* Thu Jan 12 2023 Nikola Knazekova <nknazeko@redhat.com> - 38.1.4-1
- Add lpr_roles to system_r roles Resolves: rhbz#2152150 - Allow insights client work with gluster and pcp Resolves: rhbz#2152150 - Add interfaces in domain, files, and unconfined modules Resolves: rhbz#2152150 - Label fwupdoffline and fwupd-detect-cet with fwupd_exec_t Resolves: rhbz#2152150 - Add insights additional capabilities Resolves: rhbz#2152150 - Revert "Allow insights-client run lpr and allow the proper role" Resolves: rhbz#2152150 - Allow prosody manage its runtime socket files Resolves: rhbz#2157891 - Allow syslogd read network sysctls Resolves: rhbz#2156068 - Allow NetworkManager and wpa_supplicant the bpf capability Resolves: rhbz#2137085 - Allow sysadm_t read/write ipmi devices Resolves: rhbz#2158419 - Allow wireguard to create udp sockets and read net_conf Resolves: rhbz#2149452 - Allow systemd-rfkill the bpf capability Resolves: rhbz#2149390 - Allow load_policy_t write to unallocated ttys Resolves: rhbz#2145181 - Allow winbind-rpcd manage samba_share_t files and dirs Resolves: rhbz#2150680
This commit is contained in:
parent
ff00f2a45f
commit
c4ce76dfb1
@ -1,6 +1,6 @@
|
|||||||
# github repo with selinux-policy sources
|
# github repo with selinux-policy sources
|
||||||
%global giturl https://github.com/fedora-selinux/selinux-policy
|
%global giturl https://github.com/fedora-selinux/selinux-policy
|
||||||
%global commit 390b4e8af29092a1063ad1f5d55d898b33f1a293
|
%global commit aa4d1f8b2e0e4ac4415edb1470cc280b840b5c31
|
||||||
%global shortcommit %(c=%{commit}; echo ${c:0:7})
|
%global shortcommit %(c=%{commit}; echo ${c:0:7})
|
||||||
|
|
||||||
%define distro redhat
|
%define distro redhat
|
||||||
@ -23,7 +23,7 @@
|
|||||||
%define CHECKPOLICYVER 3.2
|
%define CHECKPOLICYVER 3.2
|
||||||
Summary: SELinux policy configuration
|
Summary: SELinux policy configuration
|
||||||
Name: selinux-policy
|
Name: selinux-policy
|
||||||
Version: 38.1.3
|
Version: 38.1.4
|
||||||
Release: 1%{?dist}
|
Release: 1%{?dist}
|
||||||
License: GPLv2+
|
License: GPLv2+
|
||||||
Source: %{giturl}/archive/%{commit}/%{name}-%{shortcommit}.tar.gz
|
Source: %{giturl}/archive/%{commit}/%{name}-%{shortcommit}.tar.gz
|
||||||
@ -808,6 +808,36 @@ exit 0
|
|||||||
%endif
|
%endif
|
||||||
|
|
||||||
%changelog
|
%changelog
|
||||||
|
* Thu Jan 12 2023 Nikola Knazekova <nknazeko@redhat.com> - 38.1.4-1
|
||||||
|
- Add lpr_roles to system_r roles
|
||||||
|
Resolves: rhbz#2152150
|
||||||
|
- Allow insights client work with gluster and pcp
|
||||||
|
Resolves: rhbz#2152150
|
||||||
|
- Add interfaces in domain, files, and unconfined modules
|
||||||
|
Resolves: rhbz#2152150
|
||||||
|
- Label fwupdoffline and fwupd-detect-cet with fwupd_exec_t
|
||||||
|
Resolves: rhbz#2152150
|
||||||
|
- Add insights additional capabilities
|
||||||
|
Resolves: rhbz#2152150
|
||||||
|
- Revert "Allow insights-client run lpr and allow the proper role"
|
||||||
|
Resolves: rhbz#2152150
|
||||||
|
- Allow prosody manage its runtime socket files
|
||||||
|
Resolves: rhbz#2157891
|
||||||
|
- Allow syslogd read network sysctls
|
||||||
|
Resolves: rhbz#2156068
|
||||||
|
- Allow NetworkManager and wpa_supplicant the bpf capability
|
||||||
|
Resolves: rhbz#2137085
|
||||||
|
- Allow sysadm_t read/write ipmi devices
|
||||||
|
Resolves: rhbz#2158419
|
||||||
|
- Allow wireguard to create udp sockets and read net_conf
|
||||||
|
Resolves: rhbz#2149452
|
||||||
|
- Allow systemd-rfkill the bpf capability
|
||||||
|
Resolves: rhbz#2149390
|
||||||
|
- Allow load_policy_t write to unallocated ttys
|
||||||
|
Resolves: rhbz#2145181
|
||||||
|
- Allow winbind-rpcd manage samba_share_t files and dirs
|
||||||
|
Resolves: rhbz#2150680
|
||||||
|
|
||||||
* Thu Dec 15 2022 Nikola Knazekova <nknazeko@redhat.com> - 38.1.3-1
|
* Thu Dec 15 2022 Nikola Knazekova <nknazeko@redhat.com> - 38.1.3-1
|
||||||
- Allow stalld to read /sys/kernel/security/lockdown file
|
- Allow stalld to read /sys/kernel/security/lockdown file
|
||||||
Resolves: rhbz#2140673
|
Resolves: rhbz#2140673
|
||||||
|
4
sources
4
sources
@ -1,3 +1,3 @@
|
|||||||
SHA512 (selinux-policy-390b4e8.tar.gz) = b9418e35ce0674c3fef79d27789750691662994f52faf6e8d541f4b9bda07a2206668737fe9bf58ee5ac0662bb5c49b640bb3155ba4a95fd9545826eaf1e7f52
|
SHA512 (selinux-policy-aa4d1f8.tar.gz) = b84e9dc563c5b367832b9877d7bab6fd72af776c74d8e71d365730c9f5724931b7319f99e3b62f99b8d69e058f6502dbffb747f241f354b24c92bdadc860365f
|
||||||
SHA512 (container-selinux.tgz) = 20fe003717a7fdd5d389a1917a6c83fadda32d4a173120424e20520105b3d15f9b6c6684152dd3387afb19c151b44aabebf582694b8354aab2a5a1734e464009
|
SHA512 (container-selinux.tgz) = 2acf0e7ae6aade6c0845e0cb430ecc7924d15546ff27fcb3c40128d96626196afafcc7822735fd2186dab17e68e771ddf8deefd180c5c0d1a84ed91a7dc04b86
|
||||||
SHA512 (macro-expander) = 243ee49f1185b78ac47e56ca9a3f3592f8975fab1a2401c0fcc7f88217be614fe31805bacec602b728e7fcfc21dcc17d90e9a54ce87f3a0c97624d9ad885aea4
|
SHA512 (macro-expander) = 243ee49f1185b78ac47e56ca9a3f3592f8975fab1a2401c0fcc7f88217be614fe31805bacec602b728e7fcfc21dcc17d90e9a54ce87f3a0c97624d9ad885aea4
|
||||||
|
Loading…
Reference in New Issue
Block a user