* Sun Jun 25 2023 Zdenek Pytela <zpytela@redhat.com> - 38.18-1

- Add support for kafs-dns requested by keyutils - Allow insights-client execmem - Add support for chronyd-restricted - Add init_explicit_domain() interface - Allow fsadm_t to get attributes of cgroup filesystems - Add list_dir_perms to kerberos_read_keytab - Label /var/run/tmpfiles.d/static-nodes.conf with kmod_var_run_t - Allow sendmail manage its runtime files - Allow keyutils_dns_resolver_exec_t be an entrypoint - Allow collectd_t read network state symlinks - Revert "Allow collectd_t read proc_net link files" - Allow nfsd_t to list exports_t dirs - Allow cupsd dbus chat with xdm - Allow haproxy read hardware state information - Add the kafs module
2023-06-25 13:08:51 +02:00 · 2023-06-25 13:08:51 +02:00 · ca2263f358
parent d71412e8ad
commit ca2263f358
2 changed files with 21 additions and 4 deletions
--- a/selinux-policy.spec
+++ b/selinux-policy.spec
@ -1,6 +1,6 @@
 # github repo with selinux-policy sources
 %global giturl https://github.com/fedora-selinux/selinux-policy
-%global commit 8f7ccc6e2f7fdc36666ae195e6c8a06bb611b862
+%global commit babc97bc83af7be306fcfaac65485faa09edfe89
 %global shortcommit %(c=%{commit}; echo ${c:0:7})

 %define distro redhat
@ -23,7 +23,7 @@
 %define CHECKPOLICYVER 3.2
 Summary: SELinux policy configuration
 Name: selinux-policy
-Version: 38.17
+Version: 38.18
 Release: 1%{?dist}
 License: GPL-2.0-or-later
 Source: %{giturl}/archive/%{commit}/%{name}-%{shortcommit}.tar.gz
@ -814,6 +814,23 @@ exit 0
 %endif

 %changelog
+* Sun Jun 25 2023 Zdenek Pytela <zpytela@redhat.com> - 38.18-1
+- Add support for kafs-dns requested by keyutils
+- Allow insights-client execmem
+- Add support for chronyd-restricted
+- Add init_explicit_domain() interface
+- Allow fsadm_t to get attributes of cgroup filesystems
+- Add list_dir_perms to kerberos_read_keytab
+- Label /var/run/tmpfiles.d/static-nodes.conf with kmod_var_run_t
+- Allow sendmail manage its runtime files
+- Allow keyutils_dns_resolver_exec_t be an entrypoint
+- Allow collectd_t read network state symlinks
+- Revert "Allow collectd_t read proc_net link files"
+- Allow nfsd_t to list exports_t dirs
+- Allow cupsd dbus chat with xdm
+- Allow haproxy read hardware state information
+- Add the kafs module
+
 * Thu Jun 15 2023 Zdenek Pytela <zpytela@redhat.com> - 38.17-1
 - Label /dev/userfaultfd with userfaultfd_t
 - Allow blueman send general signals to unprivileged user domains
--- a/4
+++ b/4
@ -1,3 +1,3 @@
-SHA512 (selinux-policy-8f7ccc6.tar.gz) = 2234a484f93f5c1e7bb3af965f0df268bd6b71fc22283c05129a668b6b19274321ec2bc2a903c12fc9297700d95f6f39d1a6bd141880167dbb4740013d7d39ee
+SHA512 (selinux-policy-babc97b.tar.gz) = b2dc71285db4935e2d4ed4f0c5d0944fb352309545450044883ff316e5eb9aae9478859be73cce0d8e223363b807e9f9ea3119646baa60b8a25a4b2955fdc2eb
+SHA512 (container-selinux.tgz) = 62068feb8c4820e32dea362c5fc24bc370eb9fb29cf78dd2462c5f41e7d00351a87e8936cc7a1b3e6ba0a5bec5ec5db8c3210b5417165ca178bf98d04c857aaf
 SHA512 (macro-expander) = 243ee49f1185b78ac47e56ca9a3f3592f8975fab1a2401c0fcc7f88217be614fe31805bacec602b728e7fcfc21dcc17d90e9a54ce87f3a0c97624d9ad885aea4
-SHA512 (container-selinux.tgz) = 621b83370c26f751fd99f09f4cca2efaa43f24941b267c58016f5c24d05e0c3db23a838e9055ad8560eb69e727612321f062d5374b569a759ed91d2db3c67ddc