Many changes made allow targeted policy to run closer to strict.  Almost 
all of non-userspace is now protected via SELinux.

Run kernel in unconfined_domain for targeted.  (Might be necessary for 
strict).

move user_ttyfile_stat boolean out of getty and into user.te

Small fixes to support mgetty

A couple of changes to allow policy upgrades to this policy.  
(syslog_mod changes).

Remove false check for rhgb.te from init.te

Allow users to mount on src_t

Small fixes for amanda

Add tmpfile attribute to  amavisd_quaranteen

Add transitionbool to daemon_sub_domain, mainly to turn off httpd_suexec 
transitioning.

Allow apmd_t to do it's thing on targeted policy.

Auditd fixes by Paul Moore.

Allow cardmgr_t to work on targeted policy

Implement web_client_domain name_connect rules;

Cleanup of consoletype.te for targeted.  I think this domain needs some 
review.

Add yp support for cups.

Remove some garbarge from cyrus.te

Allow hald to run on targeted domain

Allow hotplug to run on targeted domain

Fixes for latest version of NetworkManager.  Have not changed the case.  
I have no opinion on it.

Fixed and cleanup of ntpd.te

Fixes for initrc writing samba_etc_t

Change don't to "do not"

Cleanup compat.te for targetd policy

Several changes for file_context for FC4

Remove hotplug, udev, initial_sid_contexts from targeted directory.  We 
are going to use the real ones.

kernel now runs as root:system_r:kernel_t in targeted policy just like 
strict









--