Get Gentoo!
gentoo.org sites
gentoo.org Wiki Bugs Forums Packages
Planet Archives Sources
Infra Status
aboutsummaryrefslogtreecommitdiff
Commit message (Expand)AuthorAgeFilesLines
* dbus: dontaudit session bus domains the netadmin capabilityKenton Groombridge2024-09-211-1/+1
* container: allow super privileged containers to manage BPF dirsKenton Groombridge2024-09-212-1/+19
* kubernetes: allow kubelet to create unlabeled dirsKenton Groombridge2024-09-212-0/+21
* haproxy: allow interactive usageKenton Groombridge2024-09-211-0/+4
* podman: allow managing init runtime unitsKenton Groombridge2024-09-211-0/+6
* iptables: allow reading usr filesKenton Groombridge2024-09-211-0/+1
* filesystem, devices: move gadgetfs to usbfs_tDmitry Sharshakov2024-09-212-1/+1
* systemd: make xdg optionalYi Zhao2024-09-211-2/+8
* sshd: label sshd-session as sshd_exec_tKenton Groombridge2024-09-211-0/+1
* Setting bluetooth helper domain for bluetoothctlNaga Bhavani Akella2024-09-212-0/+6
* Adding Sepolicy rules to allow pulseaudio to access bluetooth sockets.Raghavender Reddy Bujala2024-09-211-0/+2
* systemd: allow logind to use locallogin pidfdsKenton Groombridge2024-09-211-0/+4
* userdomain: allow administrative user to get attributes of shadow history fileYi Zhao2024-09-212-0/+20
* node_exporter: allow reading RPC sysctlsKenton Groombridge2024-09-211-0/+1
* asterisk: allow reading certbot libKenton Groombridge2024-09-211-0/+4
* postfix: allow postfix pipe to watch mail spoolKenton Groombridge2024-09-211-0/+1
* netutils: allow ping to read net sysctlsKenton Groombridge2024-09-211-0/+1
* node_exporter: allow reading localizationKenton Groombridge2024-09-211-0/+2
* container: allow containers to execute tmpfs filesKenton Groombridge2024-09-211-0/+1
* sysadm: make haproxy adminKenton Groombridge2024-09-211-0/+4
* haproxy: initial policyKenton Groombridge2024-09-213-0/+222
* init: use pidfds from local loginKenton Groombridge2024-09-212-0/+22
* dbus, init: add interface for pidfd usageKenton Groombridge2024-09-212-1/+20
* asterisk: allow watching spool dirsKenton Groombridge2024-09-211-0/+1
* su, sudo: allow sudo to signal all su domainsKenton Groombridge2024-09-213-2/+27
* sudo: allow systemd-logind to read cgroup state of sudoKenton Groombridge2024-09-211-0/+2
* postfix: allow smtpd to mmap SASL keytab filesKenton Groombridge2024-09-212-1/+20
* sysnetwork: allow ifconfig to read usr filesKenton Groombridge2024-09-211-0/+1
* systemd: allow systemd-logind to use sshd pidfdsKenton Groombridge2024-09-211-0/+6
* tests.yml: Add policy diff on PRs.Chris PeBenito2024-09-212-0/+129
* tests.yml: Divide into reusable workflows.Chris PeBenito2024-09-217-232/+490
* Reorder perms and classesfreedom1b28302024-09-21220-759/+759
* devices: Change dev_rw_uhid() to use a policy pattern.Chris PeBenito2024-09-211-2/+2
* device: Move dev_rw_uhid definition.Chris PeBenito2024-09-211-18/+19
* Sepolicy changes for bluez to access uhidAmisha Jain2024-09-212-0/+19
* selinuxutil: make policykit optionalYi Zhao2024-09-211-2/+4
* newrole: allow newrole to search faillock runtime directoryYi Zhao2024-09-212-0/+19
* sysnetwork: fixes for dhcpcdYi Zhao2024-09-211-0/+5
* Adding Sepolicy rules to allow bluetoothctl and dbus-daemon to access unix st...Naga Bhavani Akella2024-09-214-3/+27
* init: Add homectl dbus access.Chris PeBenito2024-09-212-0/+25
* filesystem/systemd: memory.pressure fixes.Chris PeBenito2024-09-213-2/+6
* cloudinit: Add support for cloud-init-growpart.Chris PeBenito2024-09-211-0/+9
* systemd: Add basic systemd-analyze rules.Chris PeBenito2024-09-211-0/+23
* remove unnecessary code2.20240226-r2Grzegorz Filo2024-05-142-6/+0
* Merge upstreamKenton Groombridge2024-05-141-1/+1
* various: various fixesKenton Groombridge2024-05-146-1/+28
* container, crio, kubernetes: minor fixesKenton Groombridge2024-05-143-0/+5
* container, podman: various fixesKenton Groombridge2024-05-143-2/+70
* systemd: allow systemd-sysctl to search tmpfsKenton Groombridge2024-05-141-0/+1
* container: allow containers to getcapKenton Groombridge2024-05-141-1/+1