From 83b950022be32d9a890f8d95d4a8b38baffc2bea Mon Sep 17 00:00:00 2001 From: Zdenek Pytela Date: Tue, 28 Nov 2023 14:43:30 +0100 Subject: [PATCH] * Tue Nov 28 2023 Zdenek Pytela - 3.14.3-132 - Allow sudodomain read var auth files Resolves: RHEL-16567 - Update cifs interfaces to include fs_search_auto_mountpoints() Resolves: RHEL-14072 - Allow systemd-localed create Xserver config dirs Resolves: RHEL-16715 - Label /var/run/auditd.state as auditd_var_run_t Resolves: RHEL-14376 - Allow auditd read all domains process state Resolves: RHEL-14471 - Allow sudo userdomain to run rpm related commands Resolves: RHEL-1679 - Remove insights_client_watch_lib_dirs() interface Resolves: RHEL-16185 --- .gitignore | 2 ++ selinux-policy.spec | 22 +++++++++++++++++++--- sources | 6 +++--- 3 files changed, 24 insertions(+), 6 deletions(-) diff --git a/.gitignore b/.gitignore index cf453b11..ee369553 100644 --- a/.gitignore +++ b/.gitignore @@ -26,3 +26,5 @@ SOURCES/selinux-policy-contrib-c6da44c.tar.gz /selinux-policy-contrib-267743a.tar.gz /selinux-policy-contrib-ec63def.tar.gz /selinux-policy-8974fee.tar.gz +/selinux-policy-420a39f.tar.gz +/selinux-policy-contrib-5b3c7b8.tar.gz diff --git a/selinux-policy.spec b/selinux-policy.spec index a3d27e8a..8ef2e1c9 100644 --- a/selinux-policy.spec +++ b/selinux-policy.spec @@ -1,11 +1,11 @@ # github repo with selinux-policy base sources %global git0 https://github.com/fedora-selinux/selinux-policy -%global commit0 fd11a423f140771ada319a3cf11da0fc11711638 +%global commit0 420a39fe6aae5204f9a6908c1ad7bc56f6824f01 %global shortcommit0 %(c=%{commit0}; echo ${c:0:7}) # github repo with selinux-policy contrib sources %global git1 https://github.com/fedora-selinux/selinux-policy-contrib -%global commit1 7aa7510ae9cc3c6a965f0f88d74a66e8808dad12 +%global commit1 5b3c7b80f53230d74e49bd81bd3967e50914b46c %global shortcommit1 %(c=%{commit1}; echo ${c:0:7}) %define distro redhat @@ -29,7 +29,7 @@ Summary: SELinux policy configuration Name: selinux-policy Version: 3.14.3 -Release: 131%{?dist} +Release: 132%{?dist} License: GPLv2+ Source: %{git0}/archive/%{commit0}/%{name}-%{shortcommit0}.tar.gz Source29: %{git1}/archive/%{commit1}/%{name}-contrib-%{shortcommit1}.tar.gz @@ -718,6 +718,22 @@ exit 0 %endif %changelog +* Tue Nov 28 2023 Zdenek Pytela - 3.14.3-132 +- Allow sudodomain read var auth files +Resolves: RHEL-16567 +- Update cifs interfaces to include fs_search_auto_mountpoints() +Resolves: RHEL-14072 +- Allow systemd-localed create Xserver config dirs +Resolves: RHEL-16715 +- Label /var/run/auditd.state as auditd_var_run_t +Resolves: RHEL-14376 +- Allow auditd read all domains process state +Resolves: RHEL-14471 +- Allow sudo userdomain to run rpm related commands +Resolves: RHEL-1679 +- Remove insights_client_watch_lib_dirs() interface +Resolves: RHEL-16185 + * Wed Nov 08 2023 Zdenek Pytela - 3.14.3-131 - Additional permissions for ip-vrf Resolves: RHEL-9981 diff --git a/sources b/sources index 45606a45..05d7d5f2 100644 --- a/sources +++ b/sources @@ -1,4 +1,4 @@ -SHA512 (selinux-policy-fd11a42.tar.gz) = 89175fa9d0e4819e8534acceeb02b66880deafa004a2956bfa440430abaa5a5cc06223a63f9c96f45c5983fb041b75ec71eed5e53c04fa9ffe8a4eb70e85d66d -SHA512 (selinux-policy-contrib-7aa7510.tar.gz) = d3261b19e06c687179fc73d3d16b466a95f681ad040c62ae5d50161df23ff81b670607c0fbfdf958473dce99083b351657c53aa154c01c0fcf16239f8603f20a -SHA512 (container-selinux.tgz) = 3f0dcc52ee972c52a8cc5d76e0dde3177e80bec42c66b38947d4a0808f5856ab0d78fc5071239947c57aad1ae5c1a7b61eeada622000b2f3334b7d4b6d390666 +SHA512 (selinux-policy-420a39f.tar.gz) = f3edd1b00f55f41734aca21f7e7f9875bbe7967201c3446ee2b4beb0eeff2c01e018a46b3fd6da72e0b5c4697a54256f1b74999fe5e06a304a5b7aed262d8294 +SHA512 (selinux-policy-contrib-5b3c7b8.tar.gz) = 7ff36632cb3d6b41a10b9bb6e32908946e03dbb5a11686fc1e4c3189b83da4a321a8b0baa13b68473fe3195e8d9356d2565498d4458e491b6fe41016d650414b +SHA512 (container-selinux.tgz) = c3804666a91800dd8222ab0d5bd004b142a1e51c97466978a87186e9fc2d7ef331909b80dff23925a8f9854c568752102316fbd226006216b4264174c02a2597 SHA512 (macro-expander) = 243ee49f1185b78ac47e56ca9a3f3592f8975fab1a2401c0fcc7f88217be614fe31805bacec602b728e7fcfc21dcc17d90e9a54ce87f3a0c97624d9ad885aea4