* Wed Jun 27 2018 Lukas Vrabec <lvrabec@redhat.com> - 3.14.2-26
- Allow psad domain to setrlimit. Allow psad domain to stream connect to dbus Allow psad domain to exec journalctl_exec_t binary - Update cups_filetrans_named_content() to allow caller domain create ppd directory with cupsd_etc_rw_t label - Allow abrt_t domain to write to rhsmcertd pid files - Allow pegasus_t domain to eexec lvm binaries and allow read/write access to lvm control - Add vhostmd_t domain to read/write to svirt images - Update kdump_manage_kdumpctl_tmp_files() interface to allow caller domain also mmap kdumpctl_tmp_t files - Allow sssd_t and slpad_t domains to mmap generic certs - Allow chronyc_t domain use inherited user ttys - Allow stapserver_t domain to mmap own tmp files - Update nscd_dontaudit_write_sock_file() to dontaudit also stream connect to nscd_t domain - Merge pull request #60 from vmojzis/rawhide - Allow tangd_t domain stream connect to sssd - Allow oddjob_t domain to chat with systemd via dbus - Allow freeipmi domains to mmap sysfs files - Fix typo in logwatch interface file - Allow sysadm_t and staff_t domains to use sudo io logging - Allow sysadm_t domain create sctp sockets - Allow traceroute_t domain to exec bin_t binaries - Allow systemd_passwd_agent_t domain to list sysfs Allow systemd_passwd_agent_t domain to dac_override - Add new interface dev_map_sysfs()
This commit is contained in:
parent
5d84adca3e
commit
985fc6104c
2
.gitignore
vendored
2
.gitignore
vendored
@ -294,3 +294,5 @@ serefpolicy*
|
||||
/selinux-policy-contrib-d23eef1.tar.gz
|
||||
/selinux-policy-003cd80.tar.gz
|
||||
/selinux-policy-contrib-494e26e.tar.gz
|
||||
/selinux-policy-2248854.tar.gz
|
||||
/selinux-policy-contrib-23a0603.tar.gz
|
||||
|
@ -1,11 +1,11 @@
|
||||
# github repo with selinux-policy base sources
|
||||
%global git0 https://github.com/fedora-selinux/selinux-policy
|
||||
%global commit0 003cd803fb79dd225b523adfda9d655beedbf383
|
||||
%global commit0 2248854aed6cf995e0e8b461faf88c4f68476dbb
|
||||
%global shortcommit0 %(c=%{commit0}; echo ${c:0:7})
|
||||
|
||||
# github repo with selinux-policy contrib sources
|
||||
%global git1 https://github.com/fedora-selinux/selinux-policy-contrib
|
||||
%global commit1 494e26e0f9a9fd1208a7e03018815211a36ee2be
|
||||
%global commit1 23a0603743df50bbb47221cc79ecda5a522bb622
|
||||
%global shortcommit1 %(c=%{commit1}; echo ${c:0:7})
|
||||
|
||||
%define distro redhat
|
||||
@ -29,7 +29,7 @@
|
||||
Summary: SELinux policy configuration
|
||||
Name: selinux-policy
|
||||
Version: 3.14.2
|
||||
Release: 25%{?dist}
|
||||
Release: 26%{?dist}
|
||||
License: GPLv2+
|
||||
Group: System Environment/Base
|
||||
Source: %{git0}/archive/%{commit0}/%{name}-%{shortcommit0}.tar.gz
|
||||
@ -716,6 +716,28 @@ exit 0
|
||||
%endif
|
||||
|
||||
%changelog
|
||||
* Wed Jun 27 2018 Lukas Vrabec <lvrabec@redhat.com> - 3.14.2-26
|
||||
- Allow psad domain to setrlimit. Allow psad domain to stream connect to dbus Allow psad domain to exec journalctl_exec_t binary
|
||||
- Update cups_filetrans_named_content() to allow caller domain create ppd directory with cupsd_etc_rw_t label
|
||||
- Allow abrt_t domain to write to rhsmcertd pid files
|
||||
- Allow pegasus_t domain to eexec lvm binaries and allow read/write access to lvm control
|
||||
- Add vhostmd_t domain to read/write to svirt images
|
||||
- Update kdump_manage_kdumpctl_tmp_files() interface to allow caller domain also mmap kdumpctl_tmp_t files
|
||||
- Allow sssd_t and slpad_t domains to mmap generic certs
|
||||
- Allow chronyc_t domain use inherited user ttys
|
||||
- Allow stapserver_t domain to mmap own tmp files
|
||||
- Update nscd_dontaudit_write_sock_file() to dontaudit also stream connect to nscd_t domain
|
||||
- Merge pull request #60 from vmojzis/rawhide
|
||||
- Allow tangd_t domain stream connect to sssd
|
||||
- Allow oddjob_t domain to chat with systemd via dbus
|
||||
- Allow freeipmi domains to mmap sysfs files
|
||||
- Fix typo in logwatch interface file
|
||||
- Allow sysadm_t and staff_t domains to use sudo io logging
|
||||
- Allow sysadm_t domain create sctp sockets
|
||||
- Allow traceroute_t domain to exec bin_t binaries
|
||||
- Allow systemd_passwd_agent_t domain to list sysfs Allow systemd_passwd_agent_t domain to dac_override
|
||||
- Add new interface dev_map_sysfs()
|
||||
|
||||
* Thu Jun 14 2018 Lukas Vrabec <lvrabec@redhat.com> - 3.14.2-25
|
||||
- Merge pull request #60 from vmojzis/rawhide
|
||||
- Allow tangd_t domain stream connect to sssd
|
||||
|
6
sources
6
sources
@ -1,3 +1,3 @@
|
||||
SHA512 (selinux-policy-003cd80.tar.gz) = 86a521f8fd96b5883713b7c34ec9b4d85d184cb7423fa54da45ea7795e2c56cec6f1b32dacd6bdce982b763fb4fdbbc81c33030dfdcf6ab74f441917213998ba
|
||||
SHA512 (selinux-policy-contrib-494e26e.tar.gz) = 908df6c641973aa1c41b5a8f77dbdbe4c3956e89d647b8530c7eab119b35536de95bde0ce68b02f10bd34d056900884018613b4c1b799c1892d0524dbf007a90
|
||||
SHA512 (container-selinux.tgz) = e69868867fcef884fd695cca32b6d68a8a001173a82759cb776391ddc77fca5887b84aaa71a11bd14befc3b5082502f8b9098601322da32f38e6a383f4ae12bf
|
||||
SHA512 (selinux-policy-2248854.tar.gz) = a31e440d30a9cde54352845dc1d0b0ccd218119eaaf3bd0434ac2faa4b8703bd0214b7c79464182390f3770534aa8d8b63d2564b62634a676047010058e1616c
|
||||
SHA512 (selinux-policy-contrib-23a0603.tar.gz) = 9ddbdfb70f85844949bf3711bc6273b645428792ca7378385b8c3b3930142917d8d95a58408f07b00508ed123b3cc91dbfe590931b3ce1c71598499c05a2a688
|
||||
SHA512 (container-selinux.tgz) = a12ff217b28203b42fa1a438bd96a6d2ac54bc621bd30c4113007f1a6d687e63446d0a9c191a1bb5bc6e75dc875f8c5caf817c00fe8e04416138581deb3abf12
|
||||
|
Loading…
Reference in New Issue
Block a user