import selinux-policy-34.1.28-1.el9_0
This commit is contained in:
parent
842d9c9cdb
commit
ac95e7125b
2
.gitignore
vendored
2
.gitignore
vendored
@ -1,2 +1,2 @@
|
|||||||
SOURCES/container-selinux.tgz
|
SOURCES/container-selinux.tgz
|
||||||
SOURCES/selinux-policy-0b21d4c.tar.gz
|
SOURCES/selinux-policy-9dcf505.tar.gz
|
||||||
|
@ -1,2 +1,2 @@
|
|||||||
a405401da19909415b7ee69e2b2cdfed0c0fb03d SOURCES/container-selinux.tgz
|
ff295d4c0bb4af2a3972c810f93a7fb2c17fbf27 SOURCES/container-selinux.tgz
|
||||||
b281e81483dc3f6b56caa221d3b42930ee0b7f37 SOURCES/selinux-policy-0b21d4c.tar.gz
|
be1161ae8772afa2747bf1cf58d59828934ba05a SOURCES/selinux-policy-9dcf505.tar.gz
|
||||||
|
@ -12,6 +12,7 @@ pppd_can_insmod = false
|
|||||||
privoxy_connect_any = true
|
privoxy_connect_any = true
|
||||||
selinuxuser_direct_dri_enabled = true
|
selinuxuser_direct_dri_enabled = true
|
||||||
selinuxuser_execmem = true
|
selinuxuser_execmem = true
|
||||||
|
selinuxuser_execstack = true
|
||||||
selinuxuser_rw_noexattrfile=true
|
selinuxuser_rw_noexattrfile=true
|
||||||
selinuxuser_ping = true
|
selinuxuser_ping = true
|
||||||
squid_connect_any = true
|
squid_connect_any = true
|
||||||
|
@ -1,6 +1,6 @@
|
|||||||
# github repo with selinux-policy sources
|
# github repo with selinux-policy sources
|
||||||
%global giturl https://github.com/fedora-selinux/selinux-policy
|
%global giturl https://github.com/fedora-selinux/selinux-policy
|
||||||
%global commit 0b21d4c0c4587cf2f8503a27109b729394bc68c1
|
%global commit 9dcf505fec91d3cc2feae61d9b76726a98dd6b98
|
||||||
%global shortcommit %(c=%{commit}; echo ${c:0:7})
|
%global shortcommit %(c=%{commit}; echo ${c:0:7})
|
||||||
|
|
||||||
%define distro redhat
|
%define distro redhat
|
||||||
@ -19,11 +19,11 @@
|
|||||||
%define BUILD_MLS 1
|
%define BUILD_MLS 1
|
||||||
%endif
|
%endif
|
||||||
%define POLICYVER 33
|
%define POLICYVER 33
|
||||||
%define POLICYCOREUTILSVER 3.2
|
%define POLICYCOREUTILSVER 3.3-5
|
||||||
%define CHECKPOLICYVER 3.2
|
%define CHECKPOLICYVER 3.2
|
||||||
Summary: SELinux policy configuration
|
Summary: SELinux policy configuration
|
||||||
Name: selinux-policy
|
Name: selinux-policy
|
||||||
Version: 34.1.26
|
Version: 34.1.28
|
||||||
Release: 1%{?dist}
|
Release: 1%{?dist}
|
||||||
License: GPLv2+
|
License: GPLv2+
|
||||||
Source: %{giturl}/archive/%{commit}/%{name}-%{shortcommit}.tar.gz
|
Source: %{giturl}/archive/%{commit}/%{name}-%{shortcommit}.tar.gz
|
||||||
@ -268,6 +268,7 @@ rm -f %{buildroot}%{_sharedstatedir}/selinux/%1/active/*.linked \
|
|||||||
%ghost %{_sharedstatedir}/selinux/%1/active/seusers.linked \
|
%ghost %{_sharedstatedir}/selinux/%1/active/seusers.linked \
|
||||||
%ghost %{_sharedstatedir}/selinux/%1/active/users_extra.linked \
|
%ghost %{_sharedstatedir}/selinux/%1/active/users_extra.linked \
|
||||||
%verify(not md5 size mtime) %{_sharedstatedir}/selinux/%1/active/file_contexts.homedirs \
|
%verify(not md5 size mtime) %{_sharedstatedir}/selinux/%1/active/file_contexts.homedirs \
|
||||||
|
%verify(not md5 size mtime) %{_sharedstatedir}/selinux/%1/active/modules_checksum \
|
||||||
%nil
|
%nil
|
||||||
|
|
||||||
%define relabel() \
|
%define relabel() \
|
||||||
@ -792,6 +793,36 @@ exit 0
|
|||||||
%endif
|
%endif
|
||||||
|
|
||||||
%changelog
|
%changelog
|
||||||
|
* Thu Mar 24 2022 Zdenek Pytela <zpytela@redhat.com> - 34.1.28-1
|
||||||
|
- Allow logrotate a domain transition to cluster administrative domain
|
||||||
|
Resolves: rhbz#2061277
|
||||||
|
- Change the selinuxuser_execstack boolean value to true
|
||||||
|
Resolves: rhbz#2064274
|
||||||
|
|
||||||
|
* Thu Feb 24 2022 Zdenek Pytela <zpytela@redhat.com> - 34.1.27-1
|
||||||
|
- Allow ModemManager connect to the unconfined user domain
|
||||||
|
Resolves: rhbz#2000196
|
||||||
|
- Label /dev/wwan.+ with modem_manager_t
|
||||||
|
Resolves: rhbz#2000196
|
||||||
|
- Allow systemd-coredump userns capabilities and root mounton
|
||||||
|
Resolves: rhbz#2057435
|
||||||
|
- Allow systemd-coredump read and write usermodehelper state
|
||||||
|
Resolves: rhbz#2057435
|
||||||
|
- Allow sysadm_passwd_t to relabel passwd and group files
|
||||||
|
Resolves: rhbz#2053458
|
||||||
|
- Allow systemd-sysctl read the security state information
|
||||||
|
Resolves: rhbz#2056999
|
||||||
|
- Remove unnecessary /etc file transitions for insights-client
|
||||||
|
Resolves: rhbz#2055823
|
||||||
|
- Label all content in /var/lib/insights with insights_client_var_lib_t
|
||||||
|
Resolves: rhbz#2055823
|
||||||
|
- Update insights-client policy
|
||||||
|
Resolves: rhbz#2055823
|
||||||
|
- Update insights-client: fc pattern, motd, writing to etc
|
||||||
|
Resolves: rhbz#2055823
|
||||||
|
- Update specfile to buildrequire policycoreutils-devel >= 3.3-5
|
||||||
|
- Add modules_checksum to %files
|
||||||
|
|
||||||
* Thu Feb 17 2022 Zdenek Pytela <zpytela@redhat.com> - 34.1.26-1
|
* Thu Feb 17 2022 Zdenek Pytela <zpytela@redhat.com> - 34.1.26-1
|
||||||
- Remove permissive domain for insights_client_t
|
- Remove permissive domain for insights_client_t
|
||||||
Resolves: rhbz#2055823
|
Resolves: rhbz#2055823
|
||||||
|
Loading…
Reference in New Issue
Block a user