diff --git a/.gitignore b/.gitignore index 54a91b1..8a9b328 100644 --- a/.gitignore +++ b/.gitignore @@ -333,3 +333,5 @@ serefpolicy* /selinux-policy-a80fdd7.tar.gz /selinux-policy-contrib-d455fef.tar.gz /selinux-policy-27e63a6.tar.gz +/selinux-policy-contrib-29eef53.tar.gz +/selinux-policy-0269451.tar.gz diff --git a/selinux-policy.spec b/selinux-policy.spec index fe93c24..3902650 100644 --- a/selinux-policy.spec +++ b/selinux-policy.spec @@ -1,11 +1,11 @@ # github repo with selinux-policy base sources %global git0 https://github.com/fedora-selinux/selinux-policy -%global commit0 27e63a61796d37e9cd8938f226090892bb711056 +%global commit0 0269451c9568aa7939b0fef6708d867fcd2ffd47 %global shortcommit0 %(c=%{commit0}; echo ${c:0:7}) # github repo with selinux-policy contrib sources %global git1 https://github.com/fedora-selinux/selinux-policy-contrib -%global commit1 d455fefe8da34e14750a3767ab7cd911cb2881ea +%global commit1 29eef53f199d5b6af95255096b152c51e02a62d5 %global shortcommit1 %(c=%{commit1}; echo ${c:0:7}) %define distro redhat @@ -29,7 +29,7 @@ Summary: SELinux policy configuration Name: selinux-policy Version: 3.14.2 -Release: 49%{?dist} +Release: 50%{?dist} License: GPLv2+ Group: System Environment/Base Source: %{git0}/archive/%{commit0}/%{name}-%{shortcommit0}.tar.gz @@ -713,6 +713,18 @@ exit 0 %endif %changelog +* Mon Feb 25 2019 Lukas Vrabec - 3.14.2-50 +- Allow openvpn_t domain to set capability BZ(1680276) +- Update redis_enable_notify() boolean to fix sending e-mail by redis when this boolean is turned on +- Allow chronyd_t domain to send data over dgram socket +- Add rolekit_dgram_send() interface +- Allow dovecot_t domain to connect to mysql db +- Add dac_override capability for sbd_t SELinux domain +- Add dac_override capability for spamd_update_t domain +- Fix bug in userdom_restricted_xwindows_user_template() template to disallow all user domains to access admin_home_t +- kernel/files.fc: Label /var/run/motd.d(./*)? and /var/run/motd as pam_var_run_t +- Allow nnp transition for domains fsadm_t, lvm_t and mount_t + * Tue Feb 12 2019 Lukas Vrabec - 3.14.2-49 - Allow glusterd_t to write to automount unnamed pipe Resolves: rhbz#1674243 - Allow ddclient_t to setcap Resolves: rhbz#1674298 diff --git a/sources b/sources index 28d4076..53e2fdd 100644 --- a/sources +++ b/sources @@ -1,3 +1,3 @@ -SHA512 (selinux-policy-contrib-d455fef.tar.gz) = 6efc48ff2db8f547691bcea88a082eff094f713dafa36e20e1a4b9d76f7bdbdb2ee3a155dd55162a7210c088c975554e4e6f0a5c8796d870504602535c3ae65d -SHA512 (selinux-policy-27e63a6.tar.gz) = 7664849446b75ce2c18148d3f2fe6a598a95d81582f7f5e12874d85050b0176fcd0f0fe5bd7bcb7af2853394c5c2135838761c6867c338b9175f0b1cdb9e9d6f -SHA512 (container-selinux.tgz) = a1b688b88515f7590268ddfd7fcbdd5bc4f9b994fca9e8c2cef242f296692566aa4379e977aef7ba75f38d4f3211afcfc29ef392116e9421dba76e622bb0eded +SHA512 (selinux-policy-contrib-29eef53.tar.gz) = edc1796a749dc38ba65c3b1187e67732e9d74503bab94d9235a8424102dcf596bc17300843d15dbaa0e8dc94e14774e744f7cb83177a2a5dc02963241727c447 +SHA512 (selinux-policy-0269451.tar.gz) = 94f95bb5a5a3075286868f72fbba49ac5bacecfbce04f6e820ae294517eb31be0e26c08cc9d5b6263271d9339bf2bbd8d9325bbf8a5b2f42029f969565cd7ac2 +SHA512 (container-selinux.tgz) = 63f4110ae6ef947502c9c0cbef4ca66e2a7726f5036eadf2131278d572bc7139410adc6d59f3784236eab777b85fe7c6f6763c63d69885b24b43df20b6675488