diff mbox series

[meta-selinux] refpolicy: update to latest git rev

Message ID 20250422062927.206179-1-yi.zhao@windriver.com
State New
Headers show
Series [meta-selinux] refpolicy: update to latest git rev | expand

Commit Message

Yi Zhao April 22, 2025, 6:29 a.m. UTC 
* 5a6c7d8bf systemd: Add log env to systemd-machine-id-setup.
* 33af8dfa4 Module for ipmitool
* a3a6b1704 oddjob: allow oddjob_mkhomedir_t privfd:fd use
* 621eb6caf systemd: allow reading /dev/cpu/0/msr
* fb0e9cdda Remove unneeded backticks from gen_tunable
* 2240e1a89 locallogin: allow sulogin_t user_tty_device_t rw

Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
---
 ...olicy-minimum-make-sysadmin-module-optional.patch | 12 ++++++------
 recipes-security/refpolicy/refpolicy_git.inc         |  2 +-
 2 files changed, 7 insertions(+), 7 deletions(-)
diff mbox series

Patch

diff --git a/recipes-security/refpolicy/refpolicy/0001-refpolicy-minimum-make-sysadmin-module-optional.patch b/recipes-security/refpolicy/refpolicy/0001-refpolicy-minimum-make-sysadmin-module-optional.patch
index b0c0556..f963901 100644
--- a/recipes-security/refpolicy/refpolicy/0001-refpolicy-minimum-make-sysadmin-module-optional.patch
+++ b/recipes-security/refpolicy/refpolicy/0001-refpolicy-minimum-make-sysadmin-module-optional.patch
@@ -1,4 +1,4 @@ 
-From 4a5d6d9b7c317a2b819ef9a0ebce2e913ad42be9 Mon Sep 17 00:00:00 2001
+From abcc9a219a57c4cdc60f72cd91372204f3fcfa38 Mon Sep 17 00:00:00 2001
 From: Joe MacDonald <joe_macdonald@mentor.com>
 Date: Fri, 5 Apr 2019 11:53:28 -0400
 Subject: [PATCH] refpolicy-minimum: make sysadmin module optional
@@ -22,10 +22,10 @@  Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
  2 files changed, 11 insertions(+), 7 deletions(-)
 
 diff --git a/policy/modules/system/init.te b/policy/modules/system/init.te
-index 7df44cead..65146974b 100644
+index bde3d5944..cff62daa0 100644
 --- a/policy/modules/system/init.te
 +++ b/policy/modules/system/init.te
-@@ -648,13 +648,15 @@ ifdef(`init_systemd',`
+@@ -653,13 +653,15 @@ ifdef(`init_systemd',`
  		unconfined_write_keys(init_t)
  	')
  ',`
@@ -48,12 +48,12 @@  index 7df44cead..65146974b 100644
  	')
  ')
 diff --git a/policy/modules/system/locallogin.te b/policy/modules/system/locallogin.te
-index f96092070..db28ce41c 100644
+index 59bcc78c8..f25168e3b 100644
 --- a/policy/modules/system/locallogin.te
 +++ b/policy/modules/system/locallogin.te
-@@ -279,7 +279,9 @@ userdom_use_unpriv_users_fds(sulogin_t)
+@@ -280,7 +280,9 @@ userdom_use_unpriv_users_fds(sulogin_t)
  userdom_search_user_home_dirs(sulogin_t)
- userdom_use_user_ptys(sulogin_t)
+ userdom_use_user_terminals(sulogin_t)
  
 -sysadm_shell_domtrans(sulogin_t)
 +optional_policy(`
diff --git a/recipes-security/refpolicy/refpolicy_git.inc b/recipes-security/refpolicy/refpolicy_git.inc
index a4ffd5c..955d160 100644
--- a/recipes-security/refpolicy/refpolicy_git.inc
+++ b/recipes-security/refpolicy/refpolicy_git.inc
@@ -2,7 +2,7 @@  PV = "2.20250213+git"
 
 SRC_URI = "git://github.com/SELinuxProject/refpolicy.git;protocol=https;branch=main;name=refpolicy;destsuffix=refpolicy"
 
-SRCREV_refpolicy = "ffc9c4e16cef451bf1d1a1de44bb738aa342c69d"
+SRCREV_refpolicy = "353352e31f0d301e6c49db79a753c7d0179b46c2"
 
 UPSTREAM_CHECK_GITTAGREGEX = "RELEASE_(?P<pver>\d+_\d+)"