Merged update from upstream sources

This is an automated DistroBaker update from upstream sources.
If you do not know what this is about or would like to opt out,
contact the OSCI team.

Source: https://src.fedoraproject.org/rpms/selinux-policy.git#2b6e9bd08f688cf6ad39a2dbad7531164a22fff5
This commit is contained in:
DistroBaker 2021-03-28 20:10:28 +00:00
parent d69f76993a
commit ba2607aba9
2 changed files with 30 additions and 4 deletions

View File

@ -1,6 +1,6 @@
# github repo with selinux-policy sources
%global giturl https://github.com/fedora-selinux/selinux-policy
%global commit e3da92314ccfcc7b263aa44d0c9f824703df197c
%global commit 485578ca5fa9c5c4613a5e2af687d6ffba9785ab
%global shortcommit %(c=%{commit}; echo ${c:0:7})
%define distro redhat
@ -24,7 +24,7 @@
Summary: SELinux policy configuration
Name: selinux-policy
Version: 3.14.7
Release: 25%{?dist}
Release: 28%{?dist}
License: GPLv2+
Source: %{giturl}/archive/%{commit}/%{name}-%{shortcommit}.tar.gz
Source1: modules-targeted-base.conf
@ -792,6 +792,32 @@ exit 0
%endif
%changelog
* Fri Mar 26 2021 Zdenek Pytela <zpytela@redhat.com> - 3.14.7-28
- Allow arpwatch_t create netlink generic socket
- Allow postgrey read network state
- Add watch_mount_dirs_pattern file pattern
- Allow bluetooth_t dbus chat with fwupd_t
- Allow xdm_t watch accountsd lib directories
- Add additional interfaces for watching /boot
- Allow sssd_t get attributes of tmpfs filesystems
- Allow local_login_t get attributes of tmpfs filesystems
* Tue Mar 23 2021 Zdenek Pytela <zpytela@redhat.com> - 3.14.7-27
- Dontaudit domain the fowner capability
- Extend fs_manage_nfsd_fs() to allow managing dirs as well
- Allow spice-vdagentd watch systemd-logind session dirs
* Fri Mar 19 2021 Zdenek Pytela <zpytela@redhat.com> - 3.14.7-26
- Allow xdm_t watch systemd-logind session dirs
- Allow xdm_t transition to system_dbusd_t
- Allow confined users login into graphic session
- Allow login_userdomain watch systemd login session dirs
- install_t: Allow NoNewPriv transition from systemd
- Remove setuid/setgid capabilities from mysqld_t
- Add context for new mariadbd executable files
- Allow netutils_t create netlink generic socket
- Allow systemd the audit_control capability conditionally
* Thu Mar 11 2021 Zdenek Pytela <zpytela@redhat.com> - 3.14.7-25
- Allow polkit-agent-helper-1 read logind sessions files
- Allow polkit-agent-helper read init state

View File

@ -1,3 +1,3 @@
SHA512 (selinux-policy-e3da923.tar.gz) = d3963ff469fc1dd8d5fb525cc78276109a1220fe528839549c74a1d9676d0fe481926718a40c1bf0062b6823730200a2d69141c8ece3c07ed1f9e12d2b4a2fb7
SHA512 (container-selinux.tgz) = 08ed5d509c792cb4228df34e1adc75e8720b65c73850cf4be7786384e7f6d752a2218f1a4c40eee9e8acbbd273a9e4ec2382e3830114619e6f58c322fa9f476b
SHA512 (selinux-policy-485578c.tar.gz) = 73eecdc99968676d8db4357c7b6fb77a929d7afba84725481185acb925ba2619a47cab900c62ff5e0d9bd016e8a3de7c38ebb5284f43a8cb00b6409976de9531
SHA512 (macro-expander) = 243ee49f1185b78ac47e56ca9a3f3592f8975fab1a2401c0fcc7f88217be614fe31805bacec602b728e7fcfc21dcc17d90e9a54ce87f3a0c97624d9ad885aea4
SHA512 (container-selinux.tgz) = 269b29e3829df8d0cc731f9b2739844d0fca8e566ec5c67ee855c43ac5d2361684ca9964c3e8cbfebd5d06f3c5d510b5c85e9e92e0726915d6801d912afd77e8