* Tue Dec 15 16:24:44 CET 2020 Zdenek Pytela <zpytela@redhat.com> - 3.14.7-12

- Allow dovecot_auth_t stat /proc filesystem - Allow sysadm_u user and unconfined_domain_type manage perf_events - Allow pcp-pmcd manage perf_events - Add manage_perf_event_perms object permissions set - Add perf_event access vectors. - Allow sssd, unix_chkpwd, groupadd stat /proc filesystem - Allow stub-resolv.conf to be a symlink - sysnetwork.if: avoid directly referencing systemd_resolved_var_run_t - Create the systemd_dbus_chat_resolved() compatibility interface - Allow nsswitch-domain write to systemd-resolved PID socket files - Add systemd_resolved_write_pid_sock_files() interface - Add default file context for "/var/run/chrony-dhcp(/.*)?" - Allow timedatex dbus chat with cron system domain - Add cron_dbus_chat_system_job() interface - Allow systemd-logind manage init's pid files
2020-12-15 16:31:51 +01:00 · 2020-12-15 16:31:51 +01:00 · fa72125856
parent 0f3b08d5d1
commit fa72125856
2 changed files with 21 additions and 4 deletions
--- a/selinux-policy.spec
+++ b/selinux-policy.spec
@ -1,6 +1,6 @@
 # github repo with selinux-policy sources
 %global giturl https://github.com/fedora-selinux/selinux-policy
-%global commit d18c06ec6cdd5cb00207781f926c30e3706268bf
+%global commit 826033875b0857b0b7519cd809aa581978a4ddde
 %global shortcommit %(c=%{commit}; echo ${c:0:7})

 %define distro redhat
@ -24,7 +24,7 @@
 Summary: SELinux policy configuration
 Name: selinux-policy
 Version: 3.14.7
-Release: 11%{?dist}
+Release: 12%{?dist}
 License: GPLv2+
 Source: %{giturl}/archive/%{commit}/%{name}-%{shortcommit}.tar.gz
 Source1: modules-targeted-base.conf
@ -798,6 +798,23 @@ exit 0
 %endif

 %changelog
+* Tue Dec 15 16:24:44 CET 2020 Zdenek Pytela <zpytela@redhat.com> - 3.14.7-12
+- Allow dovecot_auth_t stat /proc filesystem
+- Allow sysadm_u user and unconfined_domain_type manage perf_events
+- Allow pcp-pmcd manage perf_events
+- Add manage_perf_event_perms object permissions set
+- Add perf_event access vectors.
+- Allow sssd, unix_chkpwd, groupadd stat /proc filesystem
+- Allow stub-resolv.conf to be a symlink
+- sysnetwork.if: avoid directly referencing systemd_resolved_var_run_t
+- Create the systemd_dbus_chat_resolved() compatibility interface
+- Allow nsswitch-domain write to systemd-resolved PID socket files
+- Add systemd_resolved_write_pid_sock_files() interface
+- Add default file context for "/var/run/chrony-dhcp(/.*)?"
+- Allow timedatex dbus chat with cron system domain
+- Add cron_dbus_chat_system_job() interface
+- Allow systemd-logind manage init's pid files
+
 * Wed Dec  9 15:39:03 CET 2020 Zdenek Pytela <zpytela@redhat.com> - 3.14.7-11
 - Allow systemd-logind manage init's pid files
 - Allow tcsd the setgid capability
--- a/4
+++ b/4
@ -1,3 +1,3 @@
-SHA512 (selinux-policy-d18c06e.tar.gz) = fb78343ebb02ecd7dc1952bac0adf2da95e364cddd25cdafd047a88a5e58b58e8e0d1f6318f591c5e9e0d02ae29fadc90d2a93d44d99f18258457f0940c3c890
-SHA512 (container-selinux.tgz) = c68ff2966f72daf43568dbfe66e46cd4b9c7d14240ae224647d1ff8aa62600d407b79c03e62c4ca187b1334703b8d01ccbb37cad8a576948f8215c14771d85d3
+SHA512 (selinux-policy-8260338.tar.gz) = a863803a8b810a1a27652361c74f7dd201f7c60848686cc3ec19561a2d388111c38f3535e3bb3cc422aecfd87a03a734dfeaab508dd53485ce735982dc14195f
 SHA512 (macro-expander) = 243ee49f1185b78ac47e56ca9a3f3592f8975fab1a2401c0fcc7f88217be614fe31805bacec602b728e7fcfc21dcc17d90e9a54ce87f3a0c97624d9ad885aea4
+SHA512 (container-selinux.tgz) = b50789d290be91dbd666d27d1f6104603a587639e87c5561259ca353628d4dd3df4480a67fb148c0dc0c8b820d631e9da298bb087480248e9b018b28767079fd