Hi, I saw several bugs where boltd daemon runs as unconfined_service_t. I have prepared new SELinux module for it.
I'll push it to Fedora Rawhide and also Fedora 28 soon. This module will be in permissive mode, which means policy for boltd won't be enforced by kernel, just AVCs will be logged even if the whole system will be in Enforcing state. If you'll find some AVCs related to boltd, please use this bugzilla[1] to report them. [1] https://bugzilla.redhat.com/show_bug.cgi?id=1607974. Thanks, Lukas. -- Lukas Vrabec Software Engineer, Security Technologies Red Hat, Inc. _______________________________________________ devel mailing list -- devel@lists.fedoraproject.org To unsubscribe send an email to devel-le...@lists.fedoraproject.org Fedora Code of Conduct: https://getfedora.org/code-of-conduct.html List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org/message/JRL5KVBNGTTBAK75VGT4FIVIUZDNLRDY/
