From 11a4df6bd15352e6572fdab3207f88fa2547f1f5f2778de4b58185f93b11afdf Mon Sep 17 00:00:00 2001 From: Johannes Segitz Date: Fri, 20 May 2022 14:53:12 +0000 Subject: [PATCH] Accepting request 978296 from home:jsegitz:branches:security:SELinux - Update to version 20220520 to pass stricter 3.4 toolchain checks OBS-URL: https://build.opensuse.org/request/show/978296 OBS-URL: https://build.opensuse.org/package/show/security:SELinux/selinux-policy?expand=0&rev=130 --- fedora-policy-20220428.tar.bz2 | 3 --- fedora-policy-20220520.tar.bz2 | 3 +++ selinux-policy.changes | 5 +++++ selinux-policy.spec | 3 ++- users-minimum | 1 + users-mls | 2 ++ users-targeted | 3 +++ 7 files changed, 16 insertions(+), 4 deletions(-) delete mode 100644 fedora-policy-20220428.tar.bz2 create mode 100644 fedora-policy-20220520.tar.bz2 diff --git a/fedora-policy-20220428.tar.bz2 b/fedora-policy-20220428.tar.bz2 deleted file mode 100644 index c61da5e..0000000 --- a/fedora-policy-20220428.tar.bz2 +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:6ea4a57107b3ca17ce7d74507ec1301abfc515874b6e271903b8ed726a716645 -size 37018074 diff --git a/fedora-policy-20220520.tar.bz2 b/fedora-policy-20220520.tar.bz2 new file mode 100644 index 0000000..8523e23 --- /dev/null +++ b/fedora-policy-20220520.tar.bz2 @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:90d1df3189f84ff576e2bd3cf5bc504bac06037d3475ea1904d2b9eda9d164e7 +size 730405 diff --git a/selinux-policy.changes b/selinux-policy.changes index 14e15c1..dea6cfe 100644 --- a/selinux-policy.changes +++ b/selinux-policy.changes @@ -1,3 +1,8 @@ +------------------------------------------------------------------- +Fri May 20 13:46:47 UTC 2022 - Johannes Segitz + +- Update to version 20220520 to pass stricter 3.4 toolchain checks + ------------------------------------------------------------------- Fri May 20 09:14:58 UTC 2022 - Johannes Segitz diff --git a/selinux-policy.spec b/selinux-policy.spec index 8a67a55..dc83c18 100644 --- a/selinux-policy.spec +++ b/selinux-policy.spec @@ -33,7 +33,7 @@ Summary: SELinux policy configuration License: GPL-2.0-or-later Group: System/Management Name: selinux-policy -Version: 20220428 +Version: 20220520 Release: 0 Source: fedora-policy-%{version}.tar.bz2 Source1: selinux-policy-rpmlintrc @@ -276,6 +276,7 @@ rm -f %{buildroot}%{_sharedstatedir}/selinux/%1/active/*.linked \ %{_sharedstatedir}/selinux/%1/active/seusers \ %{_sharedstatedir}/selinux/%1/active/file_contexts \ %{_sharedstatedir}/selinux/%1/active/policy.kern \ +%{_sharedstatedir}/selinux/%1/active/modules_checksum \ %ghost %{_sharedstatedir}/selinux/%1/active/policy.linked \ %ghost %{_sharedstatedir}/selinux/%1/active/seusers.linked \ %ghost %{_sharedstatedir}/selinux/%1/active/users_extra.linked \ diff --git a/users-minimum b/users-minimum index e49103c..8ccacae 100644 --- a/users-minimum +++ b/users-minimum @@ -36,3 +36,4 @@ gen_user(sysadm_u, user, sysadm_r, s0, s0 - mls_systemhigh, mcs_allcats) # not in the sysadm_r. # gen_user(root, user, unconfined_r sysadm_r staff_r system_r, s0, s0 - mls_systemhigh, mcs_allcats) +gen_user(unconfined_u, user, unconfined_r system_r, s0, s0 - mls_systemhigh, mcs_allcats) diff --git a/users-mls b/users-mls index 4de9d57..167ba7c 100644 --- a/users-mls +++ b/users-mls @@ -36,3 +36,5 @@ gen_user(sysadm_u, user, sysadm_r, s0, s0 - mls_systemhigh, mcs_allcats) # not in the sysadm_r. # gen_user(root, user, sysadm_r staff_r secadm_r auditadm_r system_r, s0, s0 - mls_systemhigh, mcs_allcats) +gen_user(guest_u, user, guest_r, s0, s0) +gen_user(xguest_u, user, xguest_r, s0, s0) diff --git a/users-targeted b/users-targeted index e49103c..e943336 100644 --- a/users-targeted +++ b/users-targeted @@ -36,3 +36,6 @@ gen_user(sysadm_u, user, sysadm_r, s0, s0 - mls_systemhigh, mcs_allcats) # not in the sysadm_r. # gen_user(root, user, unconfined_r sysadm_r staff_r system_r, s0, s0 - mls_systemhigh, mcs_allcats) +gen_user(unconfined_u, user, unconfined_r system_r, s0, s0 - mls_systemhigh, mcs_allcats) +gen_user(guest_u, user, guest_r, s0, s0) +gen_user(xguest_u, user, xguest_r, s0, s0)