Script 'mail_helper' called by obssrc
Hello community,
here is the log from the commit of package selinux-policy for openSUSE:Factory
checked in at 2024-12-17 19:22:35
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/selinux-policy (Old)
and /work/SRC/openSUSE:Factory/.selinux-policy.new.29675 (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "selinux-policy"
Tue Dec 17 19:22:35 2024 rev:91 rq:1231553 version:20241216
Changes:
--------
--- /work/SRC/openSUSE:Factory/selinux-policy/selinux-policy.changes
2024-12-15 12:34:32.871611677 +0100
+++ /work/SRC/openSUSE:Factory/.selinux-policy.new.29675/selinux-policy.changes
2024-12-17 19:23:22.401451164 +0100
@@ -1,0 +2,6 @@
+Mon Dec 16 16:19:03 UTC 2024 - cathy...@suse.com
+
+- Update to version 20241216:
+ * Allow vhostmd_t list virtqemud pid dirs (bsc#1230961)
+
+-------------------------------------------------------------------
Old:
----
selinux-policy-20241213.tar.xz
New:
----
selinux-policy-20241216.tar.xz
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ selinux-policy.spec ++++++
--- /var/tmp/diff_new_pack.d6Gd74/_old 2024-12-17 19:23:23.197484293 +0100
+++ /var/tmp/diff_new_pack.d6Gd74/_new 2024-12-17 19:23:23.197484293 +0100
@@ -36,7 +36,7 @@
License: GPL-2.0-or-later
Group: System/Management
Name: selinux-policy
-Version: 20241213
+Version: 20241216
Release: 0
Source0: %{name}-%{version}.tar.xz
Source1: container.fc
++++++ _servicedata ++++++
--- /var/tmp/diff_new_pack.d6Gd74/_old 2024-12-17 19:23:23.285487956 +0100
+++ /var/tmp/diff_new_pack.d6Gd74/_new 2024-12-17 19:23:23.289488122 +0100
@@ -1,7 +1,7 @@
<servicedata>
<service name="tar_scm">
<param
name="url">https://gitlab.suse.de/selinux/selinux-policy.git</param>
- <param
name="changesrevision">c1b4db3aff6852942544e0dd2e91989fdd76b8f3</param></service><service
name="tar_scm">
+ <param
name="changesrevision">bfd9b33da2f744e90adf070d92a2459bc7df97ab</param></service><service
name="tar_scm">
<param
name="url">https://github.com/containers/container-selinux.git</param>
<param
name="changesrevision">07b3034f6d9625ab84508a2f46515d8ff79b4204</param></service><service
name="tar_scm">
<param
name="url">https://gitlab.suse.de/jsegitz/selinux-policy.git</param>
++++++ selinux-policy-20241213.tar.xz -> selinux-policy-20241216.tar.xz ++++++
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore'
old/selinux-policy-20241213/policy/modules/contrib/vhostmd.te
new/selinux-policy-20241216/policy/modules/contrib/vhostmd.te
--- old/selinux-policy-20241213/policy/modules/contrib/vhostmd.te
2024-12-13 11:09:48.000000000 +0100
+++ new/selinux-policy-20241216/policy/modules/contrib/vhostmd.te
2024-12-16 16:55:19.000000000 +0100
@@ -79,6 +79,7 @@
optional_policy(`
virt_read_qemu_pid_files(vhostmd_t)
virt_read_config(vhostmd_t)
+ virt_read_virtqemud_pid_files(vhostmd_t)
virt_stream_connect(vhostmd_t)
virt_stream_connect_svirt(vhostmd_t)
virt_write_content(vhostmd_t)
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore'
old/selinux-policy-20241213/policy/modules/contrib/virt.if
new/selinux-policy-20241216/policy/modules/contrib/virt.if
--- old/selinux-policy-20241213/policy/modules/contrib/virt.if 2024-12-13
11:09:48.000000000 +0100
+++ new/selinux-policy-20241216/policy/modules/contrib/virt.if 2024-12-16
16:55:19.000000000 +0100
@@ -2180,3 +2180,23 @@
files_search_pids($1)
manage_sock_files_pattern($1, qemu_var_run_t, qemu_var_run_t)
')
+
+########################################
+## <summary>
+## Read virtqemud PID files.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+#
+interface(`virt_read_virtqemud_pid_files',`
+ gen_require(`
+ type virtqemud_var_run_t;
+ ')
+
+ files_search_pids($1)
+ list_dirs_pattern($1, virtqemud_var_run_t, virtqemud_var_run_t)
+ read_files_pattern($1, virtqemud_var_run_t, virtqemud_var_run_t)
+')
