pool/libselinux
SHA256
2
0
Fork 3
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Accepting request 956619 from security:SELinux

Browse Source 
Automatic submission by obs-autosubmit

OBS-URL: https://build.opensuse.org/request/show/956619
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/libselinux?expand=0&rev=69
This commit is contained in:
Dominique Leuenberger 2022-02-25 20:24:45 +00:00 committed by Git OBS Bridge
commit de1f0c2bcc
4 changed files with 15 additions and 27 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
libselinux-bindings.spec
View File

@ -1,7 +1,7 @@
# #
# spec file for package libselinux-bindings # spec file for package libselinux-bindings
# #
# Copyright (c) 2021 SUSE LLC # Copyright (c) 2022 SUSE LLC
# #
# All modifications and additions to the file contributed by third parties # All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed # remain the property of their copyright owners, unless otherwise agreed

7
libselinux.changes
View File

@ -1,3 +1,10 @@
-------------------------------------------------------------------
Tue Feb 15 07:49:43 UTC 2022 - Johannes Segitz <jsegitz@suse.com>
- Add Requires for exact libselinux1 version for selinux-tools
- Simplyfied check for correct boot paramaters in selinux-ready
(bsc#1195361)
------------------------------------------------------------------- -------------------------------------------------------------------
Thu Nov 11 13:25:30 UTC 2021 - Johannes Segitz <jsegitz@suse.com> Thu Nov 11 13:25:30 UTC 2021 - Johannes Segitz <jsegitz@suse.com>

3
libselinux.spec
View File

@ -1,7 +1,7 @@
# #
# spec file for package libselinux # spec file for package libselinux
# #
# Copyright (c) 2021 SUSE LLC # Copyright (c) 2022 SUSE LLC
# #
# All modifications and additions to the file contributed by third parties # All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed # remain the property of their copyright owners, unless otherwise agreed
@ -56,6 +56,7 @@ Security.)
Summary: SELinux command-line utilities Summary: SELinux command-line utilities
Group: System/Base Group: System/Base
Provides: libselinux-utils = %{version}-%{release} Provides: libselinux-utils = %{version}-%{release}
Requires: libselinux1 = %{version}
%description -n selinux-tools %description -n selinux-tools
Security-enhanced Linux is a feature of the kernel and some Security-enhanced Linux is a feature of the kernel and some

30
selinux-ready
View File

@ -51,36 +51,16 @@ check_filesystem()
check_boot() check_boot()
{ {
BPARAM1="security=selinux"
BPARAM2="selinux=1"
printf "\tcheck_boot: Assuming GRUB2 as bootloader.\n" printf "\tcheck_boot: Assuming GRUB2 as bootloader.\n"
# look for parameters of the current kernel BPARAM1="security=selinux"
CURRENT_KERNEL=$(uname -r) BPARAM2="selinux=1"
OTHERS="" if grep $BPARAM1 /proc/cmdline | grep $BPARAM2 >/dev/null; then
RETVAL="FAIL" printf "\tcheck_boot: OK. Current kernel has boot-parameters '$BPARAM1 $BPARAM2'\n"
while read BLINE
do
K=$(echo $BLINE | awk -F' ' '{print $2}')
KERNEL=$(basename $K)
K=$(echo $KERNEL | sed s/vmlinuz-//)
if [ "$K" == "$CURRENT_KERNEL" ]; then
INITRD=initrd-$K
RETVAL="OK"
else
OTHERS="$KERNEL $OTHERS"
fi
done < <(grep -- $BPARAM1 /boot/grub2/grub.cfg 2>/dev/null | grep -- $BPARAM2)
if [ "$RETVAL" == OK ]; then
printf "\tcheck_boot: OK. Current kernel '$KERNEL' has boot-parameters '$BPARAM1 $BPARAM2'\n"
printf "\tcheck_boot: OK. Other kernels with correct parameters: $OTHERS\n"
return 0 return 0
else else
printf "\tcheck_boot: ERR. Boot-parameter missing for booting the kernel.\n" printf "\tcheck_boot: ERR. Boot-parameter missing for booting the kernel.\n"
printf "\t Please use YaST2 to add 'security=selinux selinux=1' to the kernel boot-parameter list.\n" printf "\t Please add 'security=selinux selinux=1' to the kernel boot-parameter list.\n"
return 1 return 1
fi fi
} }