Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package forgejo for openSUSE:Factory checked in at 2026-05-27 16:18:50 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/forgejo (Old) and /work/SRC/openSUSE:Factory/.forgejo.new.1937 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "forgejo" Wed May 27 16:18:50 2026 rev:43 rq:1355315 version:15.0.1 Changes: -------- --- /work/SRC/openSUSE:Factory/forgejo/forgejo.changes 2026-05-08 16:45:15.676901949 +0200 +++ /work/SRC/openSUSE:Factory/.forgejo.new.1937/forgejo.changes 2026-05-27 16:19:33.167273007 +0200 @@ -1,0 +2,7 @@ +Sun May 24 20:31:21 UTC 2026 - Marcus Rueckert <[email protected]> + +- Apparmor + - fix typo in abstraction + - have all all local permissions before subprofiles + +------------------------------------------------------------------- @@ -48,0 +56,5 @@ +Sun Feb 1 00:22:55 UTC 2026 - Marcus Rueckert <[email protected]> + +- apparmor: make logdir a variable + +------------------------------------------------------------------- @@ -216,0 +229,5 @@ + +------------------------------------------------------------------- +Wed Dec 24 23:57:27 UTC 2025 - Marcus Rueckert <[email protected]> + +- apparmor: golang binaries now also want mountinfo. ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ forgejo-abstraction.apparmor ++++++ --- /var/tmp/diff_new_pack.SFssmc/_old 2026-05-27 16:19:36.159394043 +0200 +++ /var/tmp/diff_new_pack.SFssmc/_new 2026-05-27 16:19:36.167394366 +0200 @@ -10,6 +10,8 @@ /sys/kernel/mm/transparent_hugepage/hpage_pmd_size r, @{PROC}/sys/net/core/somaxconn r, + @{PROC}/@{pid}/{cgroup,cpuset,mountinfo} r, + /etc/forgejo/ r, /etc/forgejo/conf/app.ini r, /etc/forgejo/public/ r, @@ -25,6 +27,6 @@ /etc/mime.types r, include if exists <forgejo.d/forgejo.d> - include if exists <locatl/usr.bin.forgejo> + include if exists <local/usr.bin.forgejo> include if exists <local/forgejo> ++++++ forgejo.apparmor ++++++ --- /var/tmp/diff_new_pack.SFssmc/_old 2026-05-27 16:19:36.219396470 +0200 +++ /var/tmp/diff_new_pack.SFssmc/_new 2026-05-27 16:19:36.223396632 +0200 @@ -3,6 +3,7 @@ include <tunables/global> @{APP_DATADIR} = /var/lib/forgejo +@{APP_LOGDIR} = /var/log/forgejo @{APP_REPOSITORY_DIRS} = @{APP_DATADIR}/data/forgejo-repositories @{APP_DATADIR}/repositories profile forgejo /usr/bin/forgejo flags=(attach_disconnected) { @@ -20,6 +21,27 @@ signal (send) peer=forgejo//*, + + owner @{APP_DATADIR}/ r, + + owner @{APP_DATADIR}/data/ r, + owner @{APP_DATADIR}/data/** rwlk, + + owner @{APP_DATADIR}/https/ r, + owner @{APP_DATADIR}/https/** rwlk, + + owner @{APP_DATADIR}/indexers/ r, + owner @{APP_DATADIR}/indexers/** rwlk, + + owner @{APP_DATADIR}/queues/ r, + owner @{APP_DATADIR}/queues/** rwlk, + + owner @{APP_REPOSITORY_DIRS}/ r, + owner @{APP_REPOSITORY_DIRS}/** rwlk, + + owner @{APP_LOGDIR}/ r, + owner @{APP_LOGDIR}/gitea.log* rwlk, + profile forgejo-session-exec { include <abstractions/forgejo> @@ -158,25 +180,5 @@ /usr/bin/cat rm, /usr/bin/basename rm, } - - owner @{APP_DATADIR}/ r, - - owner @{APP_DATADIR}/data/ r, - owner @{APP_DATADIR}/data/** rwlk, - - owner @{APP_DATADIR}/https/ r, - owner @{APP_DATADIR}/https/** rwlk, - - owner @{APP_DATADIR}/indexers/ r, - owner @{APP_DATADIR}/indexers/** rwlk, - - owner @{APP_DATADIR}/queues/ r, - owner @{APP_DATADIR}/queues/** rwlk, - - owner @{APP_REPOSITORY_DIRS}/ r, - owner @{APP_REPOSITORY_DIRS}/** rwlk, - - owner /var/log/forgejo/ r, - owner /var/log/forgejo/gitea.log* rwlk, }
