be25ea232697d6c32c6e 204748 admin optional refpolicy_2.20110726-9.debian.tar.gz 768335906dfbd7c34b25f6484afb8875 4296828 admin optional selinux-policy-default_2.20110726-9_all.deb d56488b7c93aeccca7920241c94367fb 4337300 admin extra selinux-policy-mls_2.20110726-9_all.deb 1a5675c480bac0e82ce74c9b3a7aa10b 1058068 admin optional selinux-policy-src_2.20110726-9_all.deb 6f197d9bbbeb644505dc88f1d80f53ef 888388 admin optional selinux-policy-dev_2.20110726-9_all.deb f04820eb2d9fd8086e3ec018f8107a9a 518472 doc optional selinux-policy-doc_2.20110726-9_all.deb -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.12 (GNU/Linux) iEYEARECAAYFAk/uzMIACgkQwrB5/PXHUlbu9QCfYCbJz91/XCy5a0IFH4Ju0FHG 1WEAn04znJL+N4RB+dqgsUFSNF0DG+Ts =5DgB -END PGP SIGNATURE- Accepted: refpolicy_2.20110726-9.debian.tar.gz to main/r/refpolicy/refpolicy_2.20110726-9.debian.tar.gz refpolicy_2.20110726-9.dsc to main/r/refpolicy/refpolicy_2.20110726-9.dsc selinux-policy-default_2.20110726-9_all.deb to main/r/refpolicy/selinux-policy
Accepted policycoreutils 2.1.10-9 (source amd64)
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Format: 1.8 Date: Tue, 26 Jun 2012 17:22:05 +1000 Source: policycoreutils Binary: policycoreutils Architecture: source amd64 Version: 2.1.10-9 Distribution: unstable Urgency: high Maintainer: Debian SELinux maintainers selinux-de...@lists.alioth.debian.org Changed-By: Russell Coker russ...@coker.com.au Description: policycoreutils - SELinux core policy utilities Closes: 474956 677759 678590 Changes: policycoreutils (2.1.10-9) unstable; urgency=high . * Revert the munging of setrans.conf which was introduced in 2.1.10-7. Closes: #677759 * Made mcstrans ignore a line containing s0= to properly solve the original problem. * Made the mcstrans init script not return an error when you stop it twice. * Included a new version of open_init_pty that doesn't take 100% CPU time. Closes: #474956 * Removed sandbox because it's a new feature that we never had working, also removed seunshare because it's not needed and brought in an annoying dependency on libcgroup1 Closes: #678590 Checksums-Sha1: 87e9a4324ad13cb740c5b36e20f9a19b85c4bcc1 1728 policycoreutils_2.1.10-9.dsc 21a18a5195a7ecc84a75de8428180fcbdcf329cf 548723 policycoreutils_2.1.10-9.debian.tar.gz 61e884354efd14f1b863fefd470ee115f9d49ad6 614194 policycoreutils_2.1.10-9_amd64.deb Checksums-Sha256: def20109a96891e837d3e476ba9ee812a7d1b4ff97db3298439e0762d5e49693 1728 policycoreutils_2.1.10-9.dsc 287ec5804ccbe6693abb79ed76fbc61285e4a6534b06914d0fd1debb039ac4e9 548723 policycoreutils_2.1.10-9.debian.tar.gz 1ab862839f05d6021ccfc61d59134344f8be57f30358ef8e3fb2a28a97b758ad 614194 policycoreutils_2.1.10-9_amd64.deb Files: 07a0d135eb556a5c11da1f9a536b703b 1728 utils optional policycoreutils_2.1.10-9.dsc 02c6c00a0970a5f01a5ceff3d09bd92a 548723 utils optional policycoreutils_2.1.10-9.debian.tar.gz 25101dc0267d9ca713e1e0533fb5e7ef 614194 utils optional policycoreutils_2.1.10-9_amd64.deb -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.12 (GNU/Linux) iEYEARECAAYFAk/pbCgACgkQwrB5/PXHUlZQnQCdF3fLLTNHUfs7PW1UKXdgr78v fkQAn2kVEM307SMp5ioSRkx5SE8aw1wC =REkr -END PGP SIGNATURE- Accepted: policycoreutils_2.1.10-9.debian.tar.gz to main/p/policycoreutils/policycoreutils_2.1.10-9.debian.tar.gz policycoreutils_2.1.10-9.dsc to main/p/policycoreutils/policycoreutils_2.1.10-9.dsc policycoreutils_2.1.10-9_amd64.deb to main/p/policycoreutils/policycoreutils_2.1.10-9_amd64.deb -- To UNSUBSCRIBE, email to debian-devel-changes-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/e1sjrvv-0001c7...@franck.debian.org
