This series exports interfaces that are useful for libvirt, updates
type enforcement rules to current needs, and fixes some issues.
Stefano Brivio (6):
selinux/passt.if: Fix typo in passt_read_data interface definition
selinux: Define interfaces for libvirt and similar frameworks
selinux: Switch to a more reasonable model for PID and socket files
selinux/passt.te: Allow setcap on the process itself
selinux/passt.te: Allow /etc/resolv.conf symlinks to be followed
selinux/passt.te: Allow setting socket option on routing netlink
socket
contrib/selinux/passt.fc | 1 -
contrib/selinux/passt.if | 28 +++++++++++++++++++++++++++-
contrib/selinux/passt.te | 16 +++++++++++-----
3 files changed, 38 insertions(+), 7 deletions(-)
--
2.39.1