Script 'mail_helper' called by obssrc
Hello community,
here is the log from the commit of package yast2-security for openSUSE:Factory
checked in at 2021-03-03 18:33:19
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/yast2-security (Old)
and /work/SRC/openSUSE:Factory/.yast2-security.new.2378 (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "yast2-security"
Wed Mar 3 18:33:19 2021 rev:102 rq:876431 version:4.3.14
Changes:
--------
--- /work/SRC/openSUSE:Factory/yast2-security/yast2-security.changes
2021-03-01 12:48:58.626372664 +0100
+++ /work/SRC/openSUSE:Factory/.yast2-security.new.2378/yast2-security.changes
2021-03-03 18:33:45.447329004 +0100
@@ -1,0 +2,20 @@
+Tue Mar 2 17:47:22 UTC 2021 - David Diaz <dgonza...@suse.com>
+
+- Ensure defined SELinux patterns are set (bsc#1182543).
+- 4.3.14
+
+-------------------------------------------------------------------
+Tue Mar 2 15:31:39 UTC 2021 - David Diaz <dgonza...@suse.com>
+
+- Do not write bootloader in insts-sys (bsc#1182894).
+- 4.3.13
+
+-------------------------------------------------------------------
+Mon Mar 1 11:33:59 UTC 2021 - David Diaz <dgonza...@suse.com>
+
+- Change the SELinux resolvable unique id used in auto-installation
+ to be consistent with the one used by normal installation
+ (related to jsc#SLE-17342).
+- 4.3.12
+
+-------------------------------------------------------------------
Old:
----
yast2-security-4.3.11.tar.bz2
New:
----
yast2-security-4.3.14.tar.bz2
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ yast2-security.spec ++++++
--- /var/tmp/diff_new_pack.bDLKMh/_old 2021-03-03 18:33:46.271329602 +0100
+++ /var/tmp/diff_new_pack.bDLKMh/_new 2021-03-03 18:33:46.275329605 +0100
@@ -17,7 +17,7 @@
Name: yast2-security
-Version: 4.3.11
+Version: 4.3.14
Release: 0
Summary: YaST2 - Security Configuration
License: GPL-2.0-only
++++++ yast2-security-4.3.11.tar.bz2 -> yast2-security-4.3.14.tar.bz2 ++++++
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/yast2-security-4.3.11/package/yast2-security.changes
new/yast2-security-4.3.14/package/yast2-security.changes
--- old/yast2-security-4.3.11/package/yast2-security.changes 2021-03-01
12:31:34.000000000 +0100
+++ new/yast2-security-4.3.14/package/yast2-security.changes 2021-03-03
10:23:14.000000000 +0100
@@ -1,4 +1,24 @@
-------------------------------------------------------------------
+Tue Mar 2 17:47:22 UTC 2021 - David Diaz <dgonza...@suse.com>
+
+- Ensure defined SELinux patterns are set (bsc#1182543).
+- 4.3.14
+
+-------------------------------------------------------------------
+Tue Mar 2 15:31:39 UTC 2021 - David Diaz <dgonza...@suse.com>
+
+- Do not write bootloader in insts-sys (bsc#1182894).
+- 4.3.13
+
+-------------------------------------------------------------------
+Mon Mar 1 11:33:59 UTC 2021 - David Diaz <dgonza...@suse.com>
+
+- Change the SELinux resolvable unique id used in auto-installation
+ to be consistent with the one used by normal installation
+ (related to jsc#SLE-17342).
+- 4.3.12
+
+-------------------------------------------------------------------
Mon Mar 1 10:21:28 UTC 2021 - Josef Reidinger <jreidin...@suse.com>
- Move security_finish client to yast2-installation (bsc#1182821)
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/yast2-security-4.3.11/package/yast2-security.spec
new/yast2-security-4.3.14/package/yast2-security.spec
--- old/yast2-security-4.3.11/package/yast2-security.spec 2021-03-01
12:31:34.000000000 +0100
+++ new/yast2-security-4.3.14/package/yast2-security.spec 2021-03-03
10:23:14.000000000 +0100
@@ -17,7 +17,7 @@
Name: yast2-security
-Version: 4.3.11
+Version: 4.3.14
Release: 0
Group: System/YaST
License: GPL-2.0-only
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/yast2-security-4.3.11/src/lib/y2security/selinux.rb
new/yast2-security-4.3.14/src/lib/y2security/selinux.rb
--- old/yast2-security-4.3.11/src/lib/y2security/selinux.rb 2021-03-01
12:31:34.000000000 +0100
+++ new/yast2-security-4.3.14/src/lib/y2security/selinux.rb 2021-03-03
10:23:14.000000000 +0100
@@ -83,6 +83,7 @@
Yast.import "Bootloader"
Yast.import "ProductFeatures"
+ Yast.import "Stage"
# The current set mode
#
@@ -201,7 +202,8 @@
relocate_autorelabel_file
end
- return true if Yast::Mode.installation
+ # in insts-sys bootloader write is done by bootloader_finish client
+ return true if Yast::Stage.initial
log.info("Saving Bootloader configuration")
Yast::Bootloader.Write
@@ -223,7 +225,7 @@
# the value of 'configurable' selinux settings in the
control file when
# running during installation or false if not present
def configurable?
