From a53a4197a0ccd4b956b582d154bca569817c6caf Mon Sep 17 00:00:00 2001 From: Juraj Marcin Date: Thu, 30 Nov 2023 11:37:06 +0100 Subject: [PATCH] * Thu Nov 30 2023 Juraj Marcin - 38.1.28-1 - Create interface selinux_watch_config and add it to SELinux users Resolves: RHEL-1555 - Allow winbind_rpcd_t processes access when samba_export_all_* is on Resolves: RHEL-16273 - Allow samba-dcerpcd connect to systemd_machined over a unix socket Resolves: RHEL-16273 - Allow winbind-rpcd make a TCP connection to the ldap port Resolves: RHEL-16273 - Allow sudodomain read var auth files Resolves: RHEL-16708 - Allow auditd read all domains process state Resolves: RHEL-14285 - Allow rsync read network sysctls Resolves: RHEL-14638 - Add dhcpcd bpf capability to run bpf programs Resolves: RHEL-15326 - Allow systemd-localed create Xserver config dirs Resolves: RHEL-16716 - Label /var/run/tmpfiles.d/static-nodes.conf with kmod_var_run_t Resolves: RHEL-1553 - Update sendmail policy module for opensmtpd Resolves: RHEL-15175 --- selinux-policy.spec | 28 ++++++++++++++++++++++++++-- sources | 4 ++-- 2 files changed, 28 insertions(+), 4 deletions(-) diff --git a/selinux-policy.spec b/selinux-policy.spec index eba808c8..a419f088 100644 --- a/selinux-policy.spec +++ b/selinux-policy.spec @@ -1,6 +1,6 @@ # github repo with selinux-policy sources %global giturl https://github.com/fedora-selinux/selinux-policy -%global commit d87b949698006e555b2eab658104245b21f869b6 +%global commit 306088dc784022ef519542b1b0f9fc42e3ec2d8d %global shortcommit %(c=%{commit}; echo ${c:0:7}) %define distro redhat @@ -23,7 +23,7 @@ %define CHECKPOLICYVER 3.2 Summary: SELinux policy configuration Name: selinux-policy -Version: 38.1.27 +Version: 38.1.28 Release: 1%{?dist} License: GPLv2+ Source: %{giturl}/archive/%{commit}/%{name}-%{shortcommit}.tar.gz @@ -809,6 +809,30 @@ exit 0 %endif %changelog +* Thu Nov 30 2023 Juraj Marcin - 38.1.28-1 +- Create interface selinux_watch_config and add it to SELinux users +Resolves: RHEL-1555 +- Allow winbind_rpcd_t processes access when samba_export_all_* is on +Resolves: RHEL-16273 +- Allow samba-dcerpcd connect to systemd_machined over a unix socket +Resolves: RHEL-16273 +- Allow winbind-rpcd make a TCP connection to the ldap port +Resolves: RHEL-16273 +- Allow sudodomain read var auth files +Resolves: RHEL-16708 +- Allow auditd read all domains process state +Resolves: RHEL-14285 +- Allow rsync read network sysctls +Resolves: RHEL-14638 +- Add dhcpcd bpf capability to run bpf programs +Resolves: RHEL-15326 +- Allow systemd-localed create Xserver config dirs +Resolves: RHEL-16716 +- Label /var/run/tmpfiles.d/static-nodes.conf with kmod_var_run_t +Resolves: RHEL-1553 +- Update sendmail policy module for opensmtpd +Resolves: RHEL-15175 + * Tue Nov 14 2023 Juraj Marcin - 38.1.27-1 - Remove glusterd module Resolves: RHEL-1548 diff --git a/sources b/sources index 794c783a..2067ee00 100644 --- a/sources +++ b/sources @@ -1,3 +1,3 @@ -SHA512 (selinux-policy-d87b949.tar.gz) = 461e6d54b60ec20f552b94b15fb00cb83a5bbb738415a783bec46fb56a284abfc33b24c5ec753e67a099dc431871b167222d1b80cb2d3a8da16441225c5d6f8a -SHA512 (container-selinux.tgz) = a50550bd9158b77b12ab6aa214ea9ae352c85142c706a47e0004d7cc8cca2d3f5be7a68538b6d88fa8ecae3a6ce8152552e0cf6cca98c3cdae3544026fb2dddf +SHA512 (selinux-policy-306088d.tar.gz) = 05bbbb2b5fc84d195d711ff4710db3c8c1ce6a7a8a77d8e24d02faf993c9d0f4ac9544e11ecf0fe45e051c25709810561f60f35d0643c6a3876a218ba4e558a0 +SHA512 (container-selinux.tgz) = 73503171e20bd8f9d9af1e988552b7962e97b91a4c9af7c8d02b7c2f5f275baee4ac6de8d1fef768ca3706bdff4161ef9525fb627e5be89d34a6f2cebc3bb502 SHA512 (macro-expander) = 243ee49f1185b78ac47e56ca9a3f3592f8975fab1a2401c0fcc7f88217be614fe31805bacec602b728e7fcfc21dcc17d90e9a54ce87f3a0c97624d9ad885aea4