* Thu Aug 25 2022 Nikola Knazekova <nknazeko@redhat.com> - 34.1.41-1

- Allow unconfined domains to bpf all other domains
Resolves: RHBZ#2112014
- Allow stalld get and set scheduling policy of all domains.
Resolves: rhbz#2105038
- Allow unconfined_t transition to targetclid_home_t
Resolves: RHBZ#2106360
- Allow samba-bgqd to read a printer list
Resolves: rhbz#2118977
- Allow system_dbusd ioctl kernel with a unix stream sockets
Resolves: rhbz#2085392
- Allow chronyd bind UDP sockets to ptp_event ports.
Resolves: RHBZ#2118631
- Update tor_bind_all_unreserved_ports interface
Resolves: RHBZ#2089486
- Remove permissive domain for rhcd_t
Resolves: rhbz#2119351
- Allow unconfined and sysadm users transition for /root/.gnupg
Resolves: rhbz#2121125
- Add gpg_filetrans_admin_home_content() interface
Resolves: rhbz#2121125
- Update rhcd policy for executing additional commands
Resolves: rhbz#2119351
- Update insights-client policy for additional commands execution
Resolves: rhbz#2119507
- Add rpm setattr db files macro
Resolves: rhbz#2119507
- Add userdom_view_all_users_keys() interface
Resolves: rhbz#2119507
- Allow gpg read and write generic pty type
Resolves: rhbz#2119507
- Allow chronyc read and write generic pty type
Resolves: rhbz#2119507
This commit is contained in:
Nikola Knazekova 2022-08-25 18:10:43 +02:00
parent 0fcafaead6
commit d1c3472797
2 changed files with 38 additions and 4 deletions

View File

@ -1,6 +1,6 @@
# github repo with selinux-policy sources
%global giturl https://github.com/fedora-selinux/selinux-policy
%global commit 2d2bbcf8445d343f9fcd0081270bbbfa7c44f423
%global commit 63e80c0f2e0d58ce6c28201dab17927594c4b5db
%global shortcommit %(c=%{commit}; echo ${c:0:7})
%define distro redhat
@ -23,7 +23,7 @@
%define CHECKPOLICYVER 3.2
Summary: SELinux policy configuration
Name: selinux-policy
Version: 34.1.40
Version: 34.1.41
Release: 1%{?dist}
License: GPLv2+
Source: %{giturl}/archive/%{commit}/%{name}-%{shortcommit}.tar.gz
@ -794,6 +794,40 @@ exit 0
%endif
%changelog
* Thu Aug 25 2022 Nikola Knazekova <nknazeko@redhat.com> - 34.1.41-1
- Allow unconfined domains to bpf all other domains
Resolves: RHBZ#2112014
- Allow stalld get and set scheduling policy of all domains.
Resolves: rhbz#2105038
- Allow unconfined_t transition to targetclid_home_t
Resolves: RHBZ#2106360
- Allow samba-bgqd to read a printer list
Resolves: rhbz#2118977
- Allow system_dbusd ioctl kernel with a unix stream sockets
Resolves: rhbz#2085392
- Allow chronyd bind UDP sockets to ptp_event ports.
Resolves: RHBZ#2118631
- Update tor_bind_all_unreserved_ports interface
Resolves: RHBZ#2089486
- Remove permissive domain for rhcd_t
Resolves: rhbz#2119351
- Allow unconfined and sysadm users transition for /root/.gnupg
Resolves: rhbz#2121125
- Add gpg_filetrans_admin_home_content() interface
Resolves: rhbz#2121125
- Update rhcd policy for executing additional commands
Resolves: rhbz#2119351
- Update insights-client policy for additional commands execution
Resolves: rhbz#2119507
- Add rpm setattr db files macro
Resolves: rhbz#2119507
- Add userdom_view_all_users_keys() interface
Resolves: rhbz#2119507
- Allow gpg read and write generic pty type
Resolves: rhbz#2119507
- Allow chronyc read and write generic pty type
Resolves: rhbz#2119507
* Wed Aug 10 2022 Nikola Knazekova <nknazeko@redhat.com> - 34.1.40-1
- Allow systemd-modules-load write to /dev/kmsg and send a message to syslogd
Resolves: RHBZ#2088257

View File

@ -1,3 +1,3 @@
SHA512 (selinux-policy-2d2bbcf.tar.gz) = cc5d42384ad82daec0935f8043bf1654a434b6eeccd5e90771482dea57b646cf75eca89a300d225a323cac47e10ac69dee8d72425ca88a50184d74b0f8acc35f
SHA512 (container-selinux.tgz) = 98a66f4f765492d233bc457170dbc79d8daff8d6c599265e9f08484919e69f25dd4b726290fa1e610a3be6e52a26df47feab542c13421e373b28bbfac10da9e4
SHA512 (selinux-policy-63e80c0.tar.gz) = ecbff7034d6a9fa5ff8aad1b2a8191fb5557adca45fbc9b12074557cce3084bc18686782bd6cf97c2d08cee6507662793e97e99c1c096f49bd9bb0c4eb57f89f
SHA512 (container-selinux.tgz) = 6b17b7931dd7f32df0c81dfd70f452d5f442c49763ab37bd5abcba22d36dde1fb5e2125de513d8933780f45847f0a66c483c88bbbe80e86c8cbb4dbb1c07bada
SHA512 (macro-expander) = 243ee49f1185b78ac47e56ca9a3f3592f8975fab1a2401c0fcc7f88217be614fe31805bacec602b728e7fcfc21dcc17d90e9a54ce87f3a0c97624d9ad885aea4