* Fri Jan 24 2020 Zdenek Pytela <zpytela@redhat.com> - 3.14.5-21
- Dontaudit timedatex_t read file_contexts_t and validate security contexts - Make stratisd_t domain unconfined for now. - stratisd_t policy updates. - Label /var/spool/plymouth/boot.log as plymouthd_var_log_t - Label /stratis as stratisd_data_t - Allow opafm_t to create and use netlink rdma sockets. - Allow stratisd_t domain to read/write fixed disk devices and removable devices. - Added macro for stratisd to chat over dbus - Add dac_override capability to stratisd_t domain - Allow init_t set the nice level of all domains BZ(1778088) - Allow userdomain to chat with stratisd over dbus.
This commit is contained in:
parent
ee6e28e884
commit
07e568bc06
2
.gitignore
vendored
2
.gitignore
vendored
@ -431,3 +431,5 @@ serefpolicy*
|
||||
/selinux-policy-789c659.tar.gz
|
||||
/selinux-policy-b169ed6.tar.gz
|
||||
/selinux-policy-contrib-cabad1f.tar.gz
|
||||
/selinux-policy-533b7be.tar.gz
|
||||
/selinux-policy-contrib-be783bd.tar.gz
|
||||
|
@ -1,11 +1,11 @@
|
||||
# github repo with selinux-policy base sources
|
||||
%global git0 https://github.com/fedora-selinux/selinux-policy
|
||||
%global commit0 b169ed68eafa6e5ce675629d8ff21ded5f645107
|
||||
%global commit0 533b7be0d2b9f6ad895b36cedb2d010ee8be9c03
|
||||
%global shortcommit0 %(c=%{commit0}; echo ${c:0:7})
|
||||
|
||||
# github repo with selinux-policy contrib sources
|
||||
%global git1 https://github.com/fedora-selinux/selinux-policy-contrib
|
||||
%global commit1 cabad1ffdee56048ffbc69424b64163d4a6edd06
|
||||
%global commit1 be783bd4b9aa52ed0bbb5555128659a3e1c91410
|
||||
%global shortcommit1 %(c=%{commit1}; echo ${c:0:7})
|
||||
|
||||
%define distro redhat
|
||||
@ -29,7 +29,7 @@
|
||||
Summary: SELinux policy configuration
|
||||
Name: selinux-policy
|
||||
Version: 3.14.5
|
||||
Release: 20%{?dist}
|
||||
Release: 21%{?dist}
|
||||
License: GPLv2+
|
||||
Source: %{git0}/archive/%{commit0}/%{name}-%{shortcommit0}.tar.gz
|
||||
Source29: %{git1}/archive/%{commit1}/%{name}-contrib-%{shortcommit1}.tar.gz
|
||||
@ -772,6 +772,19 @@ exit 0
|
||||
%endif
|
||||
|
||||
%changelog
|
||||
* Fri Jan 24 2020 Zdenek Pytela <zpytela@redhat.com> - 3.14.5-21
|
||||
- Dontaudit timedatex_t read file_contexts_t and validate security contexts
|
||||
- Make stratisd_t domain unconfined for now.
|
||||
- stratisd_t policy updates.
|
||||
- Label /var/spool/plymouth/boot.log as plymouthd_var_log_t
|
||||
- Label /stratis as stratisd_data_t
|
||||
- Allow opafm_t to create and use netlink rdma sockets.
|
||||
- Allow stratisd_t domain to read/write fixed disk devices and removable devices.
|
||||
- Added macro for stratisd to chat over dbus
|
||||
- Add dac_override capability to stratisd_t domain
|
||||
- Allow init_t set the nice level of all domains BZ(1778088)
|
||||
- Allow userdomain to chat with stratisd over dbus.
|
||||
|
||||
* Mon Jan 13 2020 Lukas Vrabec <lvrabec@redhat.com> - 3.14.5-20
|
||||
- Fix typo in anaconda SELinux module
|
||||
- Allow rtkit_t domain to control scheduling for your install_t processes
|
||||
|
6
sources
6
sources
@ -1,4 +1,4 @@
|
||||
SHA512 (selinux-policy-b169ed6.tar.gz) = 5640904281188d07a33d1f106440b9d468454a88a4b89fe8618c1947d56dede848a8dd89c3257d000e42ee0f5eaa291a1dc15e9d4638513af50dc63d6dba535f
|
||||
SHA512 (selinux-policy-contrib-cabad1f.tar.gz) = 15c65dfe4f1079ea987b37262304bdca2aa795fe388efeae3ba1d93da49ab7667429ac4a935ec12249a70189cc68606ba4b1d0a1839f1131cbb9404302d82fd2
|
||||
SHA512 (container-selinux.tgz) = b4ad092d9ab2a1e0c3251d0246b29823409c10a14c540d4880df006a883c43934083cdaa080ac0cd841b403cf006bb823f808d57a631462ddc588239dd452058
|
||||
SHA512 (selinux-policy-533b7be.tar.gz) = 07a1e523e3a2b4ba87ff5c97eda96bcf018669dd2feca6997df3ccecb221410a85f49fde45a90b460c650595ed9385b3024d3654010f760b3a74783ef3e5e0f7
|
||||
SHA512 (selinux-policy-contrib-be783bd.tar.gz) = 760f86bc1ebc7380d15657e064bee9a889e5958c5a96247aef79f2ccd886ab8b48289d8fe83a037d5da91baf96129cde2dfa5971f5ea262d46916efffcd371f1
|
||||
SHA512 (container-selinux.tgz) = 05a4576ed8dfd670fc008da05f569c4be4e044b9c5c7a12511e4844e86932d9c6f04260bf3e766be59a67d1791b345edb93ff7d73b70b243f078962f6be37b98
|
||||
SHA512 (macro-expander) = 243ee49f1185b78ac47e56ca9a3f3592f8975fab1a2401c0fcc7f88217be614fe31805bacec602b728e7fcfc21dcc17d90e9a54ce87f3a0c97624d9ad885aea4
|
||||
|
Loading…
Reference in New Issue
Block a user