rpms/selinux-policy
7
0
Fork 0
Code Issues Pull Requests Releases Activity

* Wed Oct 16 2024 Zdenek Pytela <zpytela@redhat.com> - 40.13.10-1

Browse Source 
- Confine gnome-remote-desktop
Resolves: RHEL-35877
- Allow virtqemud get attributes of a tmpfs filesystem
Resolves: RHEL-40855
- Allow virtqemud get attributes of cifs files
Resolves: RHEL-40855
- Allow virtqemud get attributes of filesystems with extended attributes
Resolves: RHEL-39668
- Allow virtqemud get attributes of NFS filesystems
Resolves: RHEL-40855
- Add support for secretmem anon inode
Resolves: RHEL-40953
- Allow systemd-sleep read raw disk data
Resolves: RHEL-49600
- Allow systemd-hwdb send messages to kernel unix datagram sockets
Resolves: RHEL-50810
- Label /run/modprobe.d with modules_conf_t
Resolves: RHEL-54591
- Allow setsebool_t relabel selinux data files
Resolves: RHEL-55412
- Don't audit crontab_domain write attempts to user home
Resolves: RHEL-56349
- Differentiate between staff and sysadm when executing crontab with sudo
Resolves: RHEL-56349
- Add crontab_admin_domtrans interface
Resolves: RHEL-56349
- Add crontab_domtrans interface
Resolves: RHEL-56349
- Allow boothd connect to kernel over a unix socket
Resolves: RHEL-58060
- Fix label of pseudoterminals created from sudodomain
Resolves: RHEL-58068
- systemd: allow systemd_notify_t to send data to kernel_t datagram sockets
Resolves: RHEL-58072
- Allow rsyslog read systemd-logind session files
Resolves: RHEL-40961
- Label /dev/mmcblk0rpmb character device with removable_device_t
Resolves: RHEL-55265
- Label /dev/hfi1_[0-9]+ devices
Resolves: RHEL-62836
- Label /dev/papr-sysparm and /dev/papr-vpd
Resolves: RHEL-56908
- Support SGX devices
Resolves: RHEL-62354
- Suppress semodule's stderr
Resolves: RHEL-59192
This commit is contained in:
Zdenek Pytela 2024-10-16 16:29:52 +02:00
parent 0c8f629e44
commit b9f20bbf55
2 changed files with 52 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

