diff --git a/cockpit.changes b/cockpit.changes index 8ce6877..d0712ac 100644 --- a/cockpit.changes +++ b/cockpit.changes @@ -1,3 +1,9 @@ +------------------------------------------------------------------- +Wed Sep 20 16:17:59 UTC 2023 - Miika Alikirri + +- Port SLE selinux bug fix from SLE Micro 5.5 + * Copied selinux_libdir.patch from SLEM package + ------------------------------------------------------------------- Fri Sep 8 12:53:26 UTC 2023 - Adam Majer - 300.1 diff --git a/cockpit.spec b/cockpit.spec index 8a9895e..c4e938d 100644 --- a/cockpit.spec +++ b/cockpit.spec @@ -70,6 +70,7 @@ Patch101: hide-pcp.patch Patch102: 0002-selinux-temporary-remove-setroubleshoot-section.patch # For anything based on SLES 15 codebase (including Leap, SLE Micro) Patch103: 0004-leap-gnu18-removal.patch +Patch104: selinux_libdir.patch %if 0%{?fedora} >= 38 || 0%{?rhel} >= 9 %define cockpit_enable_python 1 @@ -244,6 +245,7 @@ BuildRequires: python3-tox-current-env # For anything based on SLES 15 codebase (including Leap, SLEM) %if 0%{?suse_version} == 1500 %patch103 -p1 +%patch104 -p0 %endif cp %SOURCE1 tools/cockpit.pam diff --git a/selinux_libdir.patch b/selinux_libdir.patch new file mode 100644 index 0000000..426a11c --- /dev/null +++ b/selinux_libdir.patch @@ -0,0 +1,28 @@ +--- selinux_bak/cockpit.fc 2023-09-11 15:16:38.603758530 +0200 ++++ selinux/cockpit.fc 2023-09-12 09:03:09.539025240 +0200 +@@ -2,11 +2,25 @@ + /etc/systemd/system/cockpit.* -- gen_context(system_u:object_r:cockpit_unit_file_t,s0) + + /usr/libexec/cockpit-ws -- gen_context(system_u:object_r:cockpit_ws_exec_t,s0) ++/usr/lib/cockpit-ws -- gen_context(system_u:object_r:cockpit_ws_exec_t,s0) + /usr/libexec/cockpit-tls -- gen_context(system_u:object_r:cockpit_ws_exec_t,s0) ++/usr/lib/cockpit-tls -- gen_context(system_u:object_r:cockpit_ws_exec_t,s0) + /usr/libexec/cockpit-wsinstance-factory -- gen_context(system_u:object_r:cockpit_ws_exec_t,s0) ++/usr/lib/cockpit-wsinstance-factory -- gen_context(system_u:object_r:cockpit_ws_exec_t,s0) ++ ++# missing libexec transition on SLE Micro ++/usr/bin/cockpit-bridge -- gen_context(system_u:object_r:bin_t,s0) ++/usr/lib/cockpit-askpass -- gen_context(system_u:object_r:bin_t,s0) ++/usr/lib/cockpit-certificate-ensure -- gen_context(system_u:object_r:bin_t,s0) ++/usr/lib/cockpit-certificate-helper -- gen_context(system_u:object_r:bin_t,s0) ++/usr/lib/cockpit-client -- gen_context(system_u:object_r:bin_t,s0) ++/usr/lib/cockpit-desktop -- gen_context(system_u:object_r:bin_t,s0) ++/usr/lib/cockpit-pcp -- gen_context(system_u:object_r:bin_t,s0) + + /usr/libexec/cockpit-session -- gen_context(system_u:object_r:cockpit_session_exec_t,s0) ++/usr/lib/cockpit-session -- gen_context(system_u:object_r:cockpit_session_exec_t,s0) + /usr/libexec/cockpit-ssh -- gen_context(system_u:object_r:cockpit_session_exec_t,s0) ++/usr/lib/cockpit-ssh -- gen_context(system_u:object_r:cockpit_session_exec_t,s0) + + /usr/share/cockpit/motd/update-motd -- gen_context(system_u:object_r:cockpit_ws_exec_t,s0) +