--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2019-b75beee237
2019-02-24 02:32:36.926147
--------------------------------------------------------------------------------
Name : container-selinux
Product : Fedora 29
Version : 2.82
Release : 1.git5e1f62f.fc29
URL :
https://github.com/projectatomic/container-selinux
Summary : SELinux policies for container runtimes
Description :
SELinux policy modules for use with container runtimes.
--------------------------------------------------------------------------------
Update Information:
Support running container runtimes from non privileged users.
--------------------------------------------------------------------------------
ChangeLog:
* Sun Feb 10 2019 Dan Walsh <dwalsh(a)fedoraproject.org> - 2.82-1
- Allow confined users to use containers
* Fri Feb 8 2019 Lokesh Mandvekar (Bot) <lsm5+bot(a)fedoraproject.org> -
2:2.80-3.git21c2be6
- bump to 2.80
- autobuilt 21c2be6
* Thu Feb 7 2019 Dan Walsh <dwalsh(a)fedoraproject.org> - 2.81-1
- Add new labels for paths for containerd
* Thu Jan 31 2019 Fedora Release Engineering <releng(a)fedoraproject.org> -
2:2.80-2.git1b655d9
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild
* Tue Jan 22 2019 Dan Walsh <dwalsh(a)fedoraproject.org> - 2.80-1.nightly.git21c2be6
- Don't allow containers to talk to contianer runtime sockets
* Fri Jan 11 2019 Dan Walsh <dwalsh(a)fedoraproject.org> - 2.79-1
- Fix labeling on /var/lib/registries
* Thu Jan 10 2019 Dan Walsh <dwalsh(a)fedoraproject.org> - 2.78-1
- Fix labeling for images in docker daemon user namespace
* Mon Dec 17 2018 Dan Walsh <dwalsh(a)fedoraproject.org> - 2.77-1
- Allow container-runtime to setattr on fifo_file handed into container runtime.
* Tue Nov 13 2018 Lokesh Mandvekar (Bot) <lsm5+bot(a)fedoraproject.org> -
2:2.752.75-1.dev.git99e2cfd1
- bump to 2.75
- autobuilt 99e2cfd
* Mon Nov 12 2018 Dan Walsh <dwalsh(a)fedoraproject.org> - 2.76-1
- Allow containers to sendto dgram socket of container runtimes
- Needed to run container runtimes in notify socket unit files.
* Tue Oct 30 2018 Dan Walsh <dwalsh(a)fedoraproject.org> - 2.75-1.dev.git99e2cfd
- Allow containers to use fuse file systems by default
* Fri Oct 19 2018 Dan Walsh <dwalsh(a)fedoraproject.org> - 2.74-1
- Allow containers to setexec themselves
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1672891 - Many many AVCs from rootless podman on a system with unconfined
disabled
https://bugzilla.redhat.com/show_bug.cgi?id=1672891
--------------------------------------------------------------------------------
This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2019-b75beee237' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------