* Fri Jan 13 2023 Zdenek Pytela <zpytela@redhat.com> - 38.5-1

- Allow insights client work with gluster and pcp - Add insights additional capabilities - Add interfaces in domain, files, and unconfined modules - Label fwupdoffline and fwupd-detect-cet with fwupd_exec_t - Allow sudodomain use sudo.log as a logfile - Allow pdns server map its library files and bind to unreserved ports - Allow sysadm_t read/write ipmi devices - Allow prosody manage its runtime socket files - Allow kernel threads manage kernel keys - Allow systemd-userdbd the sys_resource capability - Allow systemd-journal list cgroup directories - Allow apcupsd dbus chat with systemd-logind - Allow nut_domain manage also files and sock_files in /var/run - Allow winbind-rpcd make a TCP connection to the ldap port - Label /usr/lib/rpm/rpmdb_migrate with rpmdb_exec_t - Allow tlp read generic SSL certificates - Allow systemd-resolved watch tmpfs directories - Revert "Allow systemd-resolved watch tmpfs directories"
2023-01-13 18:43:38 +01:00 · 2023-01-13 18:43:38 +01:00 · 13e15d410c
commit 13e15d410c
parent 328d37031b
2 changed files with 24 additions and 4 deletions
--- a/selinux-policy.spec
+++ b/selinux-policy.spec
@ -1,6 +1,6 @@
 # github repo with selinux-policy sources
 %global giturl https://github.com/fedora-selinux/selinux-policy
-%global commit b42deb870faaa63be41cd6b6b9d8a5846205e6ea
+%global commit 8b251cf41fa2f3d670f5f84e1298b7a0e549535a
 %global shortcommit %(c=%{commit}; echo ${c:0:7})

 %define distro redhat
@ -23,7 +23,7 @@
 %define CHECKPOLICYVER 3.2
 Summary: SELinux policy configuration
 Name: selinux-policy
-Version: 38.4
+Version: 38.5
 Release: 1%{?dist}
 License: GPL-2.0-or-later
 Source: %{giturl}/archive/%{commit}/%{name}-%{shortcommit}.tar.gz
@ -813,6 +813,26 @@ exit 0
 %endif

 %changelog
+* Fri Jan 13 2023 Zdenek Pytela <zpytela@redhat.com> - 38.5-1
+- Allow insights client work with gluster and pcp
+- Add insights additional capabilities
+- Add interfaces in domain, files, and unconfined modules
+- Label fwupdoffline and fwupd-detect-cet with fwupd_exec_t
+- Allow sudodomain use sudo.log as a logfile
+- Allow pdns server map its library files and bind to unreserved ports
+- Allow sysadm_t read/write ipmi devices
+- Allow prosody manage its runtime socket files
+- Allow kernel threads manage kernel keys
+- Allow systemd-userdbd the sys_resource capability
+- Allow systemd-journal list cgroup directories
+- Allow apcupsd dbus chat with systemd-logind
+- Allow nut_domain manage also files and sock_files in /var/run
+- Allow winbind-rpcd make a TCP connection to the ldap port
+- Label /usr/lib/rpm/rpmdb_migrate with rpmdb_exec_t
+- Allow tlp read generic SSL certificates
+- Allow systemd-resolved watch tmpfs directories
+- Revert "Allow systemd-resolved watch tmpfs directories"
+
 * Mon Dec 19 2022 Zdenek Pytela <zpytela@redhat.com> - 38.4-1
 - Allow NetworkManager and wpa_supplicant the bpf capability
 - Allow systemd-rfkill the bpf capability
--- a/4
+++ b/4
@ -1,3 +1,3 @@
-SHA512 (selinux-policy-b42deb8.tar.gz) = 30ee807d451dac182392f4a47254c576fb1ea617c0f86081cc061cfb09f4a5126ebab11f352efe0bad310b2ce9a74743e2a76dde6809829ac945c20c969ba302
+SHA512 (selinux-policy-8b251cf.tar.gz) = 316680045b699b27d7d50611ec6a2eeccf10901d59935de9130d6f0a2e60835a7603b36d3595adf9aa79a64ece69fd1bc85ae5032216f4032eda8e1448f84211
+SHA512 (container-selinux.tgz) = bca3d764940f9e5fbc3fbbd0e873fed6413447515e397969cab93179fe63e5da0f804b370e2ef70da50bd7431f9e01ad200c574ca654e3637848be21bcc3d0c4
 SHA512 (macro-expander) = 243ee49f1185b78ac47e56ca9a3f3592f8975fab1a2401c0fcc7f88217be614fe31805bacec602b728e7fcfc21dcc17d90e9a54ce87f3a0c97624d9ad885aea4
-SHA512 (container-selinux.tgz) = 4eb975c285c791a5f7a005a52d54f788cb8b4ca4abcbe891caa67f28c5ef4b7be35dec749d1dc261ba112ff84e749dd2efcc067c5f300c5094efb398f57ad665