Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package sysctl-logger for openSUSE:Factory checked in at 2025-09-16 18:18:38 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/sysctl-logger (Old) and /work/SRC/openSUSE:Factory/.sysctl-logger.new.1977 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "sysctl-logger" Tue Sep 16 18:18:38 2025 rev:5 rq:1305062 version:0.0.7 Changes: -------- --- /work/SRC/openSUSE:Factory/sysctl-logger/sysctl-logger.changes 2024-04-10 17:50:28.080644996 +0200 +++ /work/SRC/openSUSE:Factory/.sysctl-logger.new.1977/sysctl-logger.changes 2025-09-16 18:19:15.297258599 +0200 @@ -1,0 +2,8 @@ +Tue Sep 16 03:57:26 UTC 2025 - Shung-Hsi Yu <[email protected]> + +- Update to v0.0.7 + * Add systemd hardenings + * Make output directory visible +- Specify LLVM version to use for SLES 15 SP7 + +------------------------------------------------------------------- Old: ---- sysctl-logger-0.0.6.tar.gz New: ---- sysctl-logger-0.0.7.tar.gz ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ sysctl-logger.spec ++++++ --- /var/tmp/diff_new_pack.rQC0Da/_old 2025-09-16 18:19:15.865282520 +0200 +++ /var/tmp/diff_new_pack.rQC0Da/_new 2025-09-16 18:19:15.865282520 +0200 @@ -20,6 +20,9 @@ %define llvm_major_version %{nil} %else # Hard-code latest LLVM for SLES, the default version is too old + %if 0%{?sle_version} == 150700 + %define llvm_major_version 19 + %else %if 0%{?sle_version} == 150600 %define llvm_major_version 17 %else @@ -31,10 +34,12 @@ %endif %endif %endif + %endif %endif + Name: sysctl-logger -Version: 0.0.6 +Version: 0.0.7 Release: 0 Summary: A sysctl monitoring tool based on BPF License: GPL-2.0-only ++++++ sysctl-logger-0.0.6.tar.gz -> sysctl-logger-0.0.7.tar.gz ++++++ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/sysctl-logger-0.0.6/Makefile new/sysctl-logger-0.0.7/Makefile --- old/sysctl-logger-0.0.6/Makefile 2024-04-10 05:26:20.000000000 +0200 +++ new/sysctl-logger-0.0.7/Makefile 2025-09-12 02:18:41.000000000 +0200 @@ -1,5 +1,5 @@ # SPDX-License-Identifier: (LGPL-2.1 OR BSD-2-Clause) -OUTPUT := .output +OUTPUT := output LIBDIR ?= /usr/lib64 SBINDIR ?= /usr/sbin UNITDIR ?= /usr/lib/systemd/system diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/sysctl-logger-0.0.6/sysctl-logger.c new/sysctl-logger-0.0.7/sysctl-logger.c --- old/sysctl-logger-0.0.6/sysctl-logger.c 2024-04-10 05:26:20.000000000 +0200 +++ new/sysctl-logger-0.0.7/sysctl-logger.c 2025-09-12 02:18:41.000000000 +0200 @@ -50,7 +50,7 @@ event.new_value[strcspn(event.new_value, "\n")] = 0; if (event.truncated || strncmp(event.old_value, event.new_value, sizeof(event.new_value))) { - printf("%s[%d](%s[%d]) initated change of %s from %s to %s%s\n", + printf("%s[%d](%s[%d]) initiated change of %s from %s to %s%s\n", event.comm, event.pid, event.parent_comm, event.parent_pid, event.name, ((event.old_value[0] == '\0') ? "''" : event.old_value), ((event.new_value[0] == '\0') ? "''" : event.new_value), warning); diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/sysctl-logger-0.0.6/sysctl-logger.service.in new/sysctl-logger-0.0.7/sysctl-logger.service.in --- old/sysctl-logger-0.0.6/sysctl-logger.service.in 2024-04-10 05:26:20.000000000 +0200 +++ new/sysctl-logger-0.0.7/sysctl-logger.service.in 2025-09-12 02:18:41.000000000 +0200 @@ -14,5 +14,21 @@ # Raising the memlock limit might not be necessary LimitMEMLOCK=infinity +MemoryDenyWriteExecute=true +PrivateDevices=true +PrivateTmp=true +ProtectClock=true +ProtectControlGroups=true +ProtectHome=true +ProtectHostname=true +ProtectKernelLogs=true +ProtectKernelModules=true +ProtectKernelTunables=true +ProtectSystem=strict +RestrictAddressFamilies=none +RestrictNamespaces=cgroup +RestrictRealtime=true +RestrictSUIDSGID=true + [Install] WantedBy=sysinit.target
