From bbd11ae656ccfa445af059b2d00d6887ad83df56 Mon Sep 17 00:00:00 2001 From: Zdenek Pytela Date: Fri, 31 Jan 2025 19:07:04 +0100 Subject: [PATCH] * Fri Jan 31 2025 Zdenek Pytela - 38.1.52-1 - Add the files_read_root_files() interface Resolves: RHEL-70849 - Dontaudit systemd-logind remove all files Resolves: RHEL-59145 - Add the files_dontaudit_read_all_dirs() interface Resolves: RHEL-59145 - Add the files_dontaudit_delete_all_files() interface Resolves: RHEL-59145 - Allow rhsmcertd notify virt-who Resolves: RHEL-77152 - Allow irqbalance to run unconfined scripts conditionally Resolves: RHEL-1556 - Backport bootupd policy from current Fedora rawhide Resolves: RHEL-70849 - Support using systemd containers Resolves: RHEL-76352 - Allow svirt_t connect to unconfined_t over a unix domain socket Resolves: RHEL-37539 - Allow virt_domain to use pulseaudio - conditional Resolves: RHEL-1379 - Allow telnetd read network sysctls Resolves: RHEL-58825 - Allow alsa watch generic device directories Resolves: RHEL-61472 - Update switcheroo policy Resolves: RHEL-24268 --- selinux-policy.spec | 32 ++++++++++++++++++++++++++++++-- sources | 4 ++-- 2 files changed, 32 insertions(+), 4 deletions(-) diff --git a/selinux-policy.spec b/selinux-policy.spec index e1049828..474af569 100644 --- a/selinux-policy.spec +++ b/selinux-policy.spec @@ -1,6 +1,6 @@ # github repo with selinux-policy sources %global giturl https://github.com/fedora-selinux/selinux-policy -%global commit 59681656cd845e46ae2c9b74031867ca1b57580f +%global commit 732d5f76c0e6a21e4fbafaa402388376c34c7c51 %global shortcommit %(c=%{commit}; echo ${c:0:7}) %define distro redhat @@ -23,7 +23,7 @@ %define CHECKPOLICYVER 3.2 Summary: SELinux policy configuration Name: selinux-policy -Version: 38.1.51 +Version: 38.1.52 Release: 1%{?dist} License: GPLv2+ Source: %{giturl}/archive/%{commit}/%{name}-%{shortcommit}.tar.gz @@ -810,6 +810,34 @@ exit 0 %endif %changelog +* Fri Jan 31 2025 Zdenek Pytela - 38.1.52-1 +- Add the files_read_root_files() interface +Resolves: RHEL-70849 +- Dontaudit systemd-logind remove all files +Resolves: RHEL-59145 +- Add the files_dontaudit_read_all_dirs() interface +Resolves: RHEL-59145 +- Add the files_dontaudit_delete_all_files() interface +Resolves: RHEL-59145 +- Allow rhsmcertd notify virt-who +Resolves: RHEL-77152 +- Allow irqbalance to run unconfined scripts conditionally +Resolves: RHEL-1556 +- Backport bootupd policy from current Fedora rawhide +Resolves: RHEL-70849 +- Support using systemd containers +Resolves: RHEL-76352 +- Allow svirt_t connect to unconfined_t over a unix domain socket +Resolves: RHEL-37539 +- Allow virt_domain to use pulseaudio - conditional +Resolves: RHEL-1379 +- Allow telnetd read network sysctls +Resolves: RHEL-58825 +- Allow alsa watch generic device directories +Resolves: RHEL-61472 +- Update switcheroo policy +Resolves: RHEL-24268 + * Wed Jan 15 2025 Zdenek Pytela - 38.1.51-1 - Allow rsyslog read systemd-logind session files Resolves: RHEL-73839 diff --git a/sources b/sources index f03197c3..d02c258a 100644 --- a/sources +++ b/sources @@ -1,3 +1,3 @@ -SHA512 (selinux-policy-5968165.tar.gz) = ff3cc58ef96b616c47a9074348a708b2cf75c1c4a448e3ca91339cf562175b7b1442d23515de097be39b39f42a718be0ffc8a700fbd3511c5be163ae564d3290 +SHA512 (selinux-policy-732d5f7.tar.gz) = 47116fb7d71b835ac222e7eefe6a01e7af275e2e703493c5e78d829f833b260b57e1b5864a5b5bc04d1471385a2d3f31554251670f7babcb1009a37c1d6c984a SHA512 (macro-expander) = 243ee49f1185b78ac47e56ca9a3f3592f8975fab1a2401c0fcc7f88217be614fe31805bacec602b728e7fcfc21dcc17d90e9a54ce87f3a0c97624d9ad885aea4 -SHA512 (container-selinux.tgz) = eae9ed9425e5fe45880f13082cc31c6eb158fc696f243e66e90b56964ad9382e626c5c63964f86c65274f24a7171fba0751f608250fac6e6b14f06ee45fe3591 +SHA512 (container-selinux.tgz) = aada8cd362a4c2640a2d87f74a3c68d6ee3a3eb49fdd593ba8b776aa2b44963b534bb561369b966cb34dc59fb12457c60fc7d4d15f75252519cc69de603a1d3a