* Fri Mar 03 2023 Zdenek Pytela <zpytela@redhat.com> - 38.8-1
- Confine gnome-initial-setup - Allow qemu-guest-agent create and use vsock socket - Allow login_pgm setcap permission - Allow chronyc read network sysctls - Enhancement of the /usr/sbin/request-key helper policy - Fix opencryptoki file names in /dev/shm - Allow system_cronjob_t transition to rpm_script_t - Revert "Allow system_cronjob_t domtrans to rpm_script_t" - Add tunable to allow squid bind snmp port - Allow staff_t getattr init pid chr & blk files and read krb5 - Allow firewalld to rw z90crypt device - Allow httpd work with tokens in /dev/shm - Allow svirt to map svirt_image_t char files - Allow sysadm_t run initrc_t script and sysadm_r role access - Allow insights-client manage fsadm pid files
This commit is contained in:
parent
0d20c35838
commit
4a6ce4bf1f
@ -1,6 +1,6 @@
|
||||
# github repo with selinux-policy sources
|
||||
%global giturl https://github.com/fedora-selinux/selinux-policy
|
||||
%global commit fe62ff64ca224f40cffb1ebe12e282a6d101e2b9
|
||||
%global commit bc228bd0c249a9e4aa3dcf238c2b1bb138943b07
|
||||
%global shortcommit %(c=%{commit}; echo ${c:0:7})
|
||||
|
||||
%define distro redhat
|
||||
@ -23,7 +23,7 @@
|
||||
%define CHECKPOLICYVER 3.2
|
||||
Summary: SELinux policy configuration
|
||||
Name: selinux-policy
|
||||
Version: 38.7
|
||||
Version: 38.8
|
||||
Release: 1%{?dist}
|
||||
License: GPL-2.0-or-later
|
||||
Source: %{giturl}/archive/%{commit}/%{name}-%{shortcommit}.tar.gz
|
||||
@ -813,6 +813,23 @@ exit 0
|
||||
%endif
|
||||
|
||||
%changelog
|
||||
* Fri Mar 03 2023 Zdenek Pytela <zpytela@redhat.com> - 38.8-1
|
||||
- Confine gnome-initial-setup
|
||||
- Allow qemu-guest-agent create and use vsock socket
|
||||
- Allow login_pgm setcap permission
|
||||
- Allow chronyc read network sysctls
|
||||
- Enhancement of the /usr/sbin/request-key helper policy
|
||||
- Fix opencryptoki file names in /dev/shm
|
||||
- Allow system_cronjob_t transition to rpm_script_t
|
||||
- Revert "Allow system_cronjob_t domtrans to rpm_script_t"
|
||||
- Add tunable to allow squid bind snmp port
|
||||
- Allow staff_t getattr init pid chr & blk files and read krb5
|
||||
- Allow firewalld to rw z90crypt device
|
||||
- Allow httpd work with tokens in /dev/shm
|
||||
- Allow svirt to map svirt_image_t char files
|
||||
- Allow sysadm_t run initrc_t script and sysadm_r role access
|
||||
- Allow insights-client manage fsadm pid files
|
||||
|
||||
* Wed Feb 08 2023 Zdenek Pytela <zpytela@redhat.com> - 38.7-1
|
||||
- Allowing snapper to create snapshots of /home/ subvolume/partition
|
||||
- Add boolean qemu-ga to run unconfined script
|
||||
@ -846,8 +863,8 @@ exit 0
|
||||
- Allow icecast rename its log files
|
||||
- Allow upsd to send signal to itself
|
||||
- Allow wireguard to create udp sockets and read net_conf
|
||||
- Use %autosetup instead of %setup
|
||||
- Pass -p 1 to %autosetup
|
||||
- Use '%autosetup' instead of '%setup'
|
||||
- Pass -p 1 to '%autosetup'
|
||||
|
||||
* Sat Jan 21 2023 Fedora Release Engineering <releng@fedoraproject.org> - 38.5-2
|
||||
- Rebuilt for https://fedoraproject.org/wiki/Fedora_38_Mass_Rebuild
|
||||
|
4
sources
4
sources
@ -1,3 +1,3 @@
|
||||
SHA512 (selinux-policy-fe62ff6.tar.gz) = 175f8fdb9954b032dbb24668b3df77a423bd49b26b502b547e2a11dcb85999a14249a2cb9222aab641d07eb1532bcb8984565fb5232b519f46c176aff34865ff
|
||||
SHA512 (container-selinux.tgz) = 54093a9a8a524e13388ecfc55679121fe18a3588c655fb7d326b226a21ae0b6dbc1aa9cb5ad10ab6149bd88326b2312c3522d22f41c8be151b68ab9a08d31bbe
|
||||
SHA512 (selinux-policy-bc228bd.tar.gz) = 4966196ed89433ea0d146719bfcfa970c774d360ed45a413973851a0aaae940b8a16277a972852b7ff4df1d07bbc1ee012ff705c861ec62ecc3ae0d9efaad832
|
||||
SHA512 (container-selinux.tgz) = 3402d47f99449a7ea83ae7588e7506f72c7a85f9772d3133a62a165e883c216fe5b8c6d658f9f982fabc00788647dbd57684a69e287cba7d8e2ff2227f69c042
|
||||
SHA512 (macro-expander) = 243ee49f1185b78ac47e56ca9a3f3592f8975fab1a2401c0fcc7f88217be614fe31805bacec602b728e7fcfc21dcc17d90e9a54ce87f3a0c97624d9ad885aea4
|
||||
|
Loading…
Reference in New Issue
Block a user