* Tue May 30 2023 Zdenek Pytela <zpytela@redhat.com> - 38.15-1

- Update policy for systemd-sleep - Remove permissive domain for rshim_t - Remove permissive domain for mptcpd_t - Allow systemd-bootchartd the sys_ptrace userns capability - Allow sysadm_t read nsfs files - Allow sysadm_t run kernel bpf programs - Update ssh_role_template for ssh-agent - Update ssh_role_template to allow read/write unallocated ttys - Add the booth module to modules.conf - Allow firewalld rw ica_tmpfs_t files
2023-05-30 12:00:03 +02:00 · 2023-05-30 12:00:03 +02:00 · 70fa3a1489
parent c7eb7f478f
commit 70fa3a1489
2 changed files with 16 additions and 4 deletions
--- a/selinux-policy.spec
+++ b/selinux-policy.spec
@ -1,6 +1,6 @@
 # github repo with selinux-policy sources
 %global giturl https://github.com/fedora-selinux/selinux-policy
-%global commit 2badf88d3115e9d3e63b51601eeaa75977f40d16
+%global commit 1c095937163faff5822b673b6771b700002ad3a6
 %global shortcommit %(c=%{commit}; echo ${c:0:7})

 %define distro redhat
@ -23,7 +23,7 @@
 %define CHECKPOLICYVER 3.2
 Summary: SELinux policy configuration
 Name: selinux-policy
-Version: 38.14
+Version: 38.15
 Release: 1%{?dist}
 License: GPL-2.0-or-later
 Source: %{giturl}/archive/%{commit}/%{name}-%{shortcommit}.tar.gz
@ -813,6 +813,18 @@ exit 0
 %endif

 %changelog
+* Tue May 30 2023 Zdenek Pytela <zpytela@redhat.com> - 38.15-1
+- Update policy for systemd-sleep
+- Remove permissive domain for rshim_t
+- Remove permissive domain for mptcpd_t
+- Allow systemd-bootchartd the sys_ptrace userns capability
+- Allow sysadm_t read nsfs files
+- Allow sysadm_t run kernel bpf programs
+- Update ssh_role_template for ssh-agent
+- Update ssh_role_template to allow read/write unallocated ttys
+- Add the booth module to modules.conf
+- Allow firewalld rw ica_tmpfs_t files
+
 * Fri May 26 2023 Zdenek Pytela <zpytela@redhat.com> - 38.14-1
 - Remove permissive domain for cifs_helper_t
 - Update the cifs-helper policy
--- a/4
+++ b/4
@ -1,3 +1,3 @@
-SHA512 (selinux-policy-2badf88.tar.gz) = 04a7f9a329a589c500e3abe2052e1d3c92f32aaa73aca3d12c269146c9c88b27650517b7939cb77f24b5224169095e3ea3fc9aca878179c9160f1baf549887cb
+SHA512 (selinux-policy-1c09593.tar.gz) = 3017973aa40f6df483365ce5f8eeaa879d52baac16a9c356ca9d3c430760ea80745a8a3f3a59a980689fd7b84f4ce96c29a5479345bc9a1a550d58a22a66f1fd
+SHA512 (container-selinux.tgz) = 31e27f900ffb1984873dcf244c161b573929bca80c878e7e1a3f159282ceb8e1505555c05606bfb726ce475a9b19a036181b84eb5ec7e7259ee4a2c254144597
 SHA512 (macro-expander) = 243ee49f1185b78ac47e56ca9a3f3592f8975fab1a2401c0fcc7f88217be614fe31805bacec602b728e7fcfc21dcc17d90e9a54ce87f3a0c97624d9ad885aea4
-SHA512 (container-selinux.tgz) = e06d109b066c05802753cb38a5fb9db81bec6e801eecff760961234b6d1b924ba84f20a0fc5546ed23b4de0fb39e436cc248581f52bbe714ea7517846e46cf24