* Tue Feb 06 2018 Lukas Vrabec <lvrabec@redhat.com> - 3.14.1-6

- Allow openvswitch_t domain to read cpuid, write to sysfs files and creating openvswitch_tmp_t sockets
- Add new interface ppp_filetrans_named_content()
- Allow keepalived_t read sysctl_net_t files
- Allow puppetmaster_t domtran to puppetagent_t
- Allow kdump_t domain to read kernel ring buffer
- Allow boinc_t to mmap boinc tmpfs files BZ(1540816)
- Merge pull request #47 from masatake/keepalived-signal
- Allow keepalived_t create and write a file under /tmp
- Allow ipsec_t domain to exec ifconfig_exec_t binaries.
- Allow unconfined_domain_typ to create pppd_lock_t directory in /var/lock
- Allow updpwd_t domain to create files in /etc with shadow_t label

.gitignore

@@ -244,3 +244,5 @@ serefpolicy*
 /selinux-policy-747f4e6.tar.gz
 /selinux-policy-contrib-4fe9943.tar.gz
 /selinux-policy-contrib-a1cd00e.tar.gz
+/selinux-policy-642cc91.tar.gz
+/selinux-policy-contrib-b657ba0.tar.gz

selinux-policy.spec

@@ -1,11 +1,11 @@
 # github repo with selinux-policy base sources
 %global git0 https://github.com/fedora-selinux/selinux-policy
-%global commit0 747f4e6775d773ab74efae5aa37f3e5e7f0d4aca
+%global commit0 642cc914194fdf225bab87ad62a2af18aa10d7ac
 %global shortcommit0 %(c=%{commit0}; echo ${c:0:7})
 
 # github repo with selinux-policy contrib sources
 %global git1 https://github.com/fedora-selinux/selinux-policy-contrib
-%global commit1 a1cd00ec16a1bc2e02bcaffba7141c1bdf21ee07
+%global commit1 b657ba01c0bcce6fa62a1d5319cc2e105b5bc6d7
 %global shortcommit1 %(c=%{commit1}; echo ${c:0:7})
 
 %define distro redhat
@@ -29,7 +29,7 @@
 Summary: SELinux policy configuration
 Name: selinux-policy
 Version: 3.14.1
-Release: 5%{?dist}
+Release: 6%{?dist}
 License: GPLv2+
 Group: System Environment/Base
 Source: %{git0}/archive/%{commit0}/%{name}-%{shortcommit0}.tar.gz
@@ -719,6 +719,19 @@ exit 0
 %endif
 
 %changelog
+* Tue Feb 06 2018 Lukas Vrabec <lvrabec@redhat.com> - 3.14.1-6
+- Allow openvswitch_t domain to read cpuid, write to sysfs files and creating openvswitch_tmp_t sockets
+- Add new interface ppp_filetrans_named_content()
+- Allow keepalived_t read sysctl_net_t files
+- Allow puppetmaster_t domtran to puppetagent_t
+- Allow kdump_t domain to read kernel ring buffer
+- Allow boinc_t to mmap boinc tmpfs files BZ(1540816)
+- Merge pull request #47 from masatake/keepalived-signal
+- Allow keepalived_t create and write a file under /tmp
+- Allow ipsec_t domain to exec ifconfig_exec_t binaries.
+- Allow unconfined_domain_typ to create pppd_lock_t directory in /var/lock
+- Allow updpwd_t domain to create files in /etc with shadow_t label
+
 * Tue Jan 30 2018 Lukas Vrabec <lvrabec@redhat.com> - 3.14.1-5
 - Allow opendnssec daemon to execute ods-signer BZ(1537971)
 

sources

@@ -1,3 +1,3 @@
-SHA512 (container-selinux.tgz) = 3c4809e4003e37202354b632f5c7cd3d93bebaabfc279554b2119e6552f2c361664517cf6347b962c3a643abe33d826f6a67e73293d5d30eb871ff0bd426bd0a
-SHA512 (selinux-policy-747f4e6.tar.gz) = e0caa773814d47f8e803d92540d9a0f94c9842fc0c9f970692734d257e8cab74b912da024ee7b1fb0a354d15d87d1c2cedf11e71fd4a5b7e57d9f6a1ca9f6585
-SHA512 (selinux-policy-contrib-a1cd00e.tar.gz) = fa3470feb1468b95a80c2e51df8bef43933ab3b4e7c09893c39e6feed9b88211d18c4c275464a1640002cf1905016092b7be00adaeb219012a507a26880674a4
+SHA512 (container-selinux.tgz) = 2e41e73ea7296d784010b0ad1c8a5080f4c5cf1834e69a3f71a3618e9571cfb90395fb96ec24a8915014859c8547382181047203f1df101641db250622b3a65b
+SHA512 (selinux-policy-642cc91.tar.gz) = 27df867d6c4c3110238235720335d94b9f4b4742a0a91a27538af9e401518acc58af0619f09f6210f246b5e6f67b57e59fd3c48723406246d124f08a7792ae0f
+SHA512 (selinux-policy-contrib-b657ba0.tar.gz) = 480185612e71f93c15ae5616cce435a2bee9bd92ec61e7934ec36c2ee95a77e82e36a9d0c58c36d10cda5378deac041339cd9bfe3b3c10c69371e81e177b916d