On Sep 12, 2017 12:49 PM, "Christian Göttsche"
wrote:
> This seems to revert what was an intentional change to avoid noise in
> fixfiles check output. See the mailing list discussions that preceded and
> followed the patch.
In my opinion, it's a helpful noise, which is
> This seems to revert what was an intentional change to avoid noise in
> fixfiles check output. See the mailing list discussions that preceded and
> followed the patch.
In my opinion, it's a helpful noise, which is triggered by an intended
file context `<>`.
Is there any hack to get the old
On Tue, Sep 12, 2017 at 10:33 AM, Paul Moore wrote:
> As discussed on the linux-security pull request thread, this is the
> direct SELinux pull request; the content/tag is the same as what I
> sent to James/linux-security earlier:
The contents may be the same, but the base
On Tue, Sep 12, 2017 at 1:36 PM, Dominick Grift wrote:
> On Tue, Sep 12, 2017 at 12:01:35PM -0400, Stephen Smalley wrote:
>> On Sep 12, 2017 7:01 AM, "Dominick Grift" wrote:
>>
>> I have extended socket class polcap enabled but i am still seeing
As discussed on the linux-security pull request thread, this is the
direct SELinux pull request; the content/tag is the same as what I
sent to James/linux-security earlier:
"A relatively quiet period for SELinux, 11 patches with only two/three
having any substantive changes. These noteworthy
On Tue, Sep 12, 2017 at 12:01:35PM -0400, Stephen Smalley wrote:
> On Sep 12, 2017 7:01 AM, "Dominick Grift" wrote:
>
> I have extended socket class polcap enabled but i am still seeing "socket"
> class events and i was wondering whether that is to be expected?
>
> avc:
On Sep 11, 2017 3:45 AM, "Christian Göttsche via Selinux" <
selinux@tycho.nsa.gov> wrote:
Since 1cd972f restorecon does not print a warning in recurse mode for child
files without a default label.
Change it back in verbose mode:
$ touch /run/test.pid
$ restorecon -R /run
$ restorecon -v -R /run
On Sep 12, 2017 7:01 AM, "Dominick Grift" wrote:
I have extended socket class polcap enabled but i am still seeing "socket"
class events and i was wondering whether that is to be expected?
avc: denied { create } for pid=10484 comm="nethogs" scontext=wheel.id:
On Sep 8, 2017 6:49 PM, "Chris PeBenito" wrote:
I believe that all major SELinux distributions have at least Python 3.4
support. Python 3 changeover has gone so long that even 3.3 is about to go
end-of-life [1]. Can we officially drop Python 2.7 support in userspace
code?
I have extended socket class polcap enabled but i am still seeing "socket"
class events and i was wondering whether that is to be expected?
avc: denied { create } for pid=10484 comm="nethogs"
scontext=wheel.id:sysadm.role:nethogs.subj:s0
tcontext=wheel.id:sysadm.role:nethogs.subj:s0
10 matches
Mail list logo