diff --git a/container-selinux.tgz b/container-selinux.tgz index c34e909f8aab70401e72c083b4f5d8b05cfecf68..a694d514ab986acce5087c9addb932f9ece848c7 100644 Binary files a/container-selinux.tgz and b/container-selinux.tgz differ diff --git a/dist b/dist new file mode 100644 index 0000000000000000000000000000000000000000..0ee7539a2292be885eb3a6caf1a4ee4666e5e99f --- /dev/null +++ b/dist @@ -0,0 +1 @@ +an8_6 diff --git a/download b/download index 9a75f38657e69726e102a853c65ac9ec53e8bf3a..488edc27bf4cc8388a3efbb835ef25113753d96e 100644 --- a/download +++ b/download @@ -1,2 +1,2 @@ -eefb9a0f9f65c64e8f6eef0f454f5078 selinux-policy-ab10edf.tar.gz -357b0101587572f2b24954174f6644cc selinux-policy-contrib-0dcd5a2.tar.gz +5cfc2380c195ed2806f6a5bf62f91195 selinux-policy-31a9744.tar.gz +f36da01e65efec274d72c5467c22119a selinux-policy-contrib-f659db9.tar.gz diff --git a/selinux-policy.spec b/selinux-policy.spec index 8806004d97699fa64709a12913b80bfc38b34cdd..d2f73772a8b25b54cb06a189b93036565764c19a 100644 --- a/selinux-policy.spec +++ b/selinux-policy.spec @@ -1,12 +1,12 @@ %define anolis_release .0.1 # github repo with selinux-policy base sources %global git0 https://github.com/fedora-selinux/selinux-policy -%global commit0 ab10edf9d09f671f038fbc4446ddc7d8ceb1a266 +%global commit0 31a9744d4abf9817c82d29dd791b0439bd632852 %global shortcommit0 %(c=%{commit0}; echo ${c:0:7}) # github repo with selinux-policy contrib sources %global git1 https://github.com/fedora-selinux/selinux-policy-contrib -%global commit1 0dcd5a2a17170740399ea0c6b2c1be5a21c0f701 +%global commit1 f659db9cce300873aabec1a11fcc39d69e043267 %global shortcommit1 %(c=%{commit1}; echo ${c:0:7}) %define distro redhat @@ -30,7 +30,7 @@ Summary: SELinux policy configuration Name: selinux-policy Version: 3.14.3 -Release: 95%{anolis_release}%{?dist}.1 +Release: 95%{anolis_release}%{?dist}.4 License: GPLv2+ Source: %{git0}/archive/%{commit0}/%{name}-%{shortcommit0}.tar.gz Source29: %{git1}/archive/%{commit1}/%{name}-contrib-%{shortcommit1}.tar.gz @@ -718,10 +718,84 @@ exit 0 %endif %changelog -* Wed Aug 3 2022 Weitao Zhou - 3.14.3-95.0.1.1 +* Thu Aug 25 2022 Weitao Zhou - 3.14.3-95.0.1.4 - Disable selinux by default - cherry-pick [bfc16aa] +* Mon Aug 22 2022 Zdenek Pytela - 3.14.3-95.4 +- rebuild +Resolves: rhbz#2103606 + +* Thu Aug 04 2022 Zdenek Pytela - 3.14.3-95.3 +- Allow insights-client rpm named file transitions +Resolves: rhbz#2103606 +- Add /var/tmp/insights-archive to insights_client_filetrans_named_content +Resolves: rhbz#2103606 +- Use insights_client_filetrans_named_content +Resolves: rhbz#2103606 +- Make default file context match with named transitions +Resolves: rhbz#2103606 +- Allow rhsmcertd to read insights config files +Resolves: rhbz#2103606 +- Label /etc/insights-client/machine-id +Resolves: rhbz#2103606 + +* Tue Jul 12 2022 Zdenek Pytela - 3.14.3-95.2 +- Add the init_status_config_transient_files() interface +Resolves: rhbz#2103606 +- Allow transition to insights_client named content +Resolves: rhbz#2103606 +- Allow init_t to rw insights_client unnamed pipe +Resolves: rhbz#2103606 +- Update kernel_read_unix_sysctls() for sysctl_net_unix_t handling +Resolves: rhbz#2103606 +- Add the gpg_manage_admin_home_content() interface +Resolves: rhbz#2103606 +- Update insights_client_filetrans_named_content() +Resolves: rhbz#2103606 +- Add the insights_client_filetrans_named_content() interface +Resolves: rhbz#2103606 +- Update policy for insights-client to run additional commands 3 +Resolves: rhbz#2103606 +- Allow insights-client get status of the systemd transient scripts +Resolves: rhbz#2103606 +- Allow insights-client execute its private memfd: objects +Resolves: rhbz#2103606 +- Update policy for insights-client to run additional commands 2 +Resolves: rhbz#2103606 +- Do not call systemd_userdbd_stream_connect() for insights-client +Resolves: rhbz#2103606 +- Use insights_client_tmp_t instead of insights_client_var_tmp_t +Resolves: rhbz#2103606 +- Change space indentation to tab in insights-client +Resolves: rhbz#2103606 +- Use socket permissions sets in insights-client +Resolves: rhbz#2103606 +- Update policy for insights-client to run additional commands +Resolves: rhbz#2103606 +- Change rpm_setattr_db_files() to use a pattern +Resolves: rhbz#2103606 +- Add rpm setattr db files macro +Resolves: rhbz#2103606 +- Fix insights client +Resolves: rhbz#2103606 +- Do not let system_cronjob_t create redhat-access-insights.log with var_log_t +Resolves: rhbz#2103606 +- Allow insights-client manage gpg admin home content +Resolves: rhbz#2103606 +- Label /var/cache/insights with insights_client_cache_t +Resolves: rhbz#2103606 +- Allow insights-client search gconf homedir +Resolves: rhbz#2103606 +- Allow insights-client create and use unix_dgram_socket +Resolves: rhbz#2103606 +- Allow insights-client create_socket_perms for tcp/udp sockets +Resolves: rhbz#2103606 +- Allow insights-client read rhnsd config files +Resolves: rhbz#2103606 +- Allow insights-client search rhnsd configuration directory +Resolves: rhbz#2103606 + * Thu Jun 09 2022 Zdenek Pytela - 3.14.3-95.1 - Label more vdsm utils with virtd_exec_t Resolves: rhbz#2095184