diff --git a/.gitignore b/.gitignore index d2fc2f0..95a8a30 100644 --- a/.gitignore +++ b/.gitignore @@ -302,3 +302,5 @@ serefpolicy* /selinux-policy-6d6b959.tar.gz /selinux-policy-contrib-d262cac.tar.gz /selinux-policy-contrib-96516df.tar.gz +/selinux-policy-d3879ff.tar.gz +/selinux-policy-contrib-77702b6.tar.gz diff --git a/selinux-policy.spec b/selinux-policy.spec index 0808beb..a2fd2e8 100644 --- a/selinux-policy.spec +++ b/selinux-policy.spec @@ -1,11 +1,11 @@ # github repo with selinux-policy base sources %global git0 https://github.com/fedora-selinux/selinux-policy -%global commit0 6d6b95972bbfad687f0540e413706c06ac4b7b9d +%global commit0 d3879ff6b068edeb991ae699951790e1cb364147 %global shortcommit0 %(c=%{commit0}; echo ${c:0:7}) # github repo with selinux-policy contrib sources %global git1 https://github.com/fedora-selinux/selinux-policy-contrib -%global commit1 96516dff2992a40dd1683b6f1303a90f6c751a86 +%global commit1 77702b60237ff5550c3c14c4132ba7d5c6fd7bae %global shortcommit1 %(c=%{commit1}; echo ${c:0:7}) %define distro redhat @@ -29,7 +29,7 @@ Summary: SELinux policy configuration Name: selinux-policy Version: 3.14.1 -Release: 37%{?dist} +Release: 38%{?dist} License: GPLv2+ Group: System Environment/Base Source: %{git0}/archive/%{commit0}/%{name}-%{shortcommit0}.tar.gz @@ -718,6 +718,24 @@ exit 0 %endif %changelog +* Tue Aug 07 2018 Lukas Vrabec - 3.14.1-38 +- Allow kprop_t domain to read network state +- Add support boltd policy +- Allow kpropd domain to exec itself +- Allow pdns_t to bind on tcp transproxy port +- Add support for opafm service +- Allow hsqldb_t domain to read cgroup files +- Allow rngd_t domain to read generic certs +- Allow innd_t domain to mmap own var_lib_t files +- Update screen_role_temaplate interface +- Allow chronyd_t domain to mmap own tmpfs files +- Allow chronyd_t domain to mmap own tmpfs files +- Fix typo bug in oracleasm policy module +- Allow systemd to mounont boltd lib dirs +- Allow sysadm_t domain to create rawip sockets +- Allow sysadm_t domain to listen on socket +- Update sudo_role_template() to allow caller domain also setattr generic ptys + * Sun Jul 29 2018 Lukas Vrabec - 3.14.1-37 - Allow sblim_sfcbd_t domain to mmap own tmpfs files - Allow nfsd_t domain to read krb5 keytab files diff --git a/sources b/sources index 7a00585..bd49ef5 100644 --- a/sources +++ b/sources @@ -1,3 +1,3 @@ -SHA512 (selinux-policy-contrib-96516df.tar.gz) = f4aa64ff7d8b46a5aad5337987eeb3bfc5dd662d5b02301de0ae16e9748590c45b6a74ac29f30eec405643a948af30bd0708aadc2f0fce78027a333e8a1e9585 -SHA512 (selinux-policy-6d6b959.tar.gz) = 80581ed1867e6e4ca6b3a691f03aee40946f7b2784ccb107b44f5e3008271a3c81af7111afd063c60c74c0360c784e1e3b429d3656bf1bb662094e1cd9b60906 -SHA512 (container-selinux.tgz) = 56ea4d8ca1f44adc3d432935f58c9198dfcedf136f9946ecf188aa91b44bbb59e282d075ac11fc37ffa28730b1a723098e6123372b324f2a1177c69f311b67a2 +SHA512 (selinux-policy-d3879ff.tar.gz) = 4b4fc8a907f2f3721bbf0967251183dd7ff5d38e14e8f9c8cb6f2d1332c1222c117f233ab7d6812b8b1ff047f143e185def275023aea601c8acbf779b220b895 +SHA512 (selinux-policy-contrib-77702b6.tar.gz) = 20def4b46c9ec36c13793c557d4434135aa32f786d2675bc274de835c554875597488efad2a5a047ec1868d213131e5f7ccde725b82b7cbf6d6224ec8ede9246 +SHA512 (container-selinux.tgz) = d1db426e0d3515beee019c4874fe28e02c776ab9810f19de7e9a5e53bab427bcd538576d746d819cd738a842db1eafb06cad60c5afbf5b12b2c53010341516b4