* Thu Oct 04 2018 Lukas Vrabec <lvrabec@redhat.com> - 3.14.3-5

- Allow dictd_t domain to mmap dictd_var_lib_t files BZ(1634650)
- Fix typo in boltd.te policy
- Allow fail2ban_t domain to mmap journal
- Add kill capability to named_t domain
- Allow neutron domain to read/write /var/run/utmp
- Create boltd_var_run_t type for boltd pid files
- Allow tomcat_domain to read /dev/random
- Allow neutron_t domain to use pam
- Add the port used by nsca (Nagios Service Check Acceptor)
This commit is contained in:
Lukas Vrabec 2018-10-04 16:27:59 +02:00
parent 735de0477d
commit ef7c751093
No known key found for this signature in database
GPG Key ID: 47201AC42F29CE06
3 changed files with 19 additions and 6 deletions

2
.gitignore vendored
View File

@ -310,3 +310,5 @@ serefpolicy*
/selinux-policy-38c6414.tar.gz
/selinux-policy-contrib-dab4b50.tar.gz
/selinux-policy-446ee2a.tar.gz
/selinux-policy-0813126.tar.gz
/selinux-policy-contrib-ff6d7f4.tar.gz

View File

@ -1,11 +1,11 @@
# github repo with selinux-policy base sources
%global git0 https://github.com/fedora-selinux/selinux-policy
%global commit0 446ee2abb3b37bb0fe27fa313048069d3c83b0e7
%global commit0 08131262642800aecab1c830382056bcc312bd55
%global shortcommit0 %(c=%{commit0}; echo ${c:0:7})
# github repo with selinux-policy contrib sources
%global git1 https://github.com/fedora-selinux/selinux-policy-contrib
%global commit1 dab4b50b7d2268b6cfb675754903b1a413008bba
%global commit1 ff6d7f41cdba4524422558bf381447c1f8181014
%global shortcommit1 %(c=%{commit1}; echo ${c:0:7})
%define distro redhat
@ -29,7 +29,7 @@
Summary: SELinux policy configuration
Name: selinux-policy
Version: 3.14.3
Release: 4%{?dist}
Release: 5%{?dist}
License: GPLv2+
Group: System Environment/Base
Source: %{git0}/archive/%{commit0}/%{name}-%{shortcommit0}.tar.gz
@ -709,6 +709,17 @@ exit 0
%endif
%changelog
* Thu Oct 04 2018 Lukas Vrabec <lvrabec@redhat.com> - 3.14.3-5
- Allow dictd_t domain to mmap dictd_var_lib_t files BZ(1634650)
- Fix typo in boltd.te policy
- Allow fail2ban_t domain to mmap journal
- Add kill capability to named_t domain
- Allow neutron domain to read/write /var/run/utmp
- Create boltd_var_run_t type for boltd pid files
- Allow tomcat_domain to read /dev/random
- Allow neutron_t domain to use pam
- Add the port used by nsca (Nagios Service Check Acceptor)
* Mon Sep 24 2018 Lukas Vrabec <lvrabec@redhat.com> - 3.14.3-4
- Update sources to include SELinux policy for containers

View File

@ -1,3 +1,3 @@
SHA512 (selinux-policy-contrib-dab4b50.tar.gz) = f75ccf7d02520c85ca80f80b00101713689595e82765605c6a3a33e6c6488fd04885b06ff36d50f88741182b8d010e5157133ff9a5679fc1a45bbd09b461859b
SHA512 (selinux-policy-446ee2a.tar.gz) = a460286e138f0424cb2da998d72fa7f332f92713604d5d17aa55da79620591ccf857b9682984cc3b4a9965ad7178269ebadb512979d5c86d6ef288a7811c3d09
SHA512 (container-selinux.tgz) = 56596d0044897ad64722f8fb5fffb8d308d257384e64c1da0fdb1856bc8de2550fdca39f49fcd086ea95a4a1504d252e0f697530452c67abde864a2606967b2e
SHA512 (selinux-policy-0813126.tar.gz) = 9cd52f0513b8fe26ba5e8ef52dca203d58b09ce17c7ba2daab2b8a3b91e20d6188ed3dbebb388aab9329d636d63359cb34e5f65f49399b05da921a531f368fa2
SHA512 (selinux-policy-contrib-ff6d7f4.tar.gz) = ec107276762235a01183a43428978a8b28e5e43c63abd255d7e2ebf9828230eaafe67539d6826f6934de4e6ef16fc9cda82b4c824172d20da55f1ff98803104a
SHA512 (container-selinux.tgz) = 399c9b708e9acd91b42e27d086067b5959bf3df5de55c5f9d1cd8fa5c2c4723a136e7054c0f93c49be7e32d444ed7483f2a394de36c93fa508452ee3e2ef86d3