* Mon Oct 18 2021 Zdenek Pytela <zpytela@redhat.com> - 35.2-1

- Allow fedora-third-party execute "flatpak remote-add"
- Add files_manage_var_lib_files() interface
- Add write permisson to userfaultfd_anon_inode_perms
- Allow proper function sosreport via iotop
- Allow proper function sosreport in sysadmin role
- Allow fedora-third-party to connect to the system log service
- Allow fedora-third-party dbus chat with policykit
- Allow chrony-wait service start with DynamicUser=yes
- Allow management of lnk_files if similar access to regular files
- Allow unconfined_t transition to mozilla_plugin_t with NoNewPrivileges
- Allow systemd-resolved watch /run/systemd
- Allow fedora-third-party create and use unix_dgram_socket
- Removing pkcs_tmpfs_filetrans interface and edit pkcs policy files
- Allow login_userdomain named filetrans to pkcs_slotd_tmpfs_t domain
This commit is contained in:
Zdenek Pytela 2021-10-18 14:30:50 +02:00
parent a38b01faa8
commit 510d46d44a
2 changed files with 21 additions and 4 deletions

View File

@ -1,6 +1,6 @@
# github repo with selinux-policy sources # github repo with selinux-policy sources
%global giturl https://github.com/fedora-selinux/selinux-policy %global giturl https://github.com/fedora-selinux/selinux-policy
%global commit d9870e9b28ccafd392d0ecef6cc5b0d807120fcc %global commit eecd3964f51de1404d343e3b0e6696f9774801d0
%global shortcommit %(c=%{commit}; echo ${c:0:7}) %global shortcommit %(c=%{commit}; echo ${c:0:7})
%define distro redhat %define distro redhat
@ -23,7 +23,7 @@
%define CHECKPOLICYVER 3.2 %define CHECKPOLICYVER 3.2
Summary: SELinux policy configuration Summary: SELinux policy configuration
Name: selinux-policy Name: selinux-policy
Version: 35.1 Version: 35.2
Release: 1%{?dist} Release: 1%{?dist}
License: GPLv2+ License: GPLv2+
Source: %{giturl}/archive/%{commit}/%{name}-%{shortcommit}.tar.gz Source: %{giturl}/archive/%{commit}/%{name}-%{shortcommit}.tar.gz
@ -808,6 +808,23 @@ exit 0
%endif %endif
%changelog %changelog
* Mon Oct 18 2021 Zdenek Pytela <zpytela@redhat.com> - 35.2-1
- Allow fedora-third-party execute "flatpak remote-add"
- Add files_manage_var_lib_files() interface
- Add write permisson to userfaultfd_anon_inode_perms
- Allow proper function sosreport via iotop
- Allow proper function sosreport in sysadmin role
- Allow fedora-third-party to connect to the system log service
- Allow fedora-third-party dbus chat with policykit
- Allow chrony-wait service start with DynamicUser=yes
- Allow management of lnk_files if similar access to regular files
- Allow unconfined_t transition to mozilla_plugin_t with NoNewPrivileges
- Allow systemd-resolved watch /run/systemd
- Allow fedora-third-party create and use unix_dgram_socket
- Removing pkcs_tmpfs_filetrans interface and edit pkcs policy files
- Allow login_userdomain named filetrans to pkcs_slotd_tmpfs_t domain
* Thu Oct 07 2021 Zdenek Pytela <zpytela@redhat.com> - 35.1-1 * Thu Oct 07 2021 Zdenek Pytela <zpytela@redhat.com> - 35.1-1
- Add fedoratp module - Add fedoratp module
- Allow xdm_t domain transition to fedoratp_t - Allow xdm_t domain transition to fedoratp_t

View File

@ -1,3 +1,3 @@
SHA512 (selinux-policy-d9870e9.tar.gz) = 11d50e8a39b00a8b2e31a4e624dcf607e953e0210a75a13e1e44252a9091c434019953af68653ee902128d7b09475846807ae72f4364d44120590b01cd363941 SHA512 (selinux-policy-eecd396.tar.gz) = 5d71462a578074ec243f9bb74ba2c980a4198150ca9fa3e6d245a8229747a190dfab4e9766e886f3f6aaa910f56aeab7574b532976dabc2f668a63b4373522c7
SHA512 (container-selinux.tgz) = d83bde7ec8f973b2626820efaea5b2a6d50b469e6149bb6cf8272a05d2e875d7c4b4c656b5d546a38ae875625dd4f2422947fc69652cf29291526b317d5d83a4 SHA512 (container-selinux.tgz) = dfbe108d821f4cb92f6b2069d7b50303909a8560a9d80f4b0fd065d268c1f7a7b0bfd26b91bad9b64c886aa4cc0e289fb17034f80129f7a19469ff5f1345eb21
SHA512 (macro-expander) = 243ee49f1185b78ac47e56ca9a3f3592f8975fab1a2401c0fcc7f88217be614fe31805bacec602b728e7fcfc21dcc17d90e9a54ce87f3a0c97624d9ad885aea4 SHA512 (macro-expander) = 243ee49f1185b78ac47e56ca9a3f3592f8975fab1a2401c0fcc7f88217be614fe31805bacec602b728e7fcfc21dcc17d90e9a54ce87f3a0c97624d9ad885aea4