* Thu Nov 04 2021 Zdenek Pytela <zpytela@redhat.com> - 35.5-1

- Support sanlock VG automated recovery on storage access loss 2/2
- Support sanlock VG automated recovery on storage access loss 1/2
- Revert "Support sanlock VG automated recovery on storage access loss"
- Allow tlp get service units status
- Allow fedora-third-party manage 3rd party repos
- Allow xdm_t nnp_transition to login_userdomain
- Add the auth_read_passwd_file() interface
- Allow redis-sentinel execute a notification script
- Allow fetchmail search cgroup directories
- Allow lvm_t to read/write devicekit disk semaphores
- Allow devicekit_disk_t to use /dev/mapper/control
- Allow devicekit_disk_t to get IPC info from the kernel
- Allow devicekit_disk_t to read systemd-logind pid files
- Allow devicekit_disk_t to mount filesystems on mnt_t directories
- Allow devicekit_disk_t to manage mount_var_run_t files
- Allow rasdaemon sys_admin capability to verify the CAP_SYS_ADMIN of the soft_offline_page function implemented in the kernel
- Use $releasever in koji repo to reduce rawhide hardcoding
- authlogin: add fcontext for tcb
- Add erofs as a SELinux capable file system
- Allow systemd execute user bin files
- Support sanlock VG automated recovery on storage access loss
- Support new PING_CHECK health checker in keepalived
This commit is contained in:
Zdenek Pytela 2021-11-04 17:37:03 +01:00
parent 510d46d44a
commit bc5db683cf
2 changed files with 39 additions and 4 deletions

View File

@ -1,6 +1,6 @@
# github repo with selinux-policy sources
%global giturl https://github.com/fedora-selinux/selinux-policy
%global commit eecd3964f51de1404d343e3b0e6696f9774801d0
%global commit 02b35cff10d8743e075379c062f565f2bb97c032
%global shortcommit %(c=%{commit}; echo ${c:0:7})
%define distro redhat
@ -23,7 +23,7 @@
%define CHECKPOLICYVER 3.2
Summary: SELinux policy configuration
Name: selinux-policy
Version: 35.2
Version: 35.5
Release: 1%{?dist}
License: GPLv2+
Source: %{giturl}/archive/%{commit}/%{name}-%{shortcommit}.tar.gz
@ -808,6 +808,41 @@ exit 0
%endif
%changelog
* Thu Nov 04 2021 Zdenek Pytela <zpytela@redhat.com> - 35.5-1
- Support sanlock VG automated recovery on storage access loss 2/2
- Support sanlock VG automated recovery on storage access loss 1/2
- Revert "Support sanlock VG automated recovery on storage access loss"
- Allow tlp get service units status
- Allow fedora-third-party manage 3rd party repos
- Allow xdm_t nnp_transition to login_userdomain
- Add the auth_read_passwd_file() interface
- Allow redis-sentinel execute a notification script
- Allow fetchmail search cgroup directories
- Allow lvm_t to read/write devicekit disk semaphores
- Allow devicekit_disk_t to use /dev/mapper/control
- Allow devicekit_disk_t to get IPC info from the kernel
- Allow devicekit_disk_t to read systemd-logind pid files
- Allow devicekit_disk_t to mount filesystems on mnt_t directories
- Allow devicekit_disk_t to manage mount_var_run_t files
- Allow rasdaemon sys_admin capability to verify the CAP_SYS_ADMIN of the soft_offline_page function implemented in the kernel
- Use $releasever in koji repo to reduce rawhide hardcoding
- authlogin: add fcontext for tcb
- Add erofs as a SELinux capable file system
- Allow systemd execute user bin files
- Support sanlock VG automated recovery on storage access loss
- Support new PING_CHECK health checker in keepalived
* Wed Oct 20 2021 Zdenek Pytela <zpytela@redhat.com> - 35.4-1
- Allow fedora-third-party map generic cache files
- Add gnome_map_generic_cache_files() interface
- Add files_manage_var_lib_dirs() interface
- Allow fedora-third party manage gpg keys
- Allow fedora-third-party run "flatpak remote-add --from flathub"
* Tue Oct 19 2021 Zdenek Pytela <zpytela@redhat.com> - 35.3-1
- Allow fedora-third-party run flatpak post-install actions
- Allow fedora-third-party set_setsched and sys_nice
* Mon Oct 18 2021 Zdenek Pytela <zpytela@redhat.com> - 35.2-1
- Allow fedora-third-party execute "flatpak remote-add"
- Add files_manage_var_lib_files() interface

View File

@ -1,3 +1,3 @@
SHA512 (selinux-policy-eecd396.tar.gz) = 5d71462a578074ec243f9bb74ba2c980a4198150ca9fa3e6d245a8229747a190dfab4e9766e886f3f6aaa910f56aeab7574b532976dabc2f668a63b4373522c7
SHA512 (container-selinux.tgz) = dfbe108d821f4cb92f6b2069d7b50303909a8560a9d80f4b0fd065d268c1f7a7b0bfd26b91bad9b64c886aa4cc0e289fb17034f80129f7a19469ff5f1345eb21
SHA512 (selinux-policy-02b35cf.tar.gz) = 470a870c83c53fe8171aeaff502b67298fd2ce43a537f5a258d7f914c07f65de8b174484efacb4852ed8a05d0675a515d238ba1146fad587f62b9b6505760e82
SHA512 (container-selinux.tgz) = f4c8ea765a0ba2b930f3f2dbbca7f2c9a08e2d13a2246de9697ed873b6dfde444f9aa678e9c6ecc4bc4c86fcfda25a7926c105749deb3f4ee7e1ddb1cbfe1a9e
SHA512 (macro-expander) = 243ee49f1185b78ac47e56ca9a3f3592f8975fab1a2401c0fcc7f88217be614fe31805bacec602b728e7fcfc21dcc17d90e9a54ce87f3a0c97624d9ad885aea4