* Tue Aug 07 2018 Lukas Vrabec <lvrabec@redhat.com> - 3.14.2-31
- Allow kprop_t domain to read network state - Add support boltd policy - Allow kpropd domain to exec itself - Allow pdns_t to bind on tcp transproxy port - Add support for opafm service - Allow hsqldb_t domain to read cgroup files - Allow rngd_t domain to read generic certs - Allow innd_t domain to mmap own var_lib_t files - Update screen_role_temaplate interface - Allow chronyd_t domain to mmap own tmpfs files - Allow sblim_sfcbd_t domain to mmap own tmpfs files - Allow systemd to mounont boltd lib dirs - Allow sysadm_t domain to create rawip sockets - Allow sysadm_t domain to listen on socket - Update sudo_role_template() to allow caller domain also setattr generic ptys - Update logging_manage_all_logs() interface to allow caller domain map all logfiles
This commit is contained in:
parent
75a1d62043
commit
bb7c753263
@ -1,11 +1,11 @@
|
|||||||
# github repo with selinux-policy base sources
|
# github repo with selinux-policy base sources
|
||||||
%global git0 https://github.com/fedora-selinux/selinux-policy
|
%global git0 https://github.com/fedora-selinux/selinux-policy
|
||||||
%global commit0 e08b2dab562597085bbc9800006a298a6fcdba0c
|
%global commit0 cf5a654b7ac989a686044cb450cf5856e763f4d5
|
||||||
%global shortcommit0 %(c=%{commit0}; echo ${c:0:7})
|
%global shortcommit0 %(c=%{commit0}; echo ${c:0:7})
|
||||||
|
|
||||||
# github repo with selinux-policy contrib sources
|
# github repo with selinux-policy contrib sources
|
||||||
%global git1 https://github.com/fedora-selinux/selinux-policy-contrib
|
%global git1 https://github.com/fedora-selinux/selinux-policy-contrib
|
||||||
%global commit1 6bfaa82e671e166c8483dffd4c56120562846f8e
|
%global commit1 e60295e6037f32dc30a47ef7b77549dade16f7ef
|
||||||
%global shortcommit1 %(c=%{commit1}; echo ${c:0:7})
|
%global shortcommit1 %(c=%{commit1}; echo ${c:0:7})
|
||||||
|
|
||||||
%define distro redhat
|
%define distro redhat
|
||||||
@ -29,7 +29,7 @@
|
|||||||
Summary: SELinux policy configuration
|
Summary: SELinux policy configuration
|
||||||
Name: selinux-policy
|
Name: selinux-policy
|
||||||
Version: 3.14.2
|
Version: 3.14.2
|
||||||
Release: 30%{?dist}
|
Release: 31%{?dist}
|
||||||
License: GPLv2+
|
License: GPLv2+
|
||||||
Group: System Environment/Base
|
Group: System Environment/Base
|
||||||
Source: %{git0}/archive/%{commit0}/%{name}-%{shortcommit0}.tar.gz
|
Source: %{git0}/archive/%{commit0}/%{name}-%{shortcommit0}.tar.gz
|
||||||
@ -709,6 +709,24 @@ exit 0
|
|||||||
%endif
|
%endif
|
||||||
|
|
||||||
%changelog
|
%changelog
|
||||||
|
* Tue Aug 07 2018 Lukas Vrabec <lvrabec@redhat.com> - 3.14.2-31
|
||||||
|
- Allow kprop_t domain to read network state
|
||||||
|
- Add support boltd policy
|
||||||
|
- Allow kpropd domain to exec itself
|
||||||
|
- Allow pdns_t to bind on tcp transproxy port
|
||||||
|
- Add support for opafm service
|
||||||
|
- Allow hsqldb_t domain to read cgroup files
|
||||||
|
- Allow rngd_t domain to read generic certs
|
||||||
|
- Allow innd_t domain to mmap own var_lib_t files
|
||||||
|
- Update screen_role_temaplate interface
|
||||||
|
- Allow chronyd_t domain to mmap own tmpfs files
|
||||||
|
- Allow sblim_sfcbd_t domain to mmap own tmpfs files
|
||||||
|
- Allow systemd to mounont boltd lib dirs
|
||||||
|
- Allow sysadm_t domain to create rawip sockets
|
||||||
|
- Allow sysadm_t domain to listen on socket
|
||||||
|
- Update sudo_role_template() to allow caller domain also setattr generic ptys
|
||||||
|
- Update logging_manage_all_logs() interface to allow caller domain map all logfiles
|
||||||
|
|
||||||
* Sun Jul 29 2018 Lukas Vrabec <lvrabec@redhat.com> - 3.14.2-30
|
* Sun Jul 29 2018 Lukas Vrabec <lvrabec@redhat.com> - 3.14.2-30
|
||||||
- Allow sblim_sfcbd_t domain to mmap own tmpfs files
|
- Allow sblim_sfcbd_t domain to mmap own tmpfs files
|
||||||
- Allow nfsd_t domain to read krb5 keytab files
|
- Allow nfsd_t domain to read krb5 keytab files
|
||||||
|
6
sources
6
sources
@ -1,3 +1,3 @@
|
|||||||
SHA512 (selinux-policy-contrib-6bfaa82.tar.gz) = 755a389bd3960a66447acffd40ff4f5b4e8f3b454f5e380e74625a9547b205f96786ff7bba2616a76adf740c1dd6e7855d056e67b857b9edbf52eee02975cbd7
|
SHA512 (selinux-policy-cf5a654.tar.gz) = bb9e69869672a2ba70c94bbbd361da63a39367cd35f30daa8d5afbe60f1800f23252e56df564ee9c404b8e6a9130c57b559c666fc3c264e182f5751d47afb36d
|
||||||
SHA512 (selinux-policy-e08b2da.tar.gz) = 0b0d1693b8e544d60c5ff5c64dca93ab62e6d43925522740ca08ac4eaf30d7a363af5b90021c20ec6f379be5b13db56e5133c9b95511e3a7584ca8a12097e726
|
SHA512 (selinux-policy-contrib-e60295e.tar.gz) = 95b51f55da5cd006b31f2fed0a9043241e68b606b5176c5b0912f5a311b3dd02277c26d35dbb97cf52faaae169b3fb5cdabfbbcdb5927a3f155985321182e3aa
|
||||||
SHA512 (container-selinux.tgz) = 03dc7da74a0b83f3df985dc51bdfb69676b92a8d9b99149f9135639b3ac3f1ce362652e744170ce2b25f5dd46974e4726c9e80ce4604d26dded14f0980315c4d
|
SHA512 (container-selinux.tgz) = 3057e92810c56c22aebf34d06623176615f61c0e5778273f34894ed4fdd8ce89d0ac525e66dd26fe09542741f5b12135d6a21d102d058aeab85df7fb15a626a7
|
||||||
|
Loading…
Reference in New Issue
Block a user