From b2c25500b4ce20e41703a86f5913998163f0e886 Mon Sep 17 00:00:00 2001 From: Zdenek Pytela Date: Tue, 18 Jun 2024 17:27:30 +0200 Subject: [PATCH] * Tue Jun 18 2024 Zdenek Pytela - 40.13.3-1 - Allow virtqemud manage nfs files when virt_use_nfs boolean is on Resolves: RHEL-40205 - Allow virt_driver_domain read files labeled unconfined_t Resolves: RHEL-40262 - Allow virt_driver_domain dbus chat with policykit Resolves: RHEL-40346 - Escape "interface" as a file name in a virt filetrans pattern Resolves: RHEL-34769 - Allow setroubleshootd get attributes of all sysctls Resolves: RHEL-40923 - Allow qemu-ga read vm sysctls Resolves: RHEL-40829 - Allow sbd to trace processes in user namespace Resolves: RHEL-39989 - Allow request-key execute scripts Resolves: RHEL-38920 - Update policy for haproxyd Resolves: RHEL-40877 --- selinux-policy.spec | 24 ++++++++++++++++++++++-- sources | 4 ++-- 2 files changed, 24 insertions(+), 4 deletions(-) diff --git a/selinux-policy.spec b/selinux-policy.spec index 3745c195..3e5f6ccd 100644 --- a/selinux-policy.spec +++ b/selinux-policy.spec @@ -1,6 +1,6 @@ # github repo with selinux-policy sources %global giturl https://github.com/fedora-selinux/selinux-policy -%global commit 83462dd1d02e34be7a2469f2e974cdf703460969 +%global commit 9eb80568d30c6fb4352894a033246bfe05f4960d %global shortcommit %(c=%{commit}; echo ${c:0:7}) %define distro redhat @@ -23,7 +23,7 @@ %define CHECKPOLICYVER 3.2 Summary: SELinux policy configuration Name: selinux-policy -Version: 40.13.2 +Version: 40.13.3 Release: 1%{?dist} License: GPL-2.0-or-later Source: %{giturl}/archive/%{commit}/%{name}-%{shortcommit}.tar.gz @@ -860,6 +860,26 @@ exit 0 %endif %changelog +* Tue Jun 18 2024 Zdenek Pytela - 40.13.3-1 +- Allow virtqemud manage nfs files when virt_use_nfs boolean is on +Resolves: RHEL-40205 +- Allow virt_driver_domain read files labeled unconfined_t +Resolves: RHEL-40262 +- Allow virt_driver_domain dbus chat with policykit +Resolves: RHEL-40346 +- Escape "interface" as a file name in a virt filetrans pattern +Resolves: RHEL-34769 +- Allow setroubleshootd get attributes of all sysctls +Resolves: RHEL-40923 +- Allow qemu-ga read vm sysctls +Resolves: RHEL-40829 +- Allow sbd to trace processes in user namespace +Resolves: RHEL-39989 +- Allow request-key execute scripts +Resolves: RHEL-38920 +- Update policy for haproxyd +Resolves: RHEL-40877 + * Fri Jun 07 2024 Zdenek Pytela - 40.13.2-1 - Allow all domains read and write z90crypt device Resolves: RHEL-28539 diff --git a/sources b/sources index 909e6e49..92d45b92 100644 --- a/sources +++ b/sources @@ -1,3 +1,3 @@ -SHA512 (selinux-policy-83462dd.tar.gz) = c12577dba9fad104884b5c35c488b22bde98919770e363fa8bcd146261a717aa1888e03ac1cd3ceb8fde7ebdc30403dee399725e595e6b3424a950ae4ab886b9 +SHA512 (selinux-policy-9eb8056.tar.gz) = bc804e78236420e1a57378041563c7d899f06d299363ff171d2e3d9a6b58e1da0aa876a3a2b7c8f837bc8fa52fafa2082c45a9f62c14c5e1a5a3b364a304d563 SHA512 (macro-expander) = 243ee49f1185b78ac47e56ca9a3f3592f8975fab1a2401c0fcc7f88217be614fe31805bacec602b728e7fcfc21dcc17d90e9a54ce87f3a0c97624d9ad885aea4 -SHA512 (container-selinux.tgz) = f943d72e16b14e374cc6e46e2abeefe64f2558fdd217195a5f3a6e243ec72fc2526a90c80a30bdced8adcb4219addea72979c3d75aa1610a2e7b36220c323fdf +SHA512 (container-selinux.tgz) = 921f1cba3aed7e405a3c26f3a33484a0cb847f6bd5d1eac2fe52ee2645b2654eb19ad87127f03f4f1744dbd84b7447c4b0fabe20ee41f54d0779d573e31fd642