Bug 1564775
Summary: | Define extended_socket_class policy capability | ||
---|---|---|---|
Product: | Red Hat Enterprise Linux 7 | Reporter: | Lukas Vrabec <lvrabec> |
Component: | libsepol | Assignee: | Vit Mojzis <vmojzis> |
Status: | CLOSED ERRATA | QA Contact: | Milos Malik <mmalik> |
Severity: | unspecified | Docs Contact: | Ioanna Gkioka <igkioka> |
Priority: | urgent | ||
Version: | 7.6 | CC: | igkioka, lvrabec, mgrepl, mmalik, plautrba, vmojzis |
Target Milestone: | rc | ||
Target Release: | --- | ||
Hardware: | All | ||
OS: | Linux | ||
Whiteboard: | |||
Fixed In Version: | libsepol-2.5-9.el7 | Doc Type: | Enhancement |
Doc Text: |
SELinux now supports `extended_socket_class`
This update introduces the `extended_socket_class` policy capability that enables a number of new SELinux object classes to support all of the known network socket address families. It also enables the use of separate security classes for Internet Control Message Protocol (ICMP) and Stream Control Transmission Protocol (SCTP) sockets, which were previously mapped to the `rawip_socket` class.
|
Story Points: | --- |
Clone Of: | Environment: | ||
Last Closed: | 2018-10-30 08:09:35 UTC | Type: | Bug |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: | |||
Bug Depends On: | |||
Bug Blocks: | 1427553 |
Description
Lukas Vrabec
2018-04-07 19:15:30 UTC
Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory, and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://access.redhat.com/errata/RHBA-2018:3077 |