* Wed Jan 24 2024 Zdenek Pytela <zpytela@redhat.com> - 40.10-1
- Allow chronyd-restricted read chronyd key files - Allow conntrackd_t to use bpf capability2 - Allow systemd-networkd manage its runtime socket files - Allow init_t nnp domain transition to colord_t - Allow polkit status systemd services - nova: Fix duplicate declarations - Allow httpd work with PrivateTmp - Add interfaces for watching and reading ifconfig_var_run_t - Allow collectd read raw fixed disk device - Allow collectd read udev pid files - Set correct label on /etc/pki/pki-tomcat/kra - Allow systemd domains watch system dbus pid socket files - Allow certmonger read network sysctls - Allow mdadm list stratisd data directories - Allow syslog to run unconfined scripts conditionally - Allow syslogd_t nnp_transition to syslogd_unconfined_script_t - Allow qatlib set attributes of vfio device files
This commit is contained in:
parent
443b716de1
commit
ac73b2b07b
@ -1,6 +1,6 @@
|
||||
# github repo with selinux-policy sources
|
||||
%global giturl https://github.com/fedora-selinux/selinux-policy
|
||||
%global commit 369ff9260dcf3c57165813d89b89f42462909123
|
||||
%global commit 210bb812c1d727318cf8d977b5440437135f02a0
|
||||
%global shortcommit %(c=%{commit}; echo ${c:0:7})
|
||||
|
||||
%define distro redhat
|
||||
@ -23,7 +23,7 @@
|
||||
%define CHECKPOLICYVER 3.2
|
||||
Summary: SELinux policy configuration
|
||||
Name: selinux-policy
|
||||
Version: 40.9
|
||||
Version: 40.10
|
||||
Release: 1%{?dist}
|
||||
License: GPL-2.0-or-later
|
||||
Source: %{giturl}/archive/%{commit}/%{name}-%{shortcommit}.tar.gz
|
||||
@ -814,6 +814,25 @@ exit 0
|
||||
%endif
|
||||
|
||||
%changelog
|
||||
* Wed Jan 24 2024 Zdenek Pytela <zpytela@redhat.com> - 40.10-1
|
||||
- Allow chronyd-restricted read chronyd key files
|
||||
- Allow conntrackd_t to use bpf capability2
|
||||
- Allow systemd-networkd manage its runtime socket files
|
||||
- Allow init_t nnp domain transition to colord_t
|
||||
- Allow polkit status systemd services
|
||||
- nova: Fix duplicate declarations
|
||||
- Allow httpd work with PrivateTmp
|
||||
- Add interfaces for watching and reading ifconfig_var_run_t
|
||||
- Allow collectd read raw fixed disk device
|
||||
- Allow collectd read udev pid files
|
||||
- Set correct label on /etc/pki/pki-tomcat/kra
|
||||
- Allow systemd domains watch system dbus pid socket files
|
||||
- Allow certmonger read network sysctls
|
||||
- Allow mdadm list stratisd data directories
|
||||
- Allow syslog to run unconfined scripts conditionally
|
||||
- Allow syslogd_t nnp_transition to syslogd_unconfined_script_t
|
||||
- Allow qatlib set attributes of vfio device files
|
||||
|
||||
* Tue Jan 09 2024 Zdenek Pytela <zpytela@redhat.com> - 40.9-1
|
||||
- Allow systemd-sleep set attributes of efivarfs files
|
||||
- Allow samba-dcerpcd read public files
|
||||
|
4
sources
4
sources
@ -1,3 +1,3 @@
|
||||
SHA512 (selinux-policy-369ff92.tar.gz) = 8174d35ecaecdeb138428c2d45203d6a59a7bdfa38b2b1bc15ec4c416b5c2bbf2b8131531977fcb219a3d6de7b52b92cc92d481f468b6080eadcdecaa4096733
|
||||
SHA512 (selinux-policy-210bb81.tar.gz) = 90f56160f3e80279188843540b684bb33acf0e6ca9ba006378e2709f2cef49284c7cce69e7842ab14a89a07ddd130bbf89485ed6abbb4e9f81e07fe0f93203e7
|
||||
SHA512 (macro-expander) = 243ee49f1185b78ac47e56ca9a3f3592f8975fab1a2401c0fcc7f88217be614fe31805bacec602b728e7fcfc21dcc17d90e9a54ce87f3a0c97624d9ad885aea4
|
||||
SHA512 (container-selinux.tgz) = 257dfb9dd963ff51462a27a890691287bec5658497573406d284c09119cb137757a604e70453fe0c59a2cc26a4a388e923684fbc55169f489d1412190e68f97e
|
||||
SHA512 (container-selinux.tgz) = 2e5cbc50bd81ac51c35da8563a292c7c2dbbad4d82de2470d2db825e472ab33b5d86fb71714bbe53764ed705c1710f7f646789ad1a4a04dabfd99c33bf9cb4b7
|
||||
|
Loading…
Reference in New Issue
Block a user