-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On 06/30/2011 02:10 PM, Miroslav Grepl wrote:
On 06/29/2011 07:48 PM, Dominick Grift wrote:
>
> On Wed, 2011-06-29 at 15:07 -0400, Marcos Ortiz wrote:
>> Regards to all the list
>> Where I can find the new features introduced in Fedora 15 and 16 on the
>> SElinux base policy?
>> - Bugs fixes
>> - Support of new applications
>> - New applications to make the System Administrator's work more easy
>>
>> I need this information because I'm preparing a talk about "Advanced
>> PostgreSQL Data Protection with SELinux", so
>> I want in that moment to comment these new features.
>>
>> Any advices is welcome.
>> Thanks a lot for your time
>>
> I usually find out whats new in various ways:
>
> 1. See the policy git repository for new commits ( bugfixes and support
> for new applications)
>
>
http://git.fedorahosted.org/git/?p=selinux-policy.git;a=summary
>
> 2. See the policycoreutils. libsepol, libmanage, checkpolicy changelogs
> for the "user land" related changed.
>
> 3. See the
nsa.gov selinux maillist archives for SELinux changes in the
> kernel.
>
> 4. Keep an eye on dwalsh' livejournal blog. He will often touch on new
> interesting features.
>
> 5. Keep an eye on the
tresys.com refpolicy maillist archives for changes
> to policy upstream
>
> Some of the things that recently added that i can come up with is:
>
> moving /selinux to /sys/fs/selinux
> read policy from /sys/fs/selinux/policy
> named file transitions
https://fedoraproject.org/wiki/Features/SELinuxFileNameTransition
> audit_access capability permission
> various new policy module
> semanage --equiv option
>
> and everything else i forgot...
>
>
>
>
> --
> selinux mailing list
> selinux(a)lists.fedoraproject.org
>
https://admin.fedoraproject.org/mailman/listinfo/selinux
--
selinux mailing list
selinux(a)lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/selinux
You can also get a list of permissive domains for each release which
gives you a good idea of the new confined domains being developed for
that release.
F16 shows
abrt_retrace_coredump_t
abrt_retrace_worker_exec_t
callweaver_t
dspam_t
fail2ban_client_t
gnomeclock_systemctl_t
lldpad_t
mscan_t
puppetca_t
pyicqt_t
rhev_agentd_t
sanlock_t
telepathy_logger_t
traffic_cop_t
traffic_manager_t
traffic_server_t
wdmd_t
zarafa_indexer_t
F15 Shows
gnomeclock_systemctl_t
telepathy_gabble_t
telepathy_sofiasip_t
mock_t
keyboardd_t
telepathy_idle_t
telepathy_mission_control_t
matahari_serviced_t
telepathy_salut_t
zarafa_indexer_t
firewalld_t
telepathy_sunshine_t
colord_t
telepathy_stream_engine_t
systemd_notify_t
systemd_passwd_agent_t
mozilla_plugin_t
matahari_hostd_t
matahari_netd_t
passenger_t
systemd_tmpfiles_t
foghorn_t
telepathy_msn_t
namespace_init_t
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)
Comment: Using GnuPG with Fedora -
http://enigmail.mozdev.org/
iEYEARECAAYFAk4MoSMACgkQrlYvE4MpobMgGACfQ15FFGLSrXROEqXjCz3fFk7u
3/4AoNViLWCkcJ55Lq5ajAa7pa3VEWiG
=Kf8L
-----END PGP SIGNATURE-----