diff --git a/selinux-policy.spec b/selinux-policy.spec index 699fff4..595d313 100644 --- a/selinux-policy.spec +++ b/selinux-policy.spec @@ -1,6 +1,6 @@ # github repo with selinux-policy sources %global giturl https://github.com/fedora-selinux/selinux-policy -%global commit 471437a05d18a759a7d675c29b42839c1b7d72a4 +%global commit 28c2ee5fb5dfba79004bfa8dece14dfb62967319 %global shortcommit %(c=%{commit}; echo ${c:0:7}) %define distro redhat @@ -23,7 +23,7 @@ %define CHECKPOLICYVER 3.2 Summary: SELinux policy configuration Name: selinux-policy -Version: 40.17 +Version: 40.18 Release: 1%{?dist} License: GPL-2.0-or-later Source: %{giturl}/archive/%{commit}/%{name}-%{shortcommit}.tar.gz @@ -824,6 +824,25 @@ exit 0 %endif %changelog +* Mon May 06 2024 Zdenek Pytela - 40.18-1 +- Allow virtqemud read vfio devices +- Allow virtqemud get attributes of a tmpfs filesystem +- Allow svirt_t read vm sysctls +- Allow virtqemud create and unlink files in /etc/libvirt/ +- Allow virtqemud get attributes of cifs files +- Allow virtqemud get attributes of filesystems with extended attributes +- Allow virtqemud get attributes of NFS filesystems +- Allow virt_domain read and write usb devices conditionally +- Allow virtstoraged use the io_uring API +- Allow virtstoraged execute lvm programs in the lvm domain +- Allow virtnodevd_t map /var/lib files +- Allow svirt_tcg_t map svirt_image_t files +- Allow abrt-dump-journal-core connect to systemd-homed +- Allow abrt-dump-journal-core connect to systemd-machined +- Allow sssd create and use io_uring +- Allow selinux-relabel-generator create units dir +- Allow dbus-broker read/write inherited user ttys + * Thu Apr 25 2024 Zdenek Pytela - 40.17-1 - Define transitions for /run/libvirt/common and /run/libvirt/qemu - Allow systemd-sleep read raw disk data diff --git a/sources b/sources index 25d9eb6..b25ddef 100644 --- a/sources +++ b/sources @@ -1,3 +1,3 @@ -SHA512 (selinux-policy-471437a.tar.gz) = 0c863f5fd6e78c1d0936eb1b1b8f64ed19594e5c10b755e2521d6a614e1f132867239d75d790c4c1d2bbcd5245e531bb3b8f08448e10b666012ab46c4c0d3952 -SHA512 (container-selinux.tgz) = cf192f8bdbcc58f56b24cae3cf557c441e07715eb8d9347bae11c801395a1cfdcefd23c8bb3d2fdfb30d231881504c0166cd065125fe7e7572b40dd0822f35bb +SHA512 (selinux-policy-28c2ee5.tar.gz) = c1ffef79c8be225e9890d06af4a6fb0c7dd603e62274dad3354c1b38ce60b163ee2f1ae13eb7ca850fe9e6294c1d867c2c3fd55db8b4840c5b8e440b22806e28 SHA512 (macro-expander) = 243ee49f1185b78ac47e56ca9a3f3592f8975fab1a2401c0fcc7f88217be614fe31805bacec602b728e7fcfc21dcc17d90e9a54ce87f3a0c97624d9ad885aea4 +SHA512 (container-selinux.tgz) = 75faffa7c5fa5f96e5dd214e7de281cb71bc887af178355e7473c6ef1862ff90e1a7c9a0be496e950a6401568c36ff9c7d2d87d225897749474980ff3dad7246