* Thu Jun 04 2020 Zdenek Pytela <zpytela@redhat.com> - 3.14.6-15

- Add fetchmail_uidl_cache_t type for /var/mail/.fetchmail.pid - Support multiple ways of tlp invocation - Allow qemu-kvm read and write /dev/mapper/control - Introduce logrotate_use_cifs boolean - Allow ptp4l_t sys_admin capability to run bpf programs - Allow to getattr files on an nsfs filesystem - httpd: Allow NoNewPriv transition from systemd - Allow rhsmd read process state of all domains and kernel threads - Allow rhsmd mmap /etc/passwd - Allow systemd-logind manage efivarfs files - Allow initrc_t tlp_filetrans_named_content() - Allow systemd_resolved_t to read efivarfs - Allow systemd_modules_load_t to read efivarfs - Introduce systemd_read_efivarfs_type attribute - Allow named transition for /run/tlp from a user shell - Allow ipsec_mgmt_t mmap ipsec_conf_file_t files - Add file context for /sys/kernel/tracing
2020-06-04 12:37:12 +02:00 · 2020-06-04 12:37:12 +02:00 · 5cdd516855
commit 5cdd516855
parent 1111964e2a
3 changed files with 27 additions and 6 deletions
--- a/.gitignore
+++ b/.gitignore
@ -462,3 +462,5 @@ serefpolicy*
 /selinux-policy-contrib-80860a3.tar.gz
 /selinux-policy-contrib-cafd506.tar.gz
 /selinux-policy-6d96694.tar.gz
+/selinux-policy-contrib-22a7272.tar.gz
+/selinux-policy-7dd92fd.tar.gz
--- a/selinux-policy.spec
+++ b/selinux-policy.spec
@ -1,11 +1,11 @@
 # github repo with selinux-policy base sources
 %global git0 https://github.com/fedora-selinux/selinux-policy
-%global commit0 6d966941f05ea6148bd91886e7bf91d7ae59690c
+%global commit0 7dd92fda6b04b5c90feb038aabefb728a8773750
 %global shortcommit0 %(c=%{commit0}; echo ${c:0:7})

 # github repo with selinux-policy contrib sources
 %global git1 https://github.com/fedora-selinux/selinux-policy-contrib
-%global commit1 cafd50640ad014d92e9efdc9aef3dbde638f1816
+%global commit1 22a72723552b1c4bc6dd42f7f55fd9dd42426c3c
 %global shortcommit1 %(c=%{commit1}; echo ${c:0:7})

 %define distro redhat
@ -29,7 +29,7 @@
 Summary: SELinux policy configuration
 Name: selinux-policy
 Version: 3.14.6
-Release: 14%{?dist}
+Release: 15%{?dist}
 License: GPLv2+
 Source: %{git0}/archive/%{commit0}/%{name}-%{shortcommit0}.tar.gz
 Source29: %{git1}/archive/%{commit1}/%{name}-contrib-%{shortcommit1}.tar.gz
@ -774,6 +774,25 @@ exit 0
 %endif

 %changelog
+* Thu Jun 04 2020 Zdenek Pytela <zpytela@redhat.com> - 3.14.6-15
+- Add fetchmail_uidl_cache_t type for /var/mail/.fetchmail.pid
+- Support multiple ways of tlp invocation
+- Allow qemu-kvm read and write /dev/mapper/control
+- Introduce logrotate_use_cifs boolean
+- Allow ptp4l_t sys_admin capability to run bpf programs
+- Allow to getattr files on an nsfs filesystem
+- httpd: Allow NoNewPriv transition from systemd
+- Allow rhsmd read process state of all domains and kernel threads
+- Allow rhsmd mmap /etc/passwd
+- Allow systemd-logind manage efivarfs files
+- Allow initrc_t tlp_filetrans_named_content()
+- Allow systemd_resolved_t to read efivarfs
+- Allow systemd_modules_load_t to read efivarfs
+- Introduce systemd_read_efivarfs_type attribute
+- Allow named transition for /run/tlp from a user shell
+- Allow ipsec_mgmt_t mmap ipsec_conf_file_t files
+- Add file context for /sys/kernel/tracing
+
 * Tue May 19 2020 Zdenek Pytela <zpytela@redhat.com> - 3.14.6-14
 - Allow chronyc_t domain to use nsswitch
 - Allow nscd_socket_use() for domains in nscd_use() unconditionally
--- a/6
+++ b/6
@ -1,4 +1,4 @@
-SHA512 (selinux-policy-contrib-cafd506.tar.gz) = 8ed7996e84c7c7671891601e68e6b894770458204a0bfb60cf737d4cdab9aaeef76000dd40b8dcc16b6ebf312a5bdf53133be366b0496cc1b38f73c7902bf923
-SHA512 (selinux-policy-6d96694.tar.gz) = 4c69446665068244363a80f13e6ccc4c10deb3f1b2fde7d1ee7f6ac5a3f626b111dbd70454f6176410547b8187355c1a45adcb12cf0ebfb5373d002a99bbef0c
+SHA512 (selinux-policy-contrib-22a7272.tar.gz) = c379dbd32627dd0d04a98f95d7291a9e5ab24932ebaaf065f8b5ccc941b23e36235a3e5ae9b78ee96e0fda28f2fc26bdfead6645e0925dd94856b47b6b66e60b
+SHA512 (selinux-policy-7dd92fd.tar.gz) = 4a61d12d6565d1722a04a16878e48b1f8b74dd43e2f52d66495557e4a77eb0a50cd882f619a6f0d8c038ff64d38219fba06bce7f883aca86bf308d8a89340549
 SHA512 (macro-expander) = 243ee49f1185b78ac47e56ca9a3f3592f8975fab1a2401c0fcc7f88217be614fe31805bacec602b728e7fcfc21dcc17d90e9a54ce87f3a0c97624d9ad885aea4
-SHA512 (container-selinux.tgz) = f6863fbbd458f8415609c051ab0033e400413000d81e58a5b928c12ebf9eefa5603357760823ffe155623670a840fcee6a91a3adae9e6b7877ea5aca03610cd2
+SHA512 (container-selinux.tgz) = 521d0028bf2140be7586ab39f4ac99c136cf8559506f9b755beb3ac50bd4de474430848c322d0917c7f9a1230ecc4d93704e12fefb19a64b5089456fc047438c