From 81d47cf9bd04a1f3f7f976b995a900033b70f93d Mon Sep 17 00:00:00 2001 From: Zdenek Pytela Date: Wed, 30 Nov 2022 15:15:51 +0100 Subject: [PATCH] * Wed Nov 30 2022 Zdenek Pytela - 38.1.2-1 - Allow insights client communicate with cupsd, mysqld, openvswitch, redis Resolves: rhbz#2124549 - Allow insights client read raw memory devices Resolves: rhbz#2124549 - Allow networkmanager_dispatcher_plugin work with nscd Resolves: rhbz#2149317 - Allow ipsec_t only read tpm devices Resolves: rhbz#2147380 - Watch_sb all file type directories. Resolves: rhbz#2139363 - Add watch and watch_sb dosfs interface Resolves: rhbz#2139363 - Revert "define lockdown class and access" Resolves: rhbz#2145266 - Allow postfix/smtpd read kerberos key table Resolves: rhbz#2145266 - Remove the lockdown class from the policy Resolves: rhbz#2145266 - Remove label for /usr/sbin/bgpd Resolves: rhbz#2145266 - Revert "refpolicy: drop unused socket security classes" Resolves: rhbz#2145266 --- selinux-policy.spec | 28 ++++++++++++++++++++++++++-- sources | 4 ++-- 2 files changed, 28 insertions(+), 4 deletions(-) diff --git a/selinux-policy.spec b/selinux-policy.spec index f1872e84..a03b6808 100644 --- a/selinux-policy.spec +++ b/selinux-policy.spec @@ -1,6 +1,6 @@ # github repo with selinux-policy sources %global giturl https://github.com/fedora-selinux/selinux-policy -%global commit 3c80e8b26a1ff6f8f282169e0971e705daddb01a +%global commit c2406ec85d4e2917ba16518d5538df73e89f8343 %global shortcommit %(c=%{commit}; echo ${c:0:7}) %define distro redhat @@ -23,7 +23,7 @@ %define CHECKPOLICYVER 3.2 Summary: SELinux policy configuration Name: selinux-policy -Version: 38.1.1 +Version: 38.1.2 Release: 1%{?dist} License: GPLv2+ Source: %{giturl}/archive/%{commit}/%{name}-%{shortcommit}.tar.gz @@ -808,6 +808,30 @@ exit 0 %endif %changelog +* Wed Nov 30 2022 Zdenek Pytela - 38.1.2-1 +- Allow insights client communicate with cupsd, mysqld, openvswitch, redis +Resolves: rhbz#2124549 +- Allow insights client read raw memory devices +Resolves: rhbz#2124549 +- Allow networkmanager_dispatcher_plugin work with nscd +Resolves: rhbz#2149317 +- Allow ipsec_t only read tpm devices +Resolves: rhbz#2147380 +- Watch_sb all file type directories. +Resolves: rhbz#2139363 +- Add watch and watch_sb dosfs interface +Resolves: rhbz#2139363 +- Revert "define lockdown class and access" +Resolves: rhbz#2145266 +- Allow postfix/smtpd read kerberos key table +Resolves: rhbz#2145266 +- Remove the lockdown class from the policy +Resolves: rhbz#2145266 +- Remove label for /usr/sbin/bgpd +Resolves: rhbz#2145266 +- Revert "refpolicy: drop unused socket security classes" +Resolves: rhbz#2145266 + * Mon Nov 21 2022 Zdenek Pytela - 38.1.1-1 - Rebase selinux-policy to the latest one in rawhide Resolves: rhbz#2082524 diff --git a/sources b/sources index c69d919a..dc6aca2a 100644 --- a/sources +++ b/sources @@ -1,3 +1,3 @@ -SHA512 (selinux-policy-3c80e8b.tar.gz) = bdb86aadbcba4482c4dcb769bb02ded96e15e0fbad7792d643f1895830fb556796ec6d79eee00d0fbf610e14d33bb21dded9866a774bbaa35b0cb2f8ef3a6084 +SHA512 (selinux-policy-c2406ec.tar.gz) = 5f00bb39ae8883040e5e0e4968117fe94be8c3e4b3e988e046c55a17bcf858a9f3a6dedb3b677de2ded47e6330e1081bb01adc6545df80a92398ef4651c48136 SHA512 (macro-expander) = 243ee49f1185b78ac47e56ca9a3f3592f8975fab1a2401c0fcc7f88217be614fe31805bacec602b728e7fcfc21dcc17d90e9a54ce87f3a0c97624d9ad885aea4 -SHA512 (container-selinux.tgz) = bed458d923ef65e0a32252e12185b49e61c2dce277e7c1ff0fd9aa5426559428942d1b8d16e9a57ba3741d74ba1b283e08a9de71e44321db73ecac8c8e04348b +SHA512 (container-selinux.tgz) = 011cbcdc028ef2441a7ad3d04d8c123298ca6c96e5b0c67f0e6726182c1f63a7dd2a9bfbbc21c64b4b49b5ae4aa957e4c3c91988de6f540d16e9c03a514751e0