From 278c1ad4538de32f29e083f7595e5488aae91083 Mon Sep 17 00:00:00 2001 From: Zdenek Pytela Date: Tue, 12 Nov 2024 17:01:30 +0100 Subject: [PATCH] * Tue Nov 12 2024 Zdenek Pytela - 40.13.13-1 - Revert "Allow unconfined_t execute kmod in the kmod domain" Resolves: RHEL-65190 - Add policy for /usr/libexec/samba/samba-bgqd Resolves: RHEL-64908 - Label samba certificates with samba_cert_t Resolves: RHEL-64908 - Label /usr/bin/samba-gpupdate with samba_gpupdate_exec_t Resolves: RHEL-64908 - Allow rpcd read network sysctls Resolves: RHEL-64737 - Label all semanage store files in /etc as semanage_store_t Resolves: RHEL-65864 --- selinux-policy.spec | 20 +++++++++++++++++--- sources | 4 ++-- 2 files changed, 19 insertions(+), 5 deletions(-) diff --git a/selinux-policy.spec b/selinux-policy.spec index 164319d6..7d1e5a80 100644 --- a/selinux-policy.spec +++ b/selinux-policy.spec @@ -1,6 +1,6 @@ # github repo with selinux-policy sources %global giturl https://github.com/fedora-selinux/selinux-policy -%global commit e0e55ecfdebae28221324ff62a7784fe509617df +%global commit e464c3bb967763b8bfac50769b72159d040088b9 %global shortcommit %(c=%{commit}; echo ${c:0:7}) %define distro redhat @@ -23,8 +23,8 @@ %define CHECKPOLICYVER 3.2 Summary: SELinux policy configuration Name: selinux-policy -Version: 40.13.12 -Release: 2%{?dist} +Version: 40.13.13 +Release: 1%{?dist} License: GPL-2.0-or-later Source: %{giturl}/archive/%{commit}/%{name}-%{shortcommit}.tar.gz Source1: modules-targeted-base.conf @@ -860,6 +860,20 @@ exit 0 %endif %changelog +* Tue Nov 12 2024 Zdenek Pytela - 40.13.13-1 +- Revert "Allow unconfined_t execute kmod in the kmod domain" +Resolves: RHEL-65190 +- Add policy for /usr/libexec/samba/samba-bgqd +Resolves: RHEL-64908 +- Label samba certificates with samba_cert_t +Resolves: RHEL-64908 +- Label /usr/bin/samba-gpupdate with samba_gpupdate_exec_t +Resolves: RHEL-64908 +- Allow rpcd read network sysctls +Resolves: RHEL-64737 +- Label all semanage store files in /etc as semanage_store_t +Resolves: RHEL-65864 + * Tue Oct 29 2024 Troy Dawson - 40.13.12-2 - Bump release for October 2024 mass rebuild: Resolves: RHEL-64018 diff --git a/sources b/sources index 3e77d9e3..f9fbb968 100644 --- a/sources +++ b/sources @@ -1,3 +1,3 @@ -SHA512 (selinux-policy-e0e55ec.tar.gz) = 022d133c47e8e67cb75c972fe370c9090e26c503c059032240644797f54bde1f20a031d7c47e2bc8992db11a065200a9bcbdb433d42acd711cb67a4b8e7d7bf2 +SHA512 (selinux-policy-e464c3b.tar.gz) = 8f78a389f6a59e9fe36307c1a4262f3752d7ce2e40f3512b70a8a7783315480522e03169e543a651cc31af087eba6996c416acc7700b69a73121f1cffc05ab89 +SHA512 (container-selinux.tgz) = 7b80c2c9abc4bf8521357d9fd03b28a26fd496eabe98b2a0076366cfa74435ef8e844999fe13aba350ec772428a504266f300b5470b59a6020a9bf1c5066d798 SHA512 (macro-expander) = 243ee49f1185b78ac47e56ca9a3f3592f8975fab1a2401c0fcc7f88217be614fe31805bacec602b728e7fcfc21dcc17d90e9a54ce87f3a0c97624d9ad885aea4 -SHA512 (container-selinux.tgz) = 0294ced7a954c32434e479b074b38c1763be6f55f037031f12d89ea920ec998e347ae08181e1e15198f6362e0a2314f27d071f9f0a48988d00bdcd9380691a76