Merged update from upstream sources

This is an automated DistroBaker update from upstream sources.
If you do not know what this is about or would like to opt out,
contact the OSCI team.

Source: https://src.fedoraproject.org/rpms/selinux-policy.git#7d544924d94f99f4e8c9ee3c995d131c8c6be206
This commit is contained in:
DistroBaker 2021-02-20 17:32:55 +00:00
parent 7d8a7d8d32
commit 4508ded93f
2 changed files with 24 additions and 4 deletions

View File

@ -1,6 +1,6 @@
# github repo with selinux-policy sources
%global giturl https://github.com/fedora-selinux/selinux-policy
%global commit e4ea1e13059ac475c3f012a3f58cbf0b0e554164
%global commit 30654cfd4d8c2949d8c5c2c5b56655045ae3c7b7
%global shortcommit %(c=%{commit}; echo ${c:0:7})
%define distro redhat
@ -24,7 +24,7 @@
Summary: SELinux policy configuration
Name: selinux-policy
Version: 3.14.7
Release: 21%{?dist}
Release: 22%{?dist}
License: GPLv2+
Source: %{giturl}/archive/%{commit}/%{name}-%{shortcommit}.tar.gz
Source1: modules-targeted-base.conf
@ -792,6 +792,26 @@ exit 0
%endif
%changelog
* Fri Feb 19 2021 Zdenek Pytela <zpytela@redhat.com> - 3.14.7-22
- Allow systemd-sleep get attributes of fixed disk device nodes
- Complete initial policy for systemd-coredump
- Label SDC(scini) Dell Driver
- Allow upowerd to send syslog messages
- Remove the disk write permissions from tlp_t
- Label NVMe devices as fixed_disk_device_t
- Allow rhsmcertd bind tcp sockets to a generic node
- Allow systemd-importd manage machines.lock file
- Allow unconfined integrity lockdown permission
- Relocate confidentiality lockdown rule from unconfined_domain_type to unconfined
- Allow systemd-machined manage systemd-userdbd runtime sockets
- Enable systemd-sysctl domtrans for udev
- Introduce kernel_load_unsigned_module interface and use it for couple domains
- Allow gpg watch user gpg secrets dirs
- Build also the container module in CI
- Remove duplicate code from kernel.te
- Allow restorecond to watch all non-auth directories
- Allow restorecond to watch its config file
* Tue Feb 16 2021 Zdenek Pytela <zpytela@redhat.com> - 3.14.7-21
- Allow unconfined integrity lockdown permission
- Relocate confidentiality lockdown rule from unconfined_domain_type to unconfined

View File

@ -1,3 +1,3 @@
SHA512 (selinux-policy-e4ea1e1.tar.gz) = a672247aa1de8111062dac3e37ca5840e548175740eccb65ebe92bc6d3477227c0119981b3411491d100af601468c876f68de6ec02fbdfcb07ea7e276aa6cffb
SHA512 (container-selinux.tgz) = dd7b52f74d44047f0e6ceea1a10755eae2ac661660d2192ece0ceb4a9ae65ad580868f39718d3f7028b7d22eddde33440b9e1ef0f0260714daa21221ca701b41
SHA512 (selinux-policy-30654cf.tar.gz) = 99d0f364ec6e047391b026b2e64b53b763a17ecb742fb75cb39bb3fffe65f3f834506e0c7a35f8e4fb664ee60bf23e769fd7284ba041a3dd887d3074e8bce6a3
SHA512 (container-selinux.tgz) = 0bdf939a5c4f5ab4b973f8f9b39c3dd3fcebd3dc660428904c055bd78fc3af1603514c8f44fc16579e1e254cae052f44dbd89c395c02a09cfbf0dc2f7356848e
SHA512 (macro-expander) = 243ee49f1185b78ac47e56ca9a3f3592f8975fab1a2401c0fcc7f88217be614fe31805bacec602b728e7fcfc21dcc17d90e9a54ce87f3a0c97624d9ad885aea4