* Tue Dec 15 16:24:44 CET 2020 Zdenek Pytela <zpytela@redhat.com> - 3.14.7-12

- Allow dovecot_auth_t stat /proc filesystem
- Allow sysadm_u user and unconfined_domain_type manage perf_events
- Allow pcp-pmcd manage perf_events
- Add manage_perf_event_perms object permissions set
- Add perf_event access vectors.
- Allow sssd, unix_chkpwd, groupadd stat /proc filesystem
- Allow stub-resolv.conf to be a symlink
- sysnetwork.if: avoid directly referencing systemd_resolved_var_run_t
- Create the systemd_dbus_chat_resolved() compatibility interface
- Allow nsswitch-domain write to systemd-resolved PID socket files
- Add systemd_resolved_write_pid_sock_files() interface
- Add default file context for "/var/run/chrony-dhcp(/.*)?"
- Allow timedatex dbus chat with cron system domain
- Add cron_dbus_chat_system_job() interface
- Allow systemd-logind manage init's pid files
This commit is contained in:
Zdenek Pytela 2020-12-15 16:31:51 +01:00
parent 0f3b08d5d1
commit fa72125856
2 changed files with 21 additions and 4 deletions

View File

@ -1,6 +1,6 @@
# github repo with selinux-policy sources
%global giturl https://github.com/fedora-selinux/selinux-policy
%global commit d18c06ec6cdd5cb00207781f926c30e3706268bf
%global commit 826033875b0857b0b7519cd809aa581978a4ddde
%global shortcommit %(c=%{commit}; echo ${c:0:7})
%define distro redhat
@ -24,7 +24,7 @@
Summary: SELinux policy configuration
Name: selinux-policy
Version: 3.14.7
Release: 11%{?dist}
Release: 12%{?dist}
License: GPLv2+
Source: %{giturl}/archive/%{commit}/%{name}-%{shortcommit}.tar.gz
Source1: modules-targeted-base.conf
@ -798,6 +798,23 @@ exit 0
%endif
%changelog
* Tue Dec 15 16:24:44 CET 2020 Zdenek Pytela <zpytela@redhat.com> - 3.14.7-12
- Allow dovecot_auth_t stat /proc filesystem
- Allow sysadm_u user and unconfined_domain_type manage perf_events
- Allow pcp-pmcd manage perf_events
- Add manage_perf_event_perms object permissions set
- Add perf_event access vectors.
- Allow sssd, unix_chkpwd, groupadd stat /proc filesystem
- Allow stub-resolv.conf to be a symlink
- sysnetwork.if: avoid directly referencing systemd_resolved_var_run_t
- Create the systemd_dbus_chat_resolved() compatibility interface
- Allow nsswitch-domain write to systemd-resolved PID socket files
- Add systemd_resolved_write_pid_sock_files() interface
- Add default file context for "/var/run/chrony-dhcp(/.*)?"
- Allow timedatex dbus chat with cron system domain
- Add cron_dbus_chat_system_job() interface
- Allow systemd-logind manage init's pid files
* Wed Dec 9 15:39:03 CET 2020 Zdenek Pytela <zpytela@redhat.com> - 3.14.7-11
- Allow systemd-logind manage init's pid files
- Allow tcsd the setgid capability

View File

@ -1,3 +1,3 @@
SHA512 (selinux-policy-d18c06e.tar.gz) = fb78343ebb02ecd7dc1952bac0adf2da95e364cddd25cdafd047a88a5e58b58e8e0d1f6318f591c5e9e0d02ae29fadc90d2a93d44d99f18258457f0940c3c890
SHA512 (container-selinux.tgz) = c68ff2966f72daf43568dbfe66e46cd4b9c7d14240ae224647d1ff8aa62600d407b79c03e62c4ca187b1334703b8d01ccbb37cad8a576948f8215c14771d85d3
SHA512 (selinux-policy-8260338.tar.gz) = a863803a8b810a1a27652361c74f7dd201f7c60848686cc3ec19561a2d388111c38f3535e3bb3cc422aecfd87a03a734dfeaab508dd53485ce735982dc14195f
SHA512 (macro-expander) = 243ee49f1185b78ac47e56ca9a3f3592f8975fab1a2401c0fcc7f88217be614fe31805bacec602b728e7fcfc21dcc17d90e9a54ce87f3a0c97624d9ad885aea4
SHA512 (container-selinux.tgz) = b50789d290be91dbd666d27d1f6104603a587639e87c5561259ca353628d4dd3df4480a67fb148c0dc0c8b820d631e9da298bb087480248e9b018b28767079fd