* Fri Dec 10 2021 Zdenek Pytela <zpytela@redhat.com> - 35.7-1
- Allow systemd read unlabeled symbolic links - Label abrt-action-generate-backtrace with abrt_handle_event_exec_t - Allow dnsmasq watch /etc/dnsmasq.d directories - Allow rhsmcertd get attributes of tmpfs_t filesystems - Allow lldpd use an snmp subagent over a tcp socket - Allow xdm watch generic directories in /var/lib - Allow login_userdomain open/read/map system journal - Allow sysadm_t connect to cluster domains over a unix stream socket - Allow sysadm_t read/write pkcs shared memory segments - Allow sysadm_t connect to sanlock over a unix stream socket - Allow sysadm_t dbus chat with sssd - Allow sysadm_t set attributes on character device nodes - Allow sysadm_t read and write watchdog devices - Allow smbcontrol use additional socket types - Allow cloud-init dbus chat with systemd-logind - Allow svnserve send mail from the system - Update userdom_exec_user_tmp_files() with an entrypoint rule - Allow sudodomain send a null signal to sshd processes
This commit is contained in:
parent
16445dca46
commit
4bbbba4fda
@ -1,6 +1,6 @@
|
|||||||
# github repo with selinux-policy sources
|
# github repo with selinux-policy sources
|
||||||
%global giturl https://github.com/fedora-selinux/selinux-policy
|
%global giturl https://github.com/fedora-selinux/selinux-policy
|
||||||
%global commit 6a6fff9f00a02723d3a9c58e892e12a527df8efa
|
%global commit 07b06a7f6cb1f41b92de5d29d21ac89c4d362457
|
||||||
%global shortcommit %(c=%{commit}; echo ${c:0:7})
|
%global shortcommit %(c=%{commit}; echo ${c:0:7})
|
||||||
|
|
||||||
%define distro redhat
|
%define distro redhat
|
||||||
@ -23,7 +23,7 @@
|
|||||||
%define CHECKPOLICYVER 3.2
|
%define CHECKPOLICYVER 3.2
|
||||||
Summary: SELinux policy configuration
|
Summary: SELinux policy configuration
|
||||||
Name: selinux-policy
|
Name: selinux-policy
|
||||||
Version: 35.6
|
Version: 35.7
|
||||||
Release: 1%{?dist}
|
Release: 1%{?dist}
|
||||||
License: GPLv2+
|
License: GPLv2+
|
||||||
Source: %{giturl}/archive/%{commit}/%{name}-%{shortcommit}.tar.gz
|
Source: %{giturl}/archive/%{commit}/%{name}-%{shortcommit}.tar.gz
|
||||||
@ -808,6 +808,26 @@ exit 0
|
|||||||
%endif
|
%endif
|
||||||
|
|
||||||
%changelog
|
%changelog
|
||||||
|
* Fri Dec 10 2021 Zdenek Pytela <zpytela@redhat.com> - 35.7-1
|
||||||
|
- Allow systemd read unlabeled symbolic links
|
||||||
|
- Label abrt-action-generate-backtrace with abrt_handle_event_exec_t
|
||||||
|
- Allow dnsmasq watch /etc/dnsmasq.d directories
|
||||||
|
- Allow rhsmcertd get attributes of tmpfs_t filesystems
|
||||||
|
- Allow lldpd use an snmp subagent over a tcp socket
|
||||||
|
- Allow xdm watch generic directories in /var/lib
|
||||||
|
- Allow login_userdomain open/read/map system journal
|
||||||
|
- Allow sysadm_t connect to cluster domains over a unix stream socket
|
||||||
|
- Allow sysadm_t read/write pkcs shared memory segments
|
||||||
|
- Allow sysadm_t connect to sanlock over a unix stream socket
|
||||||
|
- Allow sysadm_t dbus chat with sssd
|
||||||
|
- Allow sysadm_t set attributes on character device nodes
|
||||||
|
- Allow sysadm_t read and write watchdog devices
|
||||||
|
- Allow smbcontrol use additional socket types
|
||||||
|
- Allow cloud-init dbus chat with systemd-logind
|
||||||
|
- Allow svnserve send mail from the system
|
||||||
|
- Update userdom_exec_user_tmp_files() with an entrypoint rule
|
||||||
|
- Allow sudodomain send a null signal to sshd processes
|
||||||
|
|
||||||
* Fri Nov 19 2021 Zdenek Pytela <zpytela@redhat.com> - 35.6-1
|
* Fri Nov 19 2021 Zdenek Pytela <zpytela@redhat.com> - 35.6-1
|
||||||
- Allow PID 1 and dbus-broker IPC with a systemd user session
|
- Allow PID 1 and dbus-broker IPC with a systemd user session
|
||||||
- Allow rpmdb read generic SSL certificates
|
- Allow rpmdb read generic SSL certificates
|
||||||
|
4
sources
4
sources
@ -1,3 +1,3 @@
|
|||||||
SHA512 (selinux-policy-6a6fff9.tar.gz) = 38513820fa6d0f4ae333e00603b7aaefe19b060cc332d1a97b16a8903f9ee1843899d871ec075f7551dc5a1a3dbb2a9f7fc5162c32e1fb48560ce7d1bb250f0c
|
SHA512 (selinux-policy-07b06a7.tar.gz) = 1d22662676b47b0b603fb10cfed5490a935108048119ee558f7969d262a879d6c1f2c9edd848901b5d3275381f852d529ee23008fc3e3b78871f1cd60977a317
|
||||||
SHA512 (container-selinux.tgz) = 0f203fe39e2b277a3fcb1f10e428795e085393f1d6fc121ce5dd5d9529e61ec405258e2900beded296072f1678893efe53c35b4c92a430d4ee8e9b378262bbb4
|
SHA512 (container-selinux.tgz) = 1fb86e0e99fbc097c2dc4d84827121d4abd9f622b921c8f39e6c4f6ea58c12ffeff78f7b7cad460111b446821613a34281289c2f55549ec89152d49280fb4783
|
||||||
SHA512 (macro-expander) = 243ee49f1185b78ac47e56ca9a3f3592f8975fab1a2401c0fcc7f88217be614fe31805bacec602b728e7fcfc21dcc17d90e9a54ce87f3a0c97624d9ad885aea4
|
SHA512 (macro-expander) = 243ee49f1185b78ac47e56ca9a3f3592f8975fab1a2401c0fcc7f88217be614fe31805bacec602b728e7fcfc21dcc17d90e9a54ce87f3a0c97624d9ad885aea4
|
||||||
|
Loading…
Reference in New Issue
Block a user