diff --git a/.gitignore b/.gitignore index 3430b856..e9e8f371 100644 --- a/.gitignore +++ b/.gitignore @@ -302,3 +302,5 @@ serefpolicy* /selinux-policy-contrib-f0ca657.tar.gz /selinux-policy-contrib-6bfaa82.tar.gz /selinux-policy-e08b2da.tar.gz +/selinux-policy-8555de5.tar.gz +/selinux-policy-contrib-ab97c9d.tar.gz diff --git a/selinux-policy.spec b/selinux-policy.spec index 2ad750d8..d67a9553 100644 --- a/selinux-policy.spec +++ b/selinux-policy.spec @@ -1,11 +1,11 @@ # github repo with selinux-policy base sources %global git0 https://github.com/fedora-selinux/selinux-policy -%global commit0 cf5a654b7ac989a686044cb450cf5856e763f4d5 +%global commit0 8555de535032724934dbb7fb0d592c4345fa4c28 %global shortcommit0 %(c=%{commit0}; echo ${c:0:7}) # github repo with selinux-policy contrib sources %global git1 https://github.com/fedora-selinux/selinux-policy-contrib -%global commit1 e60295e6037f32dc30a47ef7b77549dade16f7ef +%global commit1 ab97c9dae9ef424a61dd503c5e139c7b099f6b34 %global shortcommit1 %(c=%{commit1}; echo ${c:0:7}) %define distro redhat @@ -29,7 +29,7 @@ Summary: SELinux policy configuration Name: selinux-policy Version: 3.14.2 -Release: 31%{?dist} +Release: 32%{?dist} License: GPLv2+ Group: System Environment/Base Source: %{git0}/archive/%{commit0}/%{name}-%{shortcommit0}.tar.gz @@ -709,6 +709,22 @@ exit 0 %endif %changelog +* Fri Aug 10 2018 Lukas Vrabec - 3.14.2-32 +- Fix issue with aliases in apache interface file +- Add same context for symlink as binary +- Allow boltd_t to send logs to journal +- Allow colord_use_nfs to allow colord also mmap nfs_t files +- Allow mysqld_safe_t do execute itself +- Allow smbd_t domain to chat via dbus with avahi daemon +- cupsd_t domain will create /etc/cupsd/ppd as cupsd_etc_rw_t +- Update screen_role_template to allow caller domain to have screen_exec_t as entrypoint do new domain +- Add alias httpd__script_t to _script_t to make sepolicy generate working +- Allow gpg_t domain to mmap gpg_agent_tmp_t files +- label /var/lib/pgsql/data/log as postgresql_log_t +- Allow sysadm_t domain to accept socket +- Allow systemd to manage passwd_file_t +- Allow sshd_t domain to mmap user_tmp_t files + * Tue Aug 07 2018 Lukas Vrabec - 3.14.2-31 - Allow kprop_t domain to read network state - Add support boltd policy diff --git a/sources b/sources index b3e94ab5..c50acefd 100644 --- a/sources +++ b/sources @@ -1,3 +1,3 @@ -SHA512 (selinux-policy-cf5a654.tar.gz) = bb9e69869672a2ba70c94bbbd361da63a39367cd35f30daa8d5afbe60f1800f23252e56df564ee9c404b8e6a9130c57b559c666fc3c264e182f5751d47afb36d -SHA512 (selinux-policy-contrib-e60295e.tar.gz) = 95b51f55da5cd006b31f2fed0a9043241e68b606b5176c5b0912f5a311b3dd02277c26d35dbb97cf52faaae169b3fb5cdabfbbcdb5927a3f155985321182e3aa -SHA512 (container-selinux.tgz) = 3057e92810c56c22aebf34d06623176615f61c0e5778273f34894ed4fdd8ce89d0ac525e66dd26fe09542741f5b12135d6a21d102d058aeab85df7fb15a626a7 +SHA512 (selinux-policy-8555de5.tar.gz) = 508749e491a927287f654ca43112c8f52ebee6e1d18b06dcbbd1271bc0f47a95332620bfa812b1562eacf3457ce5ad3d072d518919737e5ef1f691cb2788e99e +SHA512 (selinux-policy-contrib-ab97c9d.tar.gz) = eb2b41519b8f9512263c786b88f6a5cc8be43d419dceb2f1528f03018203226d4659993ab1cc135a509be5b41568ce33590026eddc8cd0184c49aedb30778b04 +SHA512 (container-selinux.tgz) = 9ea0c3d432d9f875f57daf0c1e5097f3ca93b029492a9a30446962550f0d87bb3781e8f65dbcdfd7fc14dd219ca74100aa73b936707a1c6fca0d6dfbcf4b4a40