* Mon Feb 25 2019 Lukas Vrabec <lvrabec@redhat.com> - 3.14.4-1

- Allow openvpn_t domain to set capability BZ(1680276) - Update redis_enable_notify() boolean to fix sending e-mail by redis when this boolean is turned on - Allow chronyd_t domain to send data over dgram socket - Add rolekit_dgram_send() interface - Fix bug in userdom_restricted_xwindows_user_template() template to disallow all user domains to access admin_home_t - kernel/files.fc: Label /var/run/motd.d(./*)? and /var/run/motd as pam_var_run_t
2019-02-25 23:17:05 +01:00 · 2019-02-25 23:17:05 +01:00 · 8be35be283
parent 0bd9f6aa0b
commit 8be35be283
3 changed files with 16 additions and 7 deletions
--- a/.gitignore
+++ b/.gitignore
@ -341,3 +341,5 @@ serefpolicy*
 /selinux-policy-contrib-01421de.tar.gz
 /selinux-policy-18ccb6c.tar.gz
 /selinux-policy-contrib-7e2f178.tar.gz
+/selinux-policy-contrib-af9fa4f.tar.gz
+/selinux-policy-108b4cd.tar.gz
--- a/selinux-policy.spec
+++ b/selinux-policy.spec
@ -1,11 +1,11 @@
 # github repo with selinux-policy base sources
 %global git0 https://github.com/fedora-selinux/selinux-policy
-%global commit0 18ccb6cef4e6c0b8709a3ccca6999a327fad4b95
+%global commit0 108b4cd659ae333951747a931593a4ecbac89b59
 %global shortcommit0 %(c=%{commit0}; echo ${c:0:7})

 # github repo with selinux-policy contrib sources
 %global git1 https://github.com/fedora-selinux/selinux-policy-contrib
-%global commit1 7e2f1782919c406a1881c62d49b72bd194e0f991
+%global commit1 af9fa4f244e473c37d955ea0283e44440fcfcd5d
 %global shortcommit1 %(c=%{commit1}; echo ${c:0:7})

 %define distro redhat
@ -28,8 +28,8 @@
 %define CHECKPOLICYVER 2.8
 Summary: SELinux policy configuration
 Name: selinux-policy
-Version: 3.14.3
-Release: 22%{?dist}
+Version: 3.14.4
+Release: 1%{?dist}
 License: GPLv2+
 Source: %{git0}/archive/%{commit0}/%{name}-%{shortcommit0}.tar.gz
 Source29: %{git1}/archive/%{commit1}/%{name}-contrib-%{shortcommit1}.tar.gz
@ -768,6 +768,13 @@ exit 0
 %endif

 %changelog
+* Mon Feb 25 2019 Lukas Vrabec <lvrabec@redhat.com> - 3.14.4-1
+- Allow openvpn_t domain to set capability BZ(1680276)
+- Update redis_enable_notify() boolean to fix sending e-mail by redis when this boolean is turned on
+- Allow chronyd_t domain to send data over dgram socket
+- Add rolekit_dgram_send() interface
+- Fix bug in userdom_restricted_xwindows_user_template() template to disallow all user domains to access admin_home_t - kernel/files.fc: Label /var/run/motd.d(./*)? and /var/run/motd as pam_var_run_t
+
 * Thu Feb 14 2019 Lukas Vrabec <lvrabec@redhat.com> - 3.14.3-22
 - Allow dovecot_t domain to connect to mysql db
 - Add dac_override capability for sbd_t SELinux domain
--- a/6
+++ b/6
@ -1,3 +1,3 @@
-SHA512 (selinux-policy-contrib-7e2f178.tar.gz) = ba1fd4a3f889828043bd4c85b23190a20e019547e43bac3dc4e492e1026ea09e2b4af81db25e7969cf2e537b0c4f6ce3072595fe4c2abb43ff138dbec940920c
-SHA512 (selinux-policy-18ccb6c.tar.gz) = 4db1f9271f1223af525f21821924044c4ef6ad5ee5e92afd27cbff959c76bc6d26b0e14347b460ab778af1bfc1fe8ed57b61c31cd8acd0fe1db7e347606980f4
-SHA512 (container-selinux.tgz) = 0eab7a9a3d8b5567c0305d10d17af6ceb11bd2215919609c3228af8fa7f36b1829311bc322bd003d830f71d04012170f1a04fa35e7d49b39c0152f1820f3086d
+SHA512 (selinux-policy-contrib-af9fa4f.tar.gz) = 5df20b4e21ee838d4a12e98d558a18c48615640dee61d80b61509f7b62b09507d948d38521a3d6b0a7d643401193b408e90ac7c224cb0fd227ed662428d378ff
+SHA512 (selinux-policy-108b4cd.tar.gz) = e3874bbd612afa31885b852fde1682eec00e58738c6c2f26d0e17169c95501c3d39391ca8bfe04841c7b3d8f7d8067416949c450de17cc02b92819771c8cbc50
+SHA512 (container-selinux.tgz) = b2e8ecaa862fce328c605f94d373b99d572c20c616adb3baf9d51c9ca1eb6ad956851170e19d0d702e873e87c426f89023c1c9c82e379544466e5d754dc4249f