From b7b2c03ca737e8da64f8bc64c5993cac065d6a0b Mon Sep 17 00:00:00 2001 From: Zdenek Pytela Date: Apr 14 2020 14:43:04 +0000 Subject: * Tue Apr 16 2020 Zdenek Pytela - 3.14.6-12 - Allow rngd create netlink_kobject_uevent_socket and read udev runtime files - Allow ssh-keygen create file in /var/lib/glusterd - Update ctdbd_manage_lib_files() to also allow mmap ctdbd_var_lib_t files - Merge ipa and ipa_custodia modules - Allow NetworkManager_ssh_t to execute_no_trans for binary ssh_exec_t - Introduce daemons_dontaudit_scheduling boolean - Modify path for arping in netutils.fc to match both bin and sbin - Change file context for /var/run/pam_ssh to match file transition - Add file context entry and file transition for /var/run/pam_timestamp --- diff --git a/.gitignore b/.gitignore index d1e3c4a..6d619ed 100644 --- a/.gitignore +++ b/.gitignore @@ -456,3 +456,5 @@ serefpolicy* /selinux-policy-contrib-2c38d35.tar.gz /selinux-policy-contrib-d5da042.tar.gz /selinux-policy-50a6afe.tar.gz +/selinux-policy-ad1d355.tar.gz +/selinux-policy-contrib-6db7310.tar.gz diff --git a/modules-targeted-contrib.conf b/modules-targeted-contrib.conf index 9989ebe..9568fe6 100644 --- a/modules-targeted-contrib.conf +++ b/modules-targeted-contrib.conf @@ -2663,10 +2663,3 @@ rrdcached = module # stratisd # stratisd = module - -# Layer: contrib -# Module: ipa_custodia -# -# ipa_custodia -# -ipa_custodia = module diff --git a/selinux-policy.spec b/selinux-policy.spec index 96bfcee..64dddf9 100644 --- a/selinux-policy.spec +++ b/selinux-policy.spec @@ -1,11 +1,11 @@ # github repo with selinux-policy base sources %global git0 https://github.com/fedora-selinux/selinux-policy -%global commit0 50a6afe26d1b3083c339adc1c5f6193ec0cb71cd +%global commit0 ad1d35503f55f535401daa0a59913aa559c38d44 %global shortcommit0 %(c=%{commit0}; echo ${c:0:7}) # github repo with selinux-policy contrib sources %global git1 https://github.com/fedora-selinux/selinux-policy-contrib -%global commit1 d5da0422ebc96d5acbe912aa8d5c3bc8a1ace015 +%global commit1 6db7310a3b7385e07359a978a46c52d7ec22bedd %global shortcommit1 %(c=%{commit1}; echo ${c:0:7}) %define distro redhat @@ -29,7 +29,7 @@ Summary: SELinux policy configuration Name: selinux-policy Version: 3.14.6 -Release: 11%{?dist} +Release: 12%{?dist} License: GPLv2+ Source: %{git0}/archive/%{commit0}/%{name}-%{shortcommit0}.tar.gz Source29: %{git1}/archive/%{commit1}/%{name}-contrib-%{shortcommit1}.tar.gz @@ -772,6 +772,17 @@ exit 0 %endif %changelog +* Tue Apr 14 2020 Zdenek Pytela - 3.14.6-12 +- Allow rngd create netlink_kobject_uevent_socket and read udev runtime files +- Allow ssh-keygen create file in /var/lib/glusterd +- Update ctdbd_manage_lib_files() to also allow mmap ctdbd_var_lib_t files +- Merge ipa and ipa_custodia modules +- Allow NetworkManager_ssh_t to execute_no_trans for binary ssh_exec_t +- Introduce daemons_dontaudit_scheduling boolean +- Modify path for arping in netutils.fc to match both bin and sbin +- Change file context for /var/run/pam_ssh to match file transition +- Add file context entry and file transition for /var/run/pam_timestamp + * Tue Mar 31 2020 Zdenek Pytela - 3.14.6-11 - Allow NetworkManager manage dhcpd unit files - Update ninfod policy to add nnp transition from systemd to ninfod diff --git a/sources b/sources index 014960d..3e0d70e 100644 --- a/sources +++ b/sources @@ -1,4 +1,4 @@ -SHA512 (selinux-policy-contrib-d5da042.tar.gz) = 2c1b56fe7b5a4586bba0426f6e4fde587f73e528da48bd23efe2a41e77ba1448ef791f8162d4cc296e0b76d52229cda53ca4183690e2e944bd2c0e2c0949b3a7 -SHA512 (selinux-policy-50a6afe.tar.gz) = bf61e844af6a3bd8138ba95270a641f17e322d09dafdd8cf278b36ba088ce9a7672ccef1d9ed2aede89e8e59c3899fe2f6cc3e86234a3239dcc22bbd8a7b432b -SHA512 (container-selinux.tgz) = 5d755b9fd44c3c12dbdce64648d9dd57c4dafc6456f5705ef81c61308d790e3ef2554108d416925c09f35919ef89d9b41f5293a54b43fc058c13130122ebf834 +SHA512 (selinux-policy-ad1d355.tar.gz) = c58b42b7b0a6c92f0efb3cd64c7c7dc4d8645dcc1a66e1af59a508ac22cbf777e82d7ecd69ba65eb0031470b7c8c6f8e55a3f0275da21da2f0b5ce2d5a394750 +SHA512 (selinux-policy-contrib-6db7310.tar.gz) = 805bffcdee4cdf870973419c22f04b9862873c68f73fede5c8360750719efb96c28a72e2bb5382e4a7b7df25a3dbd3997f740c4a6d194c00f9b1468afe6a3009 +SHA512 (container-selinux.tgz) = 551b7288daeb2742e6bdbf8ec31ae5ff5efc3223ef30776359ec3480a0d9a5b16174a0f74bbacd446c56f822b51c83c3b4ad7c74b2e843f2c698dcfacbf6a175 SHA512 (macro-expander) = 243ee49f1185b78ac47e56ca9a3f3592f8975fab1a2401c0fcc7f88217be614fe31805bacec602b728e7fcfc21dcc17d90e9a54ce87f3a0c97624d9ad885aea4