pool/selinux-policy
SHA256
2
0
Fork 1
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
232 Commits 1 Branch 0 Tags 6.1 MiB
Shell 100%
253642ffe5
Go to file
Ana Guerrero 253642ffe5 Accepting request 1186820 from security:SELinux 
- Enable sap module
- Add equivalency in file_contexts.subs_dist
  * /bin /usr/bin
  * /sbin /usr/bin
  * /usr/sbin /usr/bin
- Update to version 20240710:
  * Change fc in rebootmgr module for /sbin -> /usr/bin
  * Change fc in rpm module for /sbin -> /usr/bin
  * Change fc in rsync module for /sbin -> /usr/bin
  * Change fc in wicked module for /sbin -> /usr/bin
  * Confine libvirt-dbus
  * Allow virtqemud the kill capability in user namespace
  * Allow rshim get options of the netlink class for KOBJECT_UEVENT family
  * Allow dhcpcd the kill capability
  * Allow systemd-networkd list /var/lib/systemd/network
  * Allow sysadm_t run systemd-nsresourced bpf programs
  * Update policy for systemd generators interactions
  * Allow create memory.pressure files with cgroup_memory_pressure_t
  * Add support for libvirt hooks
  * Allow certmonger read and write tpm devices
  * Allow all domains to connect to systemd-nsresourced over a unix socket
  * Allow systemd-machined read the vsock device
  * Update policy for systemd generators
  * Allow ptp4l_t request that the kernel load a kernel module
  * Allow sbd to trace processes in user namespace
  * Allow request-key execute scripts
  * Update policy for haproxyd
  * Update policy for systemd-nsresourced
  * Correct sbin-related file context entries
  * Allow login_userdomain execute systemd-tmpfiles in the caller domain
  * Allow virt_driver_domain read files labeled unconfined_t
  * Allow virt_driver_domain dbus chat with policykit
  * Allow virtqemud manage nfs files when virt_use_nfs boolean is on
  * Add rules for interactions between generators
  * Label memory.pressure files with cgroup_memory_pressure_t
  * Revert "Allow some systemd services write to cgroup files"
  * Update policy for systemd-nsresourced
  * Label /usr/bin/ntfsck with fsadm_exec_t
  * Allow systemd_fstab_generator_t read tmpfs files
  * Update policy for systemd-nsresourced
  * Alias /usr/sbin to /usr/bin and change all /usr/sbin paths to /usr/bin
  * Remove a few lines duplicated between {dkim,milter}.fc
  * Alias /bin → /usr/bin and remove redundant paths
  * Drop duplicate line for /usr/sbin/unix_chkpwd
  * Drop duplicate paths for /usr/sbin
  * Update systemd-generator policy
  * Remove permissive domain for bootupd_t
  * Remove permissive domain for coreos_installer_t
  * Remove permissive domain for afterburn_t
  * Add the sap module to modules.conf
  * Move unconfined_domain(sap_unconfined_t) to an optional block
  * Create the sap module
  * Allow systemd-coredumpd sys_admin and sys_resource capabilities
  * Allow systemd-coredump read nsfs files
  * Allow generators auto file transition only for plain files
  * Allow systemd-hwdb write to the kernel messages device
  * Escape "interface" as a file name in a virt filetrans pattern
  * Allow gnome-software work for login_userdomain
  * Allow systemd-machined manage runtime sockets
  * Revert "Allow systemd-machined manage runtime sockets"
  * Allow postfix_domain connect to postgresql over a unix socket
  * Dontaudit systemd-coredump sys_admin capability
- Update container-selinux

