diff --git a/make-rhat-patches.sh b/make-rhat-patches.sh index ca08bf0a..615a6d6c 100755 --- a/make-rhat-patches.sh +++ b/make-rhat-patches.sh @@ -4,7 +4,7 @@ DISTGIT_PATH=$(pwd) FEDORA_VERSION=rawhide DOCKER_FEDORA_VERSION=master -DISTGIT_BRANCH=master +DISTGIT_BRANCH=rawhide REPO_SELINUX_POLICY=${REPO_SELINUX_POLICY:-https://github.com/fedora-selinux/selinux-policy} REPO_SELINUX_POLICY_BRANCH=${REPO_SELINUX_POLICY_BRANCH:-$FEDORA_VERSION} REPO_CONTAINER_SELINUX=${REPO_CONTAINER_SELINUX:-https://github.com/containers/container-selinux} diff --git a/selinux-policy.spec b/selinux-policy.spec index a32517e0..0f24f450 100644 --- a/selinux-policy.spec +++ b/selinux-policy.spec @@ -1,6 +1,6 @@ # github repo with selinux-policy sources %global giturl https://github.com/fedora-selinux/selinux-policy -%global commit c23c6a5242560e8a9946db5bf4440adc0f39febc +%global commit 46ba041ba302d1550c230f7359627701b99b1479 %global shortcommit %(c=%{commit}; echo ${c:0:7}) %define distro redhat @@ -24,7 +24,7 @@ Summary: SELinux policy configuration Name: selinux-policy Version: 3.14.7 -Release: 15%{?dist} +Release: 17%{?dist} License: GPLv2+ Source: %{giturl}/archive/%{commit}/%{name}-%{shortcommit}.tar.gz Source1: modules-targeted-base.conf @@ -792,6 +792,41 @@ exit 0 %endif %changelog +* Fri Feb 05 2021 Zdenek Pytela - 3.14.7-17 +- Update .copr/make-srpm.sh to use rawhide as DISTGIT_BRANCH +- Dontaudit setsched for rndc +- Allow systemd-logind destroy entries in message queue +- Add userdom_destroy_unpriv_user_msgq() interface +- ci: Install build dependencies from koji +- Dontaudit vhostmd to write in /var/lib/rpm/ dir and allow signull rpm +- Add new cmadmin port for bfdd dameon +- virtiofs supports Xattrs and SELinux +- Allow domain write to systemd-resolved PID socket files +- Label /var/run/pcsd-ruby.socket socket with cluster_var_run_t type +- Allow rhsmcertd_t domain transition to kpatch_t +- Revert "Add kpatch_exec() interface" +- Revert "Allow rhsmcertd execute kpatch" +- Allow openvswitch create and use xfrm netlink sockets +- Allow openvswitch_t perf_event write permission +- Add kpatch_exec() interface +- Allow rhsmcertd execute kpatch +- Adds rule to allow glusterd to access RDMA socket +- radius: Lexical sort of service-specific corenet rules by service name +- VQP: Include IANA-assigned TCP/1589 +- radius: Allow binding to the VQP port (VMPS) +- radius: Allow binding to the BDF Control and Echo ports +- radius: Allow binding to the DHCP client port +- radius: Allow net_raw; allow binding to the DHCP server ports +- Add rsync_sys_admin tunable to allow rsync sys_admin capability +- Allow staff_u run pam_console_apply +- Allow openvswitch_t perf_event open permission +- Allow sysadm read and write /dev/rfkill +- Allow certmonger fsetid capability +- Allow domain read usermodehelper state information + +* Wed Jan 27 2021 Fedora Release Engineering - 3.14.7-16 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild + * Fri Jan 22 2021 Petr Lautrbach - 3.14.7-15 - Update specfile to not verify md5/size/mtime for active store files - Add /var/mnt equivalency to /mnt diff --git a/sources b/sources index 785dcf12..256deff0 100644 --- a/sources +++ b/sources @@ -1,3 +1,3 @@ -SHA512 (selinux-policy-c23c6a5.tar.gz) = adbec861963b05b68c140f702bf68db8007d9facaa5e295b717ed7bd7e3549a06f92b57ca03322f033f65f59ec783f2231df0720eb80c5a48eebae587daf9c9a -SHA512 (container-selinux.tgz) = 63d1448a8291ed9869c28205d015c567b09cf91e8235fdc27a7e1c3fa8bb03dc824558860c5f494b1ed734e38670bf3b9cc5bfca02d93d34cf7e4c597655a12c +SHA512 (selinux-policy-46ba041.tar.gz) = be0ba6d14bccf64b2526f723e51938bb3740563c0061364d7b8efc32152321172c0f0624ad79f3184da8623c969fa87b6611a019bcab04b0c85385beb4cdc1b1 +SHA512 (container-selinux.tgz) = 26df62a4220f699a7144a51c6ad5fc0dee9887842e5daeee41ad97eac1d7b8b20bbe124c8f12faafbea68b74c67283d524f35fb62f52fdb9258c034481f542b6 SHA512 (macro-expander) = 243ee49f1185b78ac47e56ca9a3f3592f8975fab1a2401c0fcc7f88217be614fe31805bacec602b728e7fcfc21dcc17d90e9a54ce87f3a0c97624d9ad885aea4