Received: by 2002:a25:c205:0:0:0:0:0 with SMTP id s5csp793784ybf; Sat, 29 Feb 2020 16:23:49 -0800 (PST) X-Google-Smtp-Source: APXvYqyXI7X7+2iurXiBb736Y7/00lTegPrHQabzjomfmyb/7xSDhxrpE2qLYBZjR9jLLpPYpv8i X-Received: by 2002:a05:6830:1d6e:: with SMTP id l14mr8138321oti.32.1583022229157; Sat, 29 Feb 2020 16:23:49 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1583022229; cv=none; d=google.com; s=arc-20160816; b=kr599Abrvhb6CDznPgkp126JjgLx3OVEhHxNeRKvtqNprP+36/wVqmc8tN5AuPCa6P 7DTrHk+Zxk1LP4Kpae2beJEEmrdVOVamo21Fp1tMypZbA7854rWMNuX+hQ9GJeHqiDmI q5z0x6RHoJjsNIUChL8L36Qctwoj3ze1i1HWyFe5LgQSf+28GVjsdQ5DO3LFhjNx4cmZ jS6U0mVj/ybsgeqltUu5FRyk93aEcWoJD0IyvoY1xxx7Ek+GSnLN4858F/jrNuHF1kQg KpPhhqy91rCE2456vbfS9BOE9FxOh2VNunO+GxqOgnNE1afwN7zpaclh2poaPQSAKfvF W+Ow== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding :content-language:mime-version:user-agent:date:message-id:to:subject :from:dkim-signature; bh=Ipun/5FPftCn9LDsfjGCNfOjfs8CD6fA+CyQ03TmtXY=; b=w0X/eOy6GflulO9yrzCS+5pw6dwqQX+7ds+hUicAg2o743mVYPduSoiDH3tHbbef89 kKpHZnUEhMMDeBLBMn9uZOP0kSEdqbH42Tp/BoAyoILcM7eH3E1LfXRKAGWgN0Mb5P9P xgPfDHRngXQKDpyjzMOQsJdf+hGxQThDvF0UVG9DsU9/5plhpZ1nxdpziq0ZC9k9cyCg 9MaG2MHDafR10j89OVRqYoFG3ygEATg90jwrnhW8t2auopYlkdGsFrLdIpiFE41EM079 2qpSLR2HRYgYUtF7yGDIwEn2PhOVw9CdaxraYGbB+GdyvQSe1wivZInbD6m9tzFC3EHn yBNQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@ieee.org header.s=google header.b=YyWojdBj; spf=pass (google.com: best guess record for domain of selinux-refpolicy-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=selinux-refpolicy-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=ieee.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id 110si4033355otj.303.2020.02.29.16.23.44; Sat, 29 Feb 2020 16:23:49 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of selinux-refpolicy-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@ieee.org header.s=google header.b=YyWojdBj; spf=pass (google.com: best guess record for domain of selinux-refpolicy-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=selinux-refpolicy-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=ieee.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1727242AbgCAAXI (ORCPT + 13 others); Sat, 29 Feb 2020 19:23:08 -0500 Received: from mail-qv1-f67.google.com ([209.85.219.67]:35380 "EHLO mail-qv1-f67.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1727120AbgCAAXI (ORCPT ); Sat, 29 Feb 2020 19:23:08 -0500 Received: by mail-qv1-f67.google.com with SMTP id u10so3206949qvi.2 for ; Sat, 29 Feb 2020 16:23:07 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ieee.org; s=google; h=from:subject:to:message-id:date:user-agent:mime-version :content-language:content-transfer-encoding; bh=Ipun/5FPftCn9LDsfjGCNfOjfs8CD6fA+CyQ03TmtXY=; b=YyWojdBjpCeBGTOF93IBOViTh4eCOMHQPTqrnHEH9dzOQQLfU09ElgzUm3LBQVoC9+ W5DniEZT7bP/ky8RHsG6bvu2zHYHNdhzN58lbt7l2bbHN+IqSH6gLRzrrd4Q+zVaxf3u 6KU5hYqv3Uhc3HZW0KBsSXT5xVr7FMKvrHH0U= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:subject:to:message-id:date:user-agent :mime-version:content-language:content-transfer-encoding; bh=Ipun/5FPftCn9LDsfjGCNfOjfs8CD6fA+CyQ03TmtXY=; b=Muurs9m+cXrSKL0O/ztANLHGFLsqYOQncUysIkbEwJex5Wgd4k6jW5+SsB43XJNNLf 8fZrh6PI+Itj8/2Gk1EaVBfUz9bw0SXI/EG025jqNZy3qtRHVvgYjIzhurOKlOvpyAAQ TUOvAKe2OBrswptopI/B6rH7Pou+CRo4/3Oc7jSLjxO9hxM+8UGTi16fegeN4OdSua6B 7grnJdWlhdfFnM87PUJ2G2C3NzWX///Dnvy75ubd/1tYApNTWg+xG5XoM4SgW2ARt1Kn MR6GlkEnHAoG0kcQp6uF2rIvQXbEsgPrjnXSO1mWIt1SMCJTcW9wVutgg5utD/kezyqN SR4w== X-Gm-Message-State: APjAAAXzotkcctvNa0asb0PCmwDz2xD3vYPmMbNkbG4uZsZ4dBv+4UEP Mt2UF/43HtIAdC64Jisa5maRCj1ILHM= X-Received: by 2002:a0c:ecc6:: with SMTP id o6mr9584824qvq.220.1583022187205; Sat, 29 Feb 2020 16:23:07 -0800 (PST) Received: from fedora.pebenito.net (pool-108-15-23-247.bltmmd.fios.verizon.net. [108.15.23.247]) by smtp.gmail.com with ESMTPSA id v80sm7610538qka.15.2020.02.29.16.23.06 (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128); Sat, 29 Feb 2020 16:23:06 -0800 (PST) From: Chris PeBenito Subject: ANN: Reference Policy 2.20200229 To: refpolicy , selinux@vger.kernel.org Message-ID: <3d857ac3-616c-072e-6a86-3b715eb8e00f@ieee.org> Date: Sat, 29 Feb 2020 19:23:05 -0500 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:68.0) Gecko/20100101 Thunderbird/68.5.0 MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8; format=flowed Content-Language: en-US Content-Transfer-Encoding: 7bit Sender: selinux-refpolicy-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: selinux-refpolicy@vger.kernel.org This release includes several new modules: - cryfs - consolesetup - knot - tpm2 - wireguard Changes: - *_var_run_t types are renamed to *_runtime_t to remove the path from the type name - Added inotify watch permissions defined and added to systemd and other common services - Defined perf_event object class - Reimplemented fc_sort in Python - Added file contexts lint tool in Travis CI build - Updated Vagrant tooling for refpolicy testing on Fedora and Debian VMs - Added general interfaces for systemd bind mount points - Many more minor fixes across the policy Removals: - Removed obsolete permissions -- Chris PeBenito