* ANN: Reference Policy 2.20220106
@ 2022-01-06 19:42 Chris PeBenito
0 siblings, 0 replies; only message in thread
From: Chris PeBenito @ 2022-01-06 19:42 UTC (permalink / raw)
To: refpolicy, SElinux list
https://github.com/SELinuxProject/refpolicy/releases/tag/RELEASE_2_20220106
Notable changes:
* Module versions were dropped. Policy module versions were removed in semodule
many years ago, so they no longer serve a purpose in the policy. The
policy_module() macro still supports the version argument. If it is missing,
a default version is set, to satisfy the policy syntax.
* The MCS constraints changed to reflect the usage in systems, primarily for
separating containers and VMs. To separate a domain by MCS it will now need
to opt in using the mcs_constrained() interface.
* New support for grouping user domains and their surrogates, e.g. user_t
surrogates user_wm_t and user_systemd_t, such that allowing the user domain
to domain transition to a child domain will be allowed for surrogate domains.
See pull requests #365 and #381 for more information.
New module:
- obfs4proxy
--
Chris PeBenito
^ permalink raw reply [flat|nested] only message in thread
only message in thread, other threads:[~2022-01-06 19:42 UTC | newest]
Thread overview: (only message) (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2022-01-06 19:42 ANN: Reference Policy 2.20220106 Chris PeBenito
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).