refpolicy: update to latest git revHEAD walnascar master

* 5a6c7d8bf systemd: Add log env to systemd-machine-id-setup. * 33af8dfa4 Module for ipmitool * a3a6b1704 oddjob: allow oddjob_mkhomedir_t privfd:fd use * 621eb6caf systemd: allow reading /dev/cpu/0/msr * fb0e9cdda Remove unneeded backticks from gen_tunable * 2240e1a89 locallogin: allow sulogin_t user_tty_device_t rw Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
author: Yi Zhao <yi.zhao@windriver.com> 2025-04-05 21:09:13 +0800
committer: Yi Zhao <yi.zhao@windriver.com> 2025-04-22 14:54:24 +0800
commit: 32adf788c70a3e75e947ea7394b9a746686bb01e (patch)
tree: f44c22d7f506248f96ae52bc5f9aa9025a5660df /recipes-security/refpolicy
parent: b60fb46e68d821d4e94766cdf8e34fdb18a22150 (diff)
download: meta-selinux-master.tar.gz
2 files changed, 7 insertions, 7 deletions
diff --git a/recipes-security/refpolicy/refpolicy/0001-refpolicy-minimum-make-sysadmin-module-optional.patch b/recipes-security/refpolicy/refpolicy/0001-refpolicy-minimum-make-sysadmin-module-optional.patch
index b0c0556..f963901 100644
--- a/recipes-security/refpolicy/refpolicy/0001-refpolicy-minimum-make-sysadmin-module-optional.patch
+++ b/recipes-security/refpolicy/refpolicy/0001-refpolicy-minimum-make-sysadmin-module-optional.patch
@@ -1,4 +1,4 @@
-From 4a5d6d9b7c317a2b819ef9a0ebce2e913ad42be9 Mon Sep 17 00:00:00 2001
+From abcc9a219a57c4cdc60f72cd91372204f3fcfa38 Mon Sep 17 00:00:00 2001
 From: Joe MacDonald <joe_macdonald@mentor.com>
 Date: Fri, 5 Apr 2019 11:53:28 -0400
 Subject: [PATCH] refpolicy-minimum: make sysadmin module optional
@@ -22,10 +22,10 @@ Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
 2 files changed, 11 insertions(+), 7 deletions(-)
 diff --git a/policy/modules/system/init.te b/policy/modules/system/init.te
-index 7df44cead..65146974b 100644
+index bde3d5944..cff62daa0 100644
 --- a/policy/modules/system/init.te
 +++ b/policy/modules/system/init.te
-@@ -648,13 +648,15 @@ ifdef(`init_systemd',`
+@@ -653,13 +653,15 @@ ifdef(`init_systemd',`
                unconfined_write_keys(init_t)
        ')
 ',`
@@ -48,12 +48,12 @@ index 7df44cead..65146974b 100644
        ')
 ')
 diff --git a/policy/modules/system/locallogin.te b/policy/modules/system/locallogin.te
-index f96092070..db28ce41c 100644
+index 59bcc78c8..f25168e3b 100644
 --- a/policy/modules/system/locallogin.te
 +++ b/policy/modules/system/locallogin.te
-@@ -279,7 +279,9 @@ userdom_use_unpriv_users_fds(sulogin_t)
+@@ -280,7 +280,9 @@ userdom_use_unpriv_users_fds(sulogin_t)
 userdom_search_user_home_dirs(sulogin_t)
- userdom_use_user_ptys(sulogin_t)
+ userdom_use_user_terminals(sulogin_t)
 
 -sysadm_shell_domtrans(sulogin_t)
 +optional_policy(`
diff --git a/recipes-security/refpolicy/refpolicy_git.inc b/recipes-security/refpolicy/refpolicy_git.inc
index a4ffd5c..955d160 100644
--- a/recipes-security/refpolicy/refpolicy_git.inc
+++ b/recipes-security/refpolicy/refpolicy_git.inc
@@ -2,7 +2,7 @@ PV = "2.20250213+git"
 SRC_URI = "git://github.com/SELinuxProject/refpolicy.git;protocol=https;branch=main;name=refpolicy;destsuffix=refpolicy"
-SRCREV_refpolicy = "ffc9c4e16cef451bf1d1a1de44bb738aa342c69d"
+SRCREV_refpolicy = "353352e31f0d301e6c49db79a753c7d0179b46c2"
 UPSTREAM_CHECK_GITTAGREGEX = "RELEASE_(?P<pver>\d+_\d+)"
author	Yi Zhao <yi.zhao@windriver.com>	2025-04-05 21:09:13 +0800
committer	Yi Zhao <yi.zhao@windriver.com>	2025-04-22 14:54:24 +0800
commit	32adf788c70a3e75e947ea7394b9a746686bb01e (patch)
tree	f44c22d7f506248f96ae52bc5f9aa9025a5660df /recipes-security/refpolicy
parent	b60fb46e68d821d4e94766cdf8e34fdb18a22150 (diff)
download	meta-selinux-master.tar.gz

