From fddba9a2afc45bd3cc3d00f08f159840c8f08d26 Mon Sep 17 00:00:00 2001 From: Lukas Vrabec Date: Oct 04 2018 14:55:50 +0000 Subject: * Thu Oct 04 2018 Lukas Vrabec - 3.14.2-36 - Allow dictd_t domain to mmap dictd_var_lib_t files BZ(1634650) - Fix typo in boltd.te policy - Allow fail2ban_t domain to mmap journal - Add kill capability to named_t domain - Allow neutron domain to read/write /var/run/utmp - Create boltd_var_run_t type for boltd pid files - Allow tomcat_domain to read /dev/random - Allow neutron_t domain to use pam - Add the port used by nsca (Nagios Service Check Acceptor) --- diff --git a/.gitignore b/.gitignore index d7adf0a..d839cc1 100644 --- a/.gitignore +++ b/.gitignore @@ -310,3 +310,5 @@ serefpolicy* /selinux-policy-38c6414.tar.gz /selinux-policy-contrib-dab4b50.tar.gz /selinux-policy-9c42b28.tar.gz +/selinux-policy-0813126.tar.gz +/selinux-policy-contrib-ff6d7f4.tar.gz diff --git a/selinux-policy.spec b/selinux-policy.spec index 4b347c6..3711018 100644 --- a/selinux-policy.spec +++ b/selinux-policy.spec @@ -1,11 +1,11 @@ # github repo with selinux-policy base sources %global git0 https://github.com/fedora-selinux/selinux-policy -%global commit0 9c42b2893707c6a5a694c25b03ffafc951305575 +%global commit0 08131262642800aecab1c830382056bcc312bd55 %global shortcommit0 %(c=%{commit0}; echo ${c:0:7}) # github repo with selinux-policy contrib sources %global git1 https://github.com/fedora-selinux/selinux-policy-contrib -%global commit1 dab4b50b7d2268b6cfb675754903b1a413008bba +%global commit1 ff6d7f41cdba4524422558bf381447c1f8181014 %global shortcommit1 %(c=%{commit1}; echo ${c:0:7}) %define distro redhat @@ -29,7 +29,7 @@ Summary: SELinux policy configuration Name: selinux-policy Version: 3.14.2 -Release: 35%{?dist} +Release: 36%{?dist} License: GPLv2+ Group: System Environment/Base Source: %{git0}/archive/%{commit0}/%{name}-%{shortcommit0}.tar.gz @@ -709,6 +709,17 @@ exit 0 %endif %changelog +* Thu Oct 04 2018 Lukas Vrabec - 3.14.2-36 +- Allow dictd_t domain to mmap dictd_var_lib_t files BZ(1634650) +- Fix typo in boltd.te policy +- Allow fail2ban_t domain to mmap journal +- Add kill capability to named_t domain +- Allow neutron domain to read/write /var/run/utmp +- Create boltd_var_run_t type for boltd pid files +- Allow tomcat_domain to read /dev/random +- Allow neutron_t domain to use pam +- Add the port used by nsca (Nagios Service Check Acceptor) + * Thu Sep 20 2018 Lukas Vrabec - 3.14.2-35 - Allow certmonger to manage cockpit_var_run_t pid files - Allow cockpit_ws_t domain to manage cockpit services diff --git a/sources b/sources index f5cd27b..f068ed4 100644 --- a/sources +++ b/sources @@ -1,3 +1,3 @@ -SHA512 (selinux-policy-contrib-dab4b50.tar.gz) = f75ccf7d02520c85ca80f80b00101713689595e82765605c6a3a33e6c6488fd04885b06ff36d50f88741182b8d010e5157133ff9a5679fc1a45bbd09b461859b -SHA512 (selinux-policy-9c42b28.tar.gz) = 6fe28d188723b1b6881fc3debdba5f577ca7292fd5dc49331267d979ec9b2d5c127093e59eda02894016b7d5f9e5acd971baf158d409dd71efc2907a538792d4 -SHA512 (container-selinux.tgz) = 631331615602398708faa69ed1710d621953adf1ee9b6887516153bb56ded4e773447c6e85481e91663d3f1982db6db2f0a58cb181771a252f258acdf5af339d +SHA512 (selinux-policy-0813126.tar.gz) = 9cd52f0513b8fe26ba5e8ef52dca203d58b09ce17c7ba2daab2b8a3b91e20d6188ed3dbebb388aab9329d636d63359cb34e5f65f49399b05da921a531f368fa2 +SHA512 (selinux-policy-contrib-ff6d7f4.tar.gz) = ec107276762235a01183a43428978a8b28e5e43c63abd255d7e2ebf9828230eaafe67539d6826f6934de4e6ef16fc9cda82b4c824172d20da55f1ff98803104a +SHA512 (container-selinux.tgz) = 5505ce35996a1efb6d0b79fbaba500f6329297246c619564984f824d97d91532f10ae903247dda0884521cd29f59f5a39edcc97f2ad67ac90fc6ce988c891e3e