* Fri Sep 29 2023 Zdenek Pytela <zpytela@redhat.com> - 38.29-1

- Allow sssd send SIGKILL to passkey_child running in ipa_otpd_t
- Allow systemd-localed create Xserver config dirs
- Allow sssd read symlinks in /etc/sssd
- Label /dev/gnss[0-9] with gnss_device_t
- Allow systemd-sleep read/write efivarfs variables
- ci: Fix version number of packit generated srpms
- Dontaudit rhsmcertd write memory device
- Allow ssh_agent_type create a sockfile in /run/user/USERID
- Set default file context of /var/lib/authselect/backups to <<none>>
- Allow prosody read network sysctls
- Allow cupsd_t to use bpf capability
This commit is contained in:
Zdenek Pytela 2023-09-29 20:49:14 +02:00
parent 4beb93659f
commit 11c92f5ea8
2 changed files with 17 additions and 4 deletions

View File

@ -1,6 +1,6 @@
# github repo with selinux-policy sources
%global giturl https://github.com/fedora-selinux/selinux-policy
%global commit 2eb41b7bd9949fae4421e2590e4dda01c5b43fc5
%global commit 260611282c2559f73ea337224b2d093b506664f0
%global shortcommit %(c=%{commit}; echo ${c:0:7})
%define distro redhat
@ -23,7 +23,7 @@
%define CHECKPOLICYVER 3.2
Summary: SELinux policy configuration
Name: selinux-policy
Version: 38.28
Version: 38.29
Release: 1%{?dist}
License: GPL-2.0-or-later
Source: %{giturl}/archive/%{commit}/%{name}-%{shortcommit}.tar.gz
@ -814,6 +814,19 @@ exit 0
%endif
%changelog
* Fri Sep 29 2023 Zdenek Pytela <zpytela@redhat.com> - 38.29-1
- Allow sssd send SIGKILL to passkey_child running in ipa_otpd_t
- Allow systemd-localed create Xserver config dirs
- Allow sssd read symlinks in /etc/sssd
- Label /dev/gnss[0-9] with gnss_device_t
- Allow systemd-sleep read/write efivarfs variables
- ci: Fix version number of packit generated srpms
- Dontaudit rhsmcertd write memory device
- Allow ssh_agent_type create a sockfile in /run/user/USERID
- Set default file context of /var/lib/authselect/backups to <<none>>
- Allow prosody read network sysctls
- Allow cupsd_t to use bpf capability
* Fri Sep 15 2023 Zdenek Pytela <zpytela@redhat.com> - 38.28-1
- Allow sssd domain transition on passkey_child execution conditionally
- Allow login_userdomain watch lnk_files in /usr

View File

@ -1,3 +1,3 @@
SHA512 (selinux-policy-2eb41b7.tar.gz) = ff51f7794093670e0883e88f8464fe2915a2b44650a3d5443bdc2c124a95fd1406472b932adc685eafa688cc7aa5784fde6b568d05095a1741188e12725f11a1
SHA512 (container-selinux.tgz) = 07de5e93d433eec7cc0030f0ea89c502add10013c258d60997eac3f5ffd4a080cbc9268273c1de38a6c2dcedbf24ddfd8aaa8cb7579e62a4c04c22135baf1e8f
SHA512 (selinux-policy-2606112.tar.gz) = 026641d1b8cd215ef72bc0bca2b05d9d23151bd5d91a0cf8885774388329fcae8852c63c0ff417c88c741153d4dde0cd5fd294c95800c79734002c199d0a254c
SHA512 (container-selinux.tgz) = f567275a9bb33f6cea97e9909cbf0b363a16e43a3e0b5513cf3bb09bdb67b4aa5b753bcd0a26a7f398ec0f9b9b60e56872583a94992676e310cdf9b99e58cf03
SHA512 (macro-expander) = 243ee49f1185b78ac47e56ca9a3f3592f8975fab1a2401c0fcc7f88217be614fe31805bacec602b728e7fcfc21dcc17d90e9a54ce87f3a0c97624d9ad885aea4