Merged update from upstream sources

This is an automated DistroBaker update from upstream sources.
If you do not know what this is about or would like to opt out,
contact the OSCI team.

Source: https://src.fedoraproject.org/rpms/selinux-policy.git#942c59859e64bf268aaf0f161f26fe50d188dc4b
This commit is contained in:
DistroBaker 2021-02-12 06:32:55 +00:00
parent eea0ee325a
commit ece0d0b7b5
3 changed files with 25 additions and 5 deletions

View File

@ -4,7 +4,7 @@ DISTGIT_PATH=$(pwd)
FEDORA_VERSION=rawhide
DOCKER_FEDORA_VERSION=master
DISTGIT_BRANCH=rawhide
DISTGIT_BRANCH=f34
REPO_SELINUX_POLICY=${REPO_SELINUX_POLICY:-https://github.com/fedora-selinux/selinux-policy}
REPO_SELINUX_POLICY_BRANCH=${REPO_SELINUX_POLICY_BRANCH:-$FEDORA_VERSION}
REPO_CONTAINER_SELINUX=${REPO_CONTAINER_SELINUX:-https://github.com/containers/container-selinux}

View File

@ -1,6 +1,6 @@
# github repo with selinux-policy sources
%global giturl https://github.com/fedora-selinux/selinux-policy
%global commit fed45e38dd9e0cad60c130c633ba150530b35d9c
%global commit 17c7cdc19d47f1da9d712d4d42521e146f775117
%global shortcommit %(c=%{commit}; echo ${c:0:7})
%define distro redhat
@ -24,7 +24,7 @@
Summary: SELinux policy configuration
Name: selinux-policy
Version: 3.14.7
Release: 18%{?dist}
Release: 19%{?dist}
License: GPLv2+
Source: %{giturl}/archive/%{commit}/%{name}-%{shortcommit}.tar.gz
Source1: modules-targeted-base.conf
@ -792,6 +792,26 @@ exit 0
%endif
%changelog
* Fri Feb 12 2021 Zdenek Pytela <zpytela@redhat.com> - 3.14.7-19
- Allow rtkit_daemon_t domain set process nice value in user namespaces
Resolves: rhbz#1910507
- Allow gpsd read and write ptp4l_t shared memory.
Resolves: rhbz#1803845
- Label /var/run/pcsd-ruby.socket socket with cluster_var_run_t type
Resolves: rhbz#1804626
- Allow Certmonger to use opencryptoki services
Resolves: rhbz#1894132
- Dontaudit vhostmd to write in /var/lib/rpm/ dir and allow signull rpm
Resolves: rhbz#1815603
- Allow rhsmcertd_t read kpatch lib files
Resolves: rhbz#1895322
- Allow ipsec_t connectto ipsec_mgmt_t
Resolves: rhbz#1848355
- Allow IPsec to use opencryptoki services
Resolves: rhbz#1894132
- Allow systemd-importd create /run/systemd/machines.lock file
Resolves: rhbz#1788055
* Sun Feb 07 2021 Zdenek Pytela <zpytela@redhat.com> - 3.14.7-18
- Allow lockdown confidentiality for domains using perf_event
- define lockdown class and access

View File

@ -1,3 +1,3 @@
SHA512 (selinux-policy-fed45e3.tar.gz) = d7c791c2d17dcc1bd2accf99d48ef49a1ad2535b6b22ed1468464139f0beb28e72fbdb2d7bc8defc5c3eb7684c9cf364e1fe1e5fc76e6646327461d0830e860a
SHA512 (container-selinux.tgz) = c8965a63a06b03b2e3f8191bd044a98d60e7b3c3ea94b79f19554c81ed45dc0cb3e1c1211c6e8c1cd519640ec972c1707d380c26cab4da33d0d8d9fbdf6bce68
SHA512 (selinux-policy-17c7cdc.tar.gz) = 21815c41813a22349f28cd2ff9bbd221f8e19039d67e766bc811a3566e75a8b58d4036b8da2b609eb1e37213694325f222972e16ad00d3b6154c255550f6f725
SHA512 (container-selinux.tgz) = daf7e3b64ae56db29732e8ef08db2cfc6431fae946fc7e67c5b677067db7b23735756fd9ddc5d052c1baebd7ab8eeb6c742d09f2f6348d9b31a4e9070646882a
SHA512 (macro-expander) = 243ee49f1185b78ac47e56ca9a3f3592f8975fab1a2401c0fcc7f88217be614fe31805bacec602b728e7fcfc21dcc17d90e9a54ce87f3a0c97624d9ad885aea4