Related: RHEL-55747 - Adding new selinux rules

2024-08-26 06:19:06 +02:00 · 2024-08-26 06:19:06 +02:00 · 74379a7796
commit 74379a7796
parent 3428d44f6b
2 changed files with 12 additions and 2 deletions
--- a/frr.spec
+++ b/frr.spec
@ -9,7 +9,7 @@
 Name:           frr
 Version:        10.1
-Release:        1%{?dist}
+Release:        2%{?dist}
 Summary:        Routing daemon
 License:        GPL-2.0-or-later AND ISC AND LGPL-2.0-or-later AND BSD-2-Clause AND BSD-3-Clause AND (GPL-2.0-or-later  OR ISC) AND MIT
 URL:            http://www.frrouting.org
@ -44,7 +44,7 @@ BuildRequires:  grpc-plugins
 BuildRequires:  json-c-devel
 BuildRequires:  libcap-devel
 BuildRequires:  libtool
-BuildRequires:  libyang-devel >= 2.0.0
+BuildRequires:  libyang-devel >= 2.1.148
 BuildRequires:  make
 BuildRequires:  ncurses
 BuildRequires:  ncurses-devel
@ -277,6 +277,9 @@ rm tests/lib/*grpc*
 %endif
 %changelog
 * Sun Aug 25 2024 Michal Ruprich <mruprich@redhat.com> - 10.1-2
 - Related: RHEL-55747 - Adding new selinux rules
 * Thu Aug 22 2024 Michal Ruprich <mruprich@redhat.com> - 10.1-1
 - New version 10.1
--- a/frr.te
+++ b/frr.te
@ -33,6 +33,11 @@ files_pid_file(frr_var_run_t)
 #
 allow frr_t self:capability { chown dac_override dac_read_search kill net_bind_service net_raw setgid setuid net_admin sys_admin };
 allow frr_t self:netlink_route_socket rw_netlink_socket_perms;
 allow frr_t self:netlink_generic_socket create;
 allow frr_t self:netlink_generic_socket setopt;
 allow frr_t self:netlink_generic_socket getopt;
 allow frr_t self:netlink_generic_socket getattr;
 allow frr_t self:netlink_generic_socket bind;
 allow frr_t self:packet_socket create_socket_perms;
 allow frr_t self:process { setcap setpgid };
 allow frr_t self:rawip_socket create_socket_perms;
@ -105,6 +110,8 @@ ipsec_domtrans_mgmt(frr_t)
 userdom_read_admin_home_files(frr_t)
 libs_delete_lib_symlinks(frr_t);
 optional_policy(`
 	logging_send_syslog_msg(frr_t)
 ')