Automatic update for selinux-policy-34.13-1.eln112.

Changelog
* Thu Jul  1 2021 Zdenek Pytela <zpytela@redhat.com> - 34.13-1
- Allow radius map its library files
- Allow nftables read NetworkManager unnamed pipes
- Allow logrotate rotate container log files
* Tue Jun 22 2021 Zdenek Pytela <zpytela@redhat.com> - 34.12-2
- Add a systemd service to check that SELinux is disabled properly
- specfile: Add unowned dir to the macro
- Relabel /dev/dma_heap explicitly
* Mon Jun 21 2021 Zdenek Pytela <zpytela@redhat.com> - 34.12-1
- Label /dev/dma_heap/* char devices with dma_device_t
- Revert "Label /dev/dma_heap/* char devices with dma_device_t"
- Revert "Label /dev/dma_heap with dma_device_dir_t"
- Revert "Associate dma_device_dir_t with device filesystem"
- Add the lockdown integrity permission to dev_map_userio_dev()
- Allow systemd-modules-load read/write tracefs files
- Allow sssd watch /run/systemd
- Label /usr/bin/arping plain file with netutils_exec_t
- Label /run/fsck with fsadm_var_run_t
- Label /usr/bin/Xwayland with xserver_exec_t
- Allow systemd-timesyncd watch dbus runtime dir
- Allow asterisk watch localization files
- Allow iscsid read all process stat
- iptables.fc: Add missing legacy-restore and legacy-save entries
- Label /run/libvirt/common with virt_common_var_run_t
- Label /.k5identity file allow read of this file to rpc.gssd
- Make usbmuxd_t a daemon
* Wed Jun  9 2021 Zdenek Pytela <zpytela@redhat.com> - 34.11-1
- Allow sanlock get attributes of cgroup filesystems
- Associate dma_device_dir_t with device filesystem
- Set default file context for /var/run/systemd instead of /run/systemd
- Allow nmap create and use rdma socket
- Allow pkcs-slotd create and use netlink_kobject_uevent_socket
* Sun Jun  6 2021 Zdenek Pytela <zpytela@redhat.com> - 34.10-1
- Allow using opencryptoki for ipsec
- Allow using opencryptoki for certmonger
- Label var.lib.opencryptoki.* files and create pkcs_tmpfs_filetrans()
- Label /dev/dma_heap with dma_device_dir_t
- Allow syslogd watch non security dirs conditionally
- Introduce logging_syslogd_list_non_security_dirs tunable
- Remove openhpi module
- Allow udev to watch fixed disk devices
- Allow httpd_sys_script_t read, write, and map hugetlbfs files
- Allow apcupsd get attributes of cgroup filesystems

This update was automatically created

a year ago

This update's test gating status has been changed to 'waiting'.

a year ago

This update's test gating status has been changed to 'ignored'.

a year ago

This update has been submitted for stable by bodhi

a year ago

Please login to add feedback.

Metadata
Type
unspecified
Karma
0
Signed
Content Type
RPM
Test Gating
Settings
Unstable by Karma
-3
Stable by Karma
disabled
Stable by Time
0 days
Dates
submitted
a year ago
in testing
a year ago
in stable
a year ago

Automated Test Results