- return true unless Yast::Mode.installation
+ return true unless Yast::Stage.initial
product_feature_settings[:configurable] || false
end
@@ -272,13 +274,13 @@
@config_file ||= CFA::Selinux.load
end
- # Sets the mode to the proposed one via `selinux_mode` global variable in
the control file
+ # Sets the mode to the proposed one via selinux mode global variable in
the control file
#
# @see #proposed_mode
#
# @return [Mode] disabled or found SELinux mode
def make_proposal
- return unless Yast::Mode.installation
+ return unless Yast::Stage.initial
proposed_mode
end
@@ -328,9 +330,9 @@
# @see https://jira.suse.com/browse/SLE-17307
#
# @return [Booelan] true if root fs will mounted as read only, SELinux is
not disabled,
- # and running in the installation mode; false otherwise
+ # and running in initial stage; false otherwise
def relocate_autorelabel_file?
- mode.to_sym != :disabled && Yast::Mode.installation && read_only_root_fs?
+ mode.to_sym != :disabled && Yast::Stage.initial && read_only_root_fs?
end
# Relocates the .autorelabel file from #{ROOT_AUTORELABEL_PATH} to
#{ETC_AUTORELABEL_PATH} by
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/yast2-security-4.3.11/src/modules/Security.rb
new/yast2-security-4.3.14/src/modules/Security.rb
--- old/yast2-security-4.3.11/src/modules/Security.rb 2021-03-01
12:31:34.000000000 +0100
+++ new/yast2-security-4.3.14/src/modules/Security.rb 2021-03-03
10:23:14.000000000 +0100
@@ -783,6 +783,8 @@
settings["PASSWD_USE_PWQUALITY"] =
settings.delete("PASSWD_USE_CRACKLIB")
end
+ set_selinux_patterns # Checking needed packages
+
return true if settings == {}
@modified = true
@@ -807,7 +809,6 @@
end
@Settings = tmpSettings
- set_selinux_patterns # Checking needed packages
true
end
@@ -902,7 +903,9 @@
def set_selinux_patterns
selinux_config.mode = @Settings["SELINUX_MODE"] unless
@Settings["SELINUX_MODE"].to_s.empty?
- PackagesProposal.SetResolvables("selinux_patterns", :pattern,
selinux_config.needed_patterns)
+ # Please, keep the unique id synced with the one used in normal
installation
+ # See
https://github.com/yast/yast-installation/blob/7c19909e9700242209645cf12a4daffe1cd54194/src/lib/installation/clients/security_proposal.rb#L244-L247
+ PackagesProposal.SetResolvables("SELinux", :pattern,
selinux_config.needed_patterns)
end
# Sets @missing_mandatory_services honoring the systemd aliases
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore'
old/yast2-security-4.3.11/test/y2security/selinux_test.rb
new/yast2-security-4.3.14/test/y2security/selinux_test.rb
--- old/yast2-security-4.3.11/test/y2security/selinux_test.rb 2021-03-01
12:31:34.000000000 +0100
+++ new/yast2-security-4.3.14/test/y2security/selinux_test.rb 2021-03-03
10:23:14.000000000 +0100
@@ -57,7 +57,7 @@
before do
Yast::ProductFeatures.Import(product_features)
- allow(Yast::Mode).to receive(:installation).and_return(installation_mode)
+ allow(Yast::Stage).to receive(:initial).and_return(installation_mode)
allow(Yast::Bootloader).to receive(:kernel_param).with(:common, "security")
.and_return(security_param)
