* Wed Mar 25 2020 Zdenek Pytela <zpytela@redhat.com> - 3.14.6-10

- Allow openfortivpn exec shell - Remove label session_dbusd_tmp_t for /run/user/USERID/systemd - Add ibacm_t ipc_lock capability - Allow ipsec_t connectto ipsec_mgmt_t - Remove ipa_custodia - Allow systemd-journald to read user_tmp_t symlinks
2020-03-25 18:09:22 +01:00 · 2020-03-25 18:09:22 +01:00 · 08e09fd9c1
parent 099d40eeb8
commit 08e09fd9c1
3 changed files with 16 additions and 6 deletions
--- a/.gitignore
+++ b/.gitignore
@ -452,3 +452,5 @@ serefpolicy*
 /selinux-policy-649b10d.tar.gz
 /selinux-policy-contrib-ab515a1.tar.gz
 /selinux-policy-0072731.tar.gz
+/selinux-policy-a9a124e.tar.gz
+/selinux-policy-contrib-2c38d35.tar.gz
--- a/selinux-policy.spec
+++ b/selinux-policy.spec
@ -1,11 +1,11 @@
 # github repo with selinux-policy base sources
 %global git0 https://github.com/fedora-selinux/selinux-policy
-%global commit0 0072731f6c926cba7d4fb603b8ad0a625503c33c
+%global commit0 a9a124efb4b03f40c01b66a73deb59f364281f86
 %global shortcommit0 %(c=%{commit0}; echo ${c:0:7})

 # github repo with selinux-policy contrib sources
 %global git1 https://github.com/fedora-selinux/selinux-policy-contrib
-%global commit1 ab515a173ec0966a0a4f4c2822d0cef77e2a10b7
+%global commit1 2c38d3505ec6b7e5c267eb93a0d414e7c7ac47a7
 %global shortcommit1 %(c=%{commit1}; echo ${c:0:7})

 %define distro redhat
@ -29,7 +29,7 @@
 Summary: SELinux policy configuration
 Name: selinux-policy
 Version: 3.14.6
-Release: 9%{?dist}
+Release: 10%{?dist}
 License: GPLv2+
 Source: %{git0}/archive/%{commit0}/%{name}-%{shortcommit0}.tar.gz
 Source29: %{git1}/archive/%{commit1}/%{name}-contrib-%{shortcommit1}.tar.gz
@ -772,6 +772,14 @@ exit 0
 %endif

 %changelog
+* Wed Mar 25 2020 Zdenek Pytela <zpytela@redhat.com> - 3.14.6-10
+- Allow openfortivpn exec shell
+- Remove label session_dbusd_tmp_t for /run/user/USERID/systemd
+- Add ibacm_t ipc_lock capability
+- Allow ipsec_t connectto ipsec_mgmt_t
+- Remove ipa_custodia
+- Allow systemd-journald to read user_tmp_t symlinks
+
 * Wed Mar 18 2020 Zdenek Pytela <zpytela@redhat.com> - 3.14.6-9
 - Allow zabbix_t manage and filetrans temporary socket files
 - Makefile: fix tmp/%.mod.fc target
--- a/6
+++ b/6
@ -1,4 +1,4 @@
-SHA512 (selinux-policy-contrib-ab515a1.tar.gz) = a40bec3dedc01d68e8ad7abba377a3938604a3032a2c7a6951a9e4af4cf5baa0268c8740b506b5be25e19d43082e826ca855b68a578900d73db5706cc31215fe
-SHA512 (selinux-policy-0072731.tar.gz) = c315f5a7ff1bfa8bb24f70c7a79b4e24ac7eeb117b9d50843d236a03bc96e13dab29d023cf0aa082a91ce8c7902025b75bcff922638af1755a56bd6b8233ba37
-SHA512 (container-selinux.tgz) = 1bd355311e08cf3348cd3dc7650e9daca4b80ad05aa3bed73357da38f051645d27e0b1d7b9deaca2ea0696661373f67b1ea3301dc8658c76c0f812d0de01e124
+SHA512 (selinux-policy-a9a124e.tar.gz) = ae3b7a747e2dc165ad0dbb51cddb55616513c09ae3861d4540567b2bfacc64292b2ac232946440e987f7c0adaf9d705efb73fe43a733d6754e80b677eb0c92da
+SHA512 (selinux-policy-contrib-2c38d35.tar.gz) = 52c050cef40e389e9b67ffb5886bc4bb765dc31d2f7472f43a072dcba6ecd2dee85a8c7784f708ed71d2e0b3a7e5f471d53ca520eb04091631fbdf7c2e0e2a08
+SHA512 (container-selinux.tgz) = 7e7a116c1035387d6fdbd215f30a24d26ec82cf5ac7b1d7a96d549312dcf98aa919ef88d13113a3b6b22a81d964ac8861f78795f01c938117fbfcfc3a3c877bd
 SHA512 (macro-expander) = 243ee49f1185b78ac47e56ca9a3f3592f8975fab1a2401c0fcc7f88217be614fe31805bacec602b728e7fcfc21dcc17d90e9a54ce87f3a0c97624d9ad885aea4