* Fri Dec 06 2024 Zdenek Pytela <zpytela@redhat.com> - 38.1.49-1

- Update virtlogd policy
Resolves: RHEL-69433
- Allow svirt_t the sys_rawio capability
Resolves: RHEL-56955
- Allow qemu-ga the dac_override and dac_read_search capabilities
Resolves: RHEL-52476
- Allow ip the setexec permission
Resolves: RHEL-62923
- Allow alsa get attributes filesystems with extended attributes
Resolves: RHEL-61472
- Allow bacula execute container in the container domain
Resolves: RHEL-21168
- Allow httpd get attributes of dirsrv unit files
Resolves: RHEL-46808
- Update samba-bgqd policy
Resolves: RHEL-69517
- Allow samba-bgqd read cups config files
Resolves: RHEL-69517
- Update policy for samba-bgqd
Resolves: RHEL-69517
- Update bootupd policy for the removing-state-file test
Resolves: RHEL-66584
- Allow qatlib search the content of the kernel debugging filesystem
Resolves: RHEL-53864
- Allow qatlib connect to systemd-machined over a unix socket
Resolves: RHEL-53864
- Update qatlib policy for v24.02 with new features
Resolves: RHEL-53864
This commit is contained in:
Zdenek Pytela 2024-12-06 15:46:22 +01:00 committed by zpytela
parent 29816f1443
commit 93f4aed9d6
2 changed files with 34 additions and 4 deletions

View File

@ -1,6 +1,6 @@
# github repo with selinux-policy sources # github repo with selinux-policy sources
%global giturl https://github.com/fedora-selinux/selinux-policy %global giturl https://github.com/fedora-selinux/selinux-policy
%global commit 168b6b921a4abf4c42ae987480f13c2d91583d0f %global commit a26d0d27beaf0781cd25e1e6ea28aed006a7f1cc
%global shortcommit %(c=%{commit}; echo ${c:0:7}) %global shortcommit %(c=%{commit}; echo ${c:0:7})
%define distro redhat %define distro redhat
@ -23,7 +23,7 @@
%define CHECKPOLICYVER 3.2 %define CHECKPOLICYVER 3.2
Summary: SELinux policy configuration Summary: SELinux policy configuration
Name: selinux-policy Name: selinux-policy
Version: 38.1.48 Version: 38.1.49
Release: 1%{?dist} Release: 1%{?dist}
License: GPLv2+ License: GPLv2+
Source: %{giturl}/archive/%{commit}/%{name}-%{shortcommit}.tar.gz Source: %{giturl}/archive/%{commit}/%{name}-%{shortcommit}.tar.gz
@ -809,6 +809,36 @@ exit 0
%endif %endif
%changelog %changelog
* Fri Dec 06 2024 Zdenek Pytela <zpytela@redhat.com> - 38.1.49-1
- Update virtlogd policy
Resolves: RHEL-69433
- Allow svirt_t the sys_rawio capability
Resolves: RHEL-56955
- Allow qemu-ga the dac_override and dac_read_search capabilities
Resolves: RHEL-52476
- Allow ip the setexec permission
Resolves: RHEL-62923
- Allow alsa get attributes filesystems with extended attributes
Resolves: RHEL-61472
- Allow bacula execute container in the container domain
Resolves: RHEL-21168
- Allow httpd get attributes of dirsrv unit files
Resolves: RHEL-46808
- Update samba-bgqd policy
Resolves: RHEL-69517
- Allow samba-bgqd read cups config files
Resolves: RHEL-69517
- Update policy for samba-bgqd
Resolves: RHEL-69517
- Update bootupd policy for the removing-state-file test
Resolves: RHEL-66584
- Allow qatlib search the content of the kernel debugging filesystem
Resolves: RHEL-53864
- Allow qatlib connect to systemd-machined over a unix socket
Resolves: RHEL-53864
- Update qatlib policy for v24.02 with new features
Resolves: RHEL-53864
* Tue Nov 12 2024 Zdenek Pytela <zpytela@redhat.com> - 38.1.48-1 * Tue Nov 12 2024 Zdenek Pytela <zpytela@redhat.com> - 38.1.48-1
- Revert "Allow unconfined_t execute kmod in the kmod domain" - Revert "Allow unconfined_t execute kmod in the kmod domain"
Resolves: RHEL-65008 Resolves: RHEL-65008

View File

@ -1,3 +1,3 @@
SHA512 (selinux-policy-168b6b9.tar.gz) = 292e4c7430bef962575c9ee9ba80bd6cc704da43138d53fe8b4f3439383babb8c3f10e50fdde84933c726549171a880ea51564b2a4520d4b7afa4132d471915f SHA512 (selinux-policy-a26d0d2.tar.gz) = f29d88580698e4a42d4dad2167f89322a1f60eacf0dca5c2bc1bd96f2d9d3172922514d15872db6ebb58c3e5e659b4578b2535717b37fb3d4dd10610b0b03ef0
SHA512 (container-selinux.tgz) = 18ff803fbef460b27b33d83cf063dce30bfa1b84d329a7e23b4df30f23997f4522bd0bbe35f52dde46f22c54c9315865c4ecebdbdd6315b297420a15af99bebf SHA512 (container-selinux.tgz) = 10b7c96a57eb600466547b8aee6fe062b9eb2afc7a71846877a33755656a5e16bea429e27911746bde86730027580de09a677c6289233b69b0faccee0968abb7
SHA512 (macro-expander) = 243ee49f1185b78ac47e56ca9a3f3592f8975fab1a2401c0fcc7f88217be614fe31805bacec602b728e7fcfc21dcc17d90e9a54ce87f3a0c97624d9ad885aea4 SHA512 (macro-expander) = 243ee49f1185b78ac47e56ca9a3f3592f8975fab1a2401c0fcc7f88217be614fe31805bacec602b728e7fcfc21dcc17d90e9a54ce87f3a0c97624d9ad885aea4