From: krzysztof.a.nowicki@gmail.com (krzysztof.a.nowicki at gmail.com) Date: Sun, 14 May 2017 17:23:59 +0200 Subject: [refpolicy] [PATCH 0/4] Miscellaneous fixes for systemd in strict mode Message-ID: <20170514152403.369-1-krzysztof.a.nowicki@gmail.com> To: refpolicy@oss.tresys.com List-Id: refpolicy.oss.tresys.com This patch series fixes a number of SELinux denials when booting systemd in strict mode. Krzysztof Nowicki (4): Add policy for systemd GPT generator Distinguish between systemd-tmpfiles runtime and static config Add policy for systemd-networkd Enable /etc directory protection using ProtectSystem policy/modules/kernel/files.if | 19 +++++++++ policy/modules/system/init.if | 19 +++++++++ policy/modules/system/init.te | 4 ++ policy/modules/system/modutils.te | 4 +- policy/modules/system/systemd.fc | 11 ++++- policy/modules/system/systemd.if | 16 ++++---- policy/modules/system/systemd.te | 68 ++++++++++++++++++++++++++++++- 7 files changed, 129 insertions(+), 12 deletions(-)