* Fri Sep 02 2022 Zdenek Pytela <zpytela@redhat.com> - 37.10-1
- Allow ipsec_t read/write tpm devices - Allow rhcd execute all executables - Update rhcd policy for executing additional commands 2 - Update insights-client policy for additional commands execution 2 - Allow sysadm_t read raw memory devices - Allow chronyd send and receive chronyd/ntp client packets - Allow ssh client read kerberos homedir config files - Label /var/log/rhc-worker-playbook with rhcd_var_log_t - Update insights-client policy (auditctl, gpg, journal) - Allow system_cronjob_t domtrans to rpm_script_t - Allow smbd_t process noatsecure permission for winbind_rpcd_t - Update tor_bind_all_unreserved_ports interface - Allow chronyd bind UDP sockets to ptp_event ports. - Allow unconfined and sysadm users transition for /root/.gnupg - Add gpg_filetrans_admin_home_content() interface - Update rhcd policy for executing additional commands - Update insights-client policy for additional commands execution - Add userdom_view_all_users_keys() interface - Allow gpg read and write generic pty type - Allow chronyc read and write generic pty type - Allow system_dbusd ioctl kernel with a unix stream sockets - Allow samba-bgqd to read a printer list - Allow stalld get and set scheduling policy of all domains. - Allow unconfined_t transition to targetclid_home_t
This commit is contained in:
parent
5ac843b27b
commit
9a58e62d76
@ -1,6 +1,6 @@
|
||||
# github repo with selinux-policy sources
|
||||
%global giturl https://github.com/fedora-selinux/selinux-policy
|
||||
%global commit 74a82f55c34a26e138d8ba4577a349e302ee0a1e
|
||||
%global commit c19e4cb9a3f23f2b14c31c978627f9c486a369f4
|
||||
%global shortcommit %(c=%{commit}; echo ${c:0:7})
|
||||
|
||||
%define distro redhat
|
||||
@ -23,7 +23,7 @@
|
||||
%define CHECKPOLICYVER 3.2
|
||||
Summary: SELinux policy configuration
|
||||
Name: selinux-policy
|
||||
Version: 37.9
|
||||
Version: 37.10
|
||||
Release: 1%{?dist}
|
||||
License: GPLv2+
|
||||
Source: %{giturl}/archive/%{commit}/%{name}-%{shortcommit}.tar.gz
|
||||
@ -816,6 +816,32 @@ exit 0
|
||||
%endif
|
||||
|
||||
%changelog
|
||||
* Fri Sep 02 2022 Zdenek Pytela <zpytela@redhat.com> - 37.10-1
|
||||
- Allow ipsec_t read/write tpm devices
|
||||
- Allow rhcd execute all executables
|
||||
- Update rhcd policy for executing additional commands 2
|
||||
- Update insights-client policy for additional commands execution 2
|
||||
- Allow sysadm_t read raw memory devices
|
||||
- Allow chronyd send and receive chronyd/ntp client packets
|
||||
- Allow ssh client read kerberos homedir config files
|
||||
- Label /var/log/rhc-worker-playbook with rhcd_var_log_t
|
||||
- Update insights-client policy (auditctl, gpg, journal)
|
||||
- Allow system_cronjob_t domtrans to rpm_script_t
|
||||
- Allow smbd_t process noatsecure permission for winbind_rpcd_t
|
||||
- Update tor_bind_all_unreserved_ports interface
|
||||
- Allow chronyd bind UDP sockets to ptp_event ports.
|
||||
- Allow unconfined and sysadm users transition for /root/.gnupg
|
||||
- Add gpg_filetrans_admin_home_content() interface
|
||||
- Update rhcd policy for executing additional commands
|
||||
- Update insights-client policy for additional commands execution
|
||||
- Add userdom_view_all_users_keys() interface
|
||||
- Allow gpg read and write generic pty type
|
||||
- Allow chronyc read and write generic pty type
|
||||
- Allow system_dbusd ioctl kernel with a unix stream sockets
|
||||
- Allow samba-bgqd to read a printer list
|
||||
- Allow stalld get and set scheduling policy of all domains.
|
||||
- Allow unconfined_t transition to targetclid_home_t
|
||||
|
||||
* Thu Aug 11 2022 Zdenek Pytela <zpytela@redhat.com> - 37.9-1
|
||||
- Allow nm-dispatcher custom plugin dbus chat with nm
|
||||
- Allow nm-dispatcher sendmail plugin get status of systemd services
|
||||
|
4
sources
4
sources
@ -1,3 +1,3 @@
|
||||
SHA512 (selinux-policy-74a82f5.tar.gz) = cea477b6796fa51c9613714027f2d3be1eb863c7c8fc1e5d9fecf11a6f5ac814b9ad9a98ccce6808cbd0c205896c482d8f3520f7172d9486a25c069f3790ce15
|
||||
SHA512 (container-selinux.tgz) = 5811b508b20f9999568f84a12077caf0e0c5d21902bbd43962eb6f35bc7c4f0a46900c06b243e8357e42d1fa367c93da1bd1828132f88dbceb63857699f900b8
|
||||
SHA512 (selinux-policy-c19e4cb.tar.gz) = c94cce85023394a8825169dbdad94b91617c2b0ec83f2c27c42e3a97eedec6d574868c696288b84ee2754c2ae7d56fcb94eaf13bb7f69680351ab04b1236dabb
|
||||
SHA512 (container-selinux.tgz) = 59ea54cc84bc74b45a9318d027ae36b3a0d49e1d0ca2ff740f63ab155e0382a095a213a36d50f6cf4d7aae916c2d86841eca4633a3675097b5bee6980f47251f
|
||||
SHA512 (macro-expander) = 243ee49f1185b78ac47e56ca9a3f3592f8975fab1a2401c0fcc7f88217be614fe31805bacec602b728e7fcfc21dcc17d90e9a54ce87f3a0c97624d9ad885aea4
|
||||
|
Loading…
Reference in New Issue
Block a user