- Update timedatex policy to add macros, more detail below
- Allow nagios_script_t domain list files labled sysfs_t. - Allow jetty_t domain search and read cgroup_t files. - Allow Gluster mount client to mount files_type - Dontaudit and disallow sys_admin capability for keepalived_t domain - Update numad policy to allow signull, kill, nice and trace processes - Allow ipmievd_t to RW watchdog devices - Allow ldconfig_t domain to manage initrc_tmp_t link files Allow netutils_t domain to write to initrc_tmp_t fifo files - Allow user domains to manage user session services - Allow staff and user users to get status of user systemd session - Update sudo_role_template() to allow caller domain to read syslog pid files
This commit is contained in:
parent
4a9509e8a2
commit
03b04ae77e
2
.gitignore
vendored
2
.gitignore
vendored
@ -412,3 +412,5 @@ serefpolicy*
|
||||
/selinux-policy-contrib-84cf0f5.tar.gz
|
||||
/selinux-policy-contrib-7c1c105.tar.gz
|
||||
/selinux-policy-contrib-070f96c.tar.gz
|
||||
/selinux-policy-contrib-7adf788.tar.gz
|
||||
/selinux-policy-c95997f.tar.gz
|
||||
|
@ -1,11 +1,11 @@
|
||||
# github repo with selinux-policy base sources
|
||||
%global git0 https://github.com/fedora-selinux/selinux-policy
|
||||
%global commit0 aa4c0707e6664ede25e49f57d3c9b4d267650ca1
|
||||
%global commit0 c95997f82617ebaf9b87845b3a2b5c721b99b212
|
||||
%global shortcommit0 %(c=%{commit0}; echo ${c:0:7})
|
||||
|
||||
# github repo with selinux-policy contrib sources
|
||||
%global git1 https://github.com/fedora-selinux/selinux-policy-contrib
|
||||
%global commit1 070f96cf0f59735f1d01cb7f9427292b7f112fd3
|
||||
%global commit1 7adf7883d0fdd9349f09ceb121e68a63d25503cd
|
||||
%global shortcommit1 %(c=%{commit1}; echo ${c:0:7})
|
||||
|
||||
%define distro redhat
|
||||
@ -29,7 +29,7 @@
|
||||
Summary: SELinux policy configuration
|
||||
Name: selinux-policy
|
||||
Version: 3.14.5
|
||||
Release: 9%{?dist}
|
||||
Release: 10%{?dist}
|
||||
License: GPLv2+
|
||||
Source: %{git0}/archive/%{commit0}/%{name}-%{shortcommit0}.tar.gz
|
||||
Source29: %{git1}/archive/%{commit1}/%{name}-contrib-%{shortcommit1}.tar.gz
|
||||
@ -787,6 +787,19 @@ exit 0
|
||||
%endif
|
||||
|
||||
%changelog
|
||||
* Tue Oct 22 2019 Lukas Vrabec <lvrabec@redhat.com> - 3.14.5-10
|
||||
- Update timedatex policy to add macros, more detail below
|
||||
- Allow nagios_script_t domain list files labled sysfs_t.
|
||||
- Allow jetty_t domain search and read cgroup_t files.
|
||||
- Allow Gluster mount client to mount files_type
|
||||
- Dontaudit and disallow sys_admin capability for keepalived_t domain
|
||||
- Update numad policy to allow signull, kill, nice and trace processes
|
||||
- Allow ipmievd_t to RW watchdog devices
|
||||
- Allow ldconfig_t domain to manage initrc_tmp_t link files Allow netutils_t domain to write to initrc_tmp_t fifo files
|
||||
- Allow user domains to manage user session services
|
||||
- Allow staff and user users to get status of user systemd session
|
||||
- Update sudo_role_template() to allow caller domain to read syslog pid files
|
||||
|
||||
* Fri Oct 11 2019 Lukas Vrabec <lvrabec@redhat.com> - 3.14.5-9
|
||||
- Allow networkmanager_t domain domain transition to chronyc_t domain BZ(1760226)
|
||||
|
||||
|
6
sources
6
sources
@ -1,4 +1,4 @@
|
||||
SHA512 (selinux-policy-contrib-070f96c.tar.gz) = f08779b54b9e90ffb6ef5c7f7e490387aa1182a6eb3e7773106d683333455c07c076fa47e864457a818e0339dce049de3ed1e9493e9d1312235c7d289022851f
|
||||
SHA512 (selinux-policy-aa4c070.tar.gz) = d8ac4aa13531b2ddd30a3f1eddad3e77cdd5f955d0960b7d40e52e7bbd667428c2dd13be1b4b3559dcd6c36eec7e05d349b5de7141910f44e16233fba7a9ddb2
|
||||
SHA512 (container-selinux.tgz) = a7a91d81967702fcbff61f8c066887cf033dfbc1671b4d35f273fb137a3400b121efa1d166e99cc741b8a06e65458a86290f43cda333fa9f80168d9e24f4ab12
|
||||
SHA512 (selinux-policy-contrib-7adf788.tar.gz) = 3757c701cca46d858cae1128db3e05b373de3e7e1d56ad4eef137e46047ecfe06e811a1e24c96da9156ebed9e38d7053f0940743de65e866680a693ad47ac2e2
|
||||
SHA512 (selinux-policy-c95997f.tar.gz) = 50b2fc0cf928f6408c85bb805cf6bb5b1369a125937db897acbcf69ef24b988427723b313c4d1032bc4313c036a720c017b771c3df53410c1514c6c97acc9ac0
|
||||
SHA512 (container-selinux.tgz) = 1d271ad131ddde8eaf08304d9bb9b86e01588a513d3ebdf0bc8fcd4249132a060bf5c5d2e8311badba4a0428ab700c1a27b5d0b9f11e93d78e0ef15acc987aa4
|
||||
SHA512 (macro-expander) = 243ee49f1185b78ac47e56ca9a3f3592f8975fab1a2401c0fcc7f88217be614fe31805bacec602b728e7fcfc21dcc17d90e9a54ce87f3a0c97624d9ad885aea4
|
||||
|
Loading…
Reference in New Issue
Block a user