public inbox for git-commits@fedoraproject.org
help / color / mirror / Atom feed
From: Zdenek Pytela <zpytela@redhat.com>
To: git-commits@fedoraproject.org
Subject: [rpms/selinux-policy] f44: * Fri Jun 05 2026 Zdenek Pytela <zpytela@redhat.com> - 44.2-1
Date: Fri, 05 Jun 2026 18:22:07 GMT [thread overview]
Message-ID: <178068372770.1.2717646523899663515.rpms-selinux-policy-372b03823630@fedoraproject.org> (raw)
A new commit has been pushed.
Repo : rpms/selinux-policy
Branch : f44
Commit : 372b0382363040b98881bfd30b15956091bf27a0
Author : Zdenek Pytela <zpytela@redhat.com>
Date : 2026-06-05T18:27:54+02:00
Stats : +25/-5 in 3 file(s)
URL : https://src.fedoraproject.org/rpms/selinux-policy/c/372b0382363040b98881bfd30b15956091bf27a0?branch=f44
Log:
* Fri Jun 05 2026 Zdenek Pytela <zpytela@redhat.com> - 44.2-1
- Update dbus_role_template() with communication over unix dgram socket
- Allow staff user read nsfs files
- Allow staff user additional sandboxing permissions
- Dontaudit sa-update perfmon and sys_admin capabilities
- packit: Stop notifying martinpitt for Cockpit test failures
- Bring back execmem permission for svirt_tcg_t
- Dontaudit tlp_t requesting dac_read_search (bsc#1265386)
- Leave content of virtqemud_use_execmem empty
- Allow virtqemud_t to call and transition into udev
- Dontaudit libvirt-daemons execmem
- Allow virtstoraged to setattr fixed disk devices
- Dontaudit ksmtuned dac_read_search and dac_override capabilities
- Allow samba-bgqd send to nmbd over a unix datagram socket
- Update fstools swap interfaces with dir search
- Add missing fc rule for org.gnome.DisplayManager (bsc#1264182)
- Do not audit iptables attempts to read other process state
- Allow setroubleshoot_fixit_t to touch /.autorelabel and reboot
- Allow systemd-tmpfiles to adjust resource limits
---
diff --git a/changelog b/changelog
index e5e3a46..ec119af 100644
--- a/changelog
+++ b/changelog
@@ -1,3 +1,23 @@
+* Fri Jun 05 2026 Zdenek Pytela <zpytela@redhat.com> - 44.2-1
+- Update dbus_role_template() with communication over unix dgram socket
+- Allow staff user read nsfs files
+- Allow staff user additional sandboxing permissions
+- Dontaudit sa-update perfmon and sys_admin capabilities
+- packit: Stop notifying martinpitt for Cockpit test failures
+- Bring back execmem permission for svirt_tcg_t
+- Dontaudit tlp_t requesting dac_read_search (bsc#1265386)
+- Leave content of virtqemud_use_execmem empty
+- Allow virtqemud_t to call and transition into udev
+- Dontaudit libvirt-daemons execmem
+- Allow virtstoraged to setattr fixed disk devices
+- Dontaudit ksmtuned dac_read_search and dac_override capabilities
+- Allow samba-bgqd send to nmbd over a unix datagram socket
+- Update fstools swap interfaces with dir search
+- Add missing fc rule for org.gnome.DisplayManager (bsc#1264182)
+- Do not audit iptables attempts to read other process state
+- Allow setroubleshoot_fixit_t to touch /.autorelabel and reboot
+- Allow systemd-tmpfiles to adjust resource limits
+
* Wed May 20 2026 Rachel Menge <rlmenge@gmail.com> - 44.1-2
- Remove deprecated checkreqprot tmpfiles write in selinux-policy.conf
diff --git a/selinux-policy.spec b/selinux-policy.spec
index e0898f7..79ac79c 100644
--- a/selinux-policy.spec
+++ b/selinux-policy.spec
@@ -5,7 +5,7 @@
# github repo with selinux-policy sources
%global giturl https://github.com/fedora-selinux/selinux-policy
-%global commit 1c06c76ca3034a9f441bcda6016813c68d355a18
+%global commit 256d6bed53592ded87deb8c5564281ada28b17df
%global shortcommit %(c=%{commit}; echo ${c:0:7})
%define distro redhat
@@ -19,8 +19,8 @@
%define STABLEVER 42.10
Summary: SELinux policy configuration
Name: selinux-policy
-Version: 44.1
-Release: 2%{?dist}
+Version: 44.2
+Release: 1%{?dist}
License: GPL-2.0-or-later
Source: %{giturl}/archive/%{commit}/%{name}-%{shortcommit}.tar.gz
Source1: Makefile.devel
diff --git a/sources b/sources
index 48fba15..c103ea7 100644
--- a/sources
+++ b/sources
@@ -1,3 +1,3 @@
-SHA512 (selinux-policy-1c06c76.tar.gz) = 507bea44b2b12e90b7a192faa0b11f736a34f1b8c8a15684ac869039457dff6f0bd696f53bad305ae9daf5dedf154f8949b3739f89792f0208bf18e04495e877
+SHA512 (selinux-policy-256d6be.tar.gz) = d58a307493063adc94111be20ae95ac0608bbb2020455dbd353e67081bbcef42920b949fced22b0662e4d385073c0c99f5c1e0b63071b4039de58ca71dde8fe3
SHA512 (macro-expander) = 243ee49f1185b78ac47e56ca9a3f3592f8975fab1a2401c0fcc7f88217be614fe31805bacec602b728e7fcfc21dcc17d90e9a54ce87f3a0c97624d9ad885aea4
-SHA512 (container-selinux.tgz) = df0fbf952de8a4402494d126e68878a5213332471f1f645c118ea08252a79cd21d99fe63fd664ccfa1a2da507ef5d178a4c55fedb23a470cd9890e6783e12e16
+SHA512 (container-selinux.tgz) = ca3b9519960e925380c0dc280bad70195d99f284331e89ffa3204099896d948d4a066b303f9f438ff3b8fcabe59c8d24f7f4f4aea1b889fd71e0890e040a4db7
reply other threads:[~2026-06-05 18:22 UTC|newest]
Thread overview: [no followups] expand[flat|nested] mbox.gz Atom feed
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=178068372770.1.2717646523899663515.rpms-selinux-policy-372b03823630@fedoraproject.org \
--to=zpytela@redhat.com \
--cc=git-commits@fedoraproject.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox