rpms / selinux-policy

Clone
Source Code
GIT

#82 * Thu Jun 04 2020 Zdenek Pytela <zpytela@redhat.com> - 3.14.6-15
Merged 3 years ago by zpytela. Opened 3 years ago by zpytela.
rpms/ zpytela/selinux-policy master  into  master

file modified
+2 
@@ -462,3 +462,5 @@ 
 

  /selinux-policy-contrib-80860a3.tar.gz
 

  /selinux-policy-contrib-cafd506.tar.gz
 

  /selinux-policy-6d96694.tar.gz
 

+ /selinux-policy-contrib-22a7272.tar.gz
 

+ /selinux-policy-7dd92fd.tar.gz

file modified
+22 -3 
@@ -1,11 +1,11 @@ 
 

  # github repo with selinux-policy base sources
 

  %global git0 https://github.com/fedora-selinux/selinux-policy
 

- %global commit0 6d966941f05ea6148bd91886e7bf91d7ae59690c
 

+ %global commit0 7dd92fda6b04b5c90feb038aabefb728a8773750
 

  %global shortcommit0 %(c=%{commit0}; echo ${c:0:7})
 

  

  # github repo with selinux-policy contrib sources
 

  %global git1 https://github.com/fedora-selinux/selinux-policy-contrib
 

- %global commit1 cafd50640ad014d92e9efdc9aef3dbde638f1816
 

+ %global commit1 22a72723552b1c4bc6dd42f7f55fd9dd42426c3c
 

  %global shortcommit1 %(c=%{commit1}; echo ${c:0:7})
 

  

  %define distro redhat
 
@@ -29,7 +29,7 @@ 
 

  Summary: SELinux policy configuration
 

  Name: selinux-policy
 

  Version: 3.14.6
 

- Release: 14%{?dist}
 

+ Release: 15%{?dist}
 

  License: GPLv2+
 

  Source: %{git0}/archive/%{commit0}/%{name}-%{shortcommit0}.tar.gz
 

  Source29: %{git1}/archive/%{commit1}/%{name}-contrib-%{shortcommit1}.tar.gz
 
@@ -774,6 +774,25 @@ 
 

  %endif
 

  

  %changelog
 

+ * Thu Jun 04 2020 Zdenek Pytela <zpytela@redhat.com> - 3.14.6-15
 

+ - Add fetchmail_uidl_cache_t type for /var/mail/.fetchmail.pid
 

+ - Support multiple ways of tlp invocation
 

+ - Allow qemu-kvm read and write /dev/mapper/control
 

+ - Introduce logrotate_use_cifs boolean
 

+ - Allow ptp4l_t sys_admin capability to run bpf programs
 

+ - Allow to getattr files on an nsfs filesystem
 

+ - httpd: Allow NoNewPriv transition from systemd
 

+ - Allow rhsmd read process state of all domains and kernel threads
 

+ - Allow rhsmd mmap /etc/passwd
 

+ - Allow systemd-logind manage efivarfs files
 

+ - Allow initrc_t tlp_filetrans_named_content()
 

+ - Allow systemd_resolved_t to read efivarfs
 

+ - Allow systemd_modules_load_t to read efivarfs
 

+ - Introduce systemd_read_efivarfs_type attribute
 

+ - Allow named transition for /run/tlp from a user shell
 

+ - Allow ipsec_mgmt_t mmap ipsec_conf_file_t files
 

+ - Add file context for /sys/kernel/tracing
 

+ 

  * Tue May 19 2020 Zdenek Pytela <zpytela@redhat.com> - 3.14.6-14
 

  - Allow chronyc_t domain to use nsswitch
 

  - Allow nscd_socket_use() for domains in nscd_use() unconditionally

file modified
+3 -3 
@@ -1,4 +1,4 @@ 
 

- SHA512 (selinux-policy-contrib-cafd506.tar.gz) = 8ed7996e84c7c7671891601e68e6b894770458204a0bfb60cf737d4cdab9aaeef76000dd40b8dcc16b6ebf312a5bdf53133be366b0496cc1b38f73c7902bf923
 

- SHA512 (selinux-policy-6d96694.tar.gz) = 4c69446665068244363a80f13e6ccc4c10deb3f1b2fde7d1ee7f6ac5a3f626b111dbd70454f6176410547b8187355c1a45adcb12cf0ebfb5373d002a99bbef0c
 

+ SHA512 (selinux-policy-contrib-22a7272.tar.gz) = c379dbd32627dd0d04a98f95d7291a9e5ab24932ebaaf065f8b5ccc941b23e36235a3e5ae9b78ee96e0fda28f2fc26bdfead6645e0925dd94856b47b6b66e60b
 

+ SHA512 (selinux-policy-7dd92fd.tar.gz) = 4a61d12d6565d1722a04a16878e48b1f8b74dd43e2f52d66495557e4a77eb0a50cd882f619a6f0d8c038ff64d38219fba06bce7f883aca86bf308d8a89340549
 

  SHA512 (macro-expander) = 243ee49f1185b78ac47e56ca9a3f3592f8975fab1a2401c0fcc7f88217be614fe31805bacec602b728e7fcfc21dcc17d90e9a54ce87f3a0c97624d9ad885aea4
 

- SHA512 (container-selinux.tgz) = f6863fbbd458f8415609c051ab0033e400413000d81e58a5b928c12ebf9eefa5603357760823ffe155623670a840fcee6a91a3adae9e6b7877ea5aca03610cd2
 

+ SHA512 (container-selinux.tgz) = 521d0028bf2140be7586ab39f4ac99c136cf8559506f9b755beb3ac50bd4de474430848c322d0917c7f9a1230ecc4d93704e12fefb19a64b5089456fc047438c

  • Thu Jun 04 2020 Zdenek Pytela zpytela@redhat.com - 3.14.6-15
  • Add fetchmail_uidl_cache_t type for /var/mail/.fetchmail.pid
  • Support multiple ways of tlp invocation
  • Allow qemu-kvm read and write /dev/mapper/control
  • Introduce logrotate_use_cifs boolean
  • Allow ptp4l_t sys_admin capability to run bpf programs
  • Allow to getattr files on an nsfs filesystem
  • httpd: Allow NoNewPriv transition from systemd
  • Allow rhsmd read process state of all domains and kernel threads
  • Allow rhsmd mmap /etc/passwd
  • Allow systemd-logind manage efivarfs files
  • Allow initrc_t tlp_filetrans_named_content()
  • Allow systemd_resolved_t to read efivarfs
  • Allow systemd_modules_load_t to read efivarfs
  • Introduce systemd_read_efivarfs_type attribute
  • Allow named transition for /run/tlp from a user shell
  • Allow ipsec_mgmt_t mmap ipsec_conf_file_t files
  • Add file context for /sys/kernel/tracing

rebased onto 5cdd516
3 years ago

CI fails in the bz1838163 test, but this bz has not been fixed yet. I am for skipping it for now and resolved later.

LGTM. Merge and build please

Pull-Request has been merged by zpytela
3 years ago
Changes Summary 3
+2 -0
file changed
.gitignore
+22 -3
file changed
selinux-policy.spec
+3 -3
file changed
sources
Powered by Pagure 5.13.3
DocumentationFile an IssueAbout this InstanceSSH Hostkey/Fingerprint
© Red Hat, Inc. and others.