* Fri Apr 09 2021 Zdenek Pytela <zpytela@redhat.com> - 34.3-1
- Label /etc/redis as redis_conf_t - Add brltty new permissions required by new upstream version - Allow cups-lpd read its private runtime socket files - Dontaudit daemon open and read init_t file - Add file context specification for /var/tmp/tmp-inst - Allow brltty create and use bluetooth_socket - Allow usbmuxd get attributes of cgroup filesystems * Tue Apr 06 2021 Zdenek Pytela <zpytela@redhat.com> - 34.2-1 - Allow usbmuxd get attributes of cgroup filesystems - Allow accounts-daemon get attributes of cgroup filesystems - Allow pool-geoclue get attributes of cgroup filesystems - allow systemd-sleep to set timer for suspend-then-hibernate - Allow aide connect to systemd-userdbd with a unix socket - Add new interfaces with watch_mount and watch_with_perm permissions - Add file context specification for /usr/libexec/realmd - Allow /tmp file transition for dbus-daemon also for sock_file - Allow login_userdomain create cgroup files - Allow plymouthd_t exec generic program in bin directories * Thu Apr 01 2021 Zdenek Pytela <zpytela@redhat.com> - 34.1-1 - Change the package versioning * Thu Apr 01 2021 Zdenek Pytela <zpytela@redhat.com> - 3.14.8-10 - Allow plymouthd_t exec generic program in bin directories - Allow dhcpc_t domain transition to chronyc_t - Allow login_userdomain bind xmsg port - Allow ibacm the net_raw and sys_rawio capabilities - Allow nsswitch_domain read cgroup files - Allow systemd-sleep create hardware state information files * Mon Mar 29 2021 Zdenek Pytela <zpytela@redhat.com> - 3.14.8-9 - Add watch_with_perm_dirs_pattern file pattern
This commit is contained in:
Zdenek Pytela
parent
6ff3284cb2
commit
ab4d6094ae
@ -1,6 +1,6 @@
|
||||
# github repo with selinux-policy sources
|
||||
%global giturl https://github.com/fedora-selinux/selinux-policy
|
||||
%global commit 485578ca5fa9c5c4613a5e2af687d6ffba9785ab
|
||||
%global commit e08db953f4e4c662f62d1c8d3ec790c9d0833734
|
||||
%global shortcommit %(c=%{commit}; echo ${c:0:7})
|
||||
|
||||
%define distro redhat
|
||||
@ -23,8 +23,8 @@
|
||||
%define CHECKPOLICYVER 3.2
|
||||
Summary: SELinux policy configuration
|
||||
Name: selinux-policy
|
||||
Version: 3.14.8
|
||||
Release: 8%{?dist}
|
||||
Version: 34.3
|
||||
Release: 1%{?dist}
|
||||
License: GPLv2+
|
||||
Source: %{giturl}/archive/%{commit}/%{name}-%{shortcommit}.tar.gz
|
||||
Source1: modules-targeted-base.conf
|
||||
@ -796,6 +796,41 @@ exit 0
|
||||
%endif
|
||||
|
||||
%changelog
|
||||
* Fri Apr 09 2021 Zdenek Pytela <zpytela@redhat.com> - 34.3-1
|
||||
- Label /etc/redis as redis_conf_t
|
||||
- Add brltty new permissions required by new upstream version
|
||||
- Allow cups-lpd read its private runtime socket files
|
||||
- Dontaudit daemon open and read init_t file
|
||||
- Add file context specification for /var/tmp/tmp-inst
|
||||
- Allow brltty create and use bluetooth_socket
|
||||
- Allow usbmuxd get attributes of cgroup filesystems
|
||||
|
||||
* Tue Apr 06 2021 Zdenek Pytela <zpytela@redhat.com> - 34.2-1
|
||||
- Allow usbmuxd get attributes of cgroup filesystems
|
||||
- Allow accounts-daemon get attributes of cgroup filesystems
|
||||
- Allow pool-geoclue get attributes of cgroup filesystems
|
||||
- allow systemd-sleep to set timer for suspend-then-hibernate
|
||||
- Allow aide connect to systemd-userdbd with a unix socket
|
||||
- Add new interfaces with watch_mount and watch_with_perm permissions
|
||||
- Add file context specification for /usr/libexec/realmd
|
||||
- Allow /tmp file transition for dbus-daemon also for sock_file
|
||||
- Allow login_userdomain create cgroup files
|
||||
- Allow plymouthd_t exec generic program in bin directories
|
||||
|
||||
* Thu Apr 01 2021 Zdenek Pytela <zpytela@redhat.com> - 34.1-1
|
||||
- Change the package versioning
|
||||
|
||||
* Thu Apr 01 2021 Zdenek Pytela <zpytela@redhat.com> - 3.14.8-10
|
||||
- Allow plymouthd_t exec generic program in bin directories
|
||||
- Allow dhcpc_t domain transition to chronyc_t
|
||||
- Allow login_userdomain bind xmsg port
|
||||
- Allow ibacm the net_raw and sys_rawio capabilities
|
||||
- Allow nsswitch_domain read cgroup files
|
||||
- Allow systemd-sleep create hardware state information files
|
||||
|
||||
* Mon Mar 29 2021 Zdenek Pytela <zpytela@redhat.com> - 3.14.8-9
|
||||
- Add watch_with_perm_dirs_pattern file pattern
|
||||
|
||||
* Fri Mar 26 2021 Zdenek Pytela <zpytela@redhat.com> - 3.14.8-8
|
||||
- Allow arpwatch_t create netlink generic socket
|
||||
- Allow postgrey read network state
|
||||
|
||||
4
sources
4
sources
@ -1,3 +1,3 @@
|
||||
SHA512 (selinux-policy-485578c.tar.gz) = 73eecdc99968676d8db4357c7b6fb77a929d7afba84725481185acb925ba2619a47cab900c62ff5e0d9bd016e8a3de7c38ebb5284f43a8cb00b6409976de9531
|
||||
SHA512 (selinux-policy-e08db95.tar.gz) = f62925deca730f50f0f35e5df400101c6797a3c28ba831275af3b36a3a9171f077d8a0b01e0037d0cfa943210b27386d599268088705dc1bc97937cba17a73d3
|
||||
SHA512 (container-selinux.tgz) = 6ffbfb27f709e1c3e1e372a1941303e52f5f7ae8d5cd1334ace51f81b68a05ca8b98fb79174d36add0634f12be85edfc50cccaab121943276f87bddb31ca942f
|
||||
SHA512 (macro-expander) = 243ee49f1185b78ac47e56ca9a3f3592f8975fab1a2401c0fcc7f88217be614fe31805bacec602b728e7fcfc21dcc17d90e9a54ce87f3a0c97624d9ad885aea4
|
||||
SHA512 (container-selinux.tgz) = c7678e9011080093348c6ba9e6f7dcda6e0cf2a5c7e58b86734f6ba1b22acbae158a9e649403588215c07a1012a3bcb80a215aefb947b994fd8dea4e6e4c6d13
|
||||
|
||||
Loading…
Reference in New Issue
Block a user