From df01aa0df9db05bf6916eadcd928617709146d2e Mon Sep 17 00:00:00 2001 From: CentOS Sources Date: Feb 27 2022 05:26:39 +0000 Subject: import selinux-policy-3.14.3-93.el8 --- diff --git a/.gitignore b/.gitignore index a5ee838..dbd5186 100644 --- a/.gitignore +++ b/.gitignore @@ -1,3 +1,3 @@ SOURCES/container-selinux.tgz -SOURCES/selinux-policy-43c76ff.tar.gz -SOURCES/selinux-policy-contrib-695c26c.tar.gz +SOURCES/selinux-policy-642155b.tar.gz +SOURCES/selinux-policy-contrib-0e4a7a0.tar.gz diff --git a/.selinux-policy.metadata b/.selinux-policy.metadata index 39d3187..7d300f0 100644 --- a/.selinux-policy.metadata +++ b/.selinux-policy.metadata @@ -1,3 +1,3 @@ -21d9568df0d9faa62bbb050301298f763b64cae1 SOURCES/container-selinux.tgz -1a81f4f5d2f29f0fa33098a2932a0c8df15eca8c SOURCES/selinux-policy-43c76ff.tar.gz -94bf21415699d48a0057b472476cc6f2b7670173 SOURCES/selinux-policy-contrib-695c26c.tar.gz +e531ed72bd4055f40cb0152b1f81842c96af37c5 SOURCES/container-selinux.tgz +26b6cee1e1baf47309bfc5055781869abb589a2d SOURCES/selinux-policy-642155b.tar.gz +17a4e399dbf5dd7266a5bf3904aad633e3889351 SOURCES/selinux-policy-contrib-0e4a7a0.tar.gz diff --git a/SOURCES/modules-targeted-contrib.conf b/SOURCES/modules-targeted-contrib.conf index de87626..e683239 100644 --- a/SOURCES/modules-targeted-contrib.conf +++ b/SOURCES/modules-targeted-contrib.conf @@ -2656,3 +2656,10 @@ rrdcached = module # stratisd # stratisd = module + +# Layer: contrib +# Module: insights_client +# +# insights_client +# +insights_client = module diff --git a/SPECS/selinux-policy.spec b/SPECS/selinux-policy.spec index 4c8f792..f7b074a 100644 --- a/SPECS/selinux-policy.spec +++ b/SPECS/selinux-policy.spec @@ -1,11 +1,11 @@ # github repo with selinux-policy base sources %global git0 https://github.com/fedora-selinux/selinux-policy -%global commit0 43c76ff3f5d9f998b238a005e25cef2689fa9da3 +%global commit0 642155b226a48d3edbdc1a13fb9a9fece74140f7 %global shortcommit0 %(c=%{commit0}; echo ${c:0:7}) # github repo with selinux-policy contrib sources %global git1 https://github.com/fedora-selinux/selinux-policy-contrib -%global commit1 695c26cb3d0edda3929ef0cb5b3d7b7c8c0b69ea +%global commit1 0e4a7a0e5879fd49a239fb71e000c4967fe98eca %global shortcommit1 %(c=%{commit1}; echo ${c:0:7}) %define distro redhat @@ -24,12 +24,12 @@ %define BUILD_MLS 1 %endif %define POLICYVER 31 -%define POLICYCOREUTILSVER 2.9 +%define POLICYCOREUTILSVER 2.9-19 %define CHECKPOLICYVER 2.9 Summary: SELinux policy configuration Name: selinux-policy Version: 3.14.3 -Release: 92%{?dist} +Release: 93%{?dist} License: GPLv2+ Source: %{git0}/archive/%{commit0}/%{name}-%{shortcommit0}.tar.gz Source29: %{git1}/archive/%{commit1}/%{name}-contrib-%{shortcommit1}.tar.gz @@ -265,6 +265,7 @@ rm -f %{buildroot}%{_sharedstatedir}/selinux/%1/active/*.linked \ %ghost %{_sharedstatedir}/selinux/%1/active/seusers.linked \ %ghost %{_sharedstatedir}/selinux/%1/active/users_extra.linked \ %verify(not md5 size mtime) %{_sharedstatedir}/selinux/%1/active/file_contexts.homedirs \ +%verify(not md5 size mtime) %{_sharedstatedir}/selinux/%1/active/modules_checksum \ #%{_libexecdir}/selinux/selinux-factory-reset \ #%{_unitdir}/selinux-factory-reset@.service \ #%{_unitdir}/basic.target.wants/selinux-factory-reset@%1.service \ @@ -716,6 +717,32 @@ exit 0 %endif %changelog +* Thu Feb 24 2022 Zdenek Pytela - 3.14.3-93 +- Allow systemd-networkd dbus chat with sosreport +Resolves: rhbz#1949493 +- Allow sysadm_passwd_t to relabel passwd and group files +Resolves: rhbz#2053457 +- Allow confined sysadmin to use tool vipw +Resolves: rhbz#2053457 +- Allow sosreport dbus chat with abrt and timedatex +Resolves: rhbz#1949493 +- Remove unnecessary /etc file transitions for insights-client +Resolves: rhbz#2031853 +- Label all content in /var/lib/insights with insights_client_var_lib_t +Resolves: rhbz#2031853 +- Update insights-client policy +Resolves: rhbz#2031853 +- Update insights-client: fc pattern, motd, writing to etc +Resolves: rhbz#2031853 +- Remove permissive domain for insights_client_t +Resolves: rhbz#2031853 +- New policy for insight-client +Resolves: rhbz#2031853 +- Add the insights_client module +Resolves: rhbz#2031853 +- Update specfile to buildrequire policycoreutils-devel >= 2.9-19 +- Add modules_checksum to %files + * Wed Feb 16 2022 Zdenek Pytela - 3.14.3-92 - Allow postfix_domain read dovecot certificates 1/2 Resolves: rhbz#2043599