From ac72d98d080b3cfcead65f8738394a261fedb2ea Mon Sep 17 00:00:00 2001 From: Zdenek Pytela Date: May 12 2020 13:09:37 +0000 Subject: * Tue May 12 2020 Zdenek Pytela - 3.14.3-58 - Update networkmanager_read_pid_files() to allow also list_dir_perms - allow named_t to map named_cache_t files - Allow pdns_t domain to map files in /usr. - Allow openfortivpn exec shell - Add ibacm_t ipc_lock capability - Introduce xdm_manage_bootloader booelan - Remove container interface calling by named_filetrans_domain. --- diff --git a/.gitignore b/.gitignore index 2d7de89..1101652 100644 --- a/.gitignore +++ b/.gitignore @@ -408,3 +408,5 @@ serefpolicy* /selinux-policy-5c8ee1d.tar.gz /selinux-policy-contrib-b39989c.tar.gz /selinux-policy-contrib-2b875a0.tar.gz +/selinux-policy-contrib-7b06c4a.tar.gz +/selinux-policy-51eba6d.tar.gz diff --git a/selinux-policy.spec b/selinux-policy.spec index 83ee463..486c2ac 100644 --- a/selinux-policy.spec +++ b/selinux-policy.spec @@ -1,11 +1,11 @@ # github repo with selinux-policy base sources %global git0 https://github.com/fedora-selinux/selinux-policy -%global commit0 5c8ee1df2a64f021b9a47dc19e77aa01e837e70c +%global commit0 51eba6d67c2ede38e16fb3c323abf234ccdcb203 %global shortcommit0 %(c=%{commit0}; echo ${c:0:7}) # github repo with selinux-policy contrib sources %global git1 https://github.com/fedora-selinux/selinux-policy-contrib -%global commit1 2b875a0573ec381e7cb269094574dedd2c28d8b1 +%global commit1 7b06c4aaaced17d3016eafec6826e0270ec49af3 %global shortcommit1 %(c=%{commit1}; echo ${c:0:7}) %define distro redhat @@ -29,7 +29,7 @@ Summary: SELinux policy configuration Name: selinux-policy Version: 3.14.3 -Release: 57%{?dist} +Release: 58%{?dist} License: GPLv2+ Source: %{git0}/archive/%{commit0}/%{name}-%{shortcommit0}.tar.gz Source29: %{git1}/archive/%{commit1}/%{name}-contrib-%{shortcommit1}.tar.gz @@ -714,6 +714,15 @@ exit 0 %endif %changelog +* Tue May 12 2020 Zdenek Pytela - 3.14.3-58 +- Update networkmanager_read_pid_files() to allow also list_dir_perms +- allow named_t to map named_cache_t files +- Allow pdns_t domain to map files in /usr. +- Allow openfortivpn exec shell +- Add ibacm_t ipc_lock capability +- Introduce xdm_manage_bootloader booelan +- Remove container interface calling by named_filetrans_domain. + * Thu Mar 19 2020 Zdenek Pytela - 3.14.3-57 - Allow sssd read NetworkManager's runtime directory - Allow sssd read systemd-resolved runtime directory diff --git a/sources b/sources index 5c62810..c620a23 100644 --- a/sources +++ b/sources @@ -1,4 +1,4 @@ -SHA512 (selinux-policy-contrib-2b875a0.tar.gz) = 64ad49ad11ef414ebed3089f6bc734ab5f1bf98e92c2f6a8fde3306ee723a01df0e759240378bdb7913b97772aec3b810e5918be390dc05a99cae8b4d00f9473 -SHA512 (selinux-policy-5c8ee1d.tar.gz) = 6bfb72202e64ccef179f4329c809b0842a674d7d7b4a5a50feae94b315c4fdcf38c8655f61c9f57ea8b747d919625642b759e0f5459352d46edead9147c2f64c -SHA512 (container-selinux.tgz) = 9cf7485ba1836761165658be8c420ea362a81c258c5a214ce060c16458f86b27bfa55d0a3725a4ddf042014ee860cfe34221bc203d9febf27e31e6a859f201c8 +SHA512 (selinux-policy-contrib-7b06c4a.tar.gz) = bbd27178f9d64c0df949e1be9c16cd9b64668f9e6cc1190675388765e1d4e60cbf00f10868ee93a8732df7a0c308718c6ec4a15722a3d7a0688b06e19ab0a39a +SHA512 (selinux-policy-51eba6d.tar.gz) = 67f9014e2493ff72870f254ec6222e090d8cd7a5fab706a7daf5b2fc8c5012464945f96f182ce6975c63ec4675d5b39dee866111ec66b5af16f89e02e8927b8e +SHA512 (container-selinux.tgz) = c05f000c213f473d15cb79fb1dc8302a8e617010333cf9844d24c21afb1c6abec3b614dde5a84256fe1ffebb61c2c5ef3f195ffd73c4547e7a7f09200117fd9e SHA512 (macro-expander) = 243ee49f1185b78ac47e56ca9a3f3592f8975fab1a2401c0fcc7f88217be614fe31805bacec602b728e7fcfc21dcc17d90e9a54ce87f3a0c97624d9ad885aea4