* Thu Sep 04 2014 Lukas Vrabec <lvrabec@redhat.com> 3.12.1-183
- Allow init to read all config files
- Add new interface to allow creation of file with lib_t type
- Add init_dontaudit_read_state() interface.
- Fixes for usbmuxd, addition of /var/lib/lockdown, and allow it to use urand, dontaudit sys_resource (#1136128)
- Allow docker to read all of /proc
- Label /usr/sbin/unbound-control as named_exec_t (#1130510)
- Dontaudit read init state for svirt_t.
- Allow boinc_t manage boinc_project_tmp_t files and dirs (#1135687)
- ALlow passeneger to read/write apache stream socket.
- Allow geoclue to stream connect to smart card service
- Kernel is reporting random block_suspends, we should dontaudit these until the kernel is fixed in Rawhide
- Allow jockey_t to use tmpfs files
- Allow pppd to create sock_files in /var/run
- Clean up nut policy. Allow nut domains to create temp files. Add nut_domain_template() template interface.
- Allow usbmuxd connect to itself by stream socket. (#1135945)
- Allow nswrapper_32_64.nppdf.so to be created with the proper label
- Allow avahi_t communicate with pcp_pmproxy_t over dbus.
- Allwo pki_tomcat to create link files in /var/lib/pki-ca.