F40 proposal: Move /var/run selinux policy entries to /run (System-Wide)

2023-12-22 Thread Zdenek Pytela
/Features/UsrMove [2] https://bugzilla.redhat.com/show_bug.cgi?id=2241366 Owner Name: Zdenek Pytela Email: zpyt...@redhat.com Current status Targeted release: Fedora 40 Last updated: 2023-12-20 FESCo issue: Tracker bug: Release notes tracker: Detailed Description The

Re: Current test branch: Error message systemd-gpt-auto-generator[1169]: Failed to dissect: Permission denied

2022-10-17 Thread Zdenek Pytela
t; https://docs.fedoraproject.org/en-US/project/code-of-conduct/ > List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines > List Archives: > https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org > Do not reply to spam, report it: > https://pagur

Re: Current F37 test branch: probably new SELinux AVCs with libvirt / KVM

2022-10-17 Thread Zdenek Pytela
doraproject.org/wiki/Mailing_list_guidelines > List Archives: > https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org > Do not reply to spam, report it: > https://pagure.io/fedora-infrastructure/new_issue > -- Zdenek Pytela Security SELinux team __

Re: SElinux policy question on F34... lots of "device_t:sock_file write" AVCs

2022-08-22 Thread Zdenek Pytela
t; dropped connections: > > ssh_dispatch_run_fatal: Connection to 192.168.4.3 port 22: message > authentication code incorrect > This cannot be assessed without any data. -- Zdenek Pytela Security SELinux team ___ devel mailing list -- devel@lists.

Re: F36 Change: Plocate as the default locate implementation (Self-Contained Change proposal)

2022-01-21 Thread Zdenek Pytela
devel mailing list -- devel@lists.fedoraproject.org > To unsubscribe send an email to devel-le...@lists.fedoraproject.org > Fedora Code of Conduct: > https://docs.fedoraproject.org/en-US/project/code-of-conduct/ > List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines

Re: F35 3x slower boot than F34

2021-09-13 Thread Zdenek Pytela
//docs.fedoraproject.org/en-US/project/code-of-conduct/ > List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines > List Archives: > https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org > Do not reply to spam on the list, report it: > https://pag

Re: fail2ban: need selinux help!

2021-05-26 Thread Zdenek Pytela
t/code-of-conduct/ > List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines > List Archives: > https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org > Do not reply to spam on the list, report it: > https://pagure.io/fedora-infrastructure > -- Zde

Re: selinux-policy package versioning change

2021-03-30 Thread Zdenek Pytela
On Wed, Mar 31, 2021 at 4:14 AM Chris Murphy wrote: > On Mon, Mar 29, 2021 at 1:56 PM Zdenek Pytela wrote: > > > We do not expect any impact to end users neither to developers unless > the exact version was used somewhere. If there are no objections, we will > make the cha

Re: selinux-policy package versioning change

2021-03-30 Thread Zdenek Pytela
On Wed, Mar 31, 2021 at 12:19 AM James Cassell wrote: > > > On Tue, Mar 30, 2021, at 3:56 PM, Zdenek Pytela wrote: > > > > > > On Mon, Mar 29, 2021 at 10:45 PM justina colmena ~biz > > wrote: > > > I'm still a little bit confused about the SELi

Re: selinux-policy package versioning change

2021-03-30 Thread Zdenek Pytela
n various Fedora editions and spins for the same version. > On Monday, March 29, 2021 11:56:23 AM AKDT Zdenek Pytela wrote: > > Hi, > > > > We plan to change the versioning scheme of the selinux-policy packages. > > > > Based on a request to using tags in selinux-poli

selinux-policy package versioning change

2021-03-29 Thread Zdenek Pytela
(34.1-1). We do not expect any impact to end users neither to developers unless the exact version was used somewhere. If there are no objections, we will make the change in a week time. Cheers, -- Zdenek Pytela SELinux team ___ devel mailing list

selinux-policy-contrib repository merged with selinux-policy

2020-11-26 Thread Zdenek Pytela
[1] https://github.com/fedora-selinux/selinux-policy/ [2] https://github.com/fedora-selinux/selinux-policy-contrib/ [3] https://github.com/fedora-selinux/selinux-policy/README.md -- Zdenek Pytela SELinux policy maintainer ___ devel mailing list -- de

Re: SELinux question

2020-06-26 Thread Zdenek Pytela
gt; https://docs.fedoraproject.org/en-US/project/code-of-conduct/ > List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines > List Archives: > https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org > -- Zdenek Pytela Security controls team _

Re: SELinux is preventing systemctl from read access on the file SecureBoot-8be4df61-93ca-11d2-aa0d-00e098032b8c.

2020-05-18 Thread Zdenek Pytela
> ___ > devel mailing list -- devel@lists.fedoraproject.org > To unsubscribe send an email to devel-le...@lists.fedoraproject.org > Fedora Code of Conduct: > https://docs.fedoraproject.org/en-US/project/code-of-c

Re: F32 selinux denials

2020-03-25 Thread Zdenek Pytela
On Wed, Mar 25, 2020 at 6:30 PM Adam Williamson wrote: > On Wed, 2020-03-25 at 18:17 +0100, Zdenek Pytela wrote: > > > > > SELinux is preventing pcscd from using the sys_nice capability. > > > > > > SELinux is preventing accounts-daemon from using the sys_nice

Re: F32 selinux denials

2020-03-25 Thread Zdenek Pytela
ailing list -- devel@lists.fedoraproject.org > To unsubscribe send an email to devel-le...@lists.fedoraproject.org > Fedora Code of Conduct: > https://docs.fedoraproject.org/en-US/project/code-of-conduct/ > List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines > List Archives