From 42c454a1aeb7b8926120ec034d5a2be503d37bc6 Mon Sep 17 00:00:00 2001 From: Zdenek Pytela Date: Mar 13 2020 12:33:27 +0000 Subject: * Fri Mar 13 2020 Zdenek Pytela - 3.14.5-30 - Allow NetworkManager read its unit files and manage services - Add init_daemon_domain() for geoclue_t - Allow to use nnp_transition in pulseaudio_role - Allow pdns_t domain to map files in /usr. - Label all NetworkManager fortisslvpn plugins as openfortivpn_exec_t - Allow sssd read systemd-resolved runtime directory - Allow sssd read NetworkManager's runtime directory - Mark nm-cloud-setup systemd units as NetworkManager_unit_file_t - Allow system_mail_t to signull pcscd_t - Create interface pcscd_signull - Allow login_pgm create and bind on netlink_selinux_socket - Allow auditd poweroff or switch to single mode --- diff --git a/.gitignore b/.gitignore index 294bc1c..1f36598 100644 --- a/.gitignore +++ b/.gitignore @@ -446,3 +446,7 @@ serefpolicy* /selinux-policy-contrib-f7a21a9.tar.gz /selinux-policy-contrib-08def7c.tar.gz /selinux-policy-deadfd1.tar.gz +/selinux-policy-contrib-5406e9a.tar.gz +/selinux-policy-ff8908f.tar.gz +/selinux-policy-contrib-d504071.tar.gz +/selinux-policy-649b10d.tar.gz diff --git a/selinux-policy.spec b/selinux-policy.spec index b305e56..9763f4f 100644 --- a/selinux-policy.spec +++ b/selinux-policy.spec @@ -1,11 +1,11 @@ # github repo with selinux-policy base sources %global git0 https://github.com/fedora-selinux/selinux-policy -%global commit0 deadfd15c2ae442cc0e204d315962f3aac88e9ba +%global commit0 649b10d5388475271c48b0c4a3892c475dbc4a1b %global shortcommit0 %(c=%{commit0}; echo ${c:0:7}) # github repo with selinux-policy contrib sources %global git1 https://github.com/fedora-selinux/selinux-policy-contrib -%global commit1 08def7c154b5be4ce7b11643d71d59fe98ea2bfc +%global commit1 d504071e851e1710816970154529d2afcf8f856c %global shortcommit1 %(c=%{commit1}; echo ${c:0:7}) %define distro redhat @@ -29,7 +29,7 @@ Summary: SELinux policy configuration Name: selinux-policy Version: 3.14.5 -Release: 29%{?dist} +Release: 30%{?dist} License: GPLv2+ Source: %{git0}/archive/%{commit0}/%{name}-%{shortcommit0}.tar.gz Source29: %{git1}/archive/%{commit1}/%{name}-contrib-%{shortcommit1}.tar.gz @@ -772,6 +772,20 @@ exit 0 %endif %changelog +* Fri Mar 13 2020 Zdenek Pytela - 3.14.5-30 +- Allow NetworkManager read its unit files and manage services +- Add init_daemon_domain() for geoclue_t +- Allow to use nnp_transition in pulseaudio_role +- Allow pdns_t domain to map files in /usr. +- Label all NetworkManager fortisslvpn plugins as openfortivpn_exec_t +- Allow sssd read systemd-resolved runtime directory +- Allow sssd read NetworkManager's runtime directory +- Mark nm-cloud-setup systemd units as NetworkManager_unit_file_t +- Allow system_mail_t to signull pcscd_t +- Create interface pcscd_signull +- Allow login_pgm create and bind on netlink_selinux_socket +- Allow auditd poweroff or switch to single mode + * Fri Feb 28 2020 Lukas Vrabec - 3.14.5-29 - Allow postfix stream connect to cyrus through runtime socket - Dontaudit daemons to set and get scheduling policy/parameters diff --git a/sources b/sources index 98cbecd..7ed57fe 100644 --- a/sources +++ b/sources @@ -1,4 +1,4 @@ -SHA512 (selinux-policy-contrib-08def7c.tar.gz) = 9f14efa2c6505789b8d9d406e0e10dee7c8476598be7c19520a65336008a97c25304d935186a8b9ac44920edc92a704d5de88fd3a1d5d04fad384c53e0be61d9 -SHA512 (selinux-policy-deadfd1.tar.gz) = 8383a7349bed7d4e3a366d032a6bacc7cba2d1c8e460191d90c2b93d3a48102aa9d637ffe4bf125540c9bfb0dc21daae16c29cc016a6c9719ee84354ca8d4892 -SHA512 (container-selinux.tgz) = 4b0e8b224489303b0dc7c8729c7cf745dee6c56eef7925b2d99bb7f57b754d0edc79afa6c8d73f4f847127aa2759c94837bc612d3cdaa9ce4e7bf2becb2068a2 +SHA512 (selinux-policy-contrib-d504071.tar.gz) = e2f57f2f12ce7ebc3e662a2778405594975d1d1c7fb4fe69253dc75f5073e8a47bc961ef0ccf177c818864f88be8b45211b97df35628e96e503f6c18032b7a99 +SHA512 (selinux-policy-649b10d.tar.gz) = 1132e29f7bec4d4a2edada518df14422859461403f9375dfcb326faa64dff9f04f27c7fdb1bde897695c37708c62aa78de5d85c5b58108c2ef6d1568b3fbf4c5 +SHA512 (container-selinux.tgz) = 602359ff2f6ade8563a4c8949671be50b0bb9151b001dafb7319248e9d2519ba931f735c24e45e6beb6209cdd17c4e8cc47fbd49bd1336e09d326b05f636265c SHA512 (macro-expander) = 243ee49f1185b78ac47e56ca9a3f3592f8975fab1a2401c0fcc7f88217be614fe31805bacec602b728e7fcfc21dcc17d90e9a54ce87f3a0c97624d9ad885aea4