52
selinux-policy.spec
View File

@ -1,6 +1,6 @@
# github repo with selinux-policy sources # github repo with selinux-policy sources
%global giturl https://github.com/fedora-selinux/selinux-policy %global giturl https://github.com/fedora-selinux/selinux-policy
%global commit 61128219cb2270144668ecdde8e00b074dc898f8 %global commit 3d165a6733390d9313d4360831f48379b7b13fc0
%global shortcommit %(c=%{commit}; echo ${c:0:7}) %global shortcommit %(c=%{commit}; echo ${c:0:7})
%define distro redhat %define distro redhat
@ -23,7 +23,7 @@
%define CHECKPOLICYVER 3.2 %define CHECKPOLICYVER 3.2
Summary: SELinux policy configuration Summary: SELinux policy configuration
Name: selinux-policy Name: selinux-policy
Version: 40.13.9 Version: 40.13.10
Release: 1%{?dist} Release: 1%{?dist}
License: GPL-2.0-or-later License: GPL-2.0-or-later
Source: %{giturl}/archive/%{commit}/%{name}-%{shortcommit}.tar.gz Source: %{giturl}/archive/%{commit}/%{name}-%{shortcommit}.tar.gz
@ -860,6 +860,54 @@ exit 0
%endif %endif
%changelog %changelog
* Wed Oct 16 2024 Zdenek Pytela <zpytela@redhat.com> - 40.13.10-1
- Confine gnome-remote-desktop
Resolves: RHEL-35877
- Allow virtqemud get attributes of a tmpfs filesystem
Resolves: RHEL-40855
- Allow virtqemud get attributes of cifs files
Resolves: RHEL-40855
- Allow virtqemud get attributes of filesystems with extended attributes
Resolves: RHEL-39668
- Allow virtqemud get attributes of NFS filesystems
Resolves: RHEL-40855
- Add support for secretmem anon inode
Resolves: RHEL-40953
- Allow systemd-sleep read raw disk data
Resolves: RHEL-49600
- Allow systemd-hwdb send messages to kernel unix datagram sockets
Resolves: RHEL-50810
- Label /run/modprobe.d with modules_conf_t
Resolves: RHEL-54591
- Allow setsebool_t relabel selinux data files
Resolves: RHEL-55412
- Don't audit crontab_domain write attempts to user home
Resolves: RHEL-56349
- Differentiate between staff and sysadm when executing crontab with sudo
Resolves: RHEL-56349
- Add crontab_admin_domtrans interface
Resolves: RHEL-56349
- Add crontab_domtrans interface
Resolves: RHEL-56349
- Allow boothd connect to kernel over a unix socket
Resolves: RHEL-58060
- Fix label of pseudoterminals created from sudodomain
Resolves: RHEL-58068
- systemd: allow systemd_notify_t to send data to kernel_t datagram sockets
Resolves: RHEL-58072
- Allow rsyslog read systemd-logind session files
Resolves: RHEL-40961
- Label /dev/mmcblk0rpmb character device with removable_device_t
Resolves: RHEL-55265
- Label /dev/hfi1_[0-9]+ devices
Resolves: RHEL-62836
- Label /dev/papr-sysparm and /dev/papr-vpd
Resolves: RHEL-56908
- Support SGX devices
Resolves: RHEL-62354
- Suppress semodule's stderr
Resolves: RHEL-59192
* Mon Aug 26 2024 Zdenek Pytela <zpytela@redhat.com> - 40.13.9-1 * Mon Aug 26 2024 Zdenek Pytela <zpytela@redhat.com> - 40.13.9-1
- Allow virtqemud relabelfrom also for file and sock_file - Allow virtqemud relabelfrom also for file and sock_file
Resolves: RHEL-49763 Resolves: RHEL-49763

4
sources
View File

@ -1,3 +1,3 @@
SHA512 (selinux-policy-6112821.tar.gz) = 209217ec7e38a8d5fc43dc708e30cc88fe3c7fd4d3f6101784ca99f953bc001663165b4156695edbd491dca1aeaefe0317dcf59e059bce10e2ed4639391c34e0 SHA512 (selinux-policy-3d165a6.tar.gz) = 80fc827310948e08adaeb79c435cc9d2001837c116176935ef88ea61c64cfd9e8f3383233b9c18ec2784cc0525ecc37ef07fb1aa6d21ede93b57985927896978
SHA512 (macro-expander) = 243ee49f1185b78ac47e56ca9a3f3592f8975fab1a2401c0fcc7f88217be614fe31805bacec602b728e7fcfc21dcc17d90e9a54ce87f3a0c97624d9ad885aea4 SHA512 (macro-expander) = 243ee49f1185b78ac47e56ca9a3f3592f8975fab1a2401c0fcc7f88217be614fe31805bacec602b728e7fcfc21dcc17d90e9a54ce87f3a0c97624d9ad885aea4
SHA512 (container-selinux.tgz) = 482e9d3a48c09c679539d2f9039a647d69ee1c9dd4dbef26a25d3dd350137cfe51ac8695685ae0078bc75c38d41a2e4a2554064a9111083f07ffe32aa3044d9e SHA512 (container-selinux.tgz) = 4017faf0474630bfc4dc431135d6793c85fc4978c37ee8a6e4afa529c10fdaa03a58145b23dfc7854fc705f7c9ba7400a3b744568ac44b9f9d87186610e0405c