Accepted refpolicy 2:2.20110726-8 (source all)
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Format: 1.8 Date: Sat, 23 Jun 2012 21:43:46 +1000 Source: refpolicy Binary: selinux-policy-default selinux-policy-mls selinux-policy-src selinux-policy-dev selinux-policy-doc Architecture: source all Version: 2:2.20110726-8 Distribution: unstable Urgency: high Maintainer: Debian SELinux maintainers selinux-de...@lists.alioth.debian.org Changed-By: Russell Coker russ...@coker.com.au Description: selinux-policy-default - Strict and Targeted variants of the SELinux policy selinux-policy-dev - Headers from the SELinux reference policy for building modules selinux-policy-doc - Documentation for the SELinux reference policy selinux-policy-mls - MLS (Multi Level Security) variant of the SELinux policy selinux-policy-src - Source of the SELinux reference policy for customization Changes: refpolicy (2:2.20110726-8) unstable; urgency=high . * Allow dbus domains to search cgroup dirs and init_var_run_t * Have init_t transition to devicekit_power_t and devicekit_disk_t for systemd. * Allow user domains to create netlink_kobject_uevent_socket objects * Put dansguardian in squid_t * Fixed error in portslave.te that prevented module insertion * Allow postgrey_t to exec bin_t for perl and self:netlink_route_socket access * Allow dac_override access to arpwatch_t * Add tcsd.pp (for trousers) to the policy packages * Add nut.pp for the nut-server package to the policy packages * Load irqbalance.pp if irqbalance Debian package is installed, same for kerneloops, tcsd.pp/trousers, nut.pp/nut-server, and smartmon.pp/smartmontools. * High urgency because the support for tcsd and nut really needs to be tested (and it's broken badly for those people) and portslave.pp is also badly broken in previous versions. Checksums-Sha1: 9b59bd0c9a29573911a78a75163bf8c92b4e7411 1702 refpolicy_2.20110726-8.dsc cff4ff9d9187d8d2091bf3d10f55f07408437b5f 198866 refpolicy_2.20110726-8.debian.tar.gz 9271bbbcfd408d14b6cae173c29455a7a547112c 4289398 selinux-policy-default_2.20110726-8_all.deb b559b2cef91de412b61ccf43ec4f8dfaa553c202 4329178 selinux-policy-mls_2.20110726-8_all.deb 9a6b1a41abafab44038d278e2e7dac41fc52fd03 1052854 selinux-policy-src_2.20110726-8_all.deb 185e9c8c3a170f6667930a4a0294b3af30e4aaab 887470 selinux-policy-dev_2.20110726-8_all.deb 8cdf1fe8744b3610fc5ece8523190777e4b5bc53 517842 selinux-policy-doc_2.20110726-8_all.deb Checksums-Sha256: fc68f55607625257437da3d15c9d0fe00d74818d028f53d9b1f2ca854a41109f 1702 refpolicy_2.20110726-8.dsc 71a2f54471e2f7621079fcd804983e2c9aedf7e108f130d0757db1380c6074c4 198866 refpolicy_2.20110726-8.debian.tar.gz d8abf6cd618522529f2bdaec963c00977ae89ea6328bac68a9b33ed1aafb7364 4289398 selinux-policy-default_2.20110726-8_all.deb 36a3438c3467b836c1d25cc2203c3283121a774c4ed08a65f86c1053d68e173f 4329178 selinux-policy-mls_2.20110726-8_all.deb aaac15c0e23eb42eaec6bdd79a6ad681fa9026a49851dd05ccf4182d46cbac90 1052854 selinux-policy-src_2.20110726-8_all.deb 870a6099ae9a8207ecb860253aeda56f90743519baa53aa784f3c06d0c3e8a48 887470 selinux-policy-dev_2.20110726-8_all.deb 5f85126cd0b43bd326d64606a4451fad6a1a350461b9165111cc8a0db54d7e61 517842 selinux-policy-doc_2.20110726-8_all.deb Files: df035cf2991c1636f66c0e1ff889a568 1702 admin optional refpolicy_2.20110726-8.dsc a5215615084076e68d33fc0e271bfe03 198866 admin optional refpolicy_2.20110726-8.debian.tar.gz 7d077688d5a399e4765c8927703c133e 4289398 admin optional