From 53d2cbdc84f1165ea2c824882c5ce04770192fb7 Mon Sep 17 00:00:00 2001 From: Zdenek Pytela Date: Jun 22 2022 18:23:04 +0000 Subject: * Wed Jun 22 2022 Zdenek Pytela - 37.5-1 - Allow transition to insights_client named content - Add the insights_client_filetrans_named_content() interface - Update policy for insights-client to run additional commands 3 - Allow dhclient manage pid files used by chronyd - Allow stalld get scheduling policy of kernel threads - Allow samba-dcerpcd work with sssd - Allow dlm_controld send a null signal to a cluster daemon - Allow ksmctl create hardware state information files - Allow winbind_rpcd_t connect to self over a unix_stream_socket - Update samba-dcerpcd policy for kerberos usage - Allow insights-client execute its private memfd: objects - Update policy for insights-client to run additional commands 2 - Use insights_client_tmp_t instead of insights_client_var_tmp_t - Change space indentation to tab in insights-client - Use socket permissions sets in insights-client - Update policy for insights-client to run additional commands - Change rpm_setattr_db_files() to use a pattern - Allow init_t to rw insights_client unnamed pipe - Add rpm setattr db files macro - Fix insights client - Update kernel_read_unix_sysctls() for sysctl_net_unix_t handling - Allow rabbitmq to access its private memfd: objects - Update policy for samba-dcerpcd - Allow stalld setsched and sys_nice --- diff --git a/selinux-policy.spec b/selinux-policy.spec index ca5127a..aeeda3c 100644 --- a/selinux-policy.spec +++ b/selinux-policy.spec @@ -1,6 +1,6 @@ # github repo with selinux-policy sources %global giturl https://github.com/fedora-selinux/selinux-policy -%global commit 7694f3d5ddc360f428e54f168b521859ff0a4ee1 +%global commit 3def661da783b254bd5c9509947a17fc894d31d0 %global shortcommit %(c=%{commit}; echo ${c:0:7}) %define distro redhat @@ -23,7 +23,7 @@ %define CHECKPOLICYVER 3.2 Summary: SELinux policy configuration Name: selinux-policy -Version: 37.4 +Version: 37.5 Release: 1%{?dist} License: GPLv2+ Source: %{giturl}/archive/%{commit}/%{name}-%{shortcommit}.tar.gz @@ -816,6 +816,32 @@ exit 0 %endif %changelog +* Wed Jun 22 2022 Zdenek Pytela - 37.5-1 +- Allow transition to insights_client named content +- Add the insights_client_filetrans_named_content() interface +- Update policy for insights-client to run additional commands 3 +- Allow dhclient manage pid files used by chronyd +- Allow stalld get scheduling policy of kernel threads +- Allow samba-dcerpcd work with sssd +- Allow dlm_controld send a null signal to a cluster daemon +- Allow ksmctl create hardware state information files +- Allow winbind_rpcd_t connect to self over a unix_stream_socket +- Update samba-dcerpcd policy for kerberos usage +- Allow insights-client execute its private memfd: objects +- Update policy for insights-client to run additional commands 2 +- Use insights_client_tmp_t instead of insights_client_var_tmp_t +- Change space indentation to tab in insights-client +- Use socket permissions sets in insights-client +- Update policy for insights-client to run additional commands +- Change rpm_setattr_db_files() to use a pattern +- Allow init_t to rw insights_client unnamed pipe +- Add rpm setattr db files macro +- Fix insights client +- Update kernel_read_unix_sysctls() for sysctl_net_unix_t handling +- Allow rabbitmq to access its private memfd: objects +- Update policy for samba-dcerpcd +- Allow stalld setsched and sys_nice + * Tue Jun 07 2022 Zdenek Pytela - 37.4-1 - Allow auditd_t noatsecure for a transition to audisp_remote_t - Allow ctdbd nlmsg_read on netlink_tcpdiag_socket diff --git a/sources b/sources index 6543e39..38fe5a2 100644 --- a/sources +++ b/sources @@ -1,3 +1,3 @@ -SHA512 (selinux-policy-7694f3d.tar.gz) = 7c2f3ed062b36eb286b40d114138cdac231686316cedc53768646eb26bfa475fe68ac64a480f47c7fc94fb3c525e5ae3df7f2fecaef8ae2d1dc9c244130601fd -SHA512 (container-selinux.tgz) = d8f6aa5e61318a132e5b965ea19fd03d2c7745d6562ba919ce9497dd2dbed71562f68f31ddb0b61f6f7f9c121333dbbe2c887dca0e66202c7fc6203fde2380b7 +SHA512 (selinux-policy-3def661.tar.gz) = d0e19081a3f99c9dabd977d804300deb904738d8ddfda33f4a8e75c64dfd0010bbfc8144380c3192bd81dba5b4e78905bf90176c3c8e03a20da491a8427af2b7 +SHA512 (container-selinux.tgz) = 9639e890de1637f2abeb51745e4e5e4bdd378130e3e165395bfee3397864bbcb308173d44c145f20e024223c1b361e2a985bc991ce89e36c6c62699f26b59002 SHA512 (macro-expander) = 243ee49f1185b78ac47e56ca9a3f3592f8975fab1a2401c0fcc7f88217be614fe31805bacec602b728e7fcfc21dcc17d90e9a54ce87f3a0c97624d9ad885aea4