* Thu Aug 13 2020 Zdenek Pytela <zpytela@redhat.com> - 3.14.6-24
- Add ipa_helper_noatsecure() interface unconditionally - Conditionally allow nagios_plugin_domain dbus chat with init - Revert "Update allow rules set for nrpe_t domain" - Add ipa_helper_noatsecure() interface to ipa.if - Label /usr/libexec/qemu-pr-helper with virtd_exec_t - Allow kadmind manage kerberos host rcache - Allow nsswitch_domain to connect to systemd-machined using a unix socket - Define named file transition for sshd on /tmp/krb5_0.rcache2 - Allow systemd-machined create userdbd runtime sock files - Disable kdbus module before updating
This commit is contained in:
parent
01e3f0a70d
commit
8bda530858
2
.gitignore
vendored
2
.gitignore
vendored
@ -476,3 +476,5 @@ serefpolicy*
|
||||
/selinux-policy-contrib-72b3524.tar.gz
|
||||
/selinux-policy-3952201.tar.gz
|
||||
/selinux-policy-217d493.tar.gz
|
||||
/selinux-policy-contrib-9b7cf70.tar.gz
|
||||
/selinux-policy-6fe2056.tar.gz
|
||||
|
@ -1,11 +1,11 @@
|
||||
# github repo with selinux-policy base sources
|
||||
%global git0 https://github.com/fedora-selinux/selinux-policy
|
||||
%global commit0 217d49334447021da909edf8b07007e319540ae3
|
||||
%global commit0 6fe205674f9cd1face5e2cf1aeb90d265ef89ba8
|
||||
%global shortcommit0 %(c=%{commit0}; echo ${c:0:7})
|
||||
|
||||
# github repo with selinux-policy contrib sources
|
||||
%global git1 https://github.com/fedora-selinux/selinux-policy-contrib
|
||||
%global commit1 72b352431e6cdce2bd6a26ad942d373f42dbba58
|
||||
%global commit1 9b7cf700494669ec9b27e59abe53beae09a8c7c7
|
||||
%global shortcommit1 %(c=%{commit1}; echo ${c:0:7})
|
||||
|
||||
%define distro redhat
|
||||
@ -29,7 +29,7 @@
|
||||
Summary: SELinux policy configuration
|
||||
Name: selinux-policy
|
||||
Version: 3.14.6
|
||||
Release: 23%{?dist}
|
||||
Release: 24%{?dist}
|
||||
License: GPLv2+
|
||||
Source: %{git0}/archive/%{commit0}/%{name}-%{shortcommit0}.tar.gz
|
||||
Source29: %{git1}/archive/%{commit1}/%{name}-contrib-%{shortcommit1}.tar.gz
|
||||
@ -282,7 +282,7 @@ fi;
|
||||
|
||||
%define preInstall() \
|
||||
if [ $1 -ne 1 ] && [ -s %{_sysconfdir}/selinux/config ]; then \
|
||||
for MOD_NAME in ganesha ipa_custodia; do \
|
||||
for MOD_NAME in ganesha ipa_custodia kdbus; do \
|
||||
if [ -d %{_sharedstatedir}/selinux/%1/active/modules/100/$MOD_NAME ]; then \
|
||||
%{_sbindir}/semodule -n -d $MOD_NAME; \
|
||||
fi; \
|
||||
@ -784,6 +784,18 @@ exit 0
|
||||
%endif
|
||||
|
||||
%changelog
|
||||
* Thu Aug 13 2020 Zdenek Pytela <zpytela@redhat.com> - 3.14.6-24
|
||||
- Add ipa_helper_noatsecure() interface unconditionally
|
||||
- Conditionally allow nagios_plugin_domain dbus chat with init
|
||||
- Revert "Update allow rules set for nrpe_t domain"
|
||||
- Add ipa_helper_noatsecure() interface to ipa.if
|
||||
- Label /usr/libexec/qemu-pr-helper with virtd_exec_t
|
||||
- Allow kadmind manage kerberos host rcache
|
||||
- Allow nsswitch_domain to connect to systemd-machined using a unix socket
|
||||
- Define named file transition for sshd on /tmp/krb5_0.rcache2
|
||||
- Allow systemd-machined create userdbd runtime sock files
|
||||
- Disable kdbus module before updating
|
||||
|
||||
* Mon Aug 03 2020 Zdenek Pytela <zpytela@redhat.com> - 3.14.6-23
|
||||
- Revert "Add support for /sys/fs/kdbus and allow login_pgm domain to access it."
|
||||
- Revert "Add interface to allow types to associate with cgroup filesystems"
|
||||
|
6
sources
6
sources
@ -1,4 +1,4 @@
|
||||
SHA512 (selinux-policy-contrib-72b3524.tar.gz) = cea10b427dd3163af8c41f42e8335725d922365829ea22b3cea86ed65db1428aea36543f2eb1e117dda47cc7281b5df29458ed7ce14353b9927646f6c7b01380
|
||||
SHA512 (selinux-policy-217d493.tar.gz) = f22dcdbdab72eff7b677a25889b5c10d40cd8711229f89eaca8e89615690267d5db17966c4682771064abfa997edf42c2d4d4bd7f643348603defb705f9afebc
|
||||
SHA512 (selinux-policy-contrib-9b7cf70.tar.gz) = ba053dedf48c9fa5199f7ede41f12959680de910ebf7f7c8d8a9259eef59d89c5dca3e4b52aff96ea6c6b2ddfdda7ba0f64c1483d7f86da83ee9f439c16de5f6
|
||||
SHA512 (selinux-policy-6fe2056.tar.gz) = d9ec5664bd5fc99244c4c91bb7fb68f8a67f88b250dc6ec3f018328fe89a796c60d096edd57fca0239d668c98c567367e015aa2e7785792dc0891c783c130d7f
|
||||
SHA512 (container-selinux.tgz) = db901e9d5ca68a5f771437852d1ab2f5463df945ec9673f3e1ce18cb081aa60544d89e3357f33407aa18196fc1f8b4c554a0690a6bfd0017ff75216c84a19a59
|
||||
SHA512 (macro-expander) = 243ee49f1185b78ac47e56ca9a3f3592f8975fab1a2401c0fcc7f88217be614fe31805bacec602b728e7fcfc21dcc17d90e9a54ce87f3a0c97624d9ad885aea4
|
||||
SHA512 (container-selinux.tgz) = b0e3d877927447b34b5323c9c3f283455a5476e312b7260fde781df5ef9f1058d6adeebf679f273d4de9414d058a995e5fd0fe9baef02f0c5c399f2114518931
|
||||
|
Loading…
Reference in New Issue
Block a user