* Tue Sep 08 2020 Zdenek Pytela <zpytela@redhat.com> - 3.14.7-1

- Bump version as Fedora 33 has been branched - Allow php-fpm write access to /var/run/redis/redis.sock - Allow journalctl to read and write to inherited user domain tty - Update rkt policy to allow rkt_t domain to read sysfs filesystem - Allow arpwatch create and use rdma socket - Allow plymouth sys_chroot capability - Allow gnome-initial-setup execute in a xdm sandbox - Add new devices and filesystem interfaces
2020-09-08 15:23:29 +02:00 · 2020-09-08 15:23:29 +02:00 · 129e6fcdd4
commit 129e6fcdd4
parent 491bb86202
3 changed files with 19 additions and 7 deletions
--- a/.gitignore
+++ b/.gitignore
@ -481,3 +481,5 @@ serefpolicy*
 /selinux-policy-contrib-7c37fde.tar.gz
 /selinux-policy-5e99183.tar.gz
 /selinux-policy-099ea7b.tar.gz
+/selinux-policy-contrib-d78dc0e.tar.gz
+/selinux-policy-4585c55.tar.gz
--- a/selinux-policy.spec
+++ b/selinux-policy.spec
@ -1,11 +1,11 @@
 # github repo with selinux-policy base sources
 %global git0 https://github.com/fedora-selinux/selinux-policy
-%global commit0 099ea7b7bd113cac657f98d406c77839cce98859
+%global commit0 4585c55ec6bab755a423aebc9fe5dd462f865e6e
 %global shortcommit0 %(c=%{commit0}; echo ${c:0:7})

 # github repo with selinux-policy contrib sources
 %global git1 https://github.com/fedora-selinux/selinux-policy-contrib
-%global commit1 7c37fdec5dbf351cd55491174ae06c983e4e72bc
+%global commit1 d78dc0ec3b51123b8e635ff7452b47fb066b579d
 %global shortcommit1 %(c=%{commit1}; echo ${c:0:7})

 %define distro redhat
@ -28,8 +28,8 @@
 %define CHECKPOLICYVER 3.1
 Summary: SELinux policy configuration
 Name: selinux-policy
-Version: 3.14.6
-Release: 25%{?dist}
+Version: 3.14.7
+Release: 1%{?dist}
 License: GPLv2+
 Source: %{git0}/archive/%{commit0}/%{name}-%{shortcommit0}.tar.gz
 Source29: %{git1}/archive/%{commit1}/%{name}-contrib-%{shortcommit1}.tar.gz
@ -784,6 +784,16 @@ exit 0
 %endif

 %changelog
+* Tue Sep 08 2020 Zdenek Pytela <zpytela@redhat.com> - 3.14.7-1
+- Bump version as Fedora 33 has been branched
+- Allow php-fpm write access to /var/run/redis/redis.sock
+- Allow journalctl to read and write to inherited user domain tty
+- Update rkt policy to allow rkt_t domain to read sysfs filesystem
+- Allow arpwatch create and use rdma socket
+- Allow plymouth sys_chroot capability
+- Allow gnome-initial-setup execute in a xdm sandbox
+- Add new devices and filesystem interfaces
+
 * Mon Aug 24 2020 Zdenek Pytela <zpytela@redhat.com> - 3.14.6-25
 - Allow certmonger fowner capability
 - The nfsdcld service is now confined by SELinux
--- a/6
+++ b/6
@ -1,4 +1,4 @@
-SHA512 (selinux-policy-contrib-7c37fde.tar.gz) = 481ce52174972d455de8559c51cb3eb4f74f5a990412dbdd4d69f158bb465c2cc6342e13e24f4047f33d4f2e7c79f7f0123f0520dd9a6af524f0a3666d649b9e
-SHA512 (selinux-policy-099ea7b.tar.gz) = 0fe2b0aaad88b1ffca83bb8b1e19a781860e854ab7630a38a4656c531d1b035ce695f67468cf34c49e21cc39a17fbabfa0c14cfb3fddf215626aaefd45890aca
-SHA512 (container-selinux.tgz) = 667a09b3f37706727eb8992b9d57d767e6d6643cf1f495339934cb36d8d30272c193fa7cfbffe9df50b0cef7dd6883e7df1750970ee41c2db1d891bf75d73d34
+SHA512 (selinux-policy-contrib-d78dc0e.tar.gz) = a30aae6d137e75a7119213e5d260d2ec5247cabef2c6aff62b1ebb2307301af4ee1204754442e0d2f7d96448099bf3ff2d1e06af536dc9793a88b994b4f79430
+SHA512 (selinux-policy-4585c55.tar.gz) = 6a010bb474c96cbccaf1432a86555978a35e1e0dd36ebdceeff3e8a062084c04d7a4ba1d203ce3e2ef852484315bcb86b08e6dbbd93ca157bdd45aae0ae3e888
+SHA512 (container-selinux.tgz) = 5dfe7e0c8ffc05df2e905a500b977e8325cb3b78029505f572f2bc50545ddd54a5ffca904d81bc3ff69530fe66382db2a166e791ad544e853a1bd2a51d248ab7
 SHA512 (macro-expander) = 243ee49f1185b78ac47e56ca9a3f3592f8975fab1a2401c0fcc7f88217be614fe31805bacec602b728e7fcfc21dcc17d90e9a54ce87f3a0c97624d9ad885aea4