commit connman for openSUSE:Factory

Source-Sync Thu, 23 Dec 2021 08:54:11 -0800

Script 'mail_helper' called by obssrc
Hello community,

here is the log from the commit of package connman for openSUSE:Factory checked 
in at 2021-12-23 17:53:36
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/connman (Old)
 and      /work/SRC/openSUSE:Factory/.connman.new.2520 (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++


Package is "connman"

Thu Dec 23 17:53:36 2021 rev:10 rq:940531 version:1.40

Changes:
--------
--- /work/SRC/openSUSE:Factory/connman/connman.changes  2021-09-10 
23:41:56.410599535 +0200
+++ /work/SRC/openSUSE:Factory/.connman.new.2520/connman.changes        
2021-12-23 17:53:49.583721978 +0100
@@ -1,0 +2,12 @@
+Fri Nov 26 14:14:41 UTC 2021 - Danilo Spinella <danilo.spine...@suse.com>
+
+- connman-nmcompat manages D-Bus permissions for NetworkManager service.
+  However, these rules are different than the ones NetworkManager setup.
+  Allow the installation of only either of them. Fixes bsc#1192827
+
+-------------------------------------------------------------------
+Fri Oct 15 12:11:29 UTC 2021 - Johannes Segitz <jseg...@suse.com>
+
+- Drop ProtectClock hardening, can cause issues if other device acceess is 
needed
+
+-------------------------------------------------------------------

++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

Other differences:
------------------
++++++ connman.spec ++++++
--- /var/tmp/diff_new_pack.CoqEq4/_old  2021-12-23 17:53:50.159722334 +0100
+++ /var/tmp/diff_new_pack.CoqEq4/_new  2021-12-23 17:53:50.163722337 +0100
@@ -77,7 +77,6 @@
 %description doc
 Documentation in form of man pages for Connman (Connection Manager).
 
-
 ##############################
 #Plugins
 ##############################
@@ -118,6 +117,7 @@
 %description plugin-vpnc
 Provides VPNC support for Connman (Connection Manager).
 
+
 #-------------------------------------
 %package plugin-openvpn
 Summary:        OpenVPN plugin for connman
@@ -129,6 +129,7 @@
 %description plugin-openvpn
 Provides OpenVPN support for Connman (Connection Manager).
 
+
 #-------------------------------------
 %package plugin-pptp
 Summary:        PPTP plugin for connman
@@ -138,6 +139,7 @@
 %description plugin-pptp
 Provides PPTP support for Connman (Connection Manager).
 
+
 #-------------------------------------
 %package plugin-wireguard
 Summary:        WireGuard plugin for connman
@@ -167,6 +169,7 @@
 %description plugin-l2tp
 Provides L2TP (Layer 2 Tunneling Protocol) support for Connman (Connection 
Manager).
 
+
 #-------------------------------------
 %package plugin-iospm
 Summary:        Intel OSPM plugin for connman
@@ -178,6 +181,7 @@
 %description plugin-iospm
 Provides Intel OSPM support for Connman (Connection Manager).
 
+
 #-------------------------------------
 %package test
 Summary:        Test and example scripts for connman
@@ -187,15 +191,20 @@
 %description test
 Provides test and example scripts for Connman (Connection Manager).
 
+
 #-------------------------------------
 %package nmcompat
 Summary:        NetworkManager compatibility for connman
 Group:          System/Daemons
 Requires:       %{name} >= %{version}
+# This package install D-Bus rules that are different than the ones from
+# NetworkManager, only allow the installation of one of them
+Conflicts:      NetworkManager
 
 %description nmcompat
 Provides NetworkManager compatibility for Connman (Connection Manager).
 
+
 #-------------------------------------
 %package plugin-polkit
 Summary:        PolicyKit plugin for connman
@@ -207,6 +216,7 @@
 %description plugin-polkit
 Provides PolicyKit support for Connman (Connection Manager).
 
+
 #-------------------------------------
 %package client
 Summary:        Client script for connman


++++++ harden_connman-vpn.service.patch ++++++
--- /var/tmp/diff_new_pack.CoqEq4/_old  2021-12-23 17:53:50.215722369 +0100
+++ /var/tmp/diff_new_pack.CoqEq4/_new  2021-12-23 17:53:50.219722371 +0100
@@ -2,14 +2,13 @@
 ===================================================================
 --- connman-1.40.orig/vpn/connman-vpn.service.in
 +++ connman-1.40/vpn/connman-vpn.service.in
-@@ -9,6 +9,16 @@ StandardOutput=null
+@@ -9,6 +9,15 @@ StandardOutput=null
  CapabilityBoundingSet=CAP_KILL CAP_NET_ADMIN CAP_NET_BIND_SERVICE CAP_NET_RAW 
CAP_SETGID CAP_SETUID CAP_CHOWN CAP_FOWNER
  ProtectHome=read-only
  ProtectSystem=full
 +# added automatically, for details please see
 +# https://en.opensuse.org/openSUSE:Security_Features#Systemd_hardening_effort
 +ProtectHostname=true
-+ProtectClock=true
 +ProtectKernelTunables=true
 +ProtectKernelModules=true
 +ProtectKernelLogs=true

++++++ harden_connman-wait-online.service.patch ++++++
--- /var/tmp/diff_new_pack.CoqEq4/_old  2021-12-23 17:53:50.227722377 +0100
+++ /var/tmp/diff_new_pack.CoqEq4/_new  2021-12-23 17:53:50.231722379 +0100
@@ -2,7 +2,7 @@
 ===================================================================
 --- connman-1.40.orig/src/connman-wait-online.service.in
 +++ connman-1.40/src/connman-wait-online.service.in
-@@ -7,6 +7,18 @@ DefaultDependencies=no
+@@ -7,6 +7,17 @@ DefaultDependencies=no
  Conflicts=shutdown.target
  
  [Service]
@@ -11,7 +11,6 @@
 +ProtectSystem=full
 +ProtectHome=true
 +ProtectHostname=true
-+ProtectClock=true
 +ProtectKernelTunables=true
 +ProtectKernelModules=true
 +ProtectKernelLogs=true

commit connman for openSUSE:Factory

Reply via email to