From 737e197bb483ce1e8feb52be164c6ad3269269e6 Mon Sep 17 00:00:00 2001 From: Zdenek Pytela Date: Mar 24 2023 19:05:51 +0000 Subject: * Fri Mar 24 2023 Zdenek Pytela - 38.9-1 - Allow sssd read accountsd fifo files - Add support for the passt_t domain - Allow virtd_t and svirt_t work with passt - Add new interfaces in the virt module - Add passt interfaces defined conditionally - Allow tshark the setsched capability - Allow poweroff create connections to system dbus - Allow wg load kernel modules, search debugfs dir - Boolean: allow qemu-ga manage ssh home directory - Label smtpd with sendmail_exec_t - Label msmtp and msmtpd with sendmail_exec_t - Allow dovecot to map files in /var/spool/dovecot --- diff --git a/selinux-policy.spec b/selinux-policy.spec index 97ec688..40aafa5 100644 --- a/selinux-policy.spec +++ b/selinux-policy.spec @@ -1,6 +1,6 @@ # github repo with selinux-policy sources %global giturl https://github.com/fedora-selinux/selinux-policy -%global commit bc228bd0c249a9e4aa3dcf238c2b1bb138943b07 +%global commit 762805c0d194ad435583f5149901e83d0be2b944 %global shortcommit %(c=%{commit}; echo ${c:0:7}) %define distro redhat @@ -23,7 +23,7 @@ %define CHECKPOLICYVER 3.2 Summary: SELinux policy configuration Name: selinux-policy -Version: 38.8 +Version: 38.9 Release: 1%{?dist} License: GPL-2.0-or-later Source: %{giturl}/archive/%{commit}/%{name}-%{shortcommit}.tar.gz @@ -813,6 +813,20 @@ exit 0 %endif %changelog +* Fri Mar 24 2023 Zdenek Pytela - 38.9-1 +- Allow sssd read accountsd fifo files +- Add support for the passt_t domain +- Allow virtd_t and svirt_t work with passt +- Add new interfaces in the virt module +- Add passt interfaces defined conditionally +- Allow tshark the setsched capability +- Allow poweroff create connections to system dbus +- Allow wg load kernel modules, search debugfs dir +- Boolean: allow qemu-ga manage ssh home directory +- Label smtpd with sendmail_exec_t +- Label msmtp and msmtpd with sendmail_exec_t +- Allow dovecot to map files in /var/spool/dovecot + * Fri Mar 03 2023 Zdenek Pytela - 38.8-1 - Confine gnome-initial-setup - Allow qemu-guest-agent create and use vsock socket diff --git a/sources b/sources index b174766..8325594 100644 --- a/sources +++ b/sources @@ -1,3 +1,3 @@ -SHA512 (selinux-policy-bc228bd.tar.gz) = 4966196ed89433ea0d146719bfcfa970c774d360ed45a413973851a0aaae940b8a16277a972852b7ff4df1d07bbc1ee012ff705c861ec62ecc3ae0d9efaad832 -SHA512 (container-selinux.tgz) = 3402d47f99449a7ea83ae7588e7506f72c7a85f9772d3133a62a165e883c216fe5b8c6d658f9f982fabc00788647dbd57684a69e287cba7d8e2ff2227f69c042 +SHA512 (selinux-policy-762805c.tar.gz) = 06439a632d4e02129c68e18c915696015e65df60f905d1f9a755e41929ea7a6c1901dab4b29a5068e96382d15536ad0beb7f0d860af3b7eeecbce06e3839c19a SHA512 (macro-expander) = 243ee49f1185b78ac47e56ca9a3f3592f8975fab1a2401c0fcc7f88217be614fe31805bacec602b728e7fcfc21dcc17d90e9a54ce87f3a0c97624d9ad885aea4 +SHA512 (container-selinux.tgz) = 8ea7a186c694efa3a5d6e42ef47b8147f150f49789cf0d0a6613ad7f7d9ef0d84d8a01e361dda9fc733c66af9a917d06822359103fc1de975c25969932e2342c