* Tue Jun 12 2018 Lukas Vrabec <lvrabec@redhat.com> - 3.14.2-24
- /usr/libexec/bluetooth/obexd should have only obexd_exec_t instead of bluetoothd_exec_t type - Allow ntop_t domain to create/map various sockets/files. - Enable the dictd to communicate via D-bus. - Allow inetd_child process to chat via dbus with abrt - Allow zabbix_agent_t domain to connect to redis_port_t - Allow rhsmcertd_t domain to read xenfs_t files - Allow zabbix_agent_t to run zabbix scripts - Fix openvswith SELinux module - Fix wrong path in tlp context file BZ(1586329) - Update brltty SELinux module - Allow rabbitmq_t domain to create own tmp files/dirs - Allow policykit_t mmap policykit_auth_exec_t files - Allow ipmievd_t domain to read general certs - Add sys_ptrace capability to pcp_pmie_t domain - Allow squid domain to exec ldconfig - Update gpg SELinux policy module - Allow mailman_domain to read system network state - Allow openvswitch_t domain to read neutron state and read/write fixed disk devices - Allow antivirus_domain to read all domain system state - Allow targetd_t domain to red gconf_home_t files/dirs - Label /usr/libexec/bluetooth/obexd as obexd_exec_t - Add interface nagios_unconfined_signull() - Fix typos in zabbix.te file - Add missing requires - Allow tomcat domain sends email - Fix typo in sge policy - Merge pull request #214 from wrabcak/fb-dhcpc - Allow dhcpc_t creating own socket files inside /var/run/ Allow dhcpc_t creating netlink_kobject_uevent_socket, netlink_generic_socket, rawip_socket BZ(1585971) - Allow confined users get AFS tokens - Allow sysadm_t domain to chat via dbus - Associate sysctl_kernel_t type with filesystem attribute - Allow syslogd_t domain to send signull to nagios_unconfined_plugin_t - Fix typo in netutils.te file
This commit is contained in:
parent
afcdb03a67
commit
1d35f9ea76
|
@ -290,3 +290,5 @@ serefpolicy*
|
|||
/selinux-policy-contrib-93edf9a.tar.gz
|
||||
/selinux-policy-d06c960.tar.gz
|
||||
/selinux-policy-contrib-f1b2ca4.tar.gz
|
||||
/selinux-policy-ae55b01.tar.gz
|
||||
/selinux-policy-contrib-d23eef1.tar.gz
|
||||
|
|
|
@ -1,11 +1,11 @@
|
|||
# github repo with selinux-policy base sources
|
||||
%global git0 https://github.com/fedora-selinux/selinux-policy
|
||||
%global commit0 d06c960c55dcf093800123327a58c4adf3ffe3dd
|
||||
%global commit0 ae55b01a8df7f7c4afd8cd6697e848141352c3a2
|
||||
%global shortcommit0 %(c=%{commit0}; echo ${c:0:7})
|
||||
|
||||
# github repo with selinux-policy contrib sources
|
||||
%global git1 https://github.com/fedora-selinux/selinux-policy-contrib
|
||||
%global commit1 f1b2ca4356336a0f8c018fb0d2a811df81f32467
|
||||
%global commit1 d23eef15f7aa7c9bee340a374b53e5a3cb485e90
|
||||
%global shortcommit1 %(c=%{commit1}; echo ${c:0:7})
|
||||
|
||||
%define distro redhat
|
||||
|
@ -29,7 +29,7 @@
|
|||
Summary: SELinux policy configuration
|
||||
Name: selinux-policy
|
||||
Version: 3.14.2
|
||||
Release: 23%{?dist}
|
||||
Release: 24%{?dist}
|
||||
License: GPLv2+
|
||||
Group: System Environment/Base
|
||||
Source: %{git0}/archive/%{commit0}/%{name}-%{shortcommit0}.tar.gz
|
||||
|
@ -718,6 +718,41 @@ exit 0
|
|||
%endif
|
||||
|
||||
%changelog
|
||||
* Tue Jun 12 2018 Lukas Vrabec <lvrabec@redhat.com> - 3.14.2-24
|
||||
- /usr/libexec/bluetooth/obexd should have only obexd_exec_t instead of bluetoothd_exec_t type
|
||||
- Allow ntop_t domain to create/map various sockets/files.
