* Fri Jan 12 2024 Zdenek Pytela <zpytela@redhat.com> - 38.1.30-1

- Allow sysadm execute traceroute in sysadm_t domain using sudo
Resolves: RHEL-14077
- Allow qatlib set attributes of vfio device files
Resolves: RHEL-19051
- Allow qatlib load kernel modules
Resolves: RHEL-19051
- Allow qatlib run lspci
Resolves: RHEL-19051
- Allow qatlib manage its private runtime socket files
Resolves: RHEL-19051
- Allow qatlib read/write vfio devices
Resolves: RHEL-19051
- Allow syslog to run unconfined scripts conditionally
Resolves: RHEL-11174
- Allow syslogd_t nnp_transition to syslogd_unconfined_script_t
Resolves: RHEL-11174
- Allow sendmail MTA connect to sendmail LDA
Resolves: RHEL-15175
- Allow sysadm execute tcpdump in sysadm_t domain using sudo
Resolves: RHEL-15432
- Allow opafm search nfs directories
Resolves: RHEL-17820
- Allow mdadm list stratisd data directories
Resolves: RHEL-19276
- Update cyrus_stream_connect() to use sockets in /run
Resolves: RHEL-19282
- Allow collectd connect to statsd port
Resolves: RHEL-21044
- Allow insights-client transition to sap unconfined domain
Resolves: RHEL-21452
- Create the sap module
Resolves: RHEL-21452
This commit is contained in:
Zdenek Pytela 2024-01-13 00:24:21 +01:00
parent 05d668a2ce
commit 88b880c6c7
2 changed files with 38 additions and 4 deletions

View File

@ -1,6 +1,6 @@
# github repo with selinux-policy sources # github repo with selinux-policy sources
%global giturl https://github.com/fedora-selinux/selinux-policy %global giturl https://github.com/fedora-selinux/selinux-policy
%global commit 5fcfdfa3694ff9f045dfc069b6be9af9c7bfaaea %global commit bdc0c650c1b3411dca75e7f82167b5e7a242fc04
%global shortcommit %(c=%{commit}; echo ${c:0:7}) %global shortcommit %(c=%{commit}; echo ${c:0:7})
%define distro redhat %define distro redhat
@ -23,7 +23,7 @@
%define CHECKPOLICYVER 3.2 %define CHECKPOLICYVER 3.2
Summary: SELinux policy configuration Summary: SELinux policy configuration
Name: selinux-policy Name: selinux-policy
Version: 38.1.29 Version: 38.1.30
Release: 1%{?dist} Release: 1%{?dist}
License: GPLv2+ License: GPLv2+
Source: %{giturl}/archive/%{commit}/%{name}-%{shortcommit}.tar.gz Source: %{giturl}/archive/%{commit}/%{name}-%{shortcommit}.tar.gz
@ -809,6 +809,40 @@ exit 0
%endif %endif
%changelog %changelog
* Fri Jan 12 2024 Zdenek Pytela <zpytela@redhat.com> - 38.1.30-1
- Allow sysadm execute traceroute in sysadm_t domain using sudo
Resolves: RHEL-14077
- Allow qatlib set attributes of vfio device files
Resolves: RHEL-19051
- Allow qatlib load kernel modules
Resolves: RHEL-19051
- Allow qatlib run lspci
Resolves: RHEL-19051
- Allow qatlib manage its private runtime socket files
Resolves: RHEL-19051
- Allow qatlib read/write vfio devices
Resolves: RHEL-19051
- Allow syslog to run unconfined scripts conditionally
Resolves: RHEL-11174
- Allow syslogd_t nnp_transition to syslogd_unconfined_script_t
Resolves: RHEL-11174
- Allow sendmail MTA connect to sendmail LDA
Resolves: RHEL-15175
- Allow sysadm execute tcpdump in sysadm_t domain using sudo
Resolves: RHEL-15432
- Allow opafm search nfs directories
Resolves: RHEL-17820
- Allow mdadm list stratisd data directories
Resolves: RHEL-19276
- Update cyrus_stream_connect() to use sockets in /run
Resolves: RHEL-19282
- Allow collectd connect to statsd port
Resolves: RHEL-21044
- Allow insights-client transition to sap unconfined domain
Resolves: RHEL-21452
- Create the sap module
Resolves: RHEL-21452
* Thu Dec 14 2023 Juraj Marcin <jmarcin@redhat.com> - 38.1.29-1 * Thu Dec 14 2023 Juraj Marcin <jmarcin@redhat.com> - 38.1.29-1
- Add init_explicit_domain() interface - Add init_explicit_domain() interface
Resolves: RHEL-18219 Resolves: RHEL-18219

View File

@ -1,3 +1,3 @@
SHA512 (selinux-policy-5fcfdfa.tar.gz) = bd06aad9afede8341e952326f41dd82ed6117a5e5349698446482497795d7544a3d2f3f7c3af9e04f82c030ff991de8e0c70d4ebf498547053c4d0137b858fed SHA512 (selinux-policy-bdc0c65.tar.gz) = 8532c2d7f369efc7783e4aef53e883880e56b7b5b50185a6852dfabd083df896bd3ca75611e47a363df8ae936f5da95ac29b50f5cd7f3d056c9a884ec2f88744
SHA512 (container-selinux.tgz) = dd6a2013469cb4adc9177190dc62efa6f033238402cf54e002fa9b9d5ead80e5c775d8b3d6fa57e5e1c20586c28a7868868e1cf40cda4b1bbcaf1736f706f122
SHA512 (macro-expander) = 243ee49f1185b78ac47e56ca9a3f3592f8975fab1a2401c0fcc7f88217be614fe31805bacec602b728e7fcfc21dcc17d90e9a54ce87f3a0c97624d9ad885aea4 SHA512 (macro-expander) = 243ee49f1185b78ac47e56ca9a3f3592f8975fab1a2401c0fcc7f88217be614fe31805bacec602b728e7fcfc21dcc17d90e9a54ce87f3a0c97624d9ad885aea4
SHA512 (container-selinux.tgz) = 8a5b00cf340a84ea25dd42413750fe3b30218f2e40ed9a7bec8ea78d342345939ae8ab92c3088061be1da79756743cce1969a8da3c5669ef003bf440dd3319c7