From ba2607aba90465519245e040d12b63b072e8af93 Mon Sep 17 00:00:00 2001 From: DistroBaker Date: Sun, 28 Mar 2021 20:10:28 +0000 Subject: [PATCH] Merged update from upstream sources This is an automated DistroBaker update from upstream sources. If you do not know what this is about or would like to opt out, contact the OSCI team. Source: https://src.fedoraproject.org/rpms/selinux-policy.git#2b6e9bd08f688cf6ad39a2dbad7531164a22fff5 --- selinux-policy.spec | 30 ++++++++++++++++++++++++++++-- sources | 4 ++-- 2 files changed, 30 insertions(+), 4 deletions(-) diff --git a/selinux-policy.spec b/selinux-policy.spec index 52d63533..440e0596 100644 --- a/selinux-policy.spec +++ b/selinux-policy.spec @@ -1,6 +1,6 @@ # github repo with selinux-policy sources %global giturl https://github.com/fedora-selinux/selinux-policy -%global commit e3da92314ccfcc7b263aa44d0c9f824703df197c +%global commit 485578ca5fa9c5c4613a5e2af687d6ffba9785ab %global shortcommit %(c=%{commit}; echo ${c:0:7}) %define distro redhat @@ -24,7 +24,7 @@ Summary: SELinux policy configuration Name: selinux-policy Version: 3.14.7 -Release: 25%{?dist} +Release: 28%{?dist} License: GPLv2+ Source: %{giturl}/archive/%{commit}/%{name}-%{shortcommit}.tar.gz Source1: modules-targeted-base.conf @@ -792,6 +792,32 @@ exit 0 %endif %changelog +* Fri Mar 26 2021 Zdenek Pytela - 3.14.7-28 +- Allow arpwatch_t create netlink generic socket +- Allow postgrey read network state +- Add watch_mount_dirs_pattern file pattern +- Allow bluetooth_t dbus chat with fwupd_t +- Allow xdm_t watch accountsd lib directories +- Add additional interfaces for watching /boot +- Allow sssd_t get attributes of tmpfs filesystems +- Allow local_login_t get attributes of tmpfs filesystems + +* Tue Mar 23 2021 Zdenek Pytela - 3.14.7-27 +- Dontaudit domain the fowner capability +- Extend fs_manage_nfsd_fs() to allow managing dirs as well +- Allow spice-vdagentd watch systemd-logind session dirs + +* Fri Mar 19 2021 Zdenek Pytela - 3.14.7-26 +- Allow xdm_t watch systemd-logind session dirs +- Allow xdm_t transition to system_dbusd_t +- Allow confined users login into graphic session +- Allow login_userdomain watch systemd login session dirs +- install_t: Allow NoNewPriv transition from systemd +- Remove setuid/setgid capabilities from mysqld_t +- Add context for new mariadbd executable files +- Allow netutils_t create netlink generic socket +- Allow systemd the audit_control capability conditionally + * Thu Mar 11 2021 Zdenek Pytela - 3.14.7-25 - Allow polkit-agent-helper-1 read logind sessions files - Allow polkit-agent-helper read init state diff --git a/sources b/sources index e63a7496..014fa710 100644 --- a/sources +++ b/sources @@ -1,3 +1,3 @@ -SHA512 (selinux-policy-e3da923.tar.gz) = d3963ff469fc1dd8d5fb525cc78276109a1220fe528839549c74a1d9676d0fe481926718a40c1bf0062b6823730200a2d69141c8ece3c07ed1f9e12d2b4a2fb7 -SHA512 (container-selinux.tgz) = 08ed5d509c792cb4228df34e1adc75e8720b65c73850cf4be7786384e7f6d752a2218f1a4c40eee9e8acbbd273a9e4ec2382e3830114619e6f58c322fa9f476b +SHA512 (selinux-policy-485578c.tar.gz) = 73eecdc99968676d8db4357c7b6fb77a929d7afba84725481185acb925ba2619a47cab900c62ff5e0d9bd016e8a3de7c38ebb5284f43a8cb00b6409976de9531 SHA512 (macro-expander) = 243ee49f1185b78ac47e56ca9a3f3592f8975fab1a2401c0fcc7f88217be614fe31805bacec602b728e7fcfc21dcc17d90e9a54ce87f3a0c97624d9ad885aea4 +SHA512 (container-selinux.tgz) = 269b29e3829df8d0cc731f9b2739844d0fca8e566ec5c67ee855c43ac5d2361684ca9964c3e8cbfebd5d06f3c5d510b5c85e9e92e0726915d6801d912afd77e8