Keylime SELinux policy version - v42.1.2

• Extend permissions to keyring allow rule

Keylime SELinux policy version - v42.1.1

• Allow keylime_server_t itself write to keyring

Keylime SELinux policy version - v42.1.0

• Remove keylime_var_log_t domain from policy

Keylime SELinux policy version - v41.1.0

• Dontaudit keylime_server_t search to cgroup_t. Keylime server domain dont need granted access to search cgroup directories, dont audit denials.

Keylime SELinux policy version - v40.1.0

• Allow keylime_agent_t via unix_stream_socket connect and read to systemd_homed_t.

Keylime SELinux policy version - v38.1.0

• Keylime SELinux policy provide more restricted ports.
• New SELinux label for ports use by keylime.
• Allow keylime_server_t tcp connect to http_cache_port_t, mysqld_port_t and postgresql_port_t.
• Allow the keylime_server_t domain to get the attributes of all filesystems.

Keylime SELinux policy version - 1.2.0

Allow the keylime_server_t domain to get the attributes of all filesystems. New release is applicable just for rhel-9.3.0.

Keylime SELinux policy version - 1.1.0

Keylime SELinux policy provide more restricted ports. New SELinux label for ports use by keylime. Adding tabrmd interfaces allow unix stream socket communication and dbus communication. New release is applicable just for rhel-9.3.0.

Keylime SELinux policy version 6.4.3

Test also revocation phase in test and update policy

Remove part in packit file for enabling testing
of revocation parts in test. Reorder position
of run tasks and remove task related with zeromq.
Update policy to allow keylime_agent_t socket
connection to kernel_t.

Keylime SELinux policy version - 1.0.0

This is starting new format of release for keylime selinux policy. Relase is applicable for fedora distros and rhel-9.2.0.