* Thu Jun 04 2020 Zdenek Pytela <zpytela@redhat.com> - 3.14.6-15

- Add fetchmail_uidl_cache_t type for /var/mail/.fetchmail.pid
- Support multiple ways of tlp invocation
- Allow qemu-kvm read and write /dev/mapper/control
- Introduce logrotate_use_cifs boolean
- Allow ptp4l_t sys_admin capability to run bpf programs
- Allow to getattr files on an nsfs filesystem
- httpd: Allow NoNewPriv transition from systemd
- Allow rhsmd read process state of all domains and kernel threads
- Allow rhsmd mmap /etc/passwd
- Allow systemd-logind manage efivarfs files
- Allow initrc_t tlp_filetrans_named_content()
- Allow systemd_resolved_t to read efivarfs
- Allow systemd_modules_load_t to read efivarfs
- Introduce systemd_read_efivarfs_type attribute
- Allow named transition for /run/tlp from a user shell
- Allow ipsec_mgmt_t mmap ipsec_conf_file_t files
- Add file context for /sys/kernel/tracing
This commit is contained in:
Zdenek Pytela 2020-06-04 12:37:12 +02:00
parent 1111964e2a
commit 5cdd516855
3 changed files with 27 additions and 6 deletions

2
.gitignore vendored
View File

@ -462,3 +462,5 @@ serefpolicy*
/selinux-policy-contrib-80860a3.tar.gz
/selinux-policy-contrib-cafd506.tar.gz
/selinux-policy-6d96694.tar.gz
/selinux-policy-contrib-22a7272.tar.gz
/selinux-policy-7dd92fd.tar.gz

View File

@ -1,11 +1,11 @@
# github repo with selinux-policy base sources
%global git0 https://github.com/fedora-selinux/selinux-policy
%global commit0 6d966941f05ea6148bd91886e7bf91d7ae59690c
%global commit0 7dd92fda6b04b5c90feb038aabefb728a8773750
%global shortcommit0 %(c=%{commit0}; echo ${c:0:7})
# github repo with selinux-policy contrib sources
%global git1 https://github.com/fedora-selinux/selinux-policy-contrib
%global commit1 cafd50640ad014d92e9efdc9aef3dbde638f1816
%global commit1 22a72723552b1c4bc6dd42f7f55fd9dd42426c3c
%global shortcommit1 %(c=%{commit1}; echo ${c:0:7})
%define distro redhat
@ -29,7 +29,7 @@
Summary: SELinux policy configuration
Name: selinux-policy
Version: 3.14.6
Release: 14%{?dist}
Release: 15%{?dist}
License: GPLv2+
Source: %{git0}/archive/%{commit0}/%{name}-%{shortcommit0}.tar.gz
Source29: %{git1}/archive/%{commit1}/%{name}-contrib-%{shortcommit1}.tar.gz
@ -774,6 +774,25 @@ exit 0
%endif
%changelog
* Thu Jun 04 2020 Zdenek Pytela <zpytela@redhat.com> - 3.14.6-15
- Add fetchmail_uidl_cache_t type for /var/mail/.fetchmail.pid
- Support multiple ways of tlp invocation
- Allow qemu-kvm read and write /dev/mapper/control
- Introduce logrotate_use_cifs boolean
- Allow ptp4l_t sys_admin capability to run bpf programs
- Allow to getattr files on an nsfs filesystem
- httpd: Allow NoNewPriv transition from systemd
- Allow rhsmd read process state of all domains and kernel threads
- Allow rhsmd mmap /etc/passwd
- Allow systemd-logind manage efivarfs files
- Allow initrc_t tlp_filetrans_named_content()
- Allow systemd_resolved_t to read efivarfs
- Allow systemd_modules_load_t to read efivarfs
- Introduce systemd_read_efivarfs_type attribute
- Allow named transition for /run/tlp from a user shell
- Allow ipsec_mgmt_t mmap ipsec_conf_file_t files
- Add file context for /sys/kernel/tracing
* Tue May 19 2020 Zdenek Pytela <zpytela@redhat.com> - 3.14.6-14
- Allow chronyc_t domain to use nsswitch
- Allow nscd_socket_use() for domains in nscd_use() unconditionally

View File

@ -1,4 +1,4 @@
SHA512 (selinux-policy-contrib-cafd506.tar.gz) = 8ed7996e84c7c7671891601e68e6b894770458204a0bfb60cf737d4cdab9aaeef76000dd40b8dcc16b6ebf312a5bdf53133be366b0496cc1b38f73c7902bf923
SHA512 (selinux-policy-6d96694.tar.gz) = 4c69446665068244363a80f13e6ccc4c10deb3f1b2fde7d1ee7f6ac5a3f626b111dbd70454f6176410547b8187355c1a45adcb12cf0ebfb5373d002a99bbef0c
SHA512 (selinux-policy-contrib-22a7272.tar.gz) = c379dbd32627dd0d04a98f95d7291a9e5ab24932ebaaf065f8b5ccc941b23e36235a3e5ae9b78ee96e0fda28f2fc26bdfead6645e0925dd94856b47b6b66e60b
SHA512 (selinux-policy-7dd92fd.tar.gz) = 4a61d12d6565d1722a04a16878e48b1f8b74dd43e2f52d66495557e4a77eb0a50cd882f619a6f0d8c038ff64d38219fba06bce7f883aca86bf308d8a89340549
SHA512 (macro-expander) = 243ee49f1185b78ac47e56ca9a3f3592f8975fab1a2401c0fcc7f88217be614fe31805bacec602b728e7fcfc21dcc17d90e9a54ce87f3a0c97624d9ad885aea4
SHA512 (container-selinux.tgz) = f6863fbbd458f8415609c051ab0033e400413000d81e58a5b928c12ebf9eefa5603357760823ffe155623670a840fcee6a91a3adae9e6b7877ea5aca03610cd2
SHA512 (container-selinux.tgz) = 521d0028bf2140be7586ab39f4ac99c136cf8559506f9b755beb3ac50bd4de474430848c322d0917c7f9a1230ecc4d93704e12fefb19a64b5089456fc047438c