Notification time stamped 2023-03-31 22:34:03 UTC
From 6dbaddcefe8af280f6c8a224143c7a864a1778c0 Mon Sep 17 00:00:00 2001
From: Richard Shaw <hobbes1069(a)gmail.com>
Date: Jun 06 2021 11:58:43 +0000
Subject: Update selinux policy for Fedora 34+
---
diff --git a/fail2ban.spec b/fail2ban.spec
index 5a069e4..fa9cfd6 100644
--- a/fail2ban.spec
+++ b/fail2ban.spec
@@ -1,6 +1,6 @@
Name: fail2ban
Version: 0.11.2
-Release: 4%{?dist}
+Release: 5%{?dist}
Summary: Daemon to ban hosts that cause multiple authentication errors
License: GPLv2+
@@ -397,6 +397,9 @@ fi
%changelog
+* Sun Jun 06 2021 Richard Shaw <hobbes1069(a)gmail.com> - 0.11.2-5
+- Update selinux policy for Fedora 34+
+
* Tue Mar 02 2021 Zbigniew Jędrzejewski-Szmek <zbyszek(a)in.waw.pl> - 0.11.2-4
- Rebuilt for updated systemd-rpm-macros
See
https://pagure.io/fesco/issue/2583.
diff --git a/fail2ban.te b/fail2ban.te
index 302f4bc..92615ca 100644
--- a/fail2ban.te
+++ b/fail2ban.te
@@ -45,6 +45,7 @@ allow fail2ban_t self:netlink_netfilter_socket create_socket_perms;
read_files_pattern(fail2ban_t, fail2ban_t, fail2ban_t)
+allow fail2ban_t fail2ban_log_t:file watch;
append_files_pattern(fail2ban_t, fail2ban_log_t, fail2ban_log_t)
create_files_pattern(fail2ban_t, fail2ban_log_t, fail2ban_log_t)
setattr_files_pattern(fail2ban_t, fail2ban_log_t, fail2ban_log_t)
@@ -88,7 +89,6 @@ files_read_etc_runtime_files(fail2ban_t)
files_list_var(fail2ban_t)
files_dontaudit_list_tmp(fail2ban_t)
-fs_list_inotifyfs(fail2ban_t)
fs_getattr_all_fs(fail2ban_t)
auth_use_nsswitch(fail2ban_t)
@@ -100,6 +100,10 @@ logging_read_syslog_pid(fail2ban_t)
logging_dontaudit_search_audit_logs(fail2ban_t)
logging_mmap_generic_logs(fail2ban_t)
logging_mmap_journal(fail2ban_t)
+logging_watch_audit_log_files(fail2ban_t)
+logging_watch_audit_log_dirs(fail2ban_t)
+logging_watch_generic_log_dirs(fail2ban_t)
+logging_watch_journal_dir(fail2ban_t)
mta_send_mail(fail2ban_t)
https://src.fedoraproject.org/rpms/fail2ban/c/6dbaddcefe8af280f6c8a224143...