diff --git a/selinux-policy.spec b/selinux-policy.spec index 5784426..5148238 100644 --- a/selinux-policy.spec +++ b/selinux-policy.spec @@ -1,6 +1,6 @@ # github repo with selinux-policy sources %global giturl https://github.com/fedora-selinux/selinux-policy -%global commit 74a82f55c34a26e138d8ba4577a349e302ee0a1e +%global commit c19e4cb9a3f23f2b14c31c978627f9c486a369f4 %global shortcommit %(c=%{commit}; echo ${c:0:7}) %define distro redhat @@ -23,7 +23,7 @@ %define CHECKPOLICYVER 3.2 Summary: SELinux policy configuration Name: selinux-policy -Version: 37.9 +Version: 37.10 Release: 1%{?dist} License: GPLv2+ Source: %{giturl}/archive/%{commit}/%{name}-%{shortcommit}.tar.gz @@ -816,6 +816,32 @@ exit 0 %endif %changelog +* Fri Sep 02 2022 Zdenek Pytela - 37.10-1 +- Allow ipsec_t read/write tpm devices +- Allow rhcd execute all executables +- Update rhcd policy for executing additional commands 2 +- Update insights-client policy for additional commands execution 2 +- Allow sysadm_t read raw memory devices +- Allow chronyd send and receive chronyd/ntp client packets +- Allow ssh client read kerberos homedir config files +- Label /var/log/rhc-worker-playbook with rhcd_var_log_t +- Update insights-client policy (auditctl, gpg, journal) +- Allow system_cronjob_t domtrans to rpm_script_t +- Allow smbd_t process noatsecure permission for winbind_rpcd_t +- Update tor_bind_all_unreserved_ports interface +- Allow chronyd bind UDP sockets to ptp_event ports. +- Allow unconfined and sysadm users transition for /root/.gnupg +- Add gpg_filetrans_admin_home_content() interface +- Update rhcd policy for executing additional commands +- Update insights-client policy for additional commands execution +- Add userdom_view_all_users_keys() interface +- Allow gpg read and write generic pty type +- Allow chronyc read and write generic pty type +- Allow system_dbusd ioctl kernel with a unix stream sockets +- Allow samba-bgqd to read a printer list +- Allow stalld get and set scheduling policy of all domains. +- Allow unconfined_t transition to targetclid_home_t + * Thu Aug 11 2022 Zdenek Pytela - 37.9-1 - Allow nm-dispatcher custom plugin dbus chat with nm - Allow nm-dispatcher sendmail plugin get status of systemd services diff --git a/sources b/sources index bb2edcb..434f750 100644 --- a/sources +++ b/sources @@ -1,3 +1,3 @@ -SHA512 (selinux-policy-74a82f5.tar.gz) = cea477b6796fa51c9613714027f2d3be1eb863c7c8fc1e5d9fecf11a6f5ac814b9ad9a98ccce6808cbd0c205896c482d8f3520f7172d9486a25c069f3790ce15 -SHA512 (container-selinux.tgz) = 5811b508b20f9999568f84a12077caf0e0c5d21902bbd43962eb6f35bc7c4f0a46900c06b243e8357e42d1fa367c93da1bd1828132f88dbceb63857699f900b8 +SHA512 (selinux-policy-c19e4cb.tar.gz) = c94cce85023394a8825169dbdad94b91617c2b0ec83f2c27c42e3a97eedec6d574868c696288b84ee2754c2ae7d56fcb94eaf13bb7f69680351ab04b1236dabb +SHA512 (container-selinux.tgz) = 59ea54cc84bc74b45a9318d027ae36b3a0d49e1d0ca2ff740f63ab155e0382a095a213a36d50f6cf4d7aae916c2d86841eca4633a3675097b5bee6980f47251f SHA512 (macro-expander) = 243ee49f1185b78ac47e56ca9a3f3592f8975fab1a2401c0fcc7f88217be614fe31805bacec602b728e7fcfc21dcc17d90e9a54ce87f3a0c97624d9ad885aea4