* Mon Jun 21 2021 Zdenek Pytela <zpytela@redhat.com> - 34.12-1

- Label /dev/dma_heap/* char devices with dma_device_t - Revert "Label /dev/dma_heap/* char devices with dma_device_t" - Revert "Label /dev/dma_heap with dma_device_dir_t" - Revert "Associate dma_device_dir_t with device filesystem" - Add the lockdown integrity permission to dev_map_userio_dev() - Allow systemd-modules-load read/write tracefs files - Allow sssd watch /run/systemd - Label /usr/bin/arping plain file with netutils_exec_t - Label /run/fsck with fsadm_var_run_t - Label /usr/bin/Xwayland with xserver_exec_t - Allow systemd-timesyncd watch dbus runtime dir - Allow asterisk watch localization files - Allow iscsid read all process stat - iptables.fc: Add missing legacy-restore and legacy-save entries - Label /run/libvirt/common with virt_common_var_run_t - Label /.k5identity file allow read of this file to rpc.gssd - Make usbmuxd_t a daemon
2021-06-21 15:07:20 +02:00 · 2021-06-21 15:07:20 +02:00 · ed2eb34288
parent ef6e27e6c9
commit ed2eb34288
2 changed files with 23 additions and 4 deletions
--- a/selinux-policy.spec
+++ b/selinux-policy.spec
@ -1,6 +1,6 @@
 # github repo with selinux-policy sources
 %global giturl https://github.com/fedora-selinux/selinux-policy
-%global commit b358de719df0b724d3164240a430cc4e02be15d0
+%global commit 85f35a10d97af810016aa668dc24f8e5bbc36596
 %global shortcommit %(c=%{commit}; echo ${c:0:7})

 %define distro redhat
@ -23,7 +23,7 @@
 %define CHECKPOLICYVER 3.2
 Summary: SELinux policy configuration
 Name: selinux-policy
-Version: 34.11
+Version: 34.12
 Release: 1%{?dist}
 License: GPLv2+
 Source: %{giturl}/archive/%{commit}/%{name}-%{shortcommit}.tar.gz
@ -792,6 +792,25 @@ exit 0
 %endif

 %changelog
+* Mon Jun 21 2021 Zdenek Pytela <zpytela@redhat.com> - 34.12-1
+- Label /dev/dma_heap/* char devices with dma_device_t
+- Revert "Label /dev/dma_heap/* char devices with dma_device_t"
+- Revert "Label /dev/dma_heap with dma_device_dir_t"
+- Revert "Associate dma_device_dir_t with device filesystem"
+- Add the lockdown integrity permission to dev_map_userio_dev()
+- Allow systemd-modules-load read/write tracefs files
+- Allow sssd watch /run/systemd
+- Label /usr/bin/arping plain file with netutils_exec_t
+- Label /run/fsck with fsadm_var_run_t
+- Label /usr/bin/Xwayland with xserver_exec_t
+- Allow systemd-timesyncd watch dbus runtime dir
+- Allow asterisk watch localization files
+- Allow iscsid read all process stat
+- iptables.fc: Add missing legacy-restore and legacy-save entries
+- Label /run/libvirt/common with virt_common_var_run_t
+- Label /.k5identity file allow read of this file to rpc.gssd
+- Make usbmuxd_t a daemon
+
 * Wed Jun 09 2021 Zdenek Pytela <zpytela@redhat.com> - 34.11-1
 - Allow sanlock get attributes of cgroup filesystems
 - Associate dma_device_dir_t with device filesystem
--- a/4
+++ b/4
@ -1,3 +1,3 @@
-SHA512 (selinux-policy-b358de7.tar.gz) = 54dbd93123e2086d01bea4ee0cf1c7f379e09224ca9e88f029fb9a430aa0d63343f0578facd52ae03781b140d893d2bd7ef795d8b36c47aeef4d62dab98f7170
+SHA512 (selinux-policy-85f35a1.tar.gz) = aafb4ef00018011b62de0bf70562da4456087661bbda971fc9b63704cd41df01a26e7838fd8de19c4ac164d73f247e6939fe68b0d2e1a4b83057f1c7c005530a
+SHA512 (container-selinux.tgz) = 82949a11f5d946928422d096ce6dfb23f9fdab317b95c9209e72919840b2e9f12121302ee7772412bbf456fe295a231ee7a5599f0a2f45c1a3d03bf950c5175b
 SHA512 (macro-expander) = 243ee49f1185b78ac47e56ca9a3f3592f8975fab1a2401c0fcc7f88217be614fe31805bacec602b728e7fcfc21dcc17d90e9a54ce87f3a0c97624d9ad885aea4
-SHA512 (container-selinux.tgz) = d2d56e4990cbd8815b744a921ab034eba94a2ec08cf5c66ca64d448daf7ef8d3d7d30c97d02411cc83773ac3af38a23295b70ec49cb5162bb1f110c25e1e0d15