selinux-policy-default_2.20110726-8_all.deb 7e85046adfb84d3c8d9e0355a27e053b 4329178 admin extra selinux-policy-mls_2.20110726-8_all.deb 7a8744b0d8e50fd2d354bf1973c94c31 1052854 admin optional selinux-policy-src_2.20110726-8_all.deb 07ae818ad73f9d6d76a7646ee2d3b81c 887470 admin optional selinux-policy-dev_2.20110726-8_all.deb 86686dd1e5d0856aad4f0d82aa6e9cbe 517842 doc optional selinux-policy-doc_2.20110726-8_all.deb -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.12 (GNU/Linux) iEYEARECAAYFAk/oBOAACgkQwrB5/PXHUlYf6ACcCf8fKKzp5J6idOh5R2Gj3uH5 al0AoIlvYMU9vtLk9uo2rY5qpIp1ZsSK =cV+Y -END PGP SIGNATURE- Accepted: refpolicy_2.20110726-8.debian.tar.gz to main/r/refpolicy/refpolicy_2.20110726-8.debian.tar.gz refpolicy_2.20110726-8.dsc to main/r/refpolicy/refpolicy_2.20110726-8.dsc selinux-policy-default_2.20110726-8_all.deb to main/r/refpolicy/selinux-policy-default_2.20110726-8_all.deb selinux-policy-dev_2.20110726-8_all.deb to main/r/refpolicy/selinux-policy-dev_2.20110726-8_all.deb selinux-policy-doc_2.20110726-8_all.deb to main/r/refpolicy/selinux-policy-doc_2.20110726-8_all.deb selinux-policy-mls_2.20110726-8_all.deb to main/r/refpolicy/selinux-policy-mls_2.20110726-8_all.deb selinux-policy-src_2.20110726-8_all.deb to main/r/refpolicy/selinux-policy-src_2.20110726-8_all.deb -- To UNSUBSCRIBE, email to debian-devel-changes-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas
Re: Report from the Bug Squashing Party in Salzburg
On Thu, 21 Jun 2012, Bernd Zeimetz be...@bzed.de wrote: Seriously, thats all fine stuff, but if having a hangout with 10+ people on google+ helps Debian to get the bugs squashed, I can't see a reason why we should not use it. It is much more pain free to use than any other solution we have in Debian. One might make such claims about any proprietary product. What features does Google+ offer that you believe to be lacking in free software packaged for Debian? What do you think is the easiest way to fix this problem? -- My Main Blog http://etbe.coker.com.au/ My Documents Bloghttp://doc.coker.com.au/ -- To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/201206212255.28961.russ...@coker.com.au
Re: Report from the Bug Squashing Party in Salzburg
On Thu, 21 Jun 2012, Jon Dowland j...@debian.org wrote: On Thu, Jun 21, 2012 at 10:55:28PM +1000, Russell Coker wrote: On Thu, 21 Jun 2012, Bernd Zeimetz be...@bzed.de wrote: Seriously, thats all fine stuff, but if having a hangout with 10+ people on google+ helps Debian to get the bugs squashed, I can't see a reason why we should not use it. It is much more pain free to use than any other solution we have in Debian. One might make such claims about any proprietary product. What features does Google+ offer that you believe to be lacking in free software packaged for Debian? What do you think is the easiest way to fix this problem? This is getting completely ridiculous. Indeed, one can setup and run their own IRC server, because it is free software. We have the choice to do that. If there was a problem with IRC clients not working correctly then setting up a test IRC server to debug the problem would be a good option. Also as IRC is an open protocol there are a number of clients to choose from so when (not if) a client doesn't do something you require there are options. Nevertheless, in practice if you want to work on Debian, you connect to an already-running ircd on the oftc network. (You could spend time setting up and running an ircd, then convince people to connect to it, but perhaps that's time