pool/container-selinux
SHA256
2
0
Fork 1
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Accepting request 1058005 from security:SELinux

Browse Source 
OBS-URL: https://build.opensuse.org/request/show/1058005
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/container-selinux?expand=0&rev=14
This commit is contained in:
Dominique Leuenberger 2023-01-14 19:30:42 +00:00 committed by Git OBS Bridge
commit 121dff4bb7
3 changed files with 29 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

13
container-selinux.changes
View File

@ -1,3 +1,16 @@
-------------------------------------------------------------------
Thu Jan 12 13:02:32 UTC 2023 - Johannes Segitz <jsegitz@suse.com>
- Rename spc_timedated.patch to spc.patch
- Update spc.patch to allow privileged containers to use
localectl (bsc#1207077)
-------------------------------------------------------------------
Wed Jan 11 14:15:06 UTC 2023 - Johannes Segitz <jsegitz@suse.com>
- Add spc_timedated.patch to allow privileged containers to use
timedatectl (bsc#1207054)
-------------------------------------------------------------------
Thu Jul 14 08:37:48 UTC 2022 - Johannes Segitz <jsegitz@suse.com>

3
container-selinux.spec
View File

@ -32,6 +32,8 @@ Summary: SELinux policies for container runtimes
License: GPL-2.0-only
URL: https://github.com/containers/container-selinux
Source0: https://github.com/containers/container-selinux/archive/refs/tags/v%{version}.tar.gz
# https://github.com/containers/container-selinux/pull/199, can be dropped after this is included
Patch0: spc.patch
BuildRequires: selinux-policy
BuildRequires: selinux-policy-devel
Requires: selinux-policy >= %(rpm -q selinux-policy --qf '%%{version}-%%{release}')
@ -47,6 +49,7 @@ SELinux policy modules for use with container runtimes.
%prep
%setup -q
%patch0 -p1
%build
%make_build

13
spc.patch Normal file
View File

@ -0,0 +1,13 @@
Index: container-selinux-2.188.0/container.te
===================================================================
--- container-selinux-2.188.0.orig/container.te
+++ container-selinux-2.188.0/container.te
@@ -675,6 +675,8 @@ init_dbus_chat(spc_t)
optional_policy(`
systemd_dbus_chat_machined(spc_t)
systemd_dbus_chat_logind(spc_t)
+ systemd_dbus_chat_timedated(spc_t)
+ systemd_dbus_chat_localed(spc_t)
')
optional_policy(`