rpm/selinux-policy
SHA256
1
0
Fork 0
forked from pool/selinux-policy
Code Pull Requests Activity

Accepting request 1073586 from home:jsegitz:branches:security:SELinux

Browse Source 
- Update to version 20230321:
  * make kernel_t unconfined again

OBS-URL: https://build.opensuse.org/request/show/1073586
OBS-URL: https://build.opensuse.org/package/show/security:SELinux/selinux-policy?expand=0&rev=178
This commit is contained in:
Johannes Segitz 2023-03-21 15:56:46 +00:00 committed by Git OBS Bridge
parent 0f3ba0a5f9
commit 4bd800106f
6 changed files with 20 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
_servicedata
View File

@ -1,6 +1,6 @@
<servicedata> <servicedata>
<service name="tar_scm"> <service name="tar_scm">
<param name="url">https://gitlab.suse.de/selinux/selinux-policy.git</param> <param name="url">https://gitlab.suse.de/selinux/selinux-policy.git</param>
<param name="changesrevision">3fa3ee463c968e6001607a3d25edc2f9971824d7</param></service><service name="tar_scm"> <param name="changesrevision">0140f0a3f8dbf17ddbd0adb6c8fc7eb23511ba2f</param></service><service name="tar_scm">
<param name="url">https://github.com/containers/container-selinux.git</param> <param name="url">https://github.com/containers/container-selinux.git</param>
<param name="changesrevision">07b3034f6d9625ab84508a2f46515d8ff79b4204</param></service></servicedata> <param name="changesrevision">07b3034f6d9625ab84508a2f46515d8ff79b4204</param></service></servicedata>

10
container.te
View File

@ -1,4 +1,4 @@
policy_module(container, 2.204.0) policy_module(container, 2.205.0)
gen_require(` gen_require(`
class passwd rootok; class passwd rootok;
@ -1414,3 +1414,11 @@ optional_policy(`
allow syslogd_t container_runtime_tmpfs_t:file { read write }; allow syslogd_t container_runtime_tmpfs_t:file { read write };
logging_send_syslog_msg(container_runtime_t) logging_send_syslog_msg(container_runtime_t)
') ')
manage_dirs_pattern(svirt_sandbox_domain, container_file_t, container_file_t)
manage_files_pattern(svirt_sandbox_domain, container_file_t, container_file_t)
manage_lnk_files_pattern(svirt_sandbox_domain, container_file_t, container_file_t)
manage_chr_files_pattern(svirt_sandbox_domain, container_file_t, container_file_t)
manage_blk_files_pattern(svirt_sandbox_domain, container_file_t, container_file_t)
manage_sock_files_pattern(svirt_sandbox_domain, container_file_t, container_file_t)

3
selinux-policy-20230316.tar.xz
View File

@ -1,3 +0,0 @@
version https://git-lfs.github.com/spec/v1
oid sha256:4b5384b23b8bf5fe9cbd1b3da67c54a08c99b029b65b2005f345951b8763fd8a
size 752624

3
selinux-policy-20230321.tar.xz Normal file
View File

@ -0,0 +1,3 @@
version https://git-lfs.github.com/spec/v1
oid sha256:aca29203873cc2fdec23e233e89e56471f06c7b7fa02ed29fa3978e85b994e04
size 752588

6
selinux-policy.changes
View File

@ -1,3 +1,9 @@
-------------------------------------------------------------------
Tue Mar 21 15:37:23 UTC 2023 - jsegitz@suse.com
- Update to version 20230321:
* make kernel_t unconfined again
------------------------------------------------------------------- -------------------------------------------------------------------
Thu Mar 16 15:43:19 UTC 2023 - jsegitz@suse.com Thu Mar 16 15:43:19 UTC 2023 - jsegitz@suse.com

2
selinux-policy.spec
View File

@ -33,7 +33,7 @@ Summary: SELinux policy configuration
License: GPL-2.0-or-later License: GPL-2.0-or-later
Group: System/Management Group: System/Management
Name: selinux-policy Name: selinux-policy
Version: 20230316 Version: 20230321
Release: 0 Release: 0
Source0: %{name}-%{version}.tar.xz Source0: %{name}-%{version}.tar.xz
Source1: container.fc Source1: container.fc