* Tue Jul 07 2020 Zdenek Pytela <zpytela@redhat.com> - 3.14.6-18

- Allow oddjob_t process noatsecure permission for ipa_helper_t
- Allow keepalived manage its private type runtime directories
- Update irqbalance runtime directory file context
- Allow irqbalance file transition for pid sock_files and directories
- Allow systemd_private_tmp(dirsrv_tmp_t) instead of dirsrv_t
- Allow virtlogd_t manage virt lib files
- Allow systemd set efivarfs files attributes
- Support systemctl --user in machinectl
- Allow chkpwd_t read and write systemd-machined devpts character nodes
- Allow init_t write to inherited systemd-logind sessions pipes

.gitignore

@@ -466,3 +466,5 @@ serefpolicy*
 /selinux-policy-7dd92fd.tar.gz
 /selinux-policy-contrib-2a1096a.tar.gz
 /selinux-policy-427796e.tar.gz
+/selinux-policy-contrib-f55cbfd.tar.gz
+/selinux-policy-f0e4878.tar.gz

selinux-policy.spec

@@ -1,11 +1,11 @@
 # github repo with selinux-policy base sources
 %global git0 https://github.com/fedora-selinux/selinux-policy
-%global commit0 427796e812ddf1284b6f78f41efd8137fe26f2f0
+%global commit0 f0e48785589982929a4b597c6a663dde980e468d
 %global shortcommit0 %(c=%{commit0}; echo ${c:0:7})
 
 # github repo with selinux-policy contrib sources
 %global git1 https://github.com/fedora-selinux/selinux-policy-contrib
-%global commit1 2a1096a616c714d0bc4eb0d94e42ccab369c0db5
+%global commit1 f55cbfd889cdd7dac3e2a7d334684f607127c1ae
 %global shortcommit1 %(c=%{commit1}; echo ${c:0:7})
 
 %define distro redhat
@@ -29,7 +29,7 @@
 Summary: SELinux policy configuration
 Name: selinux-policy
 Version: 3.14.6
-Release: 17%{?dist}
+Release: 18%{?dist}
 License: GPLv2+
 Source: %{git0}/archive/%{commit0}/%{name}-%{shortcommit0}.tar.gz
 Source29: %{git1}/archive/%{commit1}/%{name}-contrib-%{shortcommit1}.tar.gz
@@ -784,6 +784,18 @@ exit 0
 %endif
 
 %changelog
+* Tue Jul 07 2020 Zdenek Pytela <zpytela@redhat.com> - 3.14.6-18
+- Allow oddjob_t process noatsecure permission for ipa_helper_t
+- Allow keepalived manage its private type runtime directories
+- Update irqbalance runtime directory file context
+- Allow irqbalance file transition for pid sock_files and directories
+- Allow systemd_private_tmp(dirsrv_tmp_t) instead of dirsrv_t
+- Allow virtlogd_t manage virt lib files
+- Allow systemd set efivarfs files attributes
+- Support systemctl --user in machinectl
+- Allow chkpwd_t read and write systemd-machined devpts character nodes
+- Allow init_t write to inherited systemd-logind sessions pipes
+
 * Fri Jun 26 2020 Zdenek Pytela <zpytela@redhat.com> - 3.14.6-17
 - Allow pdns server to read system state
 - Allow irqbalance nnp_transition

sources

@@ -1,4 +1,4 @@
-SHA512 (selinux-policy-contrib-2a1096a.tar.gz) = 1cfbde139b1343b64938cdbb047e11c5ce7a76b9476de2ec3f9803dcd9441c108cbada4bc47ba4c44fe78f281997b12cb7db13b1eee75c4bef3e55c2093bb2b2
-SHA512 (selinux-policy-427796e.tar.gz) = 01dd45439da3472f4b41bd6bd4226f70557a3453b7ff296df1af900dad2a1d94c5299f0c192af033e676a3c3fe8c9b11b9a1fca57da3ad5c66185f533bd3e3d6
-SHA512 (container-selinux.tgz) = e65c8e027ea4b07e4f257a8a297629622118155244d4ebe62186b4fb1e00218cbb5a1d5ff67f258f69d36ee45d5889bd73f61b6911defa29e5d5ec0b5c5be9bf
+SHA512 (selinux-policy-contrib-f55cbfd.tar.gz) = c8d52f4cb20c76ae508a7e98fa2b307ee71417798640b37e97cb6c3c9658cfa6e9f558d6cf036ce2e833d55971a737d2f744066521ed38b0b7d48a83ed5ea8ad
+SHA512 (selinux-policy-f0e4878.tar.gz) = be00a28b1bee5edfe655c5b960d793fde54709d367dc2065f3e61f3fc8f11a051836c4fad57eac38123c5ff914413b76b46efbd196047fa9932db875e7cd1937
+SHA512 (container-selinux.tgz) = acc5f6c1622069bee2fd5fd9fa7e96b0fcd6c06c70e57183c908dab95221d38c6c93b8748f4187c0ba9b28ca9629d1dbda68a9cdb38f6a723a0baced5482b533
 SHA512 (macro-expander) = 243ee49f1185b78ac47e56ca9a3f3592f8975fab1a2401c0fcc7f88217be614fe31805bacec602b728e7fcfc21dcc17d90e9a54ce87f3a0c97624d9ad885aea4