* Wed Dec 14 2022 Zdenek Pytela <zpytela@redhat.com> - 38.3-1
- Allow insights-client dbus chat with various services - Allow insights-client tcp connect to various ports - Allow insights-client run lpr and allow the proper role - Allow insights-client work with pcp and manage user config files - Allow redis get user names - Allow kernel threads to use fds from all domains - Allow systemd-modules-load load kernel modules - Allow login_userdomain watch systemd-passwd pid dirs - Allow insights-client dbus chat with abrt - Grant kernel_t certain permissions in the system class - Allow systemd-resolved watch tmpfs directories - Allow systemd-timedated watch init runtime dir - Make `bootc` be `install_exec_t` - Allow systemd-coredump create user_namespace - Allow syslog the setpcap capability - donaudit virtlogd and dnsmasq execmem
This commit is contained in:
parent
8263376e4d
commit
5e55a1623d
@ -1,6 +1,6 @@
|
||||
# github repo with selinux-policy sources
|
||||
%global giturl https://github.com/fedora-selinux/selinux-policy
|
||||
%global commit 1e8688ea694393c9d918939322b72dfb44a01792
|
||||
%global commit 4343b56750c77ff3fc562c1dddc24ad5da115a12
|
||||
%global shortcommit %(c=%{commit}; echo ${c:0:7})
|
||||
|
||||
%define distro redhat
|
||||
@ -23,7 +23,7 @@
|
||||
%define CHECKPOLICYVER 3.2
|
||||
Summary: SELinux policy configuration
|
||||
Name: selinux-policy
|
||||
Version: 38.2
|
||||
Version: 38.3
|
||||
Release: 1%{?dist}
|
||||
License: GPL-2.0-or-later
|
||||
Source: %{giturl}/archive/%{commit}/%{name}-%{shortcommit}.tar.gz
|
||||
@ -816,6 +816,24 @@ exit 0
|
||||
%endif
|
||||
|
||||
%changelog
|
||||
* Wed Dec 14 2022 Zdenek Pytela <zpytela@redhat.com> - 38.3-1
|
||||
- Allow insights-client dbus chat with various services
|
||||
- Allow insights-client tcp connect to various ports
|
||||
- Allow insights-client run lpr and allow the proper role
|
||||
- Allow insights-client work with pcp and manage user config files
|
||||
- Allow redis get user names
|
||||
- Allow kernel threads to use fds from all domains
|
||||
- Allow systemd-modules-load load kernel modules
|
||||
- Allow login_userdomain watch systemd-passwd pid dirs
|
||||
- Allow insights-client dbus chat with abrt
|
||||
- Grant kernel_t certain permissions in the system class
|
||||
- Allow systemd-resolved watch tmpfs directories
|
||||
- Allow systemd-timedated watch init runtime dir
|
||||
- Make `bootc` be `install_exec_t`
|
||||
- Allow systemd-coredump create user_namespace
|
||||
- Allow syslog the setpcap capability
|
||||
- donaudit virtlogd and dnsmasq execmem
|
||||
|
||||
* Tue Dec 06 2022 Zdenek Pytela <zpytela@redhat.com> - 38.2-1
|
||||
- Don't make kernel_t an unconfined domain
|
||||
- Don't allow kernel_t to execute bin_t/usr_t binaries without a transition
|
||||
|
4
sources
4
sources
@ -1,3 +1,3 @@
|
||||
SHA512 (selinux-policy-1e8688e.tar.gz) = e490022c1a05e68f523cb717fb47044a37b0b54b58b06003e2f646d9c44b688fa5c96d657a0ac29e95877b6d3f056a4a08120e9a67b9d1603c87ce8a7e2e3d44
|
||||
SHA512 (container-selinux.tgz) = 06340531ebc60308955cb4f7a99b68b04688925bc5a904a3d4a5143f32fa8dd0dee53bce006366de706c14b619378862f5377e0fbe7a5a2e789b66d7820ec599
|
||||
SHA512 (selinux-policy-4343b56.tar.gz) = ca8107d98eacd3b4e101958fb9f341c0ee37501855484d37536764044d38310ad9cf17f12fe68150d9fd7047e01f51e86a26fb6f3f41f634b7b650de80607201
|
||||
SHA512 (container-selinux.tgz) = 9ec574c1441e656930c25e5e6decf71c89327c520b0b9af9cf3286e377bc1aad7efaf0c221fab49315d47946c5ca6313f162631def7c7981466c7646fcf3ce5a
|
||||
SHA512 (macro-expander) = 243ee49f1185b78ac47e56ca9a3f3592f8975fab1a2401c0fcc7f88217be614fe31805bacec602b728e7fcfc21dcc17d90e9a54ce87f3a0c97624d9ad885aea4
|
||||
|
Loading…
Reference in New Issue
Block a user