* Tue Oct 03 2023 Zdenek Pytela <zpytela@redhat.com> - 40.1-1

- Allow named and ndc use the io_uring api
- Deprecate common_anon_inode_perms usage
- Improve default file context(None) of /var/lib/authselect/backups
- Allow udev_t to search all directories with a filesystem type
- Implement proper anon_inode support
- Allow targetd write to the syslog pid sock_file
- Add ipa_pki_retrieve_key_exec() interface
- Allow kdumpctl_t to list all directories with a filesystem type
- Allow udev additional permissions
- Allow udev load kernel module
- Allow sysadm_t to mmap modules_object_t files
- Add the unconfined_read_files() and unconfined_list_dirs() interfaces
- Set default file context of HOME_DIR/tmp/.* to <<none>>
- Allow kernel_generic_helper_t to execute mount(1)
This commit is contained in:
Zdenek Pytela 2023-10-03 21:48:58 +02:00
parent 11c92f5ea8
commit 995481ca80
2 changed files with 20 additions and 4 deletions

View File

@ -1,6 +1,6 @@
# github repo with selinux-policy sources
%global giturl https://github.com/fedora-selinux/selinux-policy
%global commit 260611282c2559f73ea337224b2d093b506664f0
%global commit 74fd8bbaf2d8d668831c3965287cdbb9b1a04763
%global shortcommit %(c=%{commit}; echo ${c:0:7})
%define distro redhat
@ -23,7 +23,7 @@
%define CHECKPOLICYVER 3.2
Summary: SELinux policy configuration
Name: selinux-policy
Version: 38.29
Version: 40.1
Release: 1%{?dist}
License: GPL-2.0-or-later
Source: %{giturl}/archive/%{commit}/%{name}-%{shortcommit}.tar.gz
@ -814,6 +814,22 @@ exit 0
%endif
%changelog
* Tue Oct 03 2023 Zdenek Pytela <zpytela@redhat.com> - 40.1-1
- Allow named and ndc use the io_uring api
- Deprecate common_anon_inode_perms usage
- Improve default file context(None) of /var/lib/authselect/backups
- Allow udev_t to search all directories with a filesystem type
- Implement proper anon_inode support
- Allow targetd write to the syslog pid sock_file
- Add ipa_pki_retrieve_key_exec() interface
- Allow kdumpctl_t to list all directories with a filesystem type
- Allow udev additional permissions
- Allow udev load kernel module
- Allow sysadm_t to mmap modules_object_t files
- Add the unconfined_read_files() and unconfined_list_dirs() interfaces
- Set default file context of HOME_DIR/tmp/.* to <<none>>
- Allow kernel_generic_helper_t to execute mount(1)
* Fri Sep 29 2023 Zdenek Pytela <zpytela@redhat.com> - 38.29-1
- Allow sssd send SIGKILL to passkey_child running in ipa_otpd_t
- Allow systemd-localed create Xserver config dirs

View File

@ -1,3 +1,3 @@
SHA512 (selinux-policy-2606112.tar.gz) = 026641d1b8cd215ef72bc0bca2b05d9d23151bd5d91a0cf8885774388329fcae8852c63c0ff417c88c741153d4dde0cd5fd294c95800c79734002c199d0a254c
SHA512 (container-selinux.tgz) = f567275a9bb33f6cea97e9909cbf0b363a16e43a3e0b5513cf3bb09bdb67b4aa5b753bcd0a26a7f398ec0f9b9b60e56872583a94992676e310cdf9b99e58cf03
SHA512 (selinux-policy-74fd8bb.tar.gz) = 9c13897da2ef95daf0b7855bb47429bea388beca4da7edb9f8e305a42d15b787eba10b79a7259c87b7c89433000ba7247f7b58fb155bfe258193b72713d112e8
SHA512 (macro-expander) = 243ee49f1185b78ac47e56ca9a3f3592f8975fab1a2401c0fcc7f88217be614fe31805bacec602b728e7fcfc21dcc17d90e9a54ce87f3a0c97624d9ad885aea4
SHA512 (container-selinux.tgz) = 19fc6d2e18981fde9bbdadb89d110ce79c384d8a121ff27a802519ba59ff11c801cd70a03752f612cdc2d0b29b6cc44e171762bfd8633992a51b599d4560aad0