From 42961943f56e27c7c27b7990981c6f2287520456 Mon Sep 17 00:00:00 2001 From: Zdenek Pytela Date: Aug 24 2023 19:17:38 +0000 Subject: * Thu Aug 24 2023 Zdenek Pytela - 38.26-1 - Change file transition for systemd-network-generator - Additional support for gnome-initial-setup - Update gnome-initial-setup policy for geoclue - Allow openconnect vpn open vhost net device - Allow cifs.upcall to connect to SSSD also through the /var/run socket - Grant cifs.upcall more required capabilities - Allow xenstored map xenfs files - Update policy for fdo - Allow keepalived watch var_run dirs - Allow svirt to rw /dev/udmabuf - Allow qatlib to modify hardware state information. - Allow key.dns_resolve connect to avahi over a unix stream socket - Allow key.dns_resolve create and use unix datagram socket - Use quay.io as the container image source for CI --- diff --git a/selinux-policy.spec b/selinux-policy.spec index 743f50e..8ccb495 100644 --- a/selinux-policy.spec +++ b/selinux-policy.spec @@ -1,6 +1,6 @@ # github repo with selinux-policy sources %global giturl https://github.com/fedora-selinux/selinux-policy -%global commit 77e7428bf98c645389b8efaf61a2c3ed6e2441d8 +%global commit f1d705ff0198481fbce07a9bea5bda9eedda7449 %global shortcommit %(c=%{commit}; echo ${c:0:7}) %define distro redhat @@ -23,7 +23,7 @@ %define CHECKPOLICYVER 3.2 Summary: SELinux policy configuration Name: selinux-policy -Version: 38.25 +Version: 38.26 Release: 1%{?dist} License: GPL-2.0-or-later Source: %{giturl}/archive/%{commit}/%{name}-%{shortcommit}.tar.gz @@ -814,6 +814,22 @@ exit 0 %endif %changelog +* Thu Aug 24 2023 Zdenek Pytela - 38.26-1 +- Change file transition for systemd-network-generator +- Additional support for gnome-initial-setup +- Update gnome-initial-setup policy for geoclue +- Allow openconnect vpn open vhost net device +- Allow cifs.upcall to connect to SSSD also through the /var/run socket +- Grant cifs.upcall more required capabilities +- Allow xenstored map xenfs files +- Update policy for fdo +- Allow keepalived watch var_run dirs +- Allow svirt to rw /dev/udmabuf +- Allow qatlib to modify hardware state information. +- Allow key.dns_resolve connect to avahi over a unix stream socket +- Allow key.dns_resolve create and use unix datagram socket +- Use quay.io as the container image source for CI + * Fri Aug 11 2023 Zdenek Pytela - 38.25-1 - ci: Move srpm/rpm build to packit - .copr: Avoid subshell and changing directory diff --git a/sources b/sources index 7ffaaba..38d7c6d 100644 --- a/sources +++ b/sources @@ -1,3 +1,3 @@ -SHA512 (selinux-policy-77e7428.tar.gz) = c0d65f956dcce0231a9a7936035eca3a71162727d533f5e0aee5a210b49393ccc6f3048d08dfee7882fca6682755ce16e016842b1e1724e6bb6d6485040b62f4 -SHA512 (container-selinux.tgz) = 0daa315c81b23885be0cebcd24b4601d72f40133476ecbfd0462d42ec13ab9101cd5ff76150ef8272cbfb2d67f269b6b4c47c0225c12513e04c90ccd6066042e +SHA512 (selinux-policy-f1d705f.tar.gz) = 29e3cc50c96330bcf687f1dabc63b6aa7fe6de9607c361630a06d7701f17dff7c5dfb3ee4b1369712ada2adbfd7c0ed2db8b833334e0502b1216d5fa90133490 +SHA512 (container-selinux.tgz) = a16ba0d02ef2a5a120226529b3648d95a34b52f4a4e49fe90006f468da4d932423bea3032986fc7f41660e44bddfd33737eb864395b073df291984c8979cb279 SHA512 (macro-expander) = 243ee49f1185b78ac47e56ca9a3f3592f8975fab1a2401c0fcc7f88217be614fe31805bacec602b728e7fcfc21dcc17d90e9a54ce87f3a0c97624d9ad885aea4