From 5a32f59808af78468b44cba910651685d4da59fc Mon Sep 17 00:00:00 2001 From: Zdenek Pytela Date: Sep 25 2020 17:12:03 +0000 Subject: * Fri Sep 25 2020 Zdenek Pytela - 3.14.7-4 - Allow chronyd_t to accept and make NTS-KE connections - Allow domain write to an automount unnamed pipe - Label /var/run/zincati/public/motd.d/* as motd_var_run_t - Allow login programs to (only) read MOTD files and symlinks - Relabel /usr/sbin/charon-systemd as ipsec_exec_t - Confine systemd-sleep service - Add fstools_rw_swap_files() interface - Label 4460/tcp port as ntske_port_t - Add lvm_dbus_send_msg(), lvm_rw_var_run() interfaces --- diff --git a/.gitignore b/.gitignore index 195dc56..cd8de21 100644 --- a/.gitignore +++ b/.gitignore @@ -486,3 +486,5 @@ serefpolicy* /selinux-policy-contrib-a79abda.tar.gz /selinux-policy-16e3987.tar.gz /selinux-policy-496bf1e.tar.gz +/selinux-policy-contrib-b1dcbc5.tar.gz +/selinux-policy-8ae4dfa.tar.gz diff --git a/selinux-policy.spec b/selinux-policy.spec index 28e602c..c15eee8 100644 --- a/selinux-policy.spec +++ b/selinux-policy.spec @@ -1,11 +1,11 @@ # github repo with selinux-policy base sources %global git0 https://github.com/fedora-selinux/selinux-policy -%global commit0 496bf1e94c18665a635dfe2e9e68bc589ed7f40f +%global commit0 8ae4dfa61e69e2d88a038d3823a224ee94cecec2 %global shortcommit0 %(c=%{commit0}; echo ${c:0:7}) # github repo with selinux-policy contrib sources %global git1 https://github.com/fedora-selinux/selinux-policy-contrib -%global commit1 a79abdab093f548370496c9a22bc7ab08b98c684 +%global commit1 b1dcbc59a940c762dfe4e07117cd5615f8b5c99a %global shortcommit1 %(c=%{commit1}; echo ${c:0:7}) %define distro redhat @@ -29,7 +29,7 @@ Summary: SELinux policy configuration Name: selinux-policy Version: 3.14.7 -Release: 3%{?dist} +Release: 4%{?dist} License: GPLv2+ Source: %{git0}/archive/%{commit0}/%{name}-%{shortcommit0}.tar.gz Source29: %{git1}/archive/%{commit1}/%{name}-contrib-%{shortcommit1}.tar.gz @@ -799,6 +799,17 @@ exit 0 %endif %changelog +* Fri Sep 25 2020 Zdenek Pytela - 3.14.7-4 +- Allow chronyd_t to accept and make NTS-KE connections +- Allow domain write to an automount unnamed pipe +- Label /var/run/zincati/public/motd.d/* as motd_var_run_t +- Allow login programs to (only) read MOTD files and symlinks +- Relabel /usr/sbin/charon-systemd as ipsec_exec_t +- Confine systemd-sleep service +- Add fstools_rw_swap_files() interface +- Label 4460/tcp port as ntske_port_t +- Add lvm_dbus_send_msg(), lvm_rw_var_run() interfaces + * Mon Sep 21 2020 Zdenek Pytela - 3.14.7-3 - Check out the right -contrib branch in Travis diff --git a/sources b/sources index d551360..ffb29b3 100644 --- a/sources +++ b/sources @@ -1,4 +1,4 @@ -SHA512 (selinux-policy-contrib-a79abda.tar.gz) = 14cd9b991d9f63ac45f3bedfcf41a3d3199a6af8e637037ae07d96b61a4f24dfab086dca9b3158605d996afd82cf4b8b9aea2895976f2c7586d7d98f8fbb52c5 -SHA512 (selinux-policy-496bf1e.tar.gz) = 559382b34c2e39c54f8f022df64a2950e7f0dc35d9d4df928285f68938a9b9d1ba38c7257317b513166af2438037b924e20d334586936bf96165ba1cb7be8975 -SHA512 (container-selinux.tgz) = 00a88e0ccfdb00587628cb25a298846faba730d3edc246db11a2b66e3f616322e58cc81939aa585977853ef9b9932807cc839b955dff3a17c9f15b5c54d85681 +SHA512 (selinux-policy-contrib-b1dcbc5.tar.gz) = 51074e1196721991e189fb73c97a5a110f688da3cc82f229c599ad5756322efa02ff1781162e7cfeb7af0a640032c7ea392b80d652d01e4c35485ac9ba3e4c7f +SHA512 (selinux-policy-8ae4dfa.tar.gz) = 8cb0b33b623a04bbe90876858a5568c8c1b7cd577f6fdca4d13955de7c020fd99bf4fdd8111663790215111da9a8573e57494028c7143a69f223446049448358 +SHA512 (container-selinux.tgz) = cbb4e1b4d22ba838b7fb5304ff07b0cc8ffcdcc44bab8f99a95d274fb5d2edf2843b2ec891a0ae8509bf383fb58223a66b80d608ccf8fd5d8901d627f3d70c72 SHA512 (macro-expander) = 243ee49f1185b78ac47e56ca9a3f3592f8975fab1a2401c0fcc7f88217be614fe31805bacec602b728e7fcfc21dcc17d90e9a54ce87f3a0c97624d9ad885aea4