OBS-URL: https://build.opensuse.org/request/show/1186820
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/selinux-policy?expand=0&rev=64
2024-07-14 06:48:58 +00:00
_service Accepting request 1186574 from home:cahu:security:SELinux:policyupdate072024 2024-07-10 11:10:28 +00:00
_servicedata Accepting request 1186574 from home:cahu:security:SELinux:policyupdate072024 2024-07-10 11:10:28 +00:00
.gitattributes Accepting request 1186574 from home:cahu:security:SELinux:policyupdate072024 2024-07-10 11:10:28 +00:00
.gitignore Accepting request 1186574 from home:cahu:security:SELinux:policyupdate072024 2024-07-10 11:10:28 +00:00
booleans-minimum.conf Accepting request 1186574 from home:cahu:security:SELinux:policyupdate072024 2024-07-10 11:10:28 +00:00
booleans-mls.conf Accepting request 1186574 from home:cahu:security:SELinux:policyupdate072024 2024-07-10 11:10:28 +00:00
booleans-targeted.conf Accepting request 1186574 from home:cahu:security:SELinux:policyupdate072024 2024-07-10 11:10:28 +00:00
booleans.subs_dist Accepting request 1186574 from home:cahu:security:SELinux:policyupdate072024 2024-07-10 11:10:28 +00:00
container.fc Accepting request 1186574 from home:cahu:security:SELinux:policyupdate072024 2024-07-10 11:10:28 +00:00
container.if Accepting request 1186574 from home:cahu:security:SELinux:policyupdate072024 2024-07-10 11:10:28 +00:00
container.te Accepting request 1186574 from home:cahu:security:SELinux:policyupdate072024 2024-07-10 11:10:28 +00:00
customizable_types Accepting request 1186574 from home:cahu:security:SELinux:policyupdate072024 2024-07-10 11:10:28 +00:00
debug-build.sh Accepting request 1186574 from home:cahu:security:SELinux:policyupdate072024 2024-07-10 11:10:28 +00:00
file_contexts.subs_dist Accepting request 1186574 from home:cahu:security:SELinux:policyupdate072024 2024-07-10 11:10:28 +00:00
macros.selinux-policy Accepting request 1186574 from home:cahu:security:SELinux:policyupdate072024 2024-07-10 11:10:28 +00:00
Makefile.devel Accepting request 1186574 from home:cahu:security:SELinux:policyupdate072024 2024-07-10 11:10:28 +00:00
modules-minimum-base.conf Accepting request 1186574 from home:cahu:security:SELinux:policyupdate072024 2024-07-10 11:10:28 +00:00
modules-minimum-contrib.conf Accepting request 1186574 from home:cahu:security:SELinux:policyupdate072024 2024-07-10 11:10:28 +00:00
modules-minimum-disable.lst Accepting request 1186574 from home:cahu:security:SELinux:policyupdate072024 2024-07-10 11:10:28 +00:00
modules-mls-base.conf Accepting request 1186574 from home:cahu:security:SELinux:policyupdate072024 2024-07-10 11:10:28 +00:00
modules-mls-contrib.conf Accepting request 1186574 from home:cahu:security:SELinux:policyupdate072024 2024-07-10 11:10:28 +00:00
modules-targeted-base.conf Accepting request 1186574 from home:cahu:security:SELinux:policyupdate072024 2024-07-10 11:10:28 +00:00
modules-targeted-contrib.conf Accepting request 1186574 from home:cahu:security:SELinux:policyupdate072024 2024-07-10 11:10:28 +00:00
README.Update Accepting request 1186574 from home:cahu:security:SELinux:policyupdate072024 2024-07-10 11:10:28 +00:00
securetty_types-minimum Accepting request 1186574 from home:cahu:security:SELinux:policyupdate072024 2024-07-10 11:10:28 +00:00
securetty_types-mls Accepting request 1186574 from home:cahu:security:SELinux:policyupdate072024 2024-07-10 11:10:28 +00:00
securetty_types-targeted Accepting request 1186574 from home:cahu:security:SELinux:policyupdate072024 2024-07-10 11:10:28 +00:00
selinux-policy-20240710.tar.xz Accepting request 1186574 from home:cahu:security:SELinux:policyupdate072024 2024-07-10 11:10:28 +00:00
selinux-policy-rpmlintrc Accepting request 1186574 from home:cahu:security:SELinux:policyupdate072024 2024-07-10 11:10:28 +00:00
selinux-policy.changes Accepting request 1186574 from home:cahu:security:SELinux:policyupdate072024 2024-07-10 11:10:28 +00:00
selinux-policy.conf Accepting request 1186574 from home:cahu:security:SELinux:policyupdate072024 2024-07-10 11:10:28 +00:00
selinux-policy.spec Accepting request 1186574 from home:cahu:security:SELinux:policyupdate072024 2024-07-10 11:10:28 +00:00
setrans-minimum.conf Accepting request 1186574 from home:cahu:security:SELinux:policyupdate072024 2024-07-10 11:10:28 +00:00
setrans-mls.conf Accepting request 1186574 from home:cahu:security:SELinux:policyupdate072024 2024-07-10 11:10:28 +00:00
setrans-targeted.conf Accepting request 1186574 from home:cahu:security:SELinux:policyupdate072024 2024-07-10 11:10:28 +00:00
update.sh Accepting request 1186574 from home:cahu:security:SELinux:policyupdate072024 2024-07-10 11:10:28 +00:00
users-minimum Accepting request 1186574 from home:cahu:security:SELinux:policyupdate072024 2024-07-10 11:10:28 +00:00
users-mls Accepting request 1186574 from home:cahu:security:SELinux:policyupdate072024 2024-07-10 11:10:28 +00:00
users-targeted Accepting request 1186574 from home:cahu:security:SELinux:policyupdate072024 2024-07-10 11:10:28 +00:00
varrun-convert.sh Accepting request 1186574 from home:cahu:security:SELinux:policyupdate072024 2024-07-10 11:10:28 +00:00

README.Update 

# How to update this project

This project is updated using obs services.
The obs services pull from git repositories, which are specified in the `_service` file.
Please contribute all changes to the upstream git repositories listed there.

To update this project to the upstream versions, please make sure you installed these obs services locally:
```
sudo zypper in obs-service-tar_scm obs-service-recompress obs-service-set_version obs-service-download_files
```

Then, generate new tarballs, changelog and version number for this repository by running this command:
```
sh update.sh
```

Afterwards, please check your local project state and remove old tarballs if necessary.
Then proceed as usual with check-in and build.