diff --git a/container-selinux.changes b/container-selinux.changes index 5c0c12a..e439193 100644 --- a/container-selinux.changes +++ b/container-selinux.changes @@ -1,3 +1,16 @@ +------------------------------------------------------------------- +Wed Mar 29 13:04:36 UTC 2023 - Johannes Segitz + +- Update to version 2.206.0: + * Allow unconfined domains to transition to container_runtime_t + * Allow container domains to transition to install_t + * Allow avirt_sandbox_domain to manage container_file_t types + * Allow containers to watch sysfs_t directories + * Allow spc_t to transption to rpm_script_t + * Add support to new user_namespace access check + * Smaller permission changes for container_init_t +- Drop spc.patch, is now included + ------------------------------------------------------------------- Mon Jan 16 12:47:34 UTC 2023 - Frederic Crozat diff --git a/container-selinux.spec b/container-selinux.spec index 93f6d9a..78c188a 100644 --- a/container-selinux.spec +++ b/container-selinux.spec @@ -26,14 +26,12 @@ # Version of SELinux we were using %define selinux_policyver %(rpm -q selinux-policy --qf '%%{version}') Name: container-selinux -Version: 2.198.0 +Version: 2.206.0 Release: 0 Summary: SELinux policies for container runtimes License: GPL-2.0-only URL: https://github.com/containers/container-selinux Source0: https://github.com/containers/container-selinux/archive/refs/tags/v%{version}.tar.gz -# https://github.com/containers/container-selinux/pull/199, can be dropped after this is included -Patch0: spc.patch BuildRequires: selinux-policy BuildRequires: selinux-policy-devel Requires: selinux-policy >= %(rpm -q selinux-policy --qf '%%{version}-%%{release}') @@ -49,7 +47,6 @@ SELinux policy modules for use with container runtimes. %prep %setup -q -%patch0 -p1 %build %make_build diff --git a/spc.patch b/spc.patch deleted file mode 100644 index 6f3d665..0000000 --- a/spc.patch +++ /dev/null @@ -1,13 +0,0 @@ -Index: container-selinux-2.188.0/container.te -=================================================================== ---- container-selinux-2.188.0.orig/container.te -+++ container-selinux-2.188.0/container.te -@@ -675,6 +675,8 @@ init_dbus_chat(spc_t) - optional_policy(` - systemd_dbus_chat_machined(spc_t) - systemd_dbus_chat_logind(spc_t) -+ systemd_dbus_chat_timedated(spc_t) -+ systemd_dbus_chat_localed(spc_t) - ') - - optional_policy(` diff --git a/v2.198.0.tar.gz b/v2.198.0.tar.gz deleted file mode 100644 index 514ba6d..0000000 --- a/v2.198.0.tar.gz +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:c17a834d33eb4826c935208a7a20e91e194a7409033b92ef1dce579de877900f -size 28323 diff --git a/v2.206.0.tar.gz b/v2.206.0.tar.gz new file mode 100644 index 0000000..276ee0b --- /dev/null +++ b/v2.206.0.tar.gz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:8a79b0150a28ff321113bde70d41bd1d31ef9fb482c2d9b46cc67b7d67cc8393 +size 28400