Script 'mail_helper' called by obssrc
Hello community,
here is the log from the commit of package selinux-policy for openSUSE:Factory
checked in at 2024-06-14 18:57:11
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/selinux-policy (Old)
and /work/SRC/openSUSE:Factory/.selinux-policy.new.19518 (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "selinux-policy"
Fri Jun 14 18:57:11 2024 rev:61 rq:1180332 version:20240613
Changes:
--------
--- /work/SRC/openSUSE:Factory/selinux-policy/selinux-policy.changes
2024-06-06 12:30:58.876891299 +0200
+++ /work/SRC/openSUSE:Factory/.selinux-policy.new.19518/selinux-policy.changes
2024-06-14 18:57:11.968953030 +0200
@@ -1,0 +2,88 @@
+Thu Jun 13 08:12:47 UTC 2024 - cathy...@suse.com
+
+- Update to version 20240613:
+ * Allow systemd_fstab_generator_t read tmpfs files (bsc#1223599)
+
+-------------------------------------------------------------------
+Wed Jun 12 08:43:02 UTC 2024 - cathy...@suse.com
+
+- Update to version 20240612:
+ * Allow all domains read and write z90crypt device
+ * Allow tpm2 generator setfscreate
+ * Allow systemd (PID 1) manage systemd conf files
+ * Allow pulseaudio map its runtime files
+ * Update policy for getty-generator
+ * Allow systemd-hwdb send messages to kernel unix datagram sockets
+ * Allow systemd-machined manage runtime sockets
+ * Allow fstab-generator create unit file symlinks
+ * Update policy for cryptsetup-generator
+ * Update policy for fstab-generator
+ * Allow virtqemud read vm sysctls
+ * Allow collectd to trace processes in user namespace
+ * Allow bootupd search efivarfs dirs
+ * Add policy for systemd-mountfsd
+ * Add policy for systemd-nsresourced
+ * Update policy generators
+ * Add policy for anaconda-generator
+ * Update policy for fstab and gpt generators
+ * Add policy for kdump-dep-generator
+ * Add policy for a generic generator
+ * Add policy for tpm2 generator
+ * Add policy for ssh-generator
+ * Add policy for second batch of generators
+ * Update policy for systemd generators
+ * ci: Adjust Cockpit test plans
+ * Allow journald read systemd config files and directories
+ * Allow systemd_domain read systemd_conf_t dirs
+ * Fix bad Python regexp escapes
+ * Allow fido services connect to postgres database
+ * Revert "Update the README.md file with the c10s branch information"
+ * Update the README.md file with the c10s branch information
+ * Allow postfix smtpd map aliases file
+ * Ensure dbus communication is allowed bidirectionally
+ * Label systemd configuration files with systemd_conf_t
+ * Label /run/systemd/machine with systemd_machined_var_run_t
+ * Allow systemd-hostnamed read the vsock device
+ * Allow sysadm execute dmidecode using sudo
+ * Allow sudodomain list files in /var
+ * Allow setroubleshootd get attributes of all sysctls
+ * Allow various services read and write z90crypt device
+ * Allow nfsidmap connect to systemd-homed
+ * Allow sandbox_x_client_t dbus chat with accountsd
+ * Allow system_cronjob_t dbus chat with avahi_t
+ * Allow staff_t the io_uring sqpoll permission
+ * Allow staff_t use the io_uring API
+ * Add support for secretmem anon inode
+ * Allow virtqemud read vfio devices
+ * Allow virtqemud get attributes of a tmpfs filesystem
+ * Allow svirt_t read vm sysctls
+ * Allow virtqemud create and unlink files in /etc/libvirt/
+ * Allow virtqemud get attributes of cifs files
+ * Allow virtqemud get attributes of filesystems with extended attributes
+ * Allow virtqemud get attributes of NFS filesystems
+ * Allow virt_domain read and write usb devices conditionally
+ * Allow virtstoraged use the io_uring API
+ * Allow virtstoraged execute lvm programs in the lvm domain
+ * Allow virtnodevd_t map /var/lib files
+ * Allow svirt_tcg_t map svirt_image_t files
+ * Allow abrt-dump-journal-core connect to systemd-homed
+ * Allow abrt-dump-journal-core connect to systemd-machined
+ * Allow sssd create and use io_uring
+ * Allow selinux-relabel-generator create units dir
+ * Allow dbus-broker read/write inherited user ttys
+ * Define transitions for /run/libvirt/common and /run/libvirt/qemu
+ * Allow systemd-sleep read raw disk data
+ * Allow numad to trace processes in user namespace
+ * Allow abrt-dump-journal-core connect to systemd-userdbd
+ * Allow plymouthd read efivarfs files
+ * Update the auth_dontaudit_read_passwd_file() interface
+ * Label /dev/mmcblk0rpmb character device with removable_device_t
+ * fix hibernate on btrfs swapfile (F40)
+ * Allow nut to statfs()
+ * Allow system dbusd service status systemd services
+ * Allow systemd-timedated get the timemaster service status
+ * Allow keyutils-dns-resolver connect to the system log service
+ * Allow qemu-ga read vm sysctls
+ * postfix: allow qmgr to delete mails in bounce/ directory
+
+-------------------------------------------------------------------
Old:
----
selinux-policy-20240411.tar.xz
New:
----
selinux-policy-20240613.tar.xz
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ selinux-policy.spec ++++++
--- /var/tmp/diff_new_pack.UkNYf2/_old 2024-06-14 18:57:13.120994645 +0200
+++ /var/tmp/diff_new_pack.UkNYf2/_new 2024-06-14 18:57:13.120994645 +0200
@@ -33,7 +33,7 @@
License: GPL-2.0-or-later
Group: System/Management
Name: selinux-policy
-Version: 20240411
+Version: 20240613
Release: 0
Source0: %{name}-%{version}.tar.xz
Source1: container.fc
++++++ _servicedata ++++++
--- /var/tmp/diff_new_pack.UkNYf2/_old 2024-06-14 18:57:13.228998546 +0200
+++ /var/tmp/diff_new_pack.UkNYf2/_new 2024-06-14 18:57:13.232998691 +0200
@@ -1,7 +1,7 @@
<servicedata>
<service name="tar_scm">
<param
name="url">https://gitlab.suse.de/selinux/selinux-policy.git</param>
- <param
name="changesrevision">7eb64de2191880e9d2207fa60c9605268d6fc8ce</param></service><service
name="tar_scm">
+ <param
name="changesrevision">2cc0ac20c300647eefb1dc0a3c0856277c16af0d</param></service><service
name="tar_scm">
<param
name="url">https://github.com/containers/container-selinux.git</param>
<param
name="changesrevision">07b3034f6d9625ab84508a2f46515d8ff79b4204</param></service><service
name="tar_scm">
<param
name="url">https://gitlab.suse.de/jsegitz/selinux-policy.git</param>
++++++ selinux-policy-20240411.tar.xz -> selinux-policy-20240613.tar.xz ++++++
++++ 1829 lines of diff (skipped)
