From 0f62f5946fdd8bd4decabbf78623bf5796310e50 Mon Sep 17 00:00:00 2001
From: Lukas Vrabec <lvrabec@redhat.com>
Date: Mon, 13 Jan 2020 10:09:50 +0100
Subject: [PATCH] * Mon Jan 13 2020 Lukas Vrabec <lvrabec@redhat.com> -
 3.14.5-20 - Fix typo in anaconda SELinux module - Allow rtkit_t domain  to
 control scheduling for your install_t processes - Boolean: rngd_t to use
 executable memory - Allow rngd_t domain to use nsswitch BZ(1787661) - Allow
 exim to execute bin_t without domain trans - Allow create udp sockets for
 abrt_upload_watch_t domains - Drop label zebra_t for frr binaries - Allow
 NetworkManager_t domain to get status of samba services - Update milter
 policy to allow use sendmail - Modify file context for .local directory to
 match exactly BZ(1637401) - Allow init_t domain to create own socket files in
 /tmp - Allow ipsec_mgmt_t domain to mmap ipsec_conf_file_t files - Create
 files_create_non_security_dirs() interface

---
 .gitignore          |  2 ++
 selinux-policy.spec | 21 ++++++++++++++++++---
 sources             |  6 +++---
 3 files changed, 23 insertions(+), 6 deletions(-)

diff --git a/.gitignore b/.gitignore
index 2daec178..a5eaa0e9 100644
--- a/.gitignore
+++ b/.gitignore
@@ -429,3 +429,5 @@ serefpolicy*
 /selinux-policy-4881d15.tar.gz
 /selinux-policy-contrib-43e2de6.tar.gz
 /selinux-policy-789c659.tar.gz
+/selinux-policy-b169ed6.tar.gz
+/selinux-policy-contrib-cabad1f.tar.gz
diff --git a/selinux-policy.spec b/selinux-policy.spec
index 2763abf4..4b399e88 100644
--- a/selinux-policy.spec
+++ b/selinux-policy.spec
@@ -1,11 +1,11 @@
 # github repo with selinux-policy base sources
 %global git0 https://github.com/fedora-selinux/selinux-policy
-%global commit0 789c6593214fa10b15d2c628822cffe985417f5a
+%global commit0 b169ed68eafa6e5ce675629d8ff21ded5f645107
 %global shortcommit0 %(c=%{commit0}; echo ${c:0:7})
 
 # github repo with selinux-policy contrib sources
 %global git1 https://github.com/fedora-selinux/selinux-policy-contrib
-%global commit1 43e2de656ea04a4309c98039a1fcddf416ef6dba
+%global commit1 cabad1ffdee56048ffbc69424b64163d4a6edd06
 %global shortcommit1 %(c=%{commit1}; echo ${c:0:7})
 
 %define distro redhat
@@ -29,7 +29,7 @@
 Summary: SELinux policy configuration
 Name: selinux-policy
 Version: 3.14.5
-Release: 19%{?dist}
+Release: 20%{?dist}
 License: GPLv2+
 Source: %{git0}/archive/%{commit0}/%{name}-%{shortcommit0}.tar.gz
 Source29: %{git1}/archive/%{commit1}/%{name}-contrib-%{shortcommit1}.tar.gz
@@ -771,6 +771,21 @@ exit 0
 %endif
 
 %changelog
+* Mon Jan 13 2020 Lukas Vrabec <lvrabec@redhat.com> - 3.14.5-20
+- Fix typo in anaconda SELinux module
+- Allow rtkit_t domain  to control scheduling for your install_t processes
+- Boolean: rngd_t to use executable memory
+- Allow rngd_t domain to use nsswitch BZ(1787661)
+- Allow exim to execute bin_t without domain trans
+- Allow create udp sockets for abrt_upload_watch_t domains
+- Drop label zebra_t for frr binaries
+- Allow NetworkManager_t domain to get status of samba services
+- Update milter policy to allow use sendmail
+- Modify file context for .local directory to match exactly BZ(1637401)
+- Allow init_t domain to create own socket files in /tmp
+- Allow ipsec_mgmt_t domain to mmap ipsec_conf_file_t files
+- Create files_create_non_security_dirs() interface
+
 * Fri Dec 20 2019 Zdenek Pytela <zpytela@redhat.com> - 3.14.5-19
 - Allow init_t nnp domain transition to kmod_t
 - Allow userdomain dbus chat with systemd_resolved_t
diff --git a/sources b/sources
index f213b195..420604fe 100644
--- a/sources
+++ b/sources
@@ -1,4 +1,4 @@
-SHA512 (selinux-policy-contrib-43e2de6.tar.gz) = 56d01491f88f3a40db6cbe059b9b406dd15e254bb1eb7f3faee5635653986b2800bbbf15a66e0f9b972d1b5bae5ac3bc1d9ca207e5cf7a185a08a0347d3a9159
-SHA512 (selinux-policy-789c659.tar.gz) = 73a87e1f4b357211d34ed2e8029f2ab08afee33992a6c97119b091e92cb0d704a877f5cb2191a07bd92b348d7cfba782c27a47130fde69de21d6a3d3edf15b78
-SHA512 (container-selinux.tgz) = 813577b352bdfb4d0fd1bcba54f55a4d368512b7db3395a3a192205fe76485f9ff7994bc1fe610a27192f7e22818d7b8a2ab0a0128eff7f3387e481cfb0c1961
+SHA512 (selinux-policy-b169ed6.tar.gz) = 5640904281188d07a33d1f106440b9d468454a88a4b89fe8618c1947d56dede848a8dd89c3257d000e42ee0f5eaa291a1dc15e9d4638513af50dc63d6dba535f
+SHA512 (selinux-policy-contrib-cabad1f.tar.gz) = 15c65dfe4f1079ea987b37262304bdca2aa795fe388efeae3ba1d93da49ab7667429ac4a935ec12249a70189cc68606ba4b1d0a1839f1131cbb9404302d82fd2
+SHA512 (container-selinux.tgz) = b4ad092d9ab2a1e0c3251d0246b29823409c10a14c540d4880df006a883c43934083cdaa080ac0cd841b403cf006bb823f808d57a631462ddc588239dd452058
 SHA512 (macro-expander) = 243ee49f1185b78ac47e56ca9a3f3592f8975fab1a2401c0fcc7f88217be614fe31805bacec602b728e7fcfc21dcc17d90e9a54ce87f3a0c97624d9ad885aea4