diff --git a/_servicedata b/_servicedata index 5a5d587..5220563 100644 --- a/_servicedata +++ b/_servicedata @@ -1,7 +1,7 @@ https://gitlab.suse.de/selinux/selinux-policy.git - f8d70ad2b8a5d2628cd1ee881ccedbcebf189d3d + ea6fc581acb280d4edb63bade9a62f7ecc70468e https://github.com/containers/container-selinux.git 07b3034f6d9625ab84508a2f46515d8ff79b4204 https://gitlab.suse.de/jsegitz/selinux-policy.git diff --git a/macros.selinux-policy b/macros.selinux-policy index 0a55d69..8ece4d8 100644 --- a/macros.selinux-policy +++ b/macros.selinux-policy @@ -117,7 +117,7 @@ if [ -z "${_policytype}" ]; then \ _policytype="targeted" \ fi \ if %{_sbindir}/selinuxenabled && [ "${SELINUXTYPE}" = "${_policytype}" ]; then \ - if [ -f %{_file_context_file_pre} ]; then \ + if [ -f %{_file_context_file_pre} ] && [ -z "${TRANSACTIONAL_UPDATE}" ]; then \ %{_sbindir}/fixfiles -C %{_file_context_file_pre} restore &> /dev/null \ rm -f %{_file_context_file_pre} \ fi \ diff --git a/selinux-policy-20240912.tar.xz b/selinux-policy-20240912.tar.xz deleted file mode 100644 index c0bd53f..0000000 --- a/selinux-policy-20240912.tar.xz +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:2e46dccf26669df2e4cb81b47ade54d28892113ad73308f60bb4300f216cb39c -size 774376 diff --git a/selinux-policy-20240925.tar.xz b/selinux-policy-20240925.tar.xz new file mode 100644 index 0000000..c69ffab --- /dev/null +++ b/selinux-policy-20240925.tar.xz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:560cf9f65020c54bfe0d4b3dc5f31f5db535aece7b47714b000dbe3c543a4106 +size 774700 diff --git a/selinux-policy.changes b/selinux-policy.changes index 13acb0a..9cf5c71 100644 --- a/selinux-policy.changes +++ b/selinux-policy.changes @@ -1,3 +1,36 @@ +------------------------------------------------------------------- +Wed Sep 25 08:23:22 UTC 2024 - cathy.hu@suse.com + +- Update to version 20240925: + * Allow snapperd to manage unlabeled_t files (bsc#1230966) + +------------------------------------------------------------------- +Tue Sep 24 09:37:13 UTC 2024 - cathy.hu@suse.com + +- Update to version 20240924: + * Revert "Allow virtstoraged to manage images (bsc#1228742)" + * Label /etc/mdevctl.d with mdevctl_conf_t + * Sync users with Fedora targeted users + * Update policy for rpc-virtstorage + * Allow virtstoraged get attributes of configfs dirs + * Fix SELinux policy for sandbox X server to fix 'sandbox -X' command + * Update bootupd policy when ESP is not mounted + * Allow thumb_t map dri devices + * Allow samba use the io_uring API + * Allow the sysadm user use the secretmem API + * Allow nut-upsmon read systemd-logind session files + * Allow sysadm_t to create PF_KEY sockets + * Update bootupd policy for the removing-state-file test + +------------------------------------------------------------------- +Tue Sep 24 08:50:16 UTC 2024 - Cathy Hu + +- Fix macros.selinux-policy (bsc#1230897) + - %selinux_relabel_post should not relabel files in + transactional systems in %post as the policy is not loaded + into the kernel directly after install, instead the relabelling + will happen on the next boot + ------------------------------------------------------------------- Thu Sep 12 07:34:20 UTC 2024 - cathy.hu@suse.com diff --git a/selinux-policy.spec b/selinux-policy.spec index fa354a5..c513983 100644 --- a/selinux-policy.spec +++ b/selinux-policy.spec @@ -36,7 +36,7 @@ Summary: SELinux policy configuration License: GPL-2.0-or-later Group: System/Management Name: selinux-policy -Version: 20240912 +Version: 20240925 Release: 0 Source0: %{name}-%{version}.tar.xz Source1: container.fc