diff --git a/selinux-policy.spec b/selinux-policy.spec index 116bac8..9e0e59e 100644 --- a/selinux-policy.spec +++ b/selinux-policy.spec @@ -1,6 +1,6 @@ # github repo with selinux-policy sources %global giturl https://github.com/fedora-selinux/selinux-policy -%global commit c0f6c3be2b0059221dfc086ceb0632ad726fa34d +%global commit 3c80e8b26a1ff6f8f282169e0971e705daddb01a %global shortcommit %(c=%{commit}; echo ${c:0:7}) %define distro redhat @@ -23,7 +23,7 @@ %define CHECKPOLICYVER 3.2 Summary: SELinux policy configuration Name: selinux-policy -Version: 37.14 +Version: 37.15 Release: 1%{?dist} License: GPLv2+ Source: %{giturl}/archive/%{commit}/%{name}-%{shortcommit}.tar.gz @@ -816,6 +816,35 @@ exit 0 %endif %changelog +* Wed Nov 23 2022 Zdenek Pytela - 37.15-1 +- Revert "Allow sysadm_t read raw memory devices" +- Allow systemd-socket-proxyd get attributes of cgroup filesystems +- Allow rpc.gssd read network sysctls +- Allow winbind-rpcd get attributes of device and pty filesystems +- Allow insights-client domain transition on semanage execution +- Allow insights-client create gluster log dir with a transition +- Allow insights-client manage generic locks +- Allow insights-client unix_read all domain semaphores +- Add domain_unix_read_all_semaphores() interface +- Allow winbind-rpcd use the terminal multiplexor +- Allow mrtg send mails +- Allow systemd-hostnamed dbus chat with init scripts +- Allow sssd dbus chat with system cronjobs +- Add interface to watch all filesystems +- Add watch_sb interfaces +- Add watch interfaces +- Allow dhcpd bpf capability to run bpf programs +- Allow netutils and traceroute bpf capability to run bpf programs +- Allow pkcs_slotd_t bpf capability to run bpf programs +- Allow xdm bpf capability to run bpf programs +- Allow pcscd bpf capability to run bpf programs +- Allow lldpad bpf capability to run bpf programs +- Allow keepalived bpf capability to run bpf programs +- Allow ipsec bpf capability to run bpf programs +- Allow fprintd bpf capability to run bpf programs +- Allow systemd-socket-proxyd get filesystems attributes +- Allow dirsrv_snmp_t to manage dirsrv_config_t & dirsrv_var_run_t files + * Tue Nov 01 2022 Zdenek Pytela - 37.14-1 - Allow systemd-gpt-generator raw write to a fixed disk - Allow rotatelogs read httpd_log_t symlinks diff --git a/sources b/sources index a4f7cb7..5bea9eb 100644 --- a/sources +++ b/sources @@ -1,3 +1,3 @@ +SHA512 (selinux-policy-3c80e8b.tar.gz) = c3d9e981d8f9ad4d749b70ed3cd7e84bb4951f1e0b8d90e0062111dc43514f47f9c61da1f48b3693843286ddb864ee9c80052b9d9ac7e8a7d581a4fa1f8fb173 SHA512 (macro-expander) = 243ee49f1185b78ac47e56ca9a3f3592f8975fab1a2401c0fcc7f88217be614fe31805bacec602b728e7fcfc21dcc17d90e9a54ce87f3a0c97624d9ad885aea4 -SHA512 (container-selinux.tgz) = bede953b114443f7ae3fbba195b6ecbe9c7ceb6acbcabd60a68b5586e1c5323a6382ac56b54c0bcc883382cec72dd7864fa1a3acd57dc9c464c5c65601784d34 -SHA512 (selinux-policy-c0f6c3b.tar.gz) = b72b31a14232ee2b5c58475437384532b4da89cdaf3e3a01977b5e145aad81d8ebbd7396112776593b2ba9e94e85b66cee053782a3a75ccbb2b2d1a336a8117c +SHA512 (container-selinux.tgz) = cc0c679e49dbc846ce3dcb0d39636cd420fdf0862065f62bc98a3b2be1c33e706cb38ababbb8b4851059dbfbd520f657a9cca65aa8f61692c8f3ce6b0360d5f6