| Index | index by Group | index by Distribution | index by Vendor | index by creation date | index by Name | Mirrors | Help | Search |
| Name: fapolicyd-selinux | Distribution: CentOS |
| Version: 1.3.3 | Vendor: CentOS |
| Release: 100.el9 | Build date: Thu May 16 10:18:06 2024 |
| Group: Applications/System | Build host: aarch64-05.stream.rdu2.redhat.com |
| Size: 15928 | Source RPM: fapolicyd-1.3.3-100.el9.src.rpm |
| Packager: builder@centos.org | |
| Url: http://people.redhat.com/sgrubb/fapolicyd | |
| Summary: Fapolicyd selinux | |
The fapolicyd-selinux package contains selinux policy for the fapolicyd daemon.
GPLv3+
* Wed Jul 19 2023 Radovan Sroka <rsroka@redhat.com> - 1.3.3-100
RHEL 9.5.0 ERRATUM
- rebase to fapolicyd-1.3.3 and fapolicyd-selinux-0.7
Resolves: RHEL-36285
* Wed Jul 19 2023 Radovan Sroka <rsroka@redhat.com> - 1.3.2-100
RHEL 9.3.0 ERRATUM
- Rebase fapolicyd to the latest stable version
Resolves: RHEL-430
- fapolicyd can leak FDs and never answer request, causing target process to hang forever
Resolves: RHEL-621
- RFE: send rule number to fanotify so it gets audited
Resolves: RHEL-624
- fapolicyd needs to make sure the FD limit is never reached
Resolves: RHEL-623
- fapolicyd still allows execution of a program after "untrusting" it
Resolves: RHEL-622
- Default q_size doesn't match manpage's one
Resolves: RHEL-627
- fapolicyd-cli --update then mount/umount twice causes fapolicyd daemon to block (state 'D')
Resolves: RHEL-817
- Fix broken backwards compatibility backend numbers
Resolves: RHEL-730
- SELinux prevents the fapolicyd from reading symlink (cert_t)
Resolves: RHEL-816
* Mon Jan 30 2023 Radovan Sroka <rsroka@redhat.com> - 1.1.3-104
RHEL 9.2.0 ERRATUM
- statically linked app can execute untrusted app
Resolves: rhbz#2097077
- fapolicyd ineffective with systemd DynamicUser=yes
Resolves: rhbz#2136802
- Starting manually fapolicyd while the service is already running breaks the system
Resolves: rhbz#2160517
- Cannot execute /usr/libexec/grepconf.sh when falcon-sensor is enabled
Resolves: rhbz#2160518
- fapolicyd: Introduce filtering of rpmdb
Resolves: RHEL-192
* Fri Aug 05 2022 Radovan Sroka <rsroka@redhat.com> - 1.1.3-102
RHEL 9.1.0 ERRATUM
- rebase fapolicyd to the latest stable vesion
Resolves: rhbz#2100041
- fapolicyd gets way too easily killed by OOM killer
Resolves: rhbz#2097385
- fapolicyd does not correctly handle SIGHUP
Resolves: rhbz#2070655
- Introduce ppid rule attribute
Resolves: rhbz#2102558
- fapolicyd often breaks package updates
Resolves: rhbz#2111244
- drop libgcrypt in favour of openssl
Resolves: rhbz#2111938
- Remove dnf plugin
Resolves: rhbz#2113959
- fapolicyd.rules doesn't advertise that using a username/groupname instead of uid/gid also works
Resolves: rhbz#2115849
* Thu Jun 16 2022 Radovan Sroka <rsroka@redhat.com> - 1.1-104
RHEL 9.1.0 ERRATUM
- CVE-2022-1117 fapolicyd: fapolicyd wrongly prepares ld.so path
Resolves: rhbz#2069123
- Faulty handling of static applications
Resolves: rhbz#2096457
* Sun Apr 03 2022 Radovan Sroka <rsroka@redhat.com> - 1.1-101
RHEL 9.1.0 ERRATUM
- fapolicyd denies access to /usr/lib64/ld-2.28.so
Resolves: rhbz#2067493
* Wed Feb 16 2022 Radovan Sroka <rsroka@redhat.com> - 1.1-100
RHEL 9.0.0 ERRATUM
- rebase to 1.1
Resolves: rhbz#2032408
- introduce rules.d
Resolves: rhbz#2054740
- remove pretrans scriptlet
Resolve: rhbz#2051481
* Tue Dec 14 2021 Zoltan Fridrich <zfridric@redhat.com> - 1.0.4-101
RHEL 9.0.0 ERRATUM
- rebase to 1.0.4
- added rpm_sha256_only option
- added trust.d directory
- allow file names with whitespaces in trust files
- use full paths in trust files
Resolves: rhbz#2032408
- fix libc.so getting identified as application/x-executable
Resolves: rhbz#2015307
- fix selinux DSP module definition in spec file
Resolves: rhbz#2014449
* Mon Aug 09 2021 Mohan Boddu <mboddu@redhat.com> - 1.0.3-4
- Rebuilt for IMA sigs, glibc 2.34, aarch64 flags
Related: rhbz#1991688
* Tue Jul 20 2021 Radovan Sroka <rsroka@redhat.com> - 1.0.3-3
RHEL 9 BETA
- SELinux prevents fapolicyd from watch_mount/watch_with_perm on /dev/shm
Resolves: rhbz#1932225
Resolves: rhbz#1977731
/usr/share/selinux/devel/include/contrib/ipp-fapolicyd.if /usr/share/selinux/packages/targeted/fapolicyd.pp.bz2 /var/lib/selinux/targeted/active/modules/200/fapolicyd
Generated by rpm2html 1.8.1
Fabrice Bellet, Thu Oct 30 06:13:11 2025