diff --git a/.gitignore b/.gitignore index c41e76c0..041ee179 100644 --- a/.gitignore +++ b/.gitignore @@ -1,3 +1,3 @@ SOURCES/container-selinux.tgz -SOURCES/selinux-policy-5518ff0.tar.gz -SOURCES/selinux-policy-contrib-2877823.tar.gz +SOURCES/selinux-policy-426c028.tar.gz +SOURCES/selinux-policy-contrib-c6da44c.tar.gz diff --git a/.selinux-policy.metadata b/.selinux-policy.metadata index 453e80ca..d1100376 100644 --- a/.selinux-policy.metadata +++ b/.selinux-policy.metadata @@ -1,3 +1,3 @@ -14d54b0e1b85e9b1f95ac1f50220f521b87eac8a SOURCES/container-selinux.tgz -cab866f8c09924ed3665ee046f4f74f6ad0d2ba3 SOURCES/selinux-policy-5518ff0.tar.gz -39ec579b26adfdfe7bbd9a0ff9cff70bd8da714d SOURCES/selinux-policy-contrib-2877823.tar.gz +bbb33f1d3ec06ac961c111b66a324496cbe9768f SOURCES/container-selinux.tgz +8f77181d801751fdd49e7a537b291af8b455ed51 SOURCES/selinux-policy-426c028.tar.gz +84a66625f87ed784dc752c76eca051d058abfa8d SOURCES/selinux-policy-contrib-c6da44c.tar.gz diff --git a/SPECS/selinux-policy.spec b/SPECS/selinux-policy.spec index 0e1284b1..0ee5c6bd 100644 --- a/SPECS/selinux-policy.spec +++ b/SPECS/selinux-policy.spec @@ -1,11 +1,11 @@ # github repo with selinux-policy base sources %global git0 https://github.com/fedora-selinux/selinux-policy -%global commit0 5518ff0abd88777d0a28600d4f6e89489a3c2905 +%global commit0 426c028e3d055a6ae74f8bf7cc92107f3e43a5ea %global shortcommit0 %(c=%{commit0}; echo ${c:0:7}) # github repo with selinux-policy contrib sources %global git1 https://github.com/fedora-selinux/selinux-policy-contrib -%global commit1 28778236d14c26540b43d2b446221cb0c2c9eac0 +%global commit1 c6da44cc670eb76341a756f7d338e60cfa7cd8ac %global shortcommit1 %(c=%{commit1}; echo ${c:0:7}) %define distro redhat @@ -29,7 +29,7 @@ Summary: SELinux policy configuration Name: selinux-policy Version: 3.14.3 -Release: 115%{?dist} +Release: 117%{?dist} License: GPLv2+ Source: %{git0}/archive/%{commit0}/%{name}-%{shortcommit0}.tar.gz Source29: %{git1}/archive/%{commit1}/%{name}-contrib-%{shortcommit1}.tar.gz @@ -717,6 +717,27 @@ exit 0 %endif %changelog +* Thu Feb 16 2023 Zdenek Pytela - 3.14.3-117 +- Fix opencryptoki file names in /dev/shm +Resolves: rhbz#2028637 +- Allow system_cronjob_t transition to rpm_script_t +Resolves: rhbz#2154242 +- Revert "Allow system_cronjob_t domtrans to rpm_script_t" +Resolves: rhbz#2154242 +- Allow httpd work with tokens in /dev/shm +Resolves: rhbz#2028637 +- Allow keepalived to set resource limits +Resolves: rhbz#2168638 +- Allow insights-client manage fsadm pid files + +* Thu Feb 09 2023 Zdenek Pytela - 3.14.3-116 +- Allow sysadm_t run initrc_t script and sysadm_r role access +Resolves: rhbz#2039662 +- Allow insights-client manage fsadm pid files +Resolves: rhbz#2166802 +- Add journalctl the sys_resource capability +Resolves: rhbz#2136189 + * Thu Jan 26 2023 Zdenek Pytela - 3.14.3-115 - Fix syntax problem in redis.te Resolves: rhbz#2112228