commit frr for openSUSE:Factory

Source-Sync Thu, 09 Dec 2021 10:54:00 -0800

Script 'mail_helper' called by obssrc
Hello community,

here is the log from the commit of package frr for openSUSE:Factory checked in 
at 2021-12-09 19:45:43
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/frr (Old)
 and      /work/SRC/openSUSE:Factory/.frr.new.2520 (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++


Package is "frr"

Thu Dec  9 19:45:43 2021 rev:17 rq:937650 version:8.1

Changes:
--------
--- /work/SRC/openSUSE:Factory/frr/frr.changes  2021-11-18 10:34:49.299962570 
+0100
+++ /work/SRC/openSUSE:Factory/.frr.new.2520/frr.changes        2021-12-09 
19:46:25.077156612 +0100
@@ -1,0 +2,5 @@
+Thu Dec  9 08:40:11 UTC 2021 - Johannes Segitz <jseg...@suse.com>
+
+- Add ReadWritePaths=/etc/frr to harden_frr.service.patch (bsc#1181400).
+
+-------------------------------------------------------------------

++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

Other differences:
------------------
++++++ harden_frr.service.patch ++++++
--- /var/tmp/diff_new_pack.ptUvZ3/_old  2021-12-09 19:46:25.809156964 +0100
+++ /var/tmp/diff_new_pack.ptUvZ3/_new  2021-12-09 19:46:25.809156964 +0100
@@ -1,14 +1,15 @@
-Index: frr-frr-8.0.1/tools/frr.service.in
+Index: frr-frr-8.1/tools/frr.service.in
 ===================================================================
---- frr-frr-8.0.1.orig/tools/frr.service.in
-+++ frr-frr-8.0.1/tools/frr.service.in
-@@ -7,6 +7,15 @@ Before=network.target
+--- frr-frr-8.1.orig/tools/frr.service.in
++++ frr-frr-8.1/tools/frr.service.in
+@@ -7,6 +7,16 @@ Before=network.target
  OnFailure=heartbeat-failed@%n
  
  [Service]
 +# added automatically, for details please see
 +# https://en.opensuse.org/openSUSE:Security_Features#Systemd_hardening_effort
 +ProtectSystem=full
++ReadWritePaths=/etc/frr
 +ProtectHome=true
 +ProtectKernelModules=true
 +ProtectKernelLogs=true
@@ -18,17 +19,18 @@
  Nice=-5
  Type=forking
  NotifyAccess=all
-Index: frr-frr-8.0.1/tools/f...@.service.in
+Index: frr-frr-8.1/tools/f...@.service.in
 ===================================================================
---- frr-frr-8.0.1.orig/tools/f...@.service.in
-+++ frr-frr-8.0.1/tools/f...@.service.in
-@@ -7,6 +7,15 @@ Before=network.target
+--- frr-frr-8.1.orig/tools/f...@.service.in
++++ frr-frr-8.1/tools/f...@.service.in
+@@ -7,6 +7,16 @@ Before=network.target
  OnFailure=heartbeat-failed@%n
  
  [Service]
 +# added automatically, for details please see
 +# https://en.opensuse.org/openSUSE:Security_Features#Systemd_hardening_effort
 +ProtectSystem=full
++ReadWritePaths=/etc/frr
 +ProtectHome=true
 +ProtectKernelModules=true
 +ProtectKernelLogs=true

commit frr for openSUSE:Factory

Reply via email to