* Thu May 13 2021 Zdenek Pytela <zpytela@redhat.com> - 34.7-1

- Allow tgtd read and write infiniband devices - Add a comment on virt_sandbox booleans with empty content - Deprecate duplicate dev_write_generic_sock_files() interface - Allow vnstatd_t map vnstatd_var_lib_t files - Allow privoxy execmem - Allow pmdakvm read information from the debug filesystem - Add lockdown integrity into kernel_read_debugfs() and kernel_manage_debugfs() - Add permissions to delete lnk_files into gnome_delete_home_config() - Remove rules for inotifyfs - Remove rules for anon_inodefs - Allow systemd nnp_transition to login_userdomain - Allow unconfined_t write other processes perf_event records - Allow sysadm_t dbus chat with tuned - Allow tuned write profile files with file transition - Allow tuned manage perf_events - Make domains use kernel_write_perf_event() and kernel_manage_perf_event()
2021-05-13 18:42:35 +02:00 · 2021-05-13 18:42:35 +02:00 · 30f8c042ae
commit 30f8c042ae
parent 4fecc6469f
2 changed files with 23 additions and 4 deletions
--- a/selinux-policy.spec
+++ b/selinux-policy.spec
@ -1,6 +1,6 @@
 # github repo with selinux-policy sources
 %global giturl https://github.com/fedora-selinux/selinux-policy
-%global commit bc7eb6f794d670d25b569571042eae390cbc7617
+%global commit c05289b0d8ff717db3a9f5b9ca249c180f8fd7fc
 %global shortcommit %(c=%{commit}; echo ${c:0:7})

 %define distro redhat
@ -23,7 +23,7 @@
 %define CHECKPOLICYVER 3.2
 Summary: SELinux policy configuration
 Name: selinux-policy
-Version: 34.6
+Version: 34.7
 Release: 1%{?dist}
 License: GPLv2+
 Source: %{giturl}/archive/%{commit}/%{name}-%{shortcommit}.tar.gz
@ -796,6 +796,25 @@ exit 0
 %endif

 %changelog
+* Thu May 13 2021 Zdenek Pytela <zpytela@redhat.com> - 34.7-1
+- Allow tgtd read and write infiniband devices
+- Add a comment on virt_sandbox booleans with empty content
+- Deprecate duplicate dev_write_generic_sock_files() interface
+- Allow vnstatd_t map vnstatd_var_lib_t files
+- Allow privoxy execmem
+- Allow pmdakvm read information from the debug filesystem
+- Add lockdown integrity into kernel_read_debugfs() and kernel_manage_debugfs()
+- Add permissions to delete lnk_files into gnome_delete_home_config()
+- Remove rules for inotifyfs
+- Remove rules for anon_inodefs
+- Allow systemd nnp_transition to login_userdomain
+- Allow unconfined_t write other processes perf_event records
+- Allow sysadm_t dbus chat with tuned
+- Allow tuned write profile files with file transition
+- Allow tuned manage perf_events
+- Make domains use kernel_write_perf_event() and kernel_manage_perf_event()
+
+
 * Fri May 07 2021 Zdenek Pytela <zpytela@redhat.com> - 34.6-1
 - Make domains use kernel_write_perf_event() and kernel_manage_perf_event()
 - Add kernel_write_perf_event() and kernel_manage_perf_event()
--- a/4
+++ b/4
@ -1,3 +1,3 @@
-SHA512 (selinux-policy-bc7eb6f.tar.gz) = ad49b941b73ff438456e1bd3197a223ad6592d26b2dd00c7c117f80d4af9e80b1fde2ed6b85bd69e31d30d4e566eefc9cf831b5f66f70b499c82dd938eb5a8fc
-SHA512 (container-selinux.tgz) = 0975e9b14f89b290aa2a8c3836c50a58d88da5a368653ceabbdbc83f475916f3ec34268d02052f973d5a9395070e1316ecaea41a4f9622ae87e5a748632aad6b
+SHA512 (selinux-policy-c05289b.tar.gz) = 832c39708de4ee2377060208d9e34b79eaabf06fc499cf12e44de024a01d699cc3112e0a6cf8546e1ea2b84d9b14a82436475f7a4c504fad5b513453789fa6ab
+SHA512 (container-selinux.tgz) = f30af7eff4c12132b13bd702cc05def93f0f01a8717e3a62a99b37fb85c256006cd90557c664d74f61a508cd28505540bca35ffcefdf67dce67b3e43a6998be6
 SHA512 (macro-expander) = 243ee49f1185b78ac47e56ca9a3f3592f8975fab1a2401c0fcc7f88217be614fe31805bacec602b728e7fcfc21dcc17d90e9a54ce87f3a0c97624d9ad885aea4