* Thu Dec 23 2021 Zdenek Pytela <zpytela@redhat.com> - 35.8-1
- Allow haproxy get attributes of filesystems with extended attributes - Allow haproxy get attributes of cgroup filesystems - Allow sysadm execute sysadmctl in sysadm_t domain using sudo - Allow userdomains use pam_ssh_agent_auth for passwordless sudo - Allow sudodomains execute passwd in the passwd domain - Allow braille printing in selinux - Allow sandbox_xserver_t map sandbox_file_t - Label /dev/ngXnY and /dev/nvme-subsysX with fixed_disk_device_t - Add hwtracing_device_t type for hardware-level tracing and debugging - Label port 9528/tcp with openqa_liveview - Label /var/lib/shorewall6-lite with shorewall_var_lib_t - Document Security Flask model in the policy
This commit is contained in:
parent
4bbbba4fda
commit
d0828ed3ca
@ -1,6 +1,6 @@
|
|||||||
# github repo with selinux-policy sources
|
# github repo with selinux-policy sources
|
||||||
%global giturl https://github.com/fedora-selinux/selinux-policy
|
%global giturl https://github.com/fedora-selinux/selinux-policy
|
||||||
%global commit 07b06a7f6cb1f41b92de5d29d21ac89c4d362457
|
%global commit b1497c15f68bf0ceac2b19684582266e717bd079
|
||||||
%global shortcommit %(c=%{commit}; echo ${c:0:7})
|
%global shortcommit %(c=%{commit}; echo ${c:0:7})
|
||||||
|
|
||||||
%define distro redhat
|
%define distro redhat
|
||||||
@ -23,7 +23,7 @@
|
|||||||
%define CHECKPOLICYVER 3.2
|
%define CHECKPOLICYVER 3.2
|
||||||
Summary: SELinux policy configuration
|
Summary: SELinux policy configuration
|
||||||
Name: selinux-policy
|
Name: selinux-policy
|
||||||
Version: 35.7
|
Version: 35.8
|
||||||
Release: 1%{?dist}
|
Release: 1%{?dist}
|
||||||
License: GPLv2+
|
License: GPLv2+
|
||||||
Source: %{giturl}/archive/%{commit}/%{name}-%{shortcommit}.tar.gz
|
Source: %{giturl}/archive/%{commit}/%{name}-%{shortcommit}.tar.gz
|
||||||
@ -808,6 +808,20 @@ exit 0
|
|||||||
%endif
|
%endif
|
||||||
|
|
||||||
%changelog
|
%changelog
|
||||||
|
* Thu Dec 23 2021 Zdenek Pytela <zpytela@redhat.com> - 35.8-1
|
||||||
|
- Allow haproxy get attributes of filesystems with extended attributes
|
||||||
|
- Allow haproxy get attributes of cgroup filesystems
|
||||||
|
- Allow sysadm execute sysadmctl in sysadm_t domain using sudo
|
||||||
|
- Allow userdomains use pam_ssh_agent_auth for passwordless sudo
|
||||||
|
- Allow sudodomains execute passwd in the passwd domain
|
||||||
|
- Allow braille printing in selinux
|
||||||
|
- Allow sandbox_xserver_t map sandbox_file_t
|
||||||
|
- Label /dev/ngXnY and /dev/nvme-subsysX with fixed_disk_device_t
|
||||||
|
- Add hwtracing_device_t type for hardware-level tracing and debugging
|
||||||
|
- Label port 9528/tcp with openqa_liveview
|
||||||
|
- Label /var/lib/shorewall6-lite with shorewall_var_lib_t
|
||||||
|
- Document Security Flask model in the policy
|
||||||
|
|
||||||
* Fri Dec 10 2021 Zdenek Pytela <zpytela@redhat.com> - 35.7-1
|
* Fri Dec 10 2021 Zdenek Pytela <zpytela@redhat.com> - 35.7-1
|
||||||
- Allow systemd read unlabeled symbolic links
|
- Allow systemd read unlabeled symbolic links
|
||||||
- Label abrt-action-generate-backtrace with abrt_handle_event_exec_t
|
- Label abrt-action-generate-backtrace with abrt_handle_event_exec_t
|
||||||
|
4
sources
4
sources
@ -1,3 +1,3 @@
|
|||||||
SHA512 (selinux-policy-07b06a7.tar.gz) = 1d22662676b47b0b603fb10cfed5490a935108048119ee558f7969d262a879d6c1f2c9edd848901b5d3275381f852d529ee23008fc3e3b78871f1cd60977a317
|
SHA512 (selinux-policy-b1497c1.tar.gz) = c306e46b857ee1ebc3cce7a5afa6e60a4bb6b8b79825f26983191e52313c6bad96ed1506d9a10f0af0638159d9c9d845d697548e727ea5a37589bdc2752ef586
|
||||||
SHA512 (container-selinux.tgz) = 1fb86e0e99fbc097c2dc4d84827121d4abd9f622b921c8f39e6c4f6ea58c12ffeff78f7b7cad460111b446821613a34281289c2f55549ec89152d49280fb4783
|
SHA512 (container-selinux.tgz) = 6d93bb74cb9a1102b6aced9f19fd1bbe951aa945d9cc817016c19a9570994009db5f8cf908db8b2d4a9aa81eeb7fc280130f8f99d6ab2185ebaea948f773734c
|
||||||
SHA512 (macro-expander) = 243ee49f1185b78ac47e56ca9a3f3592f8975fab1a2401c0fcc7f88217be614fe31805bacec602b728e7fcfc21dcc17d90e9a54ce87f3a0c97624d9ad885aea4
|
SHA512 (macro-expander) = 243ee49f1185b78ac47e56ca9a3f3592f8975fab1a2401c0fcc7f88217be614fe31805bacec602b728e7fcfc21dcc17d90e9a54ce87f3a0c97624d9ad885aea4
|
||||||
|
Loading…
Reference in New Issue
Block a user