import selinux-policy-34.1.28-1.el9_0

This commit is contained in:
CentOS Sources 2022-04-05 07:02:16 -04:00 committed by Stepan Oksanichenko
parent 842d9c9cdb
commit ac95e7125b
4 changed files with 38 additions and 6 deletions

2
.gitignore vendored
View File

@ -1,2 +1,2 @@
SOURCES/container-selinux.tgz SOURCES/container-selinux.tgz
SOURCES/selinux-policy-0b21d4c.tar.gz SOURCES/selinux-policy-9dcf505.tar.gz

View File

@ -1,2 +1,2 @@
a405401da19909415b7ee69e2b2cdfed0c0fb03d SOURCES/container-selinux.tgz ff295d4c0bb4af2a3972c810f93a7fb2c17fbf27 SOURCES/container-selinux.tgz
b281e81483dc3f6b56caa221d3b42930ee0b7f37 SOURCES/selinux-policy-0b21d4c.tar.gz be1161ae8772afa2747bf1cf58d59828934ba05a SOURCES/selinux-policy-9dcf505.tar.gz

View File

@ -12,6 +12,7 @@ pppd_can_insmod = false
privoxy_connect_any = true privoxy_connect_any = true
selinuxuser_direct_dri_enabled = true selinuxuser_direct_dri_enabled = true
selinuxuser_execmem = true selinuxuser_execmem = true
selinuxuser_execstack = true
selinuxuser_rw_noexattrfile=true selinuxuser_rw_noexattrfile=true
selinuxuser_ping = true selinuxuser_ping = true
squid_connect_any = true squid_connect_any = true

View File

@ -1,6 +1,6 @@
# github repo with selinux-policy sources # github repo with selinux-policy sources
%global giturl https://github.com/fedora-selinux/selinux-policy %global giturl https://github.com/fedora-selinux/selinux-policy
%global commit 0b21d4c0c4587cf2f8503a27109b729394bc68c1 %global commit 9dcf505fec91d3cc2feae61d9b76726a98dd6b98
%global shortcommit %(c=%{commit}; echo ${c:0:7}) %global shortcommit %(c=%{commit}; echo ${c:0:7})
%define distro redhat %define distro redhat
@ -19,11 +19,11 @@
%define BUILD_MLS 1 %define BUILD_MLS 1
%endif %endif
%define POLICYVER 33 %define POLICYVER 33
%define POLICYCOREUTILSVER 3.2 %define POLICYCOREUTILSVER 3.3-5
%define CHECKPOLICYVER 3.2 %define CHECKPOLICYVER 3.2
Summary: SELinux policy configuration Summary: SELinux policy configuration
Name: selinux-policy Name: selinux-policy
Version: 34.1.26 Version: 34.1.28
Release: 1%{?dist} Release: 1%{?dist}
License: GPLv2+ License: GPLv2+
Source: %{giturl}/archive/%{commit}/%{name}-%{shortcommit}.tar.gz Source: %{giturl}/archive/%{commit}/%{name}-%{shortcommit}.tar.gz
@ -268,6 +268,7 @@ rm -f %{buildroot}%{_sharedstatedir}/selinux/%1/active/*.linked \
%ghost %{_sharedstatedir}/selinux/%1/active/seusers.linked \ %ghost %{_sharedstatedir}/selinux/%1/active/seusers.linked \
%ghost %{_sharedstatedir}/selinux/%1/active/users_extra.linked \ %ghost %{_sharedstatedir}/selinux/%1/active/users_extra.linked \
%verify(not md5 size mtime) %{_sharedstatedir}/selinux/%1/active/file_contexts.homedirs \ %verify(not md5 size mtime) %{_sharedstatedir}/selinux/%1/active/file_contexts.homedirs \
%verify(not md5 size mtime) %{_sharedstatedir}/selinux/%1/active/modules_checksum \
%nil %nil
%define relabel() \ %define relabel() \
@ -792,6 +793,36 @@ exit 0
%endif %endif
%changelog %changelog
* Thu Mar 24 2022 Zdenek Pytela <zpytela@redhat.com> - 34.1.28-1
- Allow logrotate a domain transition to cluster administrative domain
Resolves: rhbz#2061277
- Change the selinuxuser_execstack boolean value to true
Resolves: rhbz#2064274
* Thu Feb 24 2022 Zdenek Pytela <zpytela@redhat.com> - 34.1.27-1
- Allow ModemManager connect to the unconfined user domain
Resolves: rhbz#2000196
- Label /dev/wwan.+ with modem_manager_t
Resolves: rhbz#2000196
- Allow systemd-coredump userns capabilities and root mounton
Resolves: rhbz#2057435
- Allow systemd-coredump read and write usermodehelper state
Resolves: rhbz#2057435
- Allow sysadm_passwd_t to relabel passwd and group files
Resolves: rhbz#2053458
- Allow systemd-sysctl read the security state information
Resolves: rhbz#2056999
- Remove unnecessary /etc file transitions for insights-client
Resolves: rhbz#2055823
- Label all content in /var/lib/insights with insights_client_var_lib_t
Resolves: rhbz#2055823
- Update insights-client policy
Resolves: rhbz#2055823
- Update insights-client: fc pattern, motd, writing to etc
Resolves: rhbz#2055823
- Update specfile to buildrequire policycoreutils-devel >= 3.3-5
- Add modules_checksum to %files
* Thu Feb 17 2022 Zdenek Pytela <zpytela@redhat.com> - 34.1.26-1 * Thu Feb 17 2022 Zdenek Pytela <zpytela@redhat.com> - 34.1.26-1
- Remove permissive domain for insights_client_t - Remove permissive domain for insights_client_t
Resolves: rhbz#2055823 Resolves: rhbz#2055823