* Thu Nov 28 2024 Zdenek Pytela <zpytela@redhat.com> - 40.13.15-1

- Allow qatlib search the content of the kernel debugging filesystem
Resolves: RHEL-66334
- Allow qatlib connect to systemd-machined over a unix socket
Resolves: RHEL-66334
- Update policy for samba-bgqd
Resolves: RHEL-64908
- Allow httpd get attributes of dirsrv unit files
Resolves: RHEL-62706
- Allow virtstoraged read vm sysctls
Resolves: RHEL-61742
- Allow virtstoraged execute mount programs in the mount domain
Resolves: RHEL-61742
- Update policy for rpc-virtstorage
Resolves: RHEL-61742
- Allow virtstoraged get attributes of configfs dirs
Resolves: RHEL-61742
- Allow virt_driver_domain read virtd-lxc files in /proc
Resolves: RHEL-61742
- Allow virtstoraged manage files with virt_content_t type
Resolves: RHEL-61742
- Allow virtstoraged use the io_uring API
Resolves: RHEL-61742
- Allow virtstoraged execute lvm programs in the lvm domain
Resolves: RHEL-61742
- Allow svirt_t connect to unconfined_t over a unix domain socket
Resolves: RHEL-61246
- Label /usr/lib/node_modules_22/npm/bin with bin_t
Resolves: RHEL-56350
- Allow bacula execute container in the container domain
Resolves: RHEL-39529
- Label /run/systemd/generator with systemd_unit_file_t
Resolves: RHEL-68313
This commit is contained in:
Zdenek Pytela 2024-11-28 22:16:34 +01:00
parent efbe8c4f78
commit d246bfd939
3 changed files with 39 additions and 4 deletions

View File

@ -1,3 +1,37 @@
* Thu Nov 28 2024 Zdenek Pytela <zpytela@redhat.com> - 40.13.15-1
- Allow qatlib search the content of the kernel debugging filesystem
Resolves: RHEL-66334
- Allow qatlib connect to systemd-machined over a unix socket
Resolves: RHEL-66334
- Update policy for samba-bgqd
Resolves: RHEL-64908
- Allow httpd get attributes of dirsrv unit files
Resolves: RHEL-62706
- Allow virtstoraged read vm sysctls
Resolves: RHEL-61742
- Allow virtstoraged execute mount programs in the mount domain
Resolves: RHEL-61742
- Update policy for rpc-virtstorage
Resolves: RHEL-61742
- Allow virtstoraged get attributes of configfs dirs
Resolves: RHEL-61742
- Allow virt_driver_domain read virtd-lxc files in /proc
Resolves: RHEL-61742
- Allow virtstoraged manage files with virt_content_t type
Resolves: RHEL-61742
- Allow virtstoraged use the io_uring API
Resolves: RHEL-61742
- Allow virtstoraged execute lvm programs in the lvm domain
Resolves: RHEL-61742
- Allow svirt_t connect to unconfined_t over a unix domain socket
Resolves: RHEL-61246
- Label /usr/lib/node_modules_22/npm/bin with bin_t
Resolves: RHEL-56350
- Allow bacula execute container in the container domain
Resolves: RHEL-39529
- Label /run/systemd/generator with systemd_unit_file_t
Resolves: RHEL-68313
* Tue Nov 19 2024 Zdenek Pytela <zpytela@redhat.com> - 40.13.14-1
- mls/modules.conf - fix typo
- Use dist/targeted/modules.conf in build workflow

View File

@ -5,7 +5,7 @@
# github repo with selinux-policy sources
%global giturl https://github.com/fedora-selinux/selinux-policy
%global commit 8f272d64932678c349fa638810913a81beacbc45
%global commit dffbecdca84d8974cd375e29bd86050eb6bd35f3
%global shortcommit %(c=%{commit}; echo ${c:0:7})
%define distro redhat
@ -17,7 +17,7 @@
%define CHECKPOLICYVER 3.2
Summary: SELinux policy configuration
Name: selinux-policy
Version: 40.13.14
Version: 40.13.15
Release: 1%{?dist}
License: GPL-2.0-or-later
Source: %{giturl}/archive/%{commit}/%{name}-%{shortcommit}.tar.gz
@ -754,4 +754,5 @@ exit 0
%endif
%changelog
%autochangelog

View File

@ -1,3 +1,3 @@
SHA512 (selinux-policy-8f272d6.tar.gz) = 1da1879629b0954f446482d71313369e13d7bd91a7266bd751f646c2f9ba0441da8017185b662417978fb588213c3c4c9eccf2e7fe62a5ebb6165f190cb08f79
SHA512 (container-selinux.tgz) = fb707c44b330075299e9d7fb307279c652bdd90331bc0ad70af6e44ec4830ec99f95c8c8396d7c7cc1da8b484e1433120560dacc6462caebcf9db5726414fa5c
SHA512 (selinux-policy-dffbecd.tar.gz) = 7a9f2441cc598709816453b2f9b5ce8ab5e365238c85b1b183b3b7d982e61df0662cba3e62ce29332c38aaee3d4c50e2f81fd89534aeba3214c0b987b837a93e
SHA512 (macro-expander) = 243ee49f1185b78ac47e56ca9a3f3592f8975fab1a2401c0fcc7f88217be614fe31805bacec602b728e7fcfc21dcc17d90e9a54ce87f3a0c97624d9ad885aea4
SHA512 (container-selinux.tgz) = bf84e6e2b53721924ace6b0c1c8f6268f6f8ba205d0359de922be40af044f1882bff9a322f528032599e08ab38acb9965179a1a6e1f55f4da1bee5243b33af6d