cockpit/0001-selinux-allow-login-to-read-motd-file.patch

commit fc0e3304732a9aaff1487833342d5fc8ea26ce04
Author: Ludwig Nussel <ludwig.nussel@suse.de>
Date:   Fri Aug 6 15:11:23 2021 +0200

    selinux: allow login to read motd file

Index: cockpit/selinux/cockpit.te
===================================================================
diff --git a/selinux/cockpit.te b/selinux/cockpit.te
index 50695ee..55b1226 100644
--- a/selinux/cockpit.te
+++ b/selinux/cockpit.te
@@ -224,6 +224,14 @@ optional_policy(`
     gnome_exec_keyringd(cockpit_session_t)
 ')
 
+# login may read motd file through pam
+optional_policy(`
+    gen_require(`
+        type local_login_t;
+    ')
+    cockpit_read_pid_files(local_login_t)
+')
+
 #########################################################
 #
 #  Misc
- new version 251.3 * https://cockpit-project.org/blog/cockpit-251.html with additional fixes * Fix "Administrative Access" prompt for "Duo" MFA OBS-URL: https://build.opensuse.org/package/show/systemsmanagement:cockpit/cockpit?expand=0&rev=82 2022-01-28 14:57:18 +00:00			`commit fc0e3304732a9aaff1487833342d5fc8ea26ce04`
			`Author: Ludwig Nussel <ludwig.nussel@suse.de>`
			`Date: Fri Aug 6 15:11:23 2021 +0200`
Accepting request 911217 from home:lnussel:branches:systemsmanagement:cockpit - new version 250 https://cockpit-project.org/blog/cockpit-250.html - fix pam_motd selinux denial (0001-selinux-allow-login-to-read-motd-file.patch) OBS-URL: https://build.opensuse.org/request/show/911217 OBS-URL: https://build.opensuse.org/package/show/systemsmanagement:cockpit/cockpit?expand=0&rev=80 2021-08-10 09:08:23 +00:00
- new version 251.3 * https://cockpit-project.org/blog/cockpit-251.html with additional fixes * Fix "Administrative Access" prompt for "Duo" MFA OBS-URL: https://build.opensuse.org/package/show/systemsmanagement:cockpit/cockpit?expand=0&rev=82 2022-01-28 14:57:18 +00:00			`selinux: allow login to read motd file`
Accepting request 911217 from home:lnussel:branches:systemsmanagement:cockpit - new version 250 https://cockpit-project.org/blog/cockpit-250.html - fix pam_motd selinux denial (0001-selinux-allow-login-to-read-motd-file.patch) OBS-URL: https://build.opensuse.org/request/show/911217 OBS-URL: https://build.opensuse.org/package/show/systemsmanagement:cockpit/cockpit?expand=0&rev=80 2021-08-10 09:08:23 +00:00
- new version 271 https://cockpit-project.org/blog/cockpit-271.html - cockpit-redhatfont.diff: not needed, dropped - 0001-selinux-allow-login-to-read-motd-file.patch, hide-docs.patch, hide-pcp.patch remove-pwscore.patch: refreshed OBS-URL: https://build.opensuse.org/package/show/systemsmanagement:cockpit/cockpit?expand=0&rev=88 2022-06-10 11:54:30 +00:00			`Index: cockpit/selinux/cockpit.te`
			`===================================================================`
Update to 334.1 2025-03-10 11:43:05 +00:00			`diff --git a/selinux/cockpit.te b/selinux/cockpit.te`
			`index 50695ee..55b1226 100644`
			`--- a/selinux/cockpit.te`
			`+++ b/selinux/cockpit.te`
			@@ -224,6 +224,14 @@ optional_policy(`
Accepting request 1090518 from home:adamm:branches:systemsmanagement:cockpit - new version 293: - https://cockpit-project.org/blog/cockpit-293.html - refreshed: css-overrides.patch - new version 292: - https://cockpit-project.org/blog/cockpit-292.html - refreshed patches: css-overrides.patch, hide-pcp.patch, 0001-selinux-allow-login-to-read-motd-file.patch OBS-URL: https://build.opensuse.org/request/show/1090518 OBS-URL: https://build.opensuse.org/package/show/systemsmanagement:cockpit/cockpit?expand=0&rev=124 2023-06-02 14:08:12 +00:00			`gnome_exec_keyringd(cockpit_session_t)`
Accepting request 911217 from home:lnussel:branches:systemsmanagement:cockpit - new version 250 https://cockpit-project.org/blog/cockpit-250.html - fix pam_motd selinux denial (0001-selinux-allow-login-to-read-motd-file.patch) OBS-URL: https://build.opensuse.org/request/show/911217 OBS-URL: https://build.opensuse.org/package/show/systemsmanagement:cockpit/cockpit?expand=0&rev=80 2021-08-10 09:08:23 +00:00			`')`
Update to 334.1 2025-03-10 11:43:05 +00:00
Accepting request 911217 from home:lnussel:branches:systemsmanagement:cockpit - new version 250 https://cockpit-project.org/blog/cockpit-250.html - fix pam_motd selinux denial (0001-selinux-allow-login-to-read-motd-file.patch) OBS-URL: https://build.opensuse.org/request/show/911217 OBS-URL: https://build.opensuse.org/package/show/systemsmanagement:cockpit/cockpit?expand=0&rev=80 2021-08-10 09:08:23 +00:00			`+# login may read motd file through pam`
			+optional_policy(`
			+ gen_require(`
			`+ type local_login_t;`
			`+ ')`
			`+ cockpit_read_pid_files(local_login_t)`
			`+')`
Update to 334.1 2025-03-10 11:43:05 +00:00			`+`
			`#########################################################`
			`#`
			`# Misc`