Bug 2082524

Summary: Rebase selinux-policy to the newest one available in Fedora
Product: Red Hat Enterprise Linux 9 Reporter: Zdenek Pytela <zpytela>
Component: selinux-policyAssignee: Zdenek Pytela <zpytela>
Status: CLOSED ERRATA QA Contact: Milos Malik <mmalik>
Severity: high Docs Contact:
Priority: high    
Version: 9.1CC: lvrabec, mmalik, myllynen, pkis
Target Milestone: rcKeywords: Rebase, Triaged
Target Release: 9.2   
Hardware: noarch   
OS: Linux   
Whiteboard:
Fixed In Version: selinux-policy-38.1.3-1.el9 Doc Type: Rebase: Bug Fixes and Enhancements
Doc Text:
Important: if this rebase instead contains *only bug fixes,* or *only enhancements*, select the correct option from the Doc Type drop-down list. Rebase package(s) to version: 38.1 Highlights, important fixes, or notable enhancements: The `selinux-policy` package has been upgraded to the upstream version 38.1 which provides a number of bug fixes and improvements.
 Story Points: ---
Clone Of: Environment:
Last Closed: 2023-05-09 08:16:08 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Zdenek Pytela 2022-05-06 10:31:41 UTC 
Description of problem:
Since RHEL 9 beta branched off Fedora 34, numerous enhancements and missing rules were added to Fedora selinux-policy, but only a small number of them were backported. Rebasing will prevent from unnecessary bug reports for known problems.

Version-Release number of selected component (if applicable):
selinux-policy-34.1.31
Comment 1 Zdenek Pytela 2022-05-06 10:36:55 UTC 
This is the last commit before split:

commit 7e50553feb19abeab49911db46c15b50b6bda47e (tag: v34.1)
Author: Zdenek Pytela <zpytela>
Date:   Thu Apr 1 19:46:00 2021 +0200

    Allow plymouthd_t exec generic program in bin directories

Number of commits since then till the 2022.05.06 state:

f36$ git log --oneline 7e50553fe..HEAD | wc -l
503
rhel9$ git log --oneline 7e50553fe..HEAD | wc -l
208
Comment 2 Zdenek Pytela 2022-11-21 11:50:53 UTC 
State of source git repositories as of 2022-11-21:

Fedora rawhide head: 8cdcbe788 Allow systemd-socket-proxyd get attributes of cgroup filesystems
RHEL 9.2 head: 00d0ddbcd Add domain_unix_read_all_semaphores() interface

Number of commits since RHEL 9 beta branched off Fedora 34:

rawhide$ git log --oneline 7e50553fe..HEAD | wc -l
758
rhel-92$ git log --oneline 7e50553fe..HEAD | wc -l
373
Comment 14 errata-xmlrpc 2023-05-09 08:16:08 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory (selinux-policy bug fix and enhancement update), and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHBA-2023:2483
Comment 15 Zdenek Pytela 2023-06-16 10:04:35 UTC 
*** Bug 2159393 has been marked as a duplicate of this bug. ***