Index | index by Group | index by Distribution | index by Vendor | index by creation date | index by Name | Mirrors | Help | Search |
Name: fapolicyd | Distribution: CentOS |
Version: 1.1.3 | Vendor: CentOS |
Release: 103.el9 | Build date: Fri Jan 13 15:27:24 2023 |
Group: Unspecified | Build host: s390-04.stream.rdu2.redhat.com |
Size: 249318 | Source RPM: fapolicyd-1.1.3-103.el9.src.rpm |
Packager: builder@centos.org | |
Url: http://people.redhat.com/sgrubb/fapolicyd | |
Summary: Application Whitelisting Daemon |
Fapolicyd (File Access Policy Daemon) implements application whitelisting to decide file access rights. Applications that are known via a reputation source are allowed access while unknown applications are not. The daemon makes use of the kernel's fanotify interface to determine file access rights.
GPLv3+
* Fri Jan 13 2023 Radovan Sroka <rsroka@redhat.com> - 1.1.3-103 RHEL 9.2.0 ERRATUM - statically linked app can execute untrusted app Resolves: rhbz#2097077 - fapolicyd ineffective with systemd DynamicUser=yes Resolves: rhbz#2136802 - Starting manually fapolicyd while the service is already running breaks the system Resolves: rhbz#2160517 - Cannot execute /usr/libexec/grepconf.sh when falcon-sensor is enabled Resolves: rhbz#2160518 * Fri Aug 05 2022 Radovan Sroka <rsroka@redhat.com> - 1.1.3-102 RHEL 9.1.0 ERRATUM - rebase fapolicyd to the latest stable vesion Resolves: rhbz#2100041 - fapolicyd gets way too easily killed by OOM killer Resolves: rhbz#2097385 - fapolicyd does not correctly handle SIGHUP Resolves: rhbz#2070655 - Introduce ppid rule attribute Resolves: rhbz#2102558 - fapolicyd often breaks package updates Resolves: rhbz#2111244 - drop libgcrypt in favour of openssl Resolves: rhbz#2111938 - Remove dnf plugin Resolves: rhbz#2113959 - fapolicyd.rules doesn't advertise that using a username/groupname instead of uid/gid also works Resolves: rhbz#2115849 * Thu Jun 16 2022 Radovan Sroka <rsroka@redhat.com> - 1.1-104 RHEL 9.1.0 ERRATUM - CVE-2022-1117 fapolicyd: fapolicyd wrongly prepares ld.so path Resolves: rhbz#2069123 - Faulty handling of static applications Resolves: rhbz#2096457 * Sun Apr 03 2022 Radovan Sroka <rsroka@redhat.com> - 1.1-101 RHEL 9.1.0 ERRATUM - fapolicyd denies access to /usr/lib64/ld-2.28.so Resolves: rhbz#2067493 * Wed Feb 16 2022 Radovan Sroka <rsroka@redhat.com> - 1.1-100 RHEL 9.0.0 ERRATUM - rebase to 1.1 Resolves: rhbz#2032408 - introduce rules.d Resolves: rhbz#2054740 - remove pretrans scriptlet Resolve: rhbz#2051481 * Tue Dec 14 2021 Zoltan Fridrich <zfridric@redhat.com> - 1.0.4-101 RHEL 9.0.0 ERRATUM - rebase to 1.0.4 - added rpm_sha256_only option - added trust.d directory - allow file names with whitespaces in trust files - use full paths in trust files Resolves: rhbz#2032408 - fix libc.so getting identified as application/x-executable Resolves: rhbz#2015307 - fix selinux DSP module definition in spec file Resolves: rhbz#2014449 * Mon Aug 09 2021 Mohan Boddu <mboddu@redhat.com> - 1.0.3-4 - Rebuilt for IMA