* Wed Jul 14 2021 Zdenek Pytela <zpytela@redhat.com> - 34.14-1

- Revert "update libs_filetrans_named_content() to have support for /usr/lib/debug directory"
- Remove references to init_watch_path_type attribute
- Remove all redundant watch permissions for systemd
- Allow systemd watch non_security_file_type dirs, files, lnk_files
- Removed adding to attribute unpriv_userdomain from userdom_unpriv_type template
- Allow bacula get attributes of cgroup filesystems
- Allow systemd-journal-upload watch logs and journal
- Create a policy for systemd-journal-upload
- Allow tcpdump and nmap get attributes of infiniband_device_t
- Allow arpwatch get attributes of infiniband_device_t devices
- Label /dev/wmi/dell-smbios as acpi_device_t
This commit is contained in:
Zdenek Pytela 2021-07-14 14:59:11 +02:00
parent 4f56cd3eb8
commit fe7971a7a7
2 changed files with 17 additions and 4 deletions

View File

@ -1,6 +1,6 @@
# github repo with selinux-policy sources # github repo with selinux-policy sources
%global giturl https://github.com/fedora-selinux/selinux-policy %global giturl https://github.com/fedora-selinux/selinux-policy
%global commit 85d254ceaa5c4ec8fbf658e9cbccbd996b7ba12f %global commit 0fc68a1f54d3789a30461f76f3469b6190be95dd
%global shortcommit %(c=%{commit}; echo ${c:0:7}) %global shortcommit %(c=%{commit}; echo ${c:0:7})
%define distro redhat %define distro redhat
@ -23,7 +23,7 @@
%define CHECKPOLICYVER 3.2 %define CHECKPOLICYVER 3.2
Summary: SELinux policy configuration Summary: SELinux policy configuration
Name: selinux-policy Name: selinux-policy
Version: 34.13 Version: 34.14
Release: 1%{?dist} Release: 1%{?dist}
License: GPLv2+ License: GPLv2+
Source: %{giturl}/archive/%{commit}/%{name}-%{shortcommit}.tar.gz Source: %{giturl}/archive/%{commit}/%{name}-%{shortcommit}.tar.gz
@ -810,6 +810,19 @@ exit 0
%endif %endif
%changelog %changelog
* Wed Jul 14 2021 Zdenek Pytela <zpytela@redhat.com> - 34.14-1
- Revert "update libs_filetrans_named_content() to have support for /usr/lib/debug directory"
- Remove references to init_watch_path_type attribute
- Remove all redundant watch permissions for systemd
- Allow systemd watch non_security_file_type dirs, files, lnk_files
- Removed adding to attribute unpriv_userdomain from userdom_unpriv_type template
- Allow bacula get attributes of cgroup filesystems
- Allow systemd-journal-upload watch logs and journal
- Create a policy for systemd-journal-upload
- Allow tcpdump and nmap get attributes of infiniband_device_t
- Allow arpwatch get attributes of infiniband_device_t devices
- Label /dev/wmi/dell-smbios as acpi_device_t
* Thu Jul 01 2021 Zdenek Pytela <zpytela@redhat.com> - 34.13-1 * Thu Jul 01 2021 Zdenek Pytela <zpytela@redhat.com> - 34.13-1
- Allow radius map its library files - Allow radius map its library files
- Allow nftables read NetworkManager unnamed pipes - Allow nftables read NetworkManager unnamed pipes

View File

@ -1,3 +1,3 @@
SHA512 (selinux-policy-85d254c.tar.gz) = 81e0de529fdf099182c2f70e7c266665d5ab49771a71f7914290649eb30e6ee441f43e29a657a07627a89aa04ec897e043573bcc1558a96b001ad1381eb27ae2 SHA512 (selinux-policy-0fc68a1.tar.gz) = 7a25368ba4d6635e93bf9f2f81a829ce9cb73d5043cbb7de96f7025bbc16c16209d0b832c9e91cc5ee6e3eb4708a1139e4dfe8c0921e23cd39e3e4f0d21b7271
SHA512 (container-selinux.tgz) = 123edc2c719bfe2c95ee973e7bf02142c69d001a9324d99f2c5259a04a26e71772eafe0b962694a14cc539104d8d8b06ff75971e4bc722d643e16a76354b8d35
SHA512 (macro-expander) = 243ee49f1185b78ac47e56ca9a3f3592f8975fab1a2401c0fcc7f88217be614fe31805bacec602b728e7fcfc21dcc17d90e9a54ce87f3a0c97624d9ad885aea4 SHA512 (macro-expander) = 243ee49f1185b78ac47e56ca9a3f3592f8975fab1a2401c0fcc7f88217be614fe31805bacec602b728e7fcfc21dcc17d90e9a54ce87f3a0c97624d9ad885aea4
SHA512 (container-selinux.tgz) = 623417d92f2b529a5b419e5c769b649ba2efb310f5ea3b072172a05dc1ac6db1562c362be765e0e8b7997e274a58946afe6ee3e53a93cab6c7f454e2549a5822