commit selinux-policy for openSUSE:Factory

Source-Sync Thu, 01 Aug 2024 13:04:56 -0700

Script 'mail_helper' called by obssrc
Hello community,

here is the log from the commit of package selinux-policy for openSUSE:Factory 
checked in at 2024-08-01 22:03:52
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/selinux-policy (Old)
 and      /work/SRC/openSUSE:Factory/.selinux-policy.new.7232 (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++


Package is "selinux-policy"

Thu Aug  1 22:03:52 2024 rev:67 rq:1190665 version:20240731

Changes:
--------
--- /work/SRC/openSUSE:Factory/selinux-policy/selinux-policy.changes    
2024-07-30 11:53:21.542848730 +0200
+++ /work/SRC/openSUSE:Factory/.selinux-policy.new.7232/selinux-policy.changes  
2024-08-01 22:04:12.839933601 +0200
@@ -1,0 +2,13 @@
+Wed Jul 31 12:55:19 UTC 2024 - cathy...@suse.com
+
+- Update to version 20240731:
+  * Fix labels for bind/named (bsc#1228372)
+
+-------------------------------------------------------------------
+Mon Jul 29 15:50:11 UTC 2024 - cathy...@suse.com
+
+- Update to version 20240729:
+  * Label /usr/libexec/netconfig/ppp/ip-up pppd_initrc_exec_t (bsc#1228385)
+  * Allow pppd to manage sysnet directories (bsc#1228385)
+
+-------------------------------------------------------------------

Old:
----
  selinux-policy-20240726.tar.xz

New:
----
  selinux-policy-20240731.tar.xz

++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

Other differences:
------------------
++++++ selinux-policy.spec ++++++
--- /var/tmp/diff_new_pack.lSK7E9/_old  2024-08-01 22:04:14.235991180 +0200
+++ /var/tmp/diff_new_pack.lSK7E9/_new  2024-08-01 22:04:14.239991345 +0200
@@ -33,7 +33,7 @@
 License:        GPL-2.0-or-later
 Group:          System/Management
 Name:           selinux-policy
-Version:        20240726
+Version:        20240731
 Release:        0
 Source0:        %{name}-%{version}.tar.xz
 Source1:        container.fc

++++++ _servicedata ++++++
--- /var/tmp/diff_new_pack.lSK7E9/_old  2024-08-01 22:04:14.315994479 +0200
+++ /var/tmp/diff_new_pack.lSK7E9/_new  2024-08-01 22:04:14.319994644 +0200
@@ -1,7 +1,7 @@
 <servicedata>
 <service name="tar_scm">
                 <param 
name="url">https://gitlab.suse.de/selinux/selinux-policy.git</param>
-              <param 
name="changesrevision">00a1eee94f80469b4b233f87194d42b3ea5de181</param></service><service
 name="tar_scm">
+              <param 
name="changesrevision">f32adf1c9ddc152eb7464c895f110c153bd7901a</param></service><service
 name="tar_scm">
                 <param 
name="url">https://github.com/containers/container-selinux.git</param>
               <param 
name="changesrevision">07b3034f6d9625ab84508a2f46515d8ff79b4204</param></service><service
 name="tar_scm">
                 <param 
name="url">https://gitlab.suse.de/jsegitz/selinux-policy.git</param>