diff --git a/recipes-security/refpolicy/refpolicy/0001-refpolicy-minimum-make-sysadmin-module-optional.patch b/recipes-security/refpolicy/refpolicy/0001-refpolicy-minimum-make-sysadmin-module-optional.patch index b0c0556..f963901 100644 --- a/recipes-security/refpolicy/refpolicy/0001-refpolicy-minimum-make-sysadmin-module-optional.patch +++ b/recipes-security/refpolicy/refpolicy/0001-refpolicy-minimum-make-sysadmin-module-optional.patch
@@ -1,4 +1,4 @@
1	From 4a5d6d9b7c317a2b819ef9a0ebce2e913ad42be9 Mon Sep 17 00:00:00 2001	1	From abcc9a219a57c4cdc60f72cd91372204f3fcfa38 Mon Sep 17 00:00:00 2001
2	From: Joe MacDonald <joe_macdonald@mentor.com>	2	From: Joe MacDonald <joe_macdonald@mentor.com>
3	Date: Fri, 5 Apr 2019 11:53:28 -0400	3	Date: Fri, 5 Apr 2019 11:53:28 -0400
4	Subject: [PATCH] refpolicy-minimum: make sysadmin module optional	4	Subject: [PATCH] refpolicy-minimum: make sysadmin module optional
@@ -22,10 +22,10 @@ Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
22	2 files changed, 11 insertions(+), 7 deletions(-)	22	2 files changed, 11 insertions(+), 7 deletions(-)
23		23
24	diff --git a/policy/modules/system/init.te b/policy/modules/system/init.te	24	diff --git a/policy/modules/system/init.te b/policy/modules/system/init.te
25	index 7df44cead..65146974b 100644	25	index bde3d5944..cff62daa0 100644
26	--- a/policy/modules/system/init.te	26	--- a/policy/modules/system/init.te
27	+++ b/policy/modules/system/init.te	27	+++ b/policy/modules/system/init.te
28	@@ -648,13 +648,15 @@ ifdef(`init_systemd',`	28	@@ -653,13 +653,15 @@ ifdef(`init_systemd',`
29	unconfined_write_keys(init_t)	29	unconfined_write_keys(init_t)
30	')	30	')
31	',`	31	',`
@@ -48,12 +48,12 @@ index 7df44cead..65146974b 100644
48	')	48	')
49	')	49	')
50	diff --git a/policy/modules/system/locallogin.te b/policy/modules/system/locallogin.te	50	diff --git a/policy/modules/system/locallogin.te b/policy/modules/system/locallogin.te
51	index f96092070..db28ce41c 100644	51	index 59bcc78c8..f25168e3b 100644
52	--- a/policy/modules/system/locallogin.te	52	--- a/policy/modules/system/locallogin.te
53	+++ b/policy/modules/system/locallogin.te	53	+++ b/policy/modules/system/locallogin.te
54	@@ -279,7 +279,9 @@ userdom_use_unpriv_users_fds(sulogin_t)	54	@@ -280,7 +280,9 @@ userdom_use_unpriv_users_fds(sulogin_t)
55	userdom_search_user_home_dirs(sulogin_t)	55	userdom_search_user_home_dirs(sulogin_t)
56	userdom_use_user_ptys(sulogin_t)	56	userdom_use_user_terminals(sulogin_t)
57		57
58	-sysadm_shell_domtrans(sulogin_t)	58	-sysadm_shell_domtrans(sulogin_t)
59	+optional_policy(`	59	+optional_policy(`


diff --git a/recipes-security/refpolicy/refpolicy_git.inc b/recipes-security/refpolicy/refpolicy_git.inc index a4ffd5c..955d160 100644 --- a/recipes-security/refpolicy/refpolicy_git.inc +++ b/recipes-security/refpolicy/refpolicy_git.inc
@@ -2,7 +2,7 @@ PV = "2.20250213+git"
2		2
3	SRC_URI = "git://github.com/SELinuxProject/refpolicy.git;protocol=https;branch=main;name=refpolicy;destsuffix=refpolicy"	3	SRC_URI = "git://github.com/SELinuxProject/refpolicy.git;protocol=https;branch=main;name=refpolicy;destsuffix=refpolicy"
4		4
5	SRCREV_refpolicy = "ffc9c4e16cef451bf1d1a1de44bb738aa342c69d"	5	SRCREV_refpolicy = "353352e31f0d301e6c49db79a753c7d0179b46c2"
6		6
7	UPSTREAM_CHECK_GITTAGREGEX = "RELEASE_(?P<pver>\d+_\d+)"	7	UPSTREAM_CHECK_GITTAGREGEX = "RELEASE_(?P<pver>\d+_\d+)"
8		8