* Thu Aug 11 2022 Zdenek Pytela <zpytela@redhat.com> - 37.9-1
- Allow nm-dispatcher custom plugin dbus chat with nm - Allow nm-dispatcher sendmail plugin get status of systemd services - Allow xdm read the kernel key ring - Allow login_userdomain check status of mount units - Allow postfix/smtp and postfix/virtual read kerberos key table - Allow services execute systemd-notify - Do not allow login_userdomain use sd_notify() - Allow launch-xenstored read filesystem sysctls - Allow systemd-modules-load write to /dev/kmsg and send a message to syslogd - Allow openvswitch fsetid capability - Allow openvswitch use its private tmpfs files and dirs - Allow openvswitch search tracefs dirs - Allow pmdalinux read files on an nfsd filesystem - Allow winbind-rpcd write to winbind pid files - Allow networkmanager to signal unconfined process - Allow systemd_hostnamed label /run/systemd/* as hostnamed_etc_t - Allow samba-bgqd get a printer list - fix(init.fc): Fix section description - Allow fedora-third-party read the passwords file - Remove permissive domain for rhcd_t - Allow pmie read network state information and network sysctls - Revert "Dontaudit domain the fowner capability" - Allow sysadm_t to run bpftool on the userdomain attribute - Add the userdom_prog_run_bpf_userdomain() interface - Allow insights-client rpm named file transitions - Add /var/tmp/insights-archive to insights_client_filetrans_named_content
This commit is contained in:
Zdenek Pytela
parent
1ccfff1aa1
commit
5ac843b27b
@ -1,6 +1,6 @@
|
||||
# github repo with selinux-policy sources
|
||||
%global giturl https://github.com/fedora-selinux/selinux-policy
|
||||
%global commit 732080208e6841a86d7b19710602ae7f749f224d
|
||||
%global commit 74a82f55c34a26e138d8ba4577a349e302ee0a1e
|
||||
%global shortcommit %(c=%{commit}; echo ${c:0:7})
|
||||
|
||||
%define distro redhat
|
||||
@ -23,7 +23,7 @@
|
||||
%define CHECKPOLICYVER 3.2
|
||||
Summary: SELinux policy configuration
|
||||
Name: selinux-policy
|
||||
Version: 37.8
|
||||
Version: 37.9
|
||||
Release: 1%{?dist}
|
||||
License: GPLv2+
|
||||
Source: %{giturl}/archive/%{commit}/%{name}-%{shortcommit}.tar.gz
|
||||
@ -816,6 +816,34 @@ exit 0
|
||||
%endif
|
||||
|
||||
%changelog
|
||||
* Thu Aug 11 2022 Zdenek Pytela <zpytela@redhat.com> - 37.9-1
|
||||
- Allow nm-dispatcher custom plugin dbus chat with nm
|
||||
- Allow nm-dispatcher sendmail plugin get status of systemd services
|
||||
- Allow xdm read the kernel key ring
|
||||
- Allow login_userdomain check status of mount units
|
||||
- Allow postfix/smtp and postfix/virtual read kerberos key table
|
||||
- Allow services execute systemd-notify
|
||||
- Do not allow login_userdomain use sd_notify()
|
||||
- Allow launch-xenstored read filesystem sysctls
|
||||
- Allow systemd-modules-load write to /dev/kmsg and send a message to syslogd
|
||||
- Allow openvswitch fsetid capability
|
||||
- Allow openvswitch use its private tmpfs files and dirs
|
||||
- Allow openvswitch search tracefs dirs
|
||||
- Allow pmdalinux read files on an nfsd filesystem
|
||||
- Allow winbind-rpcd write to winbind pid files
|
||||
- Allow networkmanager to signal unconfined process
|
||||
- Allow systemd_hostnamed label /run/systemd/* as hostnamed_etc_t
|
||||
- Allow samba-bgqd get a printer list
|
||||
- fix(init.fc): Fix section description
|
||||
- Allow fedora-third-party read the passwords file
|
||||
- Remove permissive domain for rhcd_t
|
||||
- Allow pmie read network state information and network sysctls
|
||||
- Revert "Dontaudit domain the fowner capability"
|
||||
- Allow sysadm_t to run bpftool on the userdomain attribute
|
||||
- Add the userdom_prog_run_bpf_userdomain() interface
|
||||
- Allow insights-client rpm named file transitions
|
||||
- Add /var/tmp/insights-archive to insights_client_filetrans_named_content
|
||||
|
||||
* Mon Aug 01 2022 Zdenek Pytela <zpytela@redhat.com> - 37.8-1
|
||||
- Allow sa-update to get init status and start systemd files
|
||||
- Use insights_client_filetrans_named_content
|
||||
|
||||
4
sources
4
sources
@ -1,3 +1,3 @@
|
||||
SHA512 (selinux-policy-7320802.tar.gz) = 0a94d5e0d838de07af737741153d6d666b54d01a97fcb0f9024930a096669ef3ec3ac00522b3034f4f608228447fc2afed67cbdb7f1ac3bc8d6e7b8af1a8f19f
|
||||
SHA512 (container-selinux.tgz) = 7c850ed168c58de7b96f8ac06f3885b5a333ad5ef742e8420e6306b931c15ad25134d40ad1f56d3cad669b1015078f83434c246c1f86e238560b3c02a2e9ca2a
|
||||
SHA512 (selinux-policy-74a82f5.tar.gz) = cea477b6796fa51c9613714027f2d3be1eb863c7c8fc1e5d9fecf11a6f5ac814b9ad9a98ccce6808cbd0c205896c482d8f3520f7172d9486a25c069f3790ce15
|
||||
SHA512 (container-selinux.tgz) = 5811b508b20f9999568f84a12077caf0e0c5d21902bbd43962eb6f35bc7c4f0a46900c06b243e8357e42d1fa367c93da1bd1828132f88dbceb63857699f900b8
|
||||
SHA512 (macro-expander) = 243ee49f1185b78ac47e56ca9a3f3592f8975fab1a2401c0fcc7f88217be614fe31805bacec602b728e7fcfc21dcc17d90e9a54ce87f3a0c97624d9ad885aea4
|
||||
|
||||
Loading…
Reference in New Issue
Block a user