From 29a520ae2479a92ea687cc76038e093fc6f914b6 Mon Sep 17 00:00:00 2001 From: Zdenek Pytela Date: Wed, 11 May 2022 20:55:03 +0200 Subject: [PATCH] * Wed May 11 2022 Zdenek Pytela - 34.1.32-1 - Dontaudit guest attempts to dbus chat with systemd domains Resolves: rhbz#2062740 - Dontaudit guest attempts to dbus chat with system bus types Resolves: rhbz#2062740 - Fix users for SELinux userspace 3.4 Resolves: rhbz#2079290 - Removed adding to attribute unpriv_userdomain from userdom_unpriv_type template Resolves: rhbz#2076681 - Allow systemd-sleep get removable devices attributes Resolves: rhbz#2082404 - Allow systemd-sleep tlp_filetrans_named_content() Resolves: rhbz#2082404 - Allow systemd-sleep execute generic programs Resolves: rhbz#2082404 - Allow systemd-sleep execute shell Resolves: rhbz#2082404 - Allow systemd-sleep transition to sysstat_t Resolves: rhbz#2082404 - Allow systemd-sleep transition to tlp_t Resolves: rhbz#2082404 - Allow systemd-sleep transition to unconfined_service_t on bin_t executables Resolves: rhbz#2082404 - allow systemd-sleep to set timer for suspend-then-hibernate Resolves: rhbz#2082404 - Add default fc specifications for patterns in /opt Resolves: rhbz#2081059 - Use a named transition in systemd_hwdb_manage_config() Resolves: rhbz#2061725 --- selinux-policy.spec | 38 ++++++++++++++++++++++++++++++++++---- sources | 4 ++-- 2 files changed, 36 insertions(+), 6 deletions(-) diff --git a/selinux-policy.spec b/selinux-policy.spec index 602ca097..d78e9e6c 100644 --- a/selinux-policy.spec +++ b/selinux-policy.spec @@ -1,6 +1,6 @@ # github repo with selinux-policy sources %global giturl https://github.com/fedora-selinux/selinux-policy -%global commit f7b081154344e0f52a4e8bda80650ebce8d1990c +%global commit f26b0a685013e359a7a4e513f821399ed4147e52 %global shortcommit %(c=%{commit}; echo ${c:0:7}) %define distro redhat @@ -23,8 +23,8 @@ %define CHECKPOLICYVER 3.2 Summary: SELinux policy configuration Name: selinux-policy -Version: 34.1.31 -Release: 2%{?dist} +Version: 34.1.32 +Release: 1%{?dist} License: GPLv2+ Source: %{giturl}/archive/%{commit}/%{name}-%{shortcommit}.tar.gz Source1: modules-targeted-base.conf @@ -794,8 +794,38 @@ exit 0 %endif %changelog +* Wed May 11 2022 Zdenek Pytela - 34.1.32-1 +- Dontaudit guest attempts to dbus chat with systemd domains +Resolves: rhbz#2062740 +- Dontaudit guest attempts to dbus chat with system bus types +Resolves: rhbz#2062740 +- Fix users for SELinux userspace 3.4 +Resolves: rhbz#2079290 +- Removed adding to attribute unpriv_userdomain from userdom_unpriv_type template +Resolves: rhbz#2076681 +- Allow systemd-sleep get removable devices attributes +Resolves: rhbz#2082404 +- Allow systemd-sleep tlp_filetrans_named_content() +Resolves: rhbz#2082404 +- Allow systemd-sleep execute generic programs +Resolves: rhbz#2082404 +- Allow systemd-sleep execute shell +Resolves: rhbz#2082404 +- Allow systemd-sleep transition to sysstat_t +Resolves: rhbz#2082404 +- Allow systemd-sleep transition to tlp_t +Resolves: rhbz#2082404 +- Allow systemd-sleep transition to unconfined_service_t on bin_t executables +Resolves: rhbz#2082404 +- allow systemd-sleep to set timer for suspend-then-hibernate +Resolves: rhbz#2082404 +- Add default fc specifications for patterns in /opt +Resolves: rhbz#2081059 +- Use a named transition in systemd_hwdb_manage_config() +Resolves: rhbz#2061725 + * Wed May 04 2022 Nikola Knazekova - 34.1.31-2 -- new version +- Remove "v" from the package version * Mon May 02 2022 Nikola Knazekova - v34.1.31-1 - Label /var/run/machine-id as machineid_t diff --git a/sources b/sources index 0dced86b..be71cf2d 100644 --- a/sources +++ b/sources @@ -1,3 +1,3 @@ -SHA512 (selinux-policy-f7b0811.tar.gz) = d44fd6c8f4defb0c6bd26d7ebd0fb59da289a8e1c5fcc8740f4f6da0d30d368eec579f41d8d6fdcae737f2030f8f52cd6acc98fea62f129f46fe2f0919c62633 -SHA512 (container-selinux.tgz) = ddd502ef6bb6c1470094bafad9f914732a12aed81a26f80418acda35486c94f0d3de537ec15db3a1d77a129131dffad74b97178211630c77aba321b21ced7398 +SHA512 (selinux-policy-f26b0a6.tar.gz) = aa62de19e32a894bf0645cd55e608d5af2ce68b99b1cd69c76a2a672beb32533d8bf2db6dbdef74dc66136d091eb16096d0f20455173a0cd4ed3f362a00c2466 +SHA512 (container-selinux.tgz) = 5dd389abdb67390f6b0549f143cf9478e7c02c47f8bb369dff5a8faf97786fb84d15828857c6247e4b084f58eabb32654d1ee94c65d3a48a95ffe3fa0da500e0 SHA512 (macro-expander) = 243ee49f1185b78ac47e56ca9a3f3592f8975fab1a2401c0fcc7f88217be614fe31805bacec602b728e7fcfc21dcc17d90e9a54ce87f3a0c97624d9ad885aea4