++++++ selinux-policy-20240726.tar.xz -> selinux-policy-20240731.tar.xz ++++++
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' 
old/selinux-policy-20240726/policy/modules/contrib/bind.fc 
new/selinux-policy-20240731/policy/modules/contrib/bind.fc
--- old/selinux-policy-20240726/policy/modules/contrib/bind.fc  2024-07-26 
15:34:21.000000000 +0200
+++ new/selinux-policy-20240731/policy/modules/contrib/bind.fc  2024-07-31 
13:30:12.000000000 +0200
@@ -55,25 +55,25 @@
 /etc/named\.caching-nameserver\.conf -- 
gen_context(system_u:object_r:named_conf_t,s0)
 /var/lib/softhsm(/.*)?                 
gen_context(system_u:object_r:named_cache_t,s0)
 /var/lib/unbound(/.*)?                 
gen_context(system_u:object_r:named_cache_t,s0)
-/var/named(/.*)?               gen_context(system_u:object_r:named_zone_t,s0)
-/var/named/slaves(/.*)?                
gen_context(system_u:object_r:named_cache_t,s0)
-/var/named/data(/.*)?          gen_context(system_u:object_r:named_cache_t,s0)
-/var/named/named\.ca   --      gen_context(system_u:object_r:named_conf_t,s0)
-/var/named/chroot(/.*)?                
gen_context(system_u:object_r:named_conf_t,s0)
-/var/named/chroot/etc/rndc\.key -- gen_context(system_u:object_r:dnssec_t,s0)
-/var/named/chroot/etc/named\.conf -- 
gen_context(system_u:object_r:named_conf_t,s0)
-/var/named/chroot/etc/named\.rfc1912.zones -- 
gen_context(system_u:object_r:named_conf_t,s0)
-/var/named/chroot/etc/named\.root\.hints -- 
gen_context(system_u:object_r:named_conf_t,s0)
-/var/named/chroot/etc/named\.caching-nameserver\.conf -- 
gen_context(system_u:object_r:named_conf_t,s0)
-/var/named/chroot/proc(/.*)?   <<none>>
-/var/named/chroot/var/run/named.* 
gen_context(system_u:object_r:named_var_run_t,s0)
-/var/named/chroot/run/named.* gen_context(system_u:object_r:named_var_run_t,s0)
-/var/named/chroot/var/tmp(/.*)? gen_context(system_u:object_r:named_cache_t,s0)
-/var/named/chroot/var/named(/.*)? 
gen_context(system_u:object_r:named_zone_t,s0)
-/var/named/chroot/var/named/slaves(/.*)? 
gen_context(system_u:object_r:named_cache_t,s0)
-/var/named/chroot/var/named/data(/.*)? 
gen_context(system_u:object_r:named_cache_t,s0)
-/var/named/chroot/var/named/dynamic(/.*)?      
gen_context(system_u:object_r:named_cache_t,s0)
-/var/named/chroot/var/named/named\.ca -- 
gen_context(system_u:object_r:named_conf_t,s0)
-/var/named/chroot/var/log/named.*      --      
gen_context(system_u:object_r:named_log_t,s0)
-/var/named/dynamic(/.*)?               
gen_context(system_u:object_r:named_cache_t,s0)
+/var/lib/named(/.*)?           gen_context(system_u:object_r:named_zone_t,s0)
+/var/lib/named/slaves(/.*)?            
gen_context(system_u:object_r:named_cache_t,s0)
+/var/lib/named/data(/.*)?              
gen_context(system_u:object_r:named_cache_t,s0)
+/var/lib/named/named\.ca       --      
gen_context(system_u:object_r:named_conf_t,s0)
+/var/lib/named/chroot(/.*)?            
gen_context(system_u:object_r:named_conf_t,s0)
+/var/lib/named/chroot/etc/rndc\.key -- 
gen_context(system_u:object_r:dnssec_t,s0)
+/var/lib/named/chroot/etc/named\.conf -- 
gen_context(system_u:object_r:named_conf_t,s0)
+/var/lib/named/chroot/etc/named\.rfc1912.zones -- 
gen_context(system_u:object_r:named_conf_t,s0)
+/var/lib/named/chroot/etc/named\.root\.hints -- 
gen_context(system_u:object_r:named_conf_t,s0)
+/var/lib/named/chroot/etc/named\.caching-nameserver\.conf -- 
gen_context(system_u:object_r:named_conf_t,s0)
+/var/lib/named/chroot/proc(/.*)?       <<none>>
+/var/lib/named/chroot/var/run/named.* 
gen_context(system_u:object_r:named_var_run_t,s0)
+/var/lib/named/chroot/run/named.* 
gen_context(system_u:object_r:named_var_run_t,s0)
+/var/lib/named/chroot/var/tmp(/.*)? 
gen_context(system_u:object_r:named_cache_t,s0)
+/var/lib/named/chroot/var/named(/.*)? 
gen_context(system_u:object_r:named_zone_t,s0)
+/var/lib/named/chroot/var/named/slaves(/.*)? 
gen_context(system_u:object_r:named_cache_t,s0)
+/var/lib/named/chroot/var/named/data(/.*)? 
gen_context(system_u:object_r:named_cache_t,s0)
+/var/lib/named/chroot/var/named/dynamic(/.*)?  
gen_context(system_u:object_r:named_cache_t,s0)
+/var/lib/named/chroot/var/named/named\.ca -- 
gen_context(system_u:object_r:named_conf_t,s0)
+/var/lib/named/chroot/var/log/named.*  --      
gen_context(system_u:object_r:named_log_t,s0)
+/var/lib/named/dynamic(/.*)?           
gen_context(system_u:object_r:named_cache_t,s0)
 ')
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' 
old/selinux-policy-20240726/policy/modules/contrib/ppp.fc 
new/selinux-policy-20240731/policy/modules/contrib/ppp.fc
--- old/selinux-policy-20240726/policy/modules/contrib/ppp.fc   2024-07-26 
15:34:21.000000000 +0200
+++ new/selinux-policy-20240731/policy/modules/contrib/ppp.fc   2024-07-31 
13:30:12.000000000 +0200
@@ -10,6 +10,7 @@
 /etc/ppp/resolv\.conf          --      
gen_context(system_u:object_r:pppd_etc_rw_t,s0)
 # Fix /etc/ppp {up,down} family scripts (see man pppd)
 /etc/ppp/(auth|ip(v6|x)?)-(up|down) -- 
gen_context(system_u:object_r:pppd_initrc_exec_t,s0)
+/usr/libexec/ppp/(auth|ip(v6|x)?)-(up|down) -- 
gen_context(system_u:object_r:pppd_initrc_exec_t,s0)
 
 /usr/lib/systemd/system/ppp.*  --      
gen_context(system_u:object_r:iptables_unit_file_t,s0)
 
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' 
old/selinux-policy-20240726/policy/modules/contrib/ppp.te 
new/selinux-policy-20240731/policy/modules/contrib/ppp.te
--- old/selinux-policy-20240726/policy/modules/contrib/ppp.te   2024-07-26 
15:34:21.000000000 +0200
+++ new/selinux-policy-20240731/policy/modules/contrib/ppp.te   2024-07-31 
13:30:12.000000000 +0200
@@ -192,6 +192,7 @@
 
 sysnet_exec_ifconfig(pppd_t)
 sysnet_manage_config(pppd_t)
+sysnet_manage_config_dirs(pppd_t)
 sysnet_etc_filetrans_config(pppd_t)
 sysnet_filetrans_config_fromdir(pppd_t, pppd_var_run_t, file, "resolv.conf")

commit selinux-policy for openSUSE:Factory

Reply via email to