* Thu Jan 12 2023 Nikola Knazekova <nknazeko@redhat.com> - 38.1.4-1

- Add lpr_roles  to system_r roles
Resolves: rhbz#2152150
- Allow insights client work with gluster and pcp
Resolves: rhbz#2152150
- Add interfaces in domain, files, and unconfined modules
Resolves: rhbz#2152150
- Label fwupdoffline and fwupd-detect-cet with fwupd_exec_t
Resolves: rhbz#2152150
- Add insights additional capabilities
Resolves: rhbz#2152150
- Revert "Allow insights-client run lpr and allow the proper role"
Resolves: rhbz#2152150
- Allow prosody manage its runtime socket files
Resolves: rhbz#2157891
- Allow syslogd read network sysctls
Resolves: rhbz#2156068
- Allow NetworkManager and wpa_supplicant the bpf capability
Resolves: rhbz#2137085
- Allow sysadm_t read/write ipmi devices
Resolves: rhbz#2158419
- Allow wireguard to create udp sockets and read net_conf
Resolves: rhbz#2149452
- Allow systemd-rfkill the bpf capability
Resolves: rhbz#2149390
- Allow load_policy_t write to unallocated ttys
Resolves: rhbz#2145181
- Allow winbind-rpcd manage samba_share_t files and dirs
Resolves: rhbz#2150680
This commit is contained in:
Nikola Knazekova 2023-01-12 16:36:53 +01:00
parent ff00f2a45f
commit c4ce76dfb1
2 changed files with 34 additions and 4 deletions

View File

@ -1,6 +1,6 @@
# github repo with selinux-policy sources # github repo with selinux-policy sources
%global giturl https://github.com/fedora-selinux/selinux-policy %global giturl https://github.com/fedora-selinux/selinux-policy
%global commit 390b4e8af29092a1063ad1f5d55d898b33f1a293 %global commit aa4d1f8b2e0e4ac4415edb1470cc280b840b5c31
%global shortcommit %(c=%{commit}; echo ${c:0:7}) %global shortcommit %(c=%{commit}; echo ${c:0:7})
%define distro redhat %define distro redhat
@ -23,7 +23,7 @@
%define CHECKPOLICYVER 3.2 %define CHECKPOLICYVER 3.2
Summary: SELinux policy configuration Summary: SELinux policy configuration
Name: selinux-policy Name: selinux-policy
Version: 38.1.3 Version: 38.1.4
Release: 1%{?dist} Release: 1%{?dist}
License: GPLv2+ License: GPLv2+
Source: %{giturl}/archive/%{commit}/%{name}-%{shortcommit}.tar.gz Source: %{giturl}/archive/%{commit}/%{name}-%{shortcommit}.tar.gz
@ -808,6 +808,36 @@ exit 0
%endif %endif
%changelog %changelog
* Thu Jan 12 2023 Nikola Knazekova <nknazeko@redhat.com> - 38.1.4-1
- Add lpr_roles to system_r roles
Resolves: rhbz#2152150
- Allow insights client work with gluster and pcp
Resolves: rhbz#2152150
- Add interfaces in domain, files, and unconfined modules
Resolves: rhbz#2152150
- Label fwupdoffline and fwupd-detect-cet with fwupd_exec_t
Resolves: rhbz#2152150
- Add insights additional capabilities
Resolves: rhbz#2152150
- Revert "Allow insights-client run lpr and allow the proper role"
Resolves: rhbz#2152150
- Allow prosody manage its runtime socket files
Resolves: rhbz#2157891
- Allow syslogd read network sysctls
Resolves: rhbz#2156068
- Allow NetworkManager and wpa_supplicant the bpf capability
Resolves: rhbz#2137085
- Allow sysadm_t read/write ipmi devices
Resolves: rhbz#2158419
- Allow wireguard to create udp sockets and read net_conf
Resolves: rhbz#2149452
- Allow systemd-rfkill the bpf capability
Resolves: rhbz#2149390
- Allow load_policy_t write to unallocated ttys
Resolves: rhbz#2145181
- Allow winbind-rpcd manage samba_share_t files and dirs
Resolves: rhbz#2150680
* Thu Dec 15 2022 Nikola Knazekova <nknazeko@redhat.com> - 38.1.3-1 * Thu Dec 15 2022 Nikola Knazekova <nknazeko@redhat.com> - 38.1.3-1
- Allow stalld to read /sys/kernel/security/lockdown file - Allow stalld to read /sys/kernel/security/lockdown file
Resolves: rhbz#2140673 Resolves: rhbz#2140673

View File

@ -1,3 +1,3 @@
SHA512 (selinux-policy-390b4e8.tar.gz) = b9418e35ce0674c3fef79d27789750691662994f52faf6e8d541f4b9bda07a2206668737fe9bf58ee5ac0662bb5c49b640bb3155ba4a95fd9545826eaf1e7f52 SHA512 (selinux-policy-aa4d1f8.tar.gz) = b84e9dc563c5b367832b9877d7bab6fd72af776c74d8e71d365730c9f5724931b7319f99e3b62f99b8d69e058f6502dbffb747f241f354b24c92bdadc860365f
SHA512 (container-selinux.tgz) = 20fe003717a7fdd5d389a1917a6c83fadda32d4a173120424e20520105b3d15f9b6c6684152dd3387afb19c151b44aabebf582694b8354aab2a5a1734e464009 SHA512 (container-selinux.tgz) = 2acf0e7ae6aade6c0845e0cb430ecc7924d15546ff27fcb3c40128d96626196afafcc7822735fd2186dab17e68e771ddf8deefd180c5c0d1a84ed91a7dc04b86
SHA512 (macro-expander) = 243ee49f1185b78ac47e56ca9a3f3592f8975fab1a2401c0fcc7f88217be614fe31805bacec602b728e7fcfc21dcc17d90e9a54ce87f3a0c97624d9ad885aea4 SHA512 (macro-expander) = 243ee49f1185b78ac47e56ca9a3f3592f8975fab1a2401c0fcc7f88217be614fe31805bacec602b728e7fcfc21dcc17d90e9a54ce87f3a0c97624d9ad885aea4