Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package selinux-policy for openSUSE:Factory checked in at 2021-03-02 12:27:42 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/selinux-policy (Old) and /work/SRC/openSUSE:Factory/.selinux-policy.new.2378 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "selinux-policy" Tue Mar 2 12:27:42 2021 rev:7 rq:874853 version:20210223 Changes: -------- --- /work/SRC/openSUSE:Factory/selinux-policy/selinux-policy.changes 2021-01-15 19:44:36.169875998 +0100 +++ /work/SRC/openSUSE:Factory/.selinux-policy.new.2378/selinux-policy.changes 2021-03-02 12:30:53.735600387 +0100 @@ -1,0 +2,8 @@ +Tue Feb 23 13:53:40 UTC 2021 - Thorsten Kukuk <ku...@suse.com> + +- Update to version 20210223 +- Change name of tar file to a more common schema to allow + parallel installation of several source versions +- Adjust fix_init.patch + +------------------------------------------------------------------- Old: ---- fedora-policy.20210111.tar.bz2 New: ---- fedora-policy-20210223.tar.bz2 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ selinux-policy.spec ++++++ --- /var/tmp/diff_new_pack.DXOu85/_old 2021-03-02 12:30:55.103601337 +0100 +++ /var/tmp/diff_new_pack.DXOu85/_new 2021-03-02 12:30:55.107601339 +0100 @@ -33,9 +33,9 @@ License: GPL-2.0-or-later Group: System/Management Name: selinux-policy -Version: 20210111 +Version: 20210223 Release: 0 -Source: fedora-policy.%{version}.tar.bz2 +Source: fedora-policy-%{version}.tar.bz2 Source1: selinux-policy-rpmlintrc Source10: modules-targeted-base.conf @@ -384,7 +384,7 @@ exit 0 %prep -%setup -n fedora-policy +%setup -n fedora-policy-%{version} %patch001 -p1 %patch002 -p1 %patch003 -p1 ++++++ fix_init.patch ++++++ --- /var/tmp/diff_new_pack.DXOu85/_old 2021-03-02 12:30:55.387601533 +0100 +++ /var/tmp/diff_new_pack.DXOu85/_new 2021-03-02 12:30:55.387601533 +0100 @@ -1,8 +1,16 @@ -Index: fedora-policy/policy/modules/system/init.te -=================================================================== ---- fedora-policy.orig/policy/modules/system/init.te -+++ fedora-policy/policy/modules/system/init.te -@@ -257,6 +257,7 @@ corecmd_exec_bin(init_t) +--- fedora-policy/policy/modules/system/init.if 2021-02-23 14:51:08.683163653 +0100 ++++ fedora-policy/policy/modules/system/init.if 2021-02-23 15:04:46.397087937 +0100 +@@ -3242,6 +3242,7 @@ + files_etc_filetrans($1, machineid_t, file, "machine-id" ) + files_pid_filetrans($1, initctl_t, fifo_file, "fifo" ) + init_pid_filetrans($1, systemd_unit_file_t, dir, "generator") ++ init_pid_filetrans($1, systemd_unit_file_t, dir, "generator.late") + init_pid_filetrans($1, systemd_unit_file_t, dir, "system") + ') + +--- fedora-policy/policy/modules/system/init.te 2021-02-23 14:51:08.683163653 +0100 ++++ fedora-policy/policy/modules/system/init.te 2021-02-23 15:06:10.293290652 +0100 +@@ -262,6 +262,7 @@ corenet_all_recvfrom_netlabel(init_t) corenet_tcp_bind_all_ports(init_t) corenet_udp_bind_all_ports(init_t) @@ -10,7 +18,7 @@ dev_create_all_files(init_t) dev_create_all_chr_files(init_t) -@@ -378,6 +379,7 @@ logging_manage_audit_config(init_t) +@@ -388,6 +389,7 @@ logging_create_syslog_netlink_audit_socket(init_t) logging_write_var_log_dirs(init_t) logging_manage_var_log_symlinks(init_t) @@ -18,23 +26,24 @@ seutil_read_config(init_t) seutil_read_login_config(init_t) -@@ -427,10 +429,15 @@ ifdef(`distro_redhat',` +@@ -437,11 +439,16 @@ corecmd_shell_domtrans(init_t, initrc_t) storage_raw_rw_fixed_disk(init_t) +storage_raw_read_removable_device(init_t) sysnet_read_dhcpc_state(init_t) + sysnet_watch_config(init_t) optional_policy(` -+ networkmanager_initrc_read_lnk_files(init_t) ++ networkmanager_initrc_read_lnk_files(init_t) +') + +optional_policy(` bootloader_domtrans(init_t) ') -@@ -544,7 +551,7 @@ tunable_policy(`init_create_dirs',` +@@ -555,10 +562,10 @@ allow init_t self:system all_system_perms; allow init_t self:system module_load; allow init_t self:unix_dgram_socket { create_socket_perms sendto }; @@ -42,8 +51,12 @@ +allow init_t self:process { setkeycreate setsockcreate setfscreate setrlimit setexec execmem }; allow init_t self:process { getcap setcap }; allow init_t self:unix_stream_socket { create_stream_socket_perms connectto recvfrom }; - allow init_t self:netlink_kobject_uevent_socket create_socket_perms; -@@ -606,6 +613,7 @@ files_delete_all_spool_sockets(init_t) +-allow init_t self:netlink_kobject_uevent_socket create_socket_perms; ++allow init_t self:netlink_kobject_uevent_socket create_socket_perms; + allow init_t self:netlink_selinux_socket create_socket_perms; + allow init_t self:unix_dgram_socket lock; + # Until systemd is fixed +@@ -616,6 +623,7 @@ files_create_var_lib_dirs(init_t) files_create_var_lib_symlinks(init_t) files_read_var_lib_symlinks(init_t) @@ -51,7 +64,16 @@ files_manage_urandom_seed(init_t) files_list_locks(init_t) files_list_spool(init_t) -@@ -698,6 +706,7 @@ systemd_write_inherited_logind_sessions_ +@@ -652,7 +660,7 @@ + fs_list_auto_mountpoints(init_t) + fs_register_binary_executable_type(init_t) + fs_relabel_tmpfs_sock_file(init_t) +-fs_rw_tmpfs_files(init_t) ++fs_rw_tmpfs_files(init_t) + fs_relabel_cgroup_dirs(init_t) + fs_search_cgroup_dirs(init_t) + # for network namespaces +@@ -708,6 +716,7 @@ create_sock_files_pattern(init_t, init_sock_file_type, init_sock_file_type) create_dirs_pattern(init_t, var_log_t, var_log_t) @@ -59,7 +81,7 @@ auth_use_nsswitch(init_t) auth_rw_login_records(init_t) -@@ -1543,6 +1552,8 @@ optional_policy(` +@@ -1561,6 +1570,8 @@ optional_policy(` postfix_list_spool(initrc_t) @@ -68,15 +90,3 @@ ') optional_policy(` -Index: fedora-policy/policy/modules/system/init.if -=================================================================== ---- fedora-policy.orig/policy/modules/system/init.if -+++ fedora-policy/policy/modules/system/init.if -@@ -3205,6 +3205,7 @@ interface(`init_filetrans_named_content' - files_etc_filetrans($1, machineid_t, file, "machine-id" ) - files_pid_filetrans($1, initctl_t, fifo_file, "fifo" ) - init_pid_filetrans($1, systemd_unit_file_t, dir, "generator") -+ init_pid_filetrans($1, systemd_unit_file_t, dir, "generator.late") - init_pid_filetrans($1, systemd_unit_file_t, dir, "system") - ') - ++++++ update.sh ++++++ --- /var/tmp/diff_new_pack.DXOu85/_old 2021-03-02 12:30:56.051601994 +0100 +++ /var/tmp/diff_new_pack.DXOu85/_new 2021-03-02 12:30:56.051601994 +0100 @@ -9,14 +9,14 @@ git clone --depth 1 https://github.com/fedora-selinux/selinux-policy.git git clone --depth 1 https://github.com/containers/container-selinux.git -mv selinux-policy fedora-policy -rm -rf fedora-policy/.git* -mv container-selinux/container.* fedora-policy/policy/modules/contrib/ +mv selinux-policy fedora-policy-$date +rm -rf fedora-policy-$date/.git* +mv container-selinux/container.* fedora-policy-$date/policy/modules/contrib/ -rm -f fedora-policy.$date.tar* -tar cf fedora-policy.$date.tar fedora-policy -bzip2 fedora-policy.$date.tar -rm -rf fedora-policy container-selinux +rm -f fedora-policy?$date.tar* +tar cf fedora-policy-$date.tar fedora-policy-$date +bzip2 fedora-policy-$date.tar +rm -rf fedora-policy-$date container-selinux sed -i -e "s/^Version:.*/Version: $date/" selinux-policy.spec