|
||||
- Enable the dictd to communicate via D-bus.
|
||||
- Allow inetd_child process to chat via dbus with abrt
|
||||
- Allow zabbix_agent_t domain to connect to redis_port_t
|
||||
- Allow rhsmcertd_t domain to read xenfs_t files
|
||||
- Allow zabbix_agent_t to run zabbix scripts
|
||||
- Fix openvswith SELinux module
|
||||
- Fix wrong path in tlp context file BZ(1586329)
|
||||
- Update brltty SELinux module
|
||||
- Allow rabbitmq_t domain to create own tmp files/dirs
|
||||
- Allow policykit_t mmap policykit_auth_exec_t files
|
||||
- Allow ipmievd_t domain to read general certs
|
||||
- Add sys_ptrace capability to pcp_pmie_t domain
|
||||
- Allow squid domain to exec ldconfig
|
||||
- Update gpg SELinux policy module
|
||||
- Allow mailman_domain to read system network state
|
||||
- Allow openvswitch_t domain to read neutron state and read/write fixed disk devices
|
||||
- Allow antivirus_domain to read all domain system state
|
||||
- Allow targetd_t domain to red gconf_home_t files/dirs
|
||||
- Label /usr/libexec/bluetooth/obexd as obexd_exec_t
|
||||
- Add interface nagios_unconfined_signull()
|
||||
- Fix typos in zabbix.te file
|
||||
- Add missing requires
|
||||
- Allow tomcat domain sends email
|
||||
- Fix typo in sge policy
|
||||
- Merge pull request #214 from wrabcak/fb-dhcpc
|
||||
- Allow dhcpc_t creating own socket files inside /var/run/ Allow dhcpc_t creating netlink_kobject_uevent_socket, netlink_generic_socket, rawip_socket BZ(1585971)
|
||||
- Allow confined users get AFS tokens
|
||||
- Allow sysadm_t domain to chat via dbus
|
||||
- Associate sysctl_kernel_t type with filesystem attribute
|
||||
- Allow syslogd_t domain to send signull to nagios_unconfined_plugin_t
|
||||
- Fix typo in netutils.te file
|
||||
|
||||
* Wed Jun 06 2018 Lukas Vrabec <lvrabec@redhat.com> - 3.14.2-23
|
||||
- Add dac_override capability to sendmail_t domian
|
||||
|
||||
|
|
6
sources
6
sources
|
@ -1,3 +1,3 @@
|
|||
SHA512 (selinux-policy-d06c960.tar.gz) = 80671384c85c91b920ad792b290843986b5ba495416de49cf94535bdba28b3dfe237a925116767dd7e781f76df44168788217169f03648ea82f37aa586395a38
|
||||
SHA512 (selinux-policy-contrib-f1b2ca4.tar.gz) = 9908062364aef17c6ebabfecbef6a5df0142f7f13d7a268169498fc59b965f955996f11d5c13b23df7bad59b80a13c707a9854cfa2049e0ae1a756c6f31e3a2b
|
||||
SHA512 (container-selinux.tgz) = a974188befc2c380af4272bb2a024703fc9917487067caa6e121f884a5534138e9d87ec115d91605e571a1d6c14cbb4aeda43ef86eddbf8bcea4671903c0916a
|
||||
SHA512 (selinux-policy-ae55b01.tar.gz) = ffb76c965e4dc07a41f1b9b451fb15af8cdf9790d50344b305fa4eb84be71960f70ec27ef11f4080cf902315075b0951d591577d88eac01d789a77c0df3e57a2
|
||||
SHA512 (selinux-policy-contrib-d23eef1.tar.gz) = d882b488404ec8b10491fdfa057e137e98d274772e6bbfec6c3aa59f0bfb0dce245de9fc905b3d16bd2e0953caf9849115e72aea05730c374f52a417114fdf64
|
||||
SHA512 (container-selinux.tgz) = ffc9eb68e7b3e38994bc07e64cf5862884b00a77c1c751abe69836bcf32ba7f73e5e06e3212a0b1523d1b14695b01c7117f9f0f583d71fa301a3bb65c4d333c4
|
||||
|
|
Loading…
Reference in New Issue