sigs, glibc 2.34, aarch64 flags Related: rhbz#1991688 * Tue Jul 20 2021 Radovan Sroka <rsroka@redhat.com> - 1.0.3-3 RHEL 9 BETA - SELinux prevents fapolicyd from watch_mount/watch_with_perm on /dev/shm Resolves: rhbz#1932225 Resolves: rhbz#1977731 * Thu Apr 15 2021 Mohan Boddu <mboddu@redhat.com> - 1.0.3-2 - Rebuilt for RHEL 9 BETA on Apr 15th 2021. Related: rhbz#1947937 * Thu Apr 01 2021 Radovan Sroka <rsroka@redhat.com> - 1.0.3-1 - rebase to 1.0.3 - sync fedora with rhel * Tue Jan 26 2021 Fedora Release Engineering <releng@fedoraproject.org> - 1.0.2-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild
/etc/fapolicyd /etc/fapolicyd/compiled.rules /etc/fapolicyd/fapolicyd.conf /etc/fapolicyd/fapolicyd.rules /etc/fapolicyd/fapolicyd.trust /etc/fapolicyd/rpm-filter.conf /etc/fapolicyd/rules.d /etc/fapolicyd/rules.d/* /etc/fapolicyd/trust.d /run/fapolicyd /run/fapolicyd/fapolicyd.fifo /usr/lib/.build-id /usr/lib/.build-id/6a /usr/lib/.build-id/6a/966954c33a78035dc3de67fd716af09d0a9d34 /usr/lib/.build-id/f9 /usr/lib/.build-id/f9/44daa2605c54062b2d25d36e7e663560822d96 /usr/lib/systemd/system/fapolicyd.service /usr/lib/tmpfiles.d/fapolicyd.conf /usr/sbin/fagenrules /usr/sbin/fapolicyd /usr/sbin/fapolicyd-cli /usr/share/doc/fapolicyd /usr/share/doc/fapolicyd/README.md /usr/share/fapolicyd /usr/share/fapolicyd/default-ruleset.known-libs /usr/share/fapolicyd/fapolicyd-magic.mgc /usr/share/fapolicyd/sample-rules /usr/share/fapolicyd/sample-rules/10-languages.rules /usr/share/fapolicyd/sample-rules/20-dracut.rules /usr/share/fapolicyd/sample-rules/21-updaters.rules /usr/share/fapolicyd/sample-rules/30-patterns.rules /usr/share/fapolicyd/sample-rules/40-bad-elf.rules /usr/share/fapolicyd/sample-rules/41-shared-obj.rules /usr/share/fapolicyd/sample-rules/42-trusted-elf.rules /usr/share/fapolicyd/sample-rules/43-known-elf.rules /usr/share/fapolicyd/sample-rules/70-trusted-lang.rules /usr/share/fapolicyd/sample-rules/71-known-python.rules /usr/share/fapolicyd/sample-rules/72-shell.rules /usr/share/fapolicyd/sample-rules/73-known-perl.rules /usr/share/fapolicyd/sample-rules/74-known-ocaml.rules /usr/share/fapolicyd/sample-rules/75-known-php.rules /usr/share/fapolicyd/sample-rules/76-known-ruby.rules /usr/share/fapolicyd/sample-rules/77-known-lua.rules /usr/share/fapolicyd/sample-rules/90-deny-execute.rules /usr/share/fapolicyd/sample-rules/91-deny-lang.rules /usr/share/fapolicyd/sample-rules/95-allow-open.rules /usr/share/fapolicyd/sample-rules/README-rules /usr/share/licenses/fapolicyd /usr/share/licenses/fapolicyd/COPYING /usr/share/man/man1/fapolicyd-cli.1.gz /usr/share/man/man5/fapolicyd.conf.5.gz /usr/share/man/man5/fapolicyd.rules.5.gz /usr/share/man/man5/fapolicyd.trust.5.gz /usr/share/man/man5/rpm-filter.conf.5.gz /usr/share/man/man8/fagenrules.8.gz /usr/share/man/man8/fapolicyd.8.gz /var/lib/fapolicyd /var/lib/fapolicyd/data.mdb /var/lib/fapolicyd/lock.mdb /var/log/fapolicyd-access.log
Generated by rpm2html 1.8.1
Fabrice Bellet, Wed Nov 13 07:29:07 2024