* Thu Sep 23 2021 Zdenek Pytela <zpytela@redhat.com> - 34.21-1

- Add bluetooth-related permissions into a tunable block
- Allow gnome at-spi processes create and use stream sockets
- Allow usbmuxd get attributes of tmpfs_t filesystems
- Allow fprintd install a sleep delay inhibitor
- Allow collectd get attributes of infiniband devices
- Allow collectd create and user netlink rdma socket
- Allow collectd map packet_socket
- Allow snort create and use blootooth socket
- Allow systemd watch and watch_reads console devices
- Allow snort create and use generic netlink socket
- Allow NetworkManager dbus chat with fwupd
- Allow unconfined domains read/write domain perf_events
- Allow scripts to enter LUKS password
- Update mount_manage_pid_files() to use manage_files_pattern
- Support hitless reloads feature in haproxy
- Allow haproxy list the sysfs directories content
- Allow gnome at-spi processes get attributes of tmpfs filesystems
- Allow unbound connectto unix_stream_socket
- Allow rhsmcertd_t dbus chat with anaconda install_t
This commit is contained in:
Zdenek Pytela 2021-09-23 18:47:59 +02:00
parent dead9d45da
commit 792d74b90a
2 changed files with 25 additions and 4 deletions

View File

@ -1,6 +1,6 @@
# github repo with selinux-policy sources
%global giturl https://github.com/fedora-selinux/selinux-policy
%global commit 79a2c551b9efced446614dc6e11cf30cc4b62d52
%global commit 1715509773b3387a0c74423c05d53eb401d9b470
%global shortcommit %(c=%{commit}; echo ${c:0:7})
%define distro redhat
@ -23,7 +23,7 @@
%define CHECKPOLICYVER 3.2
Summary: SELinux policy configuration
Name: selinux-policy
Version: 34.20
Version: 34.21
Release: 1%{?dist}
License: GPLv2+
Source: %{giturl}/archive/%{commit}/%{name}-%{shortcommit}.tar.gz
@ -808,6 +808,27 @@ exit 0
%endif
%changelog
* Thu Sep 23 2021 Zdenek Pytela <zpytela@redhat.com> - 34.21-1
- Add bluetooth-related permissions into a tunable block
- Allow gnome at-spi processes create and use stream sockets
- Allow usbmuxd get attributes of tmpfs_t filesystems
- Allow fprintd install a sleep delay inhibitor
- Allow collectd get attributes of infiniband devices
- Allow collectd create and user netlink rdma socket
- Allow collectd map packet_socket
- Allow snort create and use blootooth socket
- Allow systemd watch and watch_reads console devices
- Allow snort create and use generic netlink socket
- Allow NetworkManager dbus chat with fwupd
- Allow unconfined domains read/write domain perf_events
- Allow scripts to enter LUKS password
- Update mount_manage_pid_files() to use manage_files_pattern
- Support hitless reloads feature in haproxy
- Allow haproxy list the sysfs directories content
- Allow gnome at-spi processes get attributes of tmpfs filesystems
- Allow unbound connectto unix_stream_socket
- Allow rhsmcertd_t dbus chat with anaconda install_t
* Thu Sep 16 2021 Zdenek Pytela <zpytela@redhat.com> - 34.20-1
- cleanup unused codes
- Fix typo in the gnome_exec_atspi() interface summary

View File

@ -1,3 +1,3 @@
SHA512 (selinux-policy-79a2c55.tar.gz) = dac393162371ecae40d2df0fdc0c71b909c59fc7785d9c0cbb0a8333aba6429d691e0aa61f8c4ccbf9c0dc10bd5375280d75c0e5395f217ccb55d77e33469dbf
SHA512 (container-selinux.tgz) = 47dece3674e7df50e15fa00f37c1c2a0060ab3fc25af75207274dc80b639876ee4e8305d2fb96f153be7cc05fb53cde373d11db3a40c6d63d062abe6023e76ad
SHA512 (selinux-policy-1715509.tar.gz) = d20f47dd8763087e0ee254a1b1ddcc499d2e6e61346032d3455084f6a82cf275e0f286b0186bcae8193cb5674f5b0cbc79be151a5750b1da636465e7d80c2dcc
SHA512 (macro-expander) = 243ee49f1185b78ac47e56ca9a3f3592f8975fab1a2401c0fcc7f88217be614fe31805bacec602b728e7fcfc21dcc17d90e9a54ce87f3a0c97624d9ad885aea4
SHA512 (container-selinux.tgz) = b42b80ae4864217dd97a012be4cbfe4287fb8debda507b396d5926be24357b13178d133e3d75fbac26ae9cf5aaf7c0f4c06e9d3cc6278c58d5d0d52b21cfbc61