pool/salt
SHA256
4
0
Fork 1
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

OBS-URL: https://build.opensuse.org/package/show/systemsmanagement:saltstack/salt?expand=0&rev=265

Browse Source
This commit is contained in:
Victor Zhestkov 2025-01-09 13:29:03 +00:00 committed by Git OBS Bridge
parent f1d0ee4f83
commit cf54f21688
4 changed files with 101 additions and 169 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
_lastrevision
View File

@ -1 +1 @@
f2c8ab9e975fc8439911820ad3ecf395dcd1d33b
d7c50289494a6b41234aee2204209083e30fbd8d

65
revert-setting-selinux-context-for-minion-service-bs.patch Normal file
View File

@ -0,0 +1,65 @@
From 7217fccdce5df73fda1a8378dc7120642ffe8181 Mon Sep 17 00:00:00 2001
From: Victor Zhestkov <vzhestkov@suse.com>
Date: Mon, 16 Dec 2024 15:31:26 +0300
Subject: [PATCH] Revert setting SELinux context for minion service
(bsc#1233667)
This reverts commit d933c8f0795fdada84a01a2cc754586fa720993d.
---
pkg/common/salt-minion.service | 1 -
pkg/old/deb/salt-minion.service | 1 -
pkg/old/suse/salt-minion.service | 1 -
pkg/old/suse/salt-minion.service.rhel7 | 1 -
4 files changed, 4 deletions(-)
diff --git a/pkg/common/salt-minion.service b/pkg/common/salt-minion.service
index 696d0263c3..69aff18c58 100644
--- a/pkg/common/salt-minion.service
+++ b/pkg/common/salt-minion.service
@@ -9,7 +9,6 @@ Type=notify
NotifyAccess=all
LimitNOFILE=8192
ExecStart=/usr/bin/salt-minion
-SELinuxContext=system_u:system_r:unconfined_t:s0
[Install]
WantedBy=multi-user.target
diff --git a/pkg/old/deb/salt-minion.service b/pkg/old/deb/salt-minion.service
index b0ad82c133..7e6cf14654 100644
--- a/pkg/old/deb/salt-minion.service
+++ b/pkg/old/deb/salt-minion.service
@@ -8,7 +8,6 @@ KillMode=process
NotifyAccess=all
LimitNOFILE=8192
ExecStart=/usr/bin/salt-minion
-SELinuxContext=system_u:system_r:unconfined_t:s0
[Install]
WantedBy=multi-user.target
diff --git a/pkg/old/suse/salt-minion.service b/pkg/old/suse/salt-minion.service
index b99ef06352..12f28314cb 100644
--- a/pkg/old/suse/salt-minion.service
+++ b/pkg/old/suse/salt-minion.service
@@ -10,7 +10,6 @@ ExecStart=/usr/bin/salt-minion
KillMode=process
Restart=on-failure
RestartSec=15
-SELinuxContext=system_u:system_r:unconfined_t:s0
[Install]
WantedBy=multi-user.target
diff --git a/pkg/old/suse/salt-minion.service.rhel7 b/pkg/old/suse/salt-minion.service.rhel7
index 92cc66d32f..6917267714 100644
--- a/pkg/old/suse/salt-minion.service.rhel7
+++ b/pkg/old/suse/salt-minion.service.rhel7
@@ -9,7 +9,6 @@ ExecStart=/usr/bin/salt-minion
KillMode=process
Restart=on-failure
RestartSec=15
-SELinuxContext=system_u:system_r:unconfined_t:s0
[Install]
WantedBy=multi-user.target
--
2.47.1

15
salt.changes
View File

@ -1,3 +1,18 @@
-------------------------------------------------------------------
Thu Jan 9 12:57:12 UTC 2025 - Pablo Suárez Hernández <psuarezhernandez@suse.com>
- Revert setting SELinux context for minion service (bsc#1233667)
- Remove System V init support
* Make systemd the only supported init system by removing System V init
and insserv references
* Ensure package builds with no init system dependencies if built
without systemd (for example for use in containers)
* Apply some spec-cleaner suggestions (update copyright year, sort
requirements, adjust spacing)
- Added:
* revert-setting-selinux-context-for-minion-service-bs.patch
-------------------------------------------------------------------
Tue Nov 26 14:53:34 UTC 2024 - Victor Zhestkov <vzhestkov@suse.com>

