Get Gentoo!
gentoo.org sites
gentoo.org Wiki Bugs Forums Packages
Planet Archives Sources
Infra Status
aboutsummaryrefslogtreecommitdiff
Commit message (Expand)AuthorAgeFilesLines
...
* postfix: allow smtpd to mmap SASL keytab filesKenton Groombridge2024-09-212-1/+20
* sysnetwork: allow ifconfig to read usr filesKenton Groombridge2024-09-211-0/+1
* systemd: allow systemd-logind to use sshd pidfdsKenton Groombridge2024-09-211-0/+6
* tests.yml: Add policy diff on PRs.Chris PeBenito2024-09-212-0/+129
* tests.yml: Divide into reusable workflows.Chris PeBenito2024-09-217-232/+490
* Reorder perms and classesfreedom1b28302024-09-21220-759/+759
* devices: Change dev_rw_uhid() to use a policy pattern.Chris PeBenito2024-09-211-2/+2
* device: Move dev_rw_uhid definition.Chris PeBenito2024-09-211-18/+19
* Sepolicy changes for bluez to access uhidAmisha Jain2024-09-212-0/+19
* selinuxutil: make policykit optionalYi Zhao2024-09-211-2/+4
* newrole: allow newrole to search faillock runtime directoryYi Zhao2024-09-212-0/+19
* sysnetwork: fixes for dhcpcdYi Zhao2024-09-211-0/+5
* Adding Sepolicy rules to allow bluetoothctl and dbus-daemon to access unix st...Naga Bhavani Akella2024-09-214-3/+27
* init: Add homectl dbus access.Chris PeBenito2024-09-212-0/+25
* filesystem/systemd: memory.pressure fixes.Chris PeBenito2024-09-213-2/+6
* cloudinit: Add support for cloud-init-growpart.Chris PeBenito2024-09-211-0/+9
* systemd: Add basic systemd-analyze rules.Chris PeBenito2024-09-211-0/+23
* remove unnecessary code2.20240226-r2Grzegorz Filo2024-05-142-6/+0
* Merge upstreamKenton Groombridge2024-05-141-1/+1
* various: various fixesKenton Groombridge2024-05-146-1/+28
* container, crio, kubernetes: minor fixesKenton Groombridge2024-05-143-0/+5
* container, podman: various fixesKenton Groombridge2024-05-143-2/+70
* systemd: allow systemd-sysctl to search tmpfsKenton Groombridge2024-05-141-0/+1
* container: allow containers to getcapKenton Groombridge2024-05-141-1/+1
* container: allow system container engines to mmap runtime filesKenton Groombridge2024-05-141-1/+1
* matrixd: add tunable for binding to all unreserved portsKenton Groombridge2024-05-141-1/+15
* bootloader: allow systemd-boot to manage EFI binariesKenton Groombridge2024-05-142-0/+23
* asterisk: allow binding to all unreserved UDP portsKenton Groombridge2024-05-141-0/+1
* postgres: add a standalone execmem tunableKenton Groombridge2024-05-141-1/+8
* userdom: allow users to read user home dir symlinksKenton Groombridge2024-05-141-0/+3
* dovecot: allow dovecot-auth to read SASL keytabKenton Groombridge2024-05-141-0/+4
* fail2ban: allow reading net sysctlsKenton Groombridge2024-05-141-0/+1
* init: allow systemd to use sshd pidfdsKenton Groombridge2024-05-142-0/+23
* files context for merged-usr profile on gentooGrzegorz Filo2024-05-146-0/+24
* Need map perm for cockpit 300.4Dave Sugar2024-05-141-1/+1
* tests.yml: Add sechecker testing.Chris PeBenito2024-05-143-12/+480
* cockpit: Change $1_cockpit_tmpfs_t to a tmpfs file type.Chris PeBenito2024-05-141-1/+1
* certbot: Drop execmem.Chris PeBenito2024-05-141-4/+0
* xen: Drop xend/xm stack.Chris PeBenito2024-05-1414-408/+54
* Allow systemd to pass down sig maskMatt Sheets2024-05-141-0/+1
* cups: Remove PTAL.Chris PeBenito2024-05-144-109/+7
* xen: Revoke kernel module loading permissions.Chris PeBenito2024-05-141-1/+0
* minissdpd: Revoke kernel module loading permissions.Chris PeBenito2024-05-141-2/+1
* docker: Fix dockerc typo in container_engine_executable_fileChris PeBenito2024-05-141-1/+1
* cron: Use raw entrypoint rule for system_cronjob_t.Chris PeBenito2024-05-141-1/+1
* uml: Remove excessive access from user domains on uml_exec_t.Chris PeBenito2024-05-141-2/+2
* Set the type on /etc/machine-info to net_conf_t so hostnamectl can manipulate...Rick Alther2024-05-141-0/+1
* fix: minor correction in MCS_CATS range commentRick Alther2024-05-141-1/+1
* systemd: allow notify client to stat socketChristian Göttsche2024-05-141-1/+1
* quote: read localizationChristian Göttsche2024-05-141-0/+2