better spent *working on Debian*). Actually I've run an IRC server on a private network for a free software hacking event in the past. One thing I've idly considered is running an IRC server at LUG meetings to coordinate questions for the speaker. I'm not sure how well that would work, but as I can run my own IRC server I have the option of trying it out. Google+ over a slow 3G connection probably wouldn't work. Likewise, those who find IRC hostile, confusing or simply unproductive, could connect to the already running Google+ what-have-you, using an open source browser if one so wishes. If it works for them. I've found Google+ confusing and unproductive. I played with it for a while but didn't discover anything useful apart from a news feed that was a bit like twitter but with an allowance of more than 140 characters. Personally I prefer Jabber. You have the option of using Google's Jabber service (everyone with a Gmail account has access) or your own Jabber server. -- My Main Blog http://etbe.coker.com.au/ My Documents Bloghttp://doc.coker.com.au/ -- To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/201206220002.03384.russ...@coker.com.au
Accepted refpolicy 2:2.20110726-7 (source all)
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Format: 1.8 Date: Thu, 21 Jun 2012 23:15:59 +1000 Source: refpolicy Binary: selinux-policy-default selinux-policy-mls selinux-policy-src selinux-policy-dev selinux-policy-doc Architecture: source all Version: 2:2.20110726-7 Distribution: unstable Urgency: high Maintainer: Debian SELinux maintainers selinux-de...@lists.alioth.debian.org Changed-By: Russell Coker russ...@coker.com.au Description: selinux-policy-default - Strict and Targeted variants of the SELinux policy selinux-policy-dev - Headers from the SELinux reference policy for building modules selinux-policy-doc - Documentation for the SELinux reference policy selinux-policy-mls - MLS (Multi Level Security) variant of the SELinux policy selinux-policy-src - Source of the SELinux reference policy for customization Closes: 676852 677578 678237 Changes: refpolicy (2:2.20110726-7) unstable; urgency=high . [Russell Coker] * Got Chromium working! * Allow user_dbusd_t to access /run/console * Got systemd working Closes: #677578 * Added policy for dirmngr. * Added support for wide-dhcpv6-client. * Remove all refpolicyerr and almost all refpolicywarn instances, removed all obsolete interfaces and fixed syntax errors. Closes: #678237 * Allow all users to run the Postfix mailq command * Lots of little changes. [Mika Pflüger] * Do not ship pyplate.pyc. Closes: #676852 Checksums-Sha1: 2154f0f3fc629824175a664fbc22cf8961d380c6 1702 refpolicy_2.20110726-7.dsc 93ee0bcf2e0ca6797295b463fbf5f3d727c7e4ba 196303 refpolicy_2.20110726-7.debian.tar.gz b2b60f39a753b2f7e8dbec9655a5f9800c8c8b40 4251930 selinux-policy-default_2.20110726-7_all.deb 8122e3fe1df52a39f20a4a9c463f0a64a0cab5b8 4291646 selinux-policy-mls_2.20110726-7_all.deb 302bed0da2fcfc99755c402af83408520365b512 1053136 selinux-policy-src_2.20110726-7_all.deb c0734c9b834412fc189ff98ec3ff72f6151c4566 886950 selinux-policy-dev_2.20110726-7_all.deb 82f4bd0003e8aa57da9f49d291449a3ca75a33ed 517390 selinux-policy-doc_2.20110726-7_all.deb Checksums-Sha256: d972959f3e0a6bc168045ea7609b997533a541043487887387db9547e857aff7 1702 refpolicy_2.20110726-7.dsc 2eebb77b358ab441947fbf1dc23e9aeb477477f7d0404f96dd2bd520bfd90c60 196303 refpolicy_2.20110726-7.debian.tar.gz 0b3c4bda2511485b6449f7566617af5813420f333ea832db857fe012068dcbe4 4251930 selinux-policy-default_2.20110726-7_all.deb 4b837afb4bfba69a84ad926a8587b436e128ac02f79e5b87c555bb2404ae1548 4291646 selinux-policy-mls_2.20110726-7_all.deb 8ffbf68840ad2ff18a8233640a5326bc50b5e09c18a1a0aa7fb67337cde5f07d 1053136 selinux-policy-src_2.20110726-7_all.deb 52da995a9e2110ae13c490df5afaebdb37dfa501f66c6dd762dcc94cd595dc63 886950 selinux-policy-dev_2.20110726-7_all.deb cb1d2c98db04d3e36272342a43201971ca6308a8cd92981610b952f39fe70a33 517390 selinux-policy-doc_2.20110726-7_all.deb Files: ee4d29355fe132a9d0ca6905c54d659b 1702 admin optional refpolicy_2.20110726-7.dsc ab395bb79abf4fce3610f32957cf010d 196303 admin optional refpolicy_2.20110726-7.debian.tar.gz 54af867d377ad695ae9e7f8be602139c 4251930 admin optional selinux-policy-default_2.20110726-7_all.deb 88e721db5859296a6f5b44e2391192ce 4291646 admin extra selinux-policy-mls_2.20110726-7_all.deb d2da9580ff6f8e96e3e3b8e7a0a6563c 1053136 admin optional selinux-policy-src_2.20110726-7_all.deb 6770ac2e33072197bdb4abea24451fdb 886950 admin optional selinux-policy-dev_2.20110726-7_all.deb 1e1aeed8250e3af9b42bd6efc95d2c15 517390 doc optional selinux-policy-doc_2.20110726-7_all.deb -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.12 (GNU/Linux) iEYEARECAAYFAk/jJdoACgkQwrB5/PXHUlYBmACgnE6gO2QZ0QLmcGULm+6QA3+M UWwAnjdFGujJ2cCX9GSlMvCLQcgDoLjU =pxO+ -END PGP SIGNATURE- Accepted: refpolicy_2.20110726-7.debian.tar.gz to main/r/refpolicy/refpolicy_2.20110726-7.debian.tar.gz refpolicy_2.20110726-7.dsc to main/r/refpolicy/refpolicy_2.20110726-7.dsc selinux-policy-default_2.20110726-7_all.deb to main/r/refpolicy/selinux-policy-default_2.20110726-7_all.deb selinux-policy-dev_2.20110726-7_all.deb to main/r/refpolicy/selinux-policy-dev_2.20110726-7_all.deb selinux-policy-doc_2.20110726-7_all.deb to main/r/refpolicy/selinux-policy-doc_2.20110726-7_all.deb selinux-policy-mls_2.20110726-7_all.deb to main/r/refpolicy/selinux-policy-mls_2.20110726-7_all.deb selinux-policy-src_2.20110726-7_all.deb to main/r/refpolicy/selinux-policy-src_2.20110726-7_all.deb -- To UNSUBSCRIBE, email to debian-devel-changes-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/e1shj8k-0002cj...@franck.debian.org
Accepted memlockd 1.1.1 (source amd64)
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Format: 1.8 Date: Wed, 20 Jun 2012 20:06:20 +1000 Source: memlockd Binary: memlockd Architecture: source amd64 Version: 1.1.1 Distribution: unstable Urgency: high Maintainer: Russell Coker russ...@coker.com.au Changed-By: Russell Coker russ...@coker.com.au Description: memlockd - daemon to lock files into RAM Closes: 678161 Changes: memlockd (1.1.1) unstable; urgency=high . * Made it work correctly with systemd, restarts via systemd and doesn't use a pidfile. Closes: #678161 Checksums-Sha1: 941e38906d0e373eaf61a0b9d72ace2ba596fd3a 742 memlockd_1.1.1.dsc 7388ffcda4e421ade516e84d489a8d1d02b5 9503 memlockd_1.1.1.tar.gz 03ca356d5843684a07a6885b459d699d74e6ea5c 13416 memlockd_1.1.1_amd64.deb Checksums-Sha256: 5b4001442867716d83daadfd152363d9fffc29855564279264a741e6a1acd904 742 memlockd_1.1.1.dsc 952d0d6f6665fd090ef0648680ed9a822cb85363443c8c91e8f3699f7ba64247 9503 memlockd_1.1.1.tar.gz a0b91ea33489c277bf78dd3c0495bd92aab7dd50fb240660c06f64cae7e70e1f 13416 memlockd_1.1.1_amd64.deb Files: 2eb8655a6941c565a1063e7278b34ddc 742 admin optional memlockd_1.1.1.dsc 5e7a895b032eaa55f8cf15104e43364d 9503 admin optional memlockd_1.1.1.tar.gz 5773427b6599bbc005d1c0bf710150be 13416 admin optional memlockd_1.1.1_amd64.deb -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.12 (GNU/Linux) iEYEARECAAYFAk/hoxgACgkQwrB5/PXHUla3tQCgli4vGua05eGHB5quJD3iCP/s SlUAmgPdDlEw7J449+w7fVAt9dMcD4JY =/X4y -END PGP SIGNATURE- Accepted: memlockd_1.1.1.dsc to main/m/memlockd/memlockd_1.1.1.dsc memlockd_1.1.1.tar.gz to main/m/memlockd/memlockd_1.1.1.tar.gz memlockd_1.1.1_amd64.deb to main/m/memlockd/memlockd_1.1.1_amd64.deb -- To UNSUBSCRIBE, email to debian-devel-changes-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/e1shif4-0002r3...@franck.debian.org
Accepted refpolicy 2:2.20110726-6 (source all)
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Format: 1.8 Date: Sun, 17 Jun 2012 06:18:01 + Source: refpolicy Binary: selinux-policy-default selinux-policy-mls selinux-policy-src selinux-policy-dev selinux-policy-doc Architecture: source all Version: 2:2.20110726-6 Distribution: unstable Urgency: low Maintainer: Debian SELinux maintainers selinux-de...@lists.alioth.debian.org Changed-By: Russell Coker russ...@coker.com.au Description: selinux-policy-default - Strict and Targeted variants of the SELinux policy selinux-policy-dev - Headers from the SELinux reference policy for building modules selinux-policy-doc - Documentation for the SELinux reference policy selinux-policy-mls - MLS (Multi Level Security) variant of the SELinux policy selinux-policy-src - Source of the SELinux reference policy for customization Closes: 677589 Changes: refpolicy (2:2.20110726-6) unstable; urgency=low . * Added deny_ptrace tunable which some modules depend on * Fixed squid and nrpe policy * Made all necessary changes to allow a KDE login Closes: #677589 * Made all necessary changes for a mail server running Postfix, Courier Maildrop, and Dovecot. Not all mail server configurations will work (MTAs tend to be complex and have lots of interactions) but getting other configurations will be easier now. Checksums-Sha1: e942337dda10ed99432cfc191b37d338cc77036a 1702 refpolicy_2.20110726-6.dsc e96c781d3415672dbdacfbd891a4fda0aaea2c16 188733 refpolicy_2.20110726-6.debian.tar.gz 5365e505230a1af84b18f31b894a3297cebc58d3 4239880 selinux-policy-default_2.20110726-6_all.deb b1bbdd22519f57491a22f10598de1af890b75682 4280990 selinux-policy-mls_2.20110726-6_all.deb fa0ab1100c7affbb066bf9a55e7171d6acbd 1089272 selinux-policy-src_2.20110726-6_all.deb a3e641e1df5784b3f19f14f923767446f4596e53 906748 selinux-policy-dev_2.20110726-6_all.deb 33ded013e65de288bb41933e380c16f77f04516d 644874 selinux-policy-doc_2.20110726-6_all.deb Checksums-Sha256: 7e55d2c6513323a05937b0ee8cd29b1cd8bfff37751962c55d6da3ecb9ce77c7 1702 refpolicy_2.20110726-6.dsc ae1556db9acabae9d701387bc230a339b6f692dda56cdba2be5c0abe72a65cd8 188733 refpolicy_2.20110726-6.debian.tar.gz f01da6d99a122841c73d4e0c27e72fca5121498aa98fa91ff3e6ee6c686282eb 4239880 selinux-policy-default_2.20110726-6_all.deb 61bc83880b040853e9d74d72a576206ce592243cc8c163808cf6e083b55ad850 4280990 selinux-policy-mls_2.20110726-6_all.deb 7338aa08dcccea8ac45b631e9668ed60c4fe98a052b5f808b60890a404fa552e 1089272 selinux-policy-src_2.20110726-6_all.deb 06bc04d0e3ed98e1053b16f5a33e19745867f5ddb28eff2024d02bcd65ec9040 906748 selinux-policy-dev_2.20110726-6_all.deb f287ee3a3b9a5a2a2e3ab0aa260673f972ef84ea2c5b94121b42af99544cd507 644874 selinux-policy-doc_2.20110726-6_all.deb Files: defc8016d9b18169c944fd461def4b06 1702 admin optional refpolicy_2.20110726-6.dsc 8bb5ea283690a39928c0d9a25be12497 188733 admin optional refpolicy_2.20110726-6.debian.tar.gz dc109968a8c6ef7131537765d96708ae 4239880 admin optional selinux-policy-default_2.20110726-6_all.deb 437d517746daa7ada18a39425b37d014 4280990 admin extra selinux-policy-mls_2.20110726-6_all.deb f0f9cfd676143f0d69f10ced1d2874e9 1089272 admin optional selinux-policy-src_2.20110726-6_all.deb c8b68992fd43a36cc437fc0d13818f39 906748 admin optional selinux-policy-dev_2.20110726-6_all.deb 8dd4e8ba6de4ddf0a3928524d9633459 644874 doc optional selinux-policy-doc_2.20110726-6_all.deb -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.12 (GNU/Linux) iEYEARECAAYFAk/deJEACgkQwrB5/PXHUlZuUACgx86NSYxg5TszhtFcwO8U4Hpw QagAn1Jmn6sFL20sUeTlBocumbTKUc/T =PRQ/ -END PGP SIGNATURE- Accepted: refpolicy_2.20110726-6.debian.tar.gz to main/r/refpolicy/refpolicy_2.20110726-6.debian.tar.gz refpolicy_2.20110726-6.dsc to main/r/refpolicy/refpolicy_2.20110726-6.dsc selinux-policy-default_2.20110726-6_all.deb to main/r/refpolicy/selinux-policy-default_2.20110726-6_all.deb selinux-policy-dev_2.20110726-6_all.deb to main/r/refpolicy/selinux-policy-dev_2.20110726-6_all.deb selinux-policy-doc_2.20110726-6_all.deb to main/r/refpolicy/selinux-policy-doc_2.20110726-6_all.deb selinux-policy-mls_2.20110726-6_all.deb to main/r/refpolicy/selinux-policy-mls_2.20110726-6_all.deb selinux-policy-src_2.20110726-6_all.deb to main/r/refpolicy/selinux-policy-src_2.20110726-6_all.deb -- To UNSUBSCRIBE, email to debian-devel-changes-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/e1sg9hz-es...@franck.debian.org
Accepted memlockd 1.1 (source amd64)
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Format: 1.8 Date: Sat, 16 Jun 2012 15:43:44 +1000 Source: memlockd Binary: memlockd Architecture: source amd64 Version: 1.1 Distribution: unstable Urgency: high Maintainer: Russell Coker russ...@coker.com.au Changed-By: Russell Coker russ...@coker.com.au Description: memlockd - daemon to lock files into RAM Closes: 480915 529265 652386 660321 Changes: memlockd (1.1) unstable; urgency=high . * Use wheezy paths for shared objects on i386 and amd64. Also added a new config file option to not log file not found errors so we don't see i386 errors on amd64 and amd64 errors on i386. Closes: #660321, #480915 * Added systemd service file. Closes: #652386 * Added a run-parts style config directory, default is /etc/memlock.d and the config file uses a % to chain to another file or directory. Closes: #529265 Checksums-Sha1: 7e8f6179b520cc741a1666a99e7ed08b5bc1ea1b 734 memlockd_1.1.dsc fa9b58de8b6dd4ea2cf92f7119098d7d110f0290 9460 memlockd_1.1.tar.gz e5243529b3f4f0d59803967aadd67e55d0427dc8 13374 memlockd_1.1_amd64.deb Checksums-Sha256: 03959af16ad46b3ffe9a3a6bfe4e13246331b1b7b6aa29d446f14f4095e1bee9 734 memlockd_1.1.dsc c7d56539a719515fa19d5247ae5bde930bfe72ff5526ffadbb9001e12b9bafdf 9460 memlockd_1.1.tar.gz bc0bfcbe2d82c4ca187e25974e0683fe72c49bf59dfb5e9e98f16b6da0bee55d 13374 memlockd_1.1_amd64.deb Files: cc2578efc1a969463776784f264c1913 734 admin optional memlockd_1.1.dsc 3121d663cb19caf8dc5a39373c67c4cd 9460 admin optional memlockd_1.1.tar.gz 894ac5b328cb8fe25777350e4fdd2ffe 13374 admin optional memlockd_1.1_amd64.deb -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.12 (GNU/Linux) iEYEARECAAYFAk/cHSUACgkQwrB5/PXHUlaWJQCfcMfOIHdv6Tv9/0uOc6Yhhtmx FmUAnR/MTnYyqC4CuLwhCBwn/zvIJ+44 =bHYg -END PGP SIGNATURE- Accepted: memlockd_1.1.dsc to main/m/memlockd/memlockd_1.1.dsc memlockd_1.1.tar.gz to main/m/memlockd/memlockd_1.1.tar.gz memlockd_1.1_amd64.deb to main/m/memlockd/memlockd_1.1_amd64.deb -- To UNSUBSCRIBE, email to debian-devel-changes-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/e1sfoze-kc...@franck.debian.org