188
salt.spec
View File

@ -1,7 +1,7 @@
#
# spec file for package salt
#
# Copyright (c) 2021 SUSE LLC
# Copyright (c) 2024 SUSE LLC
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
@ -12,8 +12,10 @@
# license that conforms to the Open Source Definition (Version 1.9)
# published by the Open Source Initiative.
# Please submit bugfixes or comments via http://bugs.opensuse.org/
# Please submit bugfixes or comments via https://bugs.opensuse.org/
#
%global debug_package %{nil}
%if 0%{?suse_version} > 1500
@ -49,6 +51,10 @@
%bcond_without docs
%bcond_with builddocs
%if %{without systemd}
%define service_del_preun echo %{*}
%endif
%{?sle15allpythons}
%define skip_python2 1
%if 0%{?rhel} == 8 || (0%{?suse_version} == 1500 && 0%{?sle_version} < 150400)
@ -79,7 +85,7 @@ Release: 0
Summary: A parallel remote execution system
License: Apache-2.0
Group: System/Management
Url: https://saltproject.io/
URL: https://saltproject.io/
Source: v%{version}.tar.gz
Source1: README.SUSE
Source2: salt-tmpfiles.d
@ -490,6 +496,8 @@ Patch146: handle-logger-flushing-already-closed-file-686.patch
# PATCH-FIX_UPSTREAM: https://github.com/saltstack/salt/pull/66757
# PATCH-FIX_UPSTREAM: https://github.com/saltstack/salt/pull/66760
Patch147: make-minion-reconnecting-on-changing-master-ip-bsc-1.patch
# PATCH-FIX_OPENSUSE: https://github.com/openSUSE/salt/pull/690
Patch148: revert-setting-selinux-context-for-minion-service-bs.patch
### IMPORTANT: The line below is used as a snippet marker. Do not touch it.
### SALT PATCHES LIST END
@ -513,7 +521,6 @@ Provides: user(salt)
Provides: group(salt)
%if 0%{?suse_version}
Requires(pre): %fillup_prereq
Requires(pre): shadow
%endif
@ -539,10 +546,6 @@ Requires: iproute
%if %{with systemd}
BuildRequires: pkgconfig(systemd)
%{?systemd_ordering}
%else
%if 0%{?suse_version}
Requires(pre): %insserv_prereq
%endif
%endif
%if %{with fish_completion}
@ -597,10 +600,10 @@ BuildRequires: %{python_module setuptools}
# requirements/base.txt
%if 0%{?rhel} || 0%{?fedora}
BuildRequires: python3-jinja2
BuildRequires: python3-m2crypto
BuildRequires: python3-markupsafe
BuildRequires: python3-msgpack > 0.3
BuildRequires: python3-zmq >= 2.2.0
BuildRequires: python3-m2crypto
%else
BuildRequires: %{python_module Jinja2}
BuildRequires: %{python_module MarkupSafe}
@ -656,11 +659,11 @@ Requires(postun):update-alternatives
# requirements/base.txt
%if 0%{?rhel} || 0%{?fedora}
Requires: python3-jinja2
Requires: yum
Requires: python3-m2crypto
Requires: python3-markupsafe
Requires: python3-msgpack > 0.3
Requires: python3-m2crypto
Requires: python3-zmq >= 2.2.0
Requires: yum
%if 0%{?rhel} == 8 || 0%{?fedora} >= 30
Requires: dnf
@ -823,14 +826,7 @@ Requires: pmtools
%endif
%if %{with systemd}
%{?systemd_requires}
BuildRequires: systemd
%else
%if 0%{?suse_version}
Requires(pre): %insserv_prereq
%endif
%endif
%if 0%{?suse_version}
Requires(pre): %fillup_prereq
BuildRequires: systemd
%endif
%description master
@ -852,13 +848,6 @@ Requires(pre): libzypp(plugin:system) >= 0
%if %{with systemd}
%{?systemd_requires}
%else
%if 0%{?suse_version}
Requires(pre): %insserv_prereq
%endif
%endif
%if 0%{?suse_version}
Requires(pre): %fillup_prereq
%endif
%description minion
@ -871,13 +860,6 @@ Group: System/Management
Requires: %{name} = %{version}-%{release}
%if %{with systemd}
%{?systemd_requires}
%else
%if 0%{?suse_version}
Requires(pre): %insserv_prereq
%endif
%endif
%if 0%{?suse_version}
Requires(pre): %fillup_prereq
%endif
%description proxