From c618bb9f5da9bd1b0df1d5e31032357b3e0f7781 Mon Sep 17 00:00:00 2001 From: Zdenek Pytela Date: Aug 02 2023 20:34:58 +0000 Subject: * Wed Aug 02 2023 Zdenek Pytela - 38.23-1 - Revert "Allow winbind-rpcd use its private tmp files" - Allow upsmon execute upsmon via a helper script - Allow openconnect vpn read/write inherited vhost net device - Allow winbind-rpcd use its private tmp files - Update samba-dcerpc policy for printing - Allow gpsd,oddjob,oddjob_mkhomedir rw user domain pty - Allow nscd watch system db dirs - Allow qatlib to read sssd public files - Allow fedora-third-party read /sys and proc - Allow systemd-gpt-generator mount a tmpfs filesystem - Allow journald write to cgroup files - Allow rpc.mountd read network sysctls - Allow blueman read the contents of the sysfs filesystem - Allow logrotate_t to map generic files in /etc - Boolean: Allow virt_qemu_ga create ssh directory --- diff --git a/selinux-policy.spec b/selinux-policy.spec index 942675a..4ffe3df 100644 --- a/selinux-policy.spec +++ b/selinux-policy.spec @@ -1,6 +1,6 @@ # github repo with selinux-policy sources %global giturl https://github.com/fedora-selinux/selinux-policy -%global commit 2c0b0e5e22dae960f6aa3c470ab10f1692497a6c +%global commit 2ee39c559a721d86f1903ba8f7115e1583fa0e55 %global shortcommit %(c=%{commit}; echo ${c:0:7}) %define distro redhat @@ -23,7 +23,7 @@ %define CHECKPOLICYVER 3.2 Summary: SELinux policy configuration Name: selinux-policy -Version: 38.22 +Version: 38.23 Release: 1%{?dist} License: GPL-2.0-or-later Source: %{giturl}/archive/%{commit}/%{name}-%{shortcommit}.tar.gz @@ -814,6 +814,23 @@ exit 0 %endif %changelog +* Wed Aug 02 2023 Zdenek Pytela - 38.23-1 +- Revert "Allow winbind-rpcd use its private tmp files" +- Allow upsmon execute upsmon via a helper script +- Allow openconnect vpn read/write inherited vhost net device +- Allow winbind-rpcd use its private tmp files +- Update samba-dcerpc policy for printing +- Allow gpsd,oddjob,oddjob_mkhomedir rw user domain pty +- Allow nscd watch system db dirs +- Allow qatlib to read sssd public files +- Allow fedora-third-party read /sys and proc +- Allow systemd-gpt-generator mount a tmpfs filesystem +- Allow journald write to cgroup files +- Allow rpc.mountd read network sysctls +- Allow blueman read the contents of the sysfs filesystem +- Allow logrotate_t to map generic files in /etc +- Boolean: Allow virt_qemu_ga create ssh directory + * Tue Jul 25 2023 Zdenek Pytela - 38.22-1 - Allow systemd-network-generator send system log messages - Dontaudit the execute permission on sock_file globally diff --git a/sources b/sources index 2a2147e..6b0ccb2 100644 --- a/sources +++ b/sources @@ -1,3 +1,3 @@ -SHA512 (selinux-policy-2c0b0e5.tar.gz) = d9c593a138f01968a023e20fe5ce945c12989ac3d4f425a2b9f3fc61673e840468fdabc2041dfbf7ace06baf30e8d22d073e53c9822a673cf8804d90a74cb7e6 -SHA512 (container-selinux.tgz) = 256c4e983f1b96ab9eedec96a946afa1dedd13fda1c9c6d69b13623f988b330d98fc8561ba7c6a9e25ab6ce41eb68682ceb1614f9cd283570f618cba3e71145a +SHA512 (selinux-policy-2ee39c5.tar.gz) = 00f8339447123c69a7dcec60ea90b0eef97b7ce77dc3a73bceeb442f2cbcb9c13cce086efa05045d949b71b49f31f751070884318b4a68065775840e9c768dd6 +SHA512 (container-selinux.tgz) = 5c0eaaf3f4e40bcb684a64f473d5abac8165881481fb647e5d37bb653f77e3b4c5da4708ec41c73e001c182023dbc5e381fd0f8730434681a248d9717975b7fa SHA512 (macro-expander) = 243ee49f1185b78ac47e56ca9a3f3592f8975fab1a2401c0fcc7f88217be614fe31805bacec602b728e7fcfc21dcc17d90e9a54ce87f3a0c97624d9ad885aea4