From 4ee1dfc5d7561bc0efa1a44181fac76eeaeb7de5 Mon Sep 17 00:00:00 2001 From: Zdenek Pytela Date: Fri, 31 Jan 2020 10:53:24 +0100 Subject: [PATCH] * Fri Jan 31 2020 Zdenek Pytela - 3.14.5-23 - Allow thumb_t connect to system_dbusd_t BZ(1795044) - Allow saslauthd_t filetrans variable files for /tmp directory - Added apache create log dirs macro - Tiny documentation fix - Allow openfortivpn_t to manage net_conf_t files. - Introduce boolean openfortivpn_can_network_connect. - Dontaudit domain chronyd_t to list in user home dirs. - Allow init_t to create apache log dirs. - Add file transition for /dev/nvidia-uvm BZ(1770588) - Allow syslog_t to read efivarfs_t files - Add ioctl to term_dontaudit_use_ptmx macro - Update xserver_rw_session macro --- .gitignore | 2 ++ selinux-policy.spec | 20 +++++++++++++++++--- sources | 6 +++--- 3 files changed, 22 insertions(+), 6 deletions(-) diff --git a/.gitignore b/.gitignore index e2b08ab2..89e0e9d7 100644 --- a/.gitignore +++ b/.gitignore @@ -433,3 +433,5 @@ serefpolicy* /selinux-policy-contrib-cabad1f.tar.gz /selinux-policy-533b7be.tar.gz /selinux-policy-contrib-be783bd.tar.gz +/selinux-policy-9e0b4dd.tar.gz +/selinux-policy-contrib-f23171a.tar.gz diff --git a/selinux-policy.spec b/selinux-policy.spec index 2edc4b85..18586029 100644 --- a/selinux-policy.spec +++ b/selinux-policy.spec @@ -1,11 +1,11 @@ # github repo with selinux-policy base sources %global git0 https://github.com/fedora-selinux/selinux-policy -%global commit0 533b7be0d2b9f6ad895b36cedb2d010ee8be9c03 +%global commit0 9e0b4dd06e1de366a0ca53e879bf3069a64b654b %global shortcommit0 %(c=%{commit0}; echo ${c:0:7}) # github repo with selinux-policy contrib sources %global git1 https://github.com/fedora-selinux/selinux-policy-contrib -%global commit1 be783bd4b9aa52ed0bbb5555128659a3e1c91410 +%global commit1 f23171a07d8668859906e4e0d9df1171a8e4f183 %global shortcommit1 %(c=%{commit1}; echo ${c:0:7}) %define distro redhat @@ -29,7 +29,7 @@ Summary: SELinux policy configuration Name: selinux-policy Version: 3.14.5 -Release: 22%{?dist} +Release: 23%{?dist} License: GPLv2+ Source: %{git0}/archive/%{commit0}/%{name}-%{shortcommit0}.tar.gz Source29: %{git1}/archive/%{commit1}/%{name}-contrib-%{shortcommit1}.tar.gz @@ -772,6 +772,20 @@ exit 0 %endif %changelog +* Fri Jan 31 2020 Zdenek Pytela - 3.14.5-23 +- Allow thumb_t connect to system_dbusd_t BZ(1795044) +- Allow saslauthd_t filetrans variable files for /tmp directory +- Added apache create log dirs macro +- Tiny documentation fix +- Allow openfortivpn_t to manage net_conf_t files. +- Introduce boolean openfortivpn_can_network_connect. +- Dontaudit domain chronyd_t to list in user home dirs. +- Allow init_t to create apache log dirs. +- Add file transition for /dev/nvidia-uvm BZ(1770588) +- Allow syslog_t to read efivarfs_t files +- Add ioctl to term_dontaudit_use_ptmx macro +- Update xserver_rw_session macro + * Thu Jan 30 2020 Fedora Release Engineering - 3.14.5-22 - Rebuilt for https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild diff --git a/sources b/sources index a414b9c0..d435de84 100644 --- a/sources +++ b/sources @@ -1,4 +1,4 @@ -SHA512 (selinux-policy-533b7be.tar.gz) = 07a1e523e3a2b4ba87ff5c97eda96bcf018669dd2feca6997df3ccecb221410a85f49fde45a90b460c650595ed9385b3024d3654010f760b3a74783ef3e5e0f7 -SHA512 (selinux-policy-contrib-be783bd.tar.gz) = 760f86bc1ebc7380d15657e064bee9a889e5958c5a96247aef79f2ccd886ab8b48289d8fe83a037d5da91baf96129cde2dfa5971f5ea262d46916efffcd371f1 -SHA512 (container-selinux.tgz) = 05a4576ed8dfd670fc008da05f569c4be4e044b9c5c7a12511e4844e86932d9c6f04260bf3e766be59a67d1791b345edb93ff7d73b70b243f078962f6be37b98 +SHA512 (selinux-policy-9e0b4dd.tar.gz) = 8c8ba2928c4ec963af00d61601b63a9353633ec6cf822715449907a7dcd332fe5cf174ba297648671729c64aea4866b69af4767f3844cf3746befd5a3ae84f4c +SHA512 (selinux-policy-contrib-f23171a.tar.gz) = 556875e5bc51845e47459880e39aa9d0c1f231b0e4be8bdd3c660b43fbd6beced8e87d22c903242f55204bf2d0d79871dea75b3c0a211114fd5b82a60785b44e +SHA512 (container-selinux.tgz) = bf61bd712f665216911e0189f8041669874b8ee8f35c693ee053202ddec618f609160385d54d3a8553aa8d3431d4e851a676b70bb5362c69527b5b98bd1b7c3b SHA512 (macro-expander) = 243ee49f1185b78ac47e56ca9a3f3592f8975fab1a2401c0fcc7f88217be614fe31805bacec602b728e7fcfc21dcc17d90e9a54ce87f3a0c97624d9ad885aea4