From f6d9c79526d7fb2b429a1ea31ba6f97fbef73ffa6b928867477445e5cc86ea5a Mon Sep 17 00:00:00 2001 From: Hu Date: Tue, 24 Sep 2024 09:39:30 +0000 Subject: [PATCH] - Update to version 20240924: * Revert "Allow virtstoraged to manage images (bsc#1228742)" * Label /etc/mdevctl.d with mdevctl_conf_t * Sync users with Fedora targeted users * Update policy for rpc-virtstorage * Allow virtstoraged get attributes of configfs dirs * Fix SELinux policy for sandbox X server to fix 'sandbox -X' command * Update bootupd policy when ESP is not mounted * Allow thumb_t map dri devices * Allow samba use the io_uring API * Allow the sysadm user use the secretmem API * Allow nut-upsmon read systemd-logind session files * Allow sysadm_t to create PF_KEY sockets * Update bootupd policy for the removing-state-file test OBS-URL: https://build.opensuse.org/package/show/security:SELinux/selinux-policy?expand=0&rev=277 --- _servicedata | 2 +- selinux-policy-20240912.tar.xz | 3 --- selinux-policy-20240924.tar.xz | 3 +++ selinux-policy.changes | 18 ++++++++++++++++++ selinux-policy.spec | 2 +- 5 files changed, 23 insertions(+), 5 deletions(-) delete mode 100644 selinux-policy-20240912.tar.xz create mode 100644 selinux-policy-20240924.tar.xz diff --git a/_servicedata b/_servicedata index 5a5d587..0ba549d 100644 --- a/_servicedata +++ b/_servicedata @@ -1,7 +1,7 @@ https://gitlab.suse.de/selinux/selinux-policy.git - f8d70ad2b8a5d2628cd1ee881ccedbcebf189d3d + f4b3bc7b488a3da53b15078efa7abacbb2d4ab7d https://github.com/containers/container-selinux.git 07b3034f6d9625ab84508a2f46515d8ff79b4204 https://gitlab.suse.de/jsegitz/selinux-policy.git diff --git a/selinux-policy-20240912.tar.xz b/selinux-policy-20240912.tar.xz deleted file mode 100644 index c0bd53f..0000000 --- a/selinux-policy-20240912.tar.xz +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:2e46dccf26669df2e4cb81b47ade54d28892113ad73308f60bb4300f216cb39c -size 774376 diff --git a/selinux-policy-20240924.tar.xz b/selinux-policy-20240924.tar.xz new file mode 100644 index 0000000..896afc8 --- /dev/null +++ b/selinux-policy-20240924.tar.xz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:7acfdf7d195e11e7971ce1aff857f61db11e01dd43511922ea543db2f3638074 +size 774684 diff --git a/selinux-policy.changes b/selinux-policy.changes index 82e7c92..011868c 100644 --- a/selinux-policy.changes +++ b/selinux-policy.changes @@ -1,3 +1,21 @@ +------------------------------------------------------------------- +Tue Sep 24 09:37:13 UTC 2024 - cathy.hu@suse.com + +- Update to version 20240924: + * Revert "Allow virtstoraged to manage images (bsc#1228742)" + * Label /etc/mdevctl.d with mdevctl_conf_t + * Sync users with Fedora targeted users + * Update policy for rpc-virtstorage + * Allow virtstoraged get attributes of configfs dirs + * Fix SELinux policy for sandbox X server to fix 'sandbox -X' command + * Update bootupd policy when ESP is not mounted + * Allow thumb_t map dri devices + * Allow samba use the io_uring API + * Allow the sysadm user use the secretmem API + * Allow nut-upsmon read systemd-logind session files + * Allow sysadm_t to create PF_KEY sockets + * Update bootupd policy for the removing-state-file test + ------------------------------------------------------------------- Tue Sep 24 08:50:16 UTC 2024 - Cathy Hu diff --git a/selinux-policy.spec b/selinux-policy.spec index fa354a5..ac9161f 100644 --- a/selinux-policy.spec +++ b/selinux-policy.spec @@ -36,7 +36,7 @@ Summary: SELinux policy configuration License: GPL-2.0-or-later Group: System/Management Name: selinux-policy -Version: 20240912 +Version: 20240924 Release: 0 Source0: %{name}-%{version}.tar.xz Source1: container.fc