* Sun Jul 07 2024 Zdenek Pytela <zpytela@redhat.com> - 38.1.41-1

- Differentiate between staff and sysadm when executing crontab with sudo
Resolves: RHEL-31888
- Label /usr/bin/samba-gpupdate with samba_gpupdate_exec_t
Resolves: RHEL-25724
- Allow unconfined_service_t transition to passwd_t
Resolves: RHEL-17404
- Allow sbd to trace processes in user namespace
Resolves: RHEL-44680
- Allow systemd-coredumpd sys_admin and sys_resource capabilities
Resolves: RHEL-45245
- Label /usr/lib/node_modules/npm/bin with bin_t
Resolves: RHEL-36587
- Support /var is empty
Resolves: RHEL-29331
- Allow timemaster write to sysfs files
Resolves: RHEL-28777
- Don't audit crontab_domain write attempts to user home
Resolves: RHEL-31888
- Transition from sudodomains to crontab_t when executing crontab_exec_t
Resolves: RHEL-31888
- Fix label of pseudoterminals created from sudodomain
Resolves: RHEL-31888
This commit is contained in:
Zdenek Pytela 2024-07-07 20:02:06 +02:00
parent 9ff33f15d5
commit c74c6d2868
2 changed files with 28 additions and 4 deletions

View File

@ -1,6 +1,6 @@
# github repo with selinux-policy sources
%global giturl https://github.com/fedora-selinux/selinux-policy
%global commit aa5fe22578d5a895ea05cb385bdecca73ea7f7a9
%global commit a22468c51f2eb5fbeff06cef9840b577382fd2c0
%global shortcommit %(c=%{commit}; echo ${c:0:7})
%define distro redhat
@ -23,7 +23,7 @@
%define CHECKPOLICYVER 3.2
Summary: SELinux policy configuration
Name: selinux-policy
Version: 38.1.40
Version: 38.1.41
Release: 1%{?dist}
License: GPLv2+
Source: %{giturl}/archive/%{commit}/%{name}-%{shortcommit}.tar.gz
@ -809,6 +809,30 @@ exit 0
%endif
%changelog
* Sun Jul 07 2024 Zdenek Pytela <zpytela@redhat.com> - 38.1.41-1
- Differentiate between staff and sysadm when executing crontab with sudo
Resolves: RHEL-31888
- Label /usr/bin/samba-gpupdate with samba_gpupdate_exec_t
Resolves: RHEL-25724
- Allow unconfined_service_t transition to passwd_t
Resolves: RHEL-17404
- Allow sbd to trace processes in user namespace
Resolves: RHEL-44680
- Allow systemd-coredumpd sys_admin and sys_resource capabilities
Resolves: RHEL-45245
- Label /usr/lib/node_modules/npm/bin with bin_t
Resolves: RHEL-36587
- Support /var is empty
Resolves: RHEL-29331
- Allow timemaster write to sysfs files
Resolves: RHEL-28777
- Don't audit crontab_domain write attempts to user home
Resolves: RHEL-31888
- Transition from sudodomains to crontab_t when executing crontab_exec_t
Resolves: RHEL-31888
- Fix label of pseudoterminals created from sudodomain
Resolves: RHEL-31888
* Tue Jun 18 2024 Zdenek Pytela <zpytela@redhat.com> - 38.1.40-1
- Allow systemd-coredump read nsfs files
Resolves: RHEL-39937

View File

@ -1,3 +1,3 @@
SHA512 (selinux-policy-aa5fe22.tar.gz) = bf467609e0e833ba6475658fc462977a25e0d6147800319fce5ec086745307af171a336d601cffa6639c444329b78d248ccd3b47768e51a66f20c4ca007a1b8c
SHA512 (selinux-policy-a22468c.tar.gz) = 476e1a300c3f2c8a65003988b1000f40a74922807edcf7d139f5641323923700c6146d3c28888406191bebc1623c5b4a714826259825036530970ab6f44ff99b
SHA512 (macro-expander) = 243ee49f1185b78ac47e56ca9a3f3592f8975fab1a2401c0fcc7f88217be614fe31805bacec602b728e7fcfc21dcc17d90e9a54ce87f3a0c97624d9ad885aea4
SHA512 (container-selinux.tgz) = 540d236736fdd392336bb60676a5b58c3220840007e6da21e6c0eb87b191d875be5e8417a04fdbae254634c4eb7fae1ac0194aafbab0baf0246e52e74a3564e2
SHA512 (container-selinux.tgz) = 166b2cf5d76f1ff8380ec3600ebd728536da046ab1c39879ac8371e575bb9754991ca6414e5b88b2af5ef70a904a209c99955870f8134c485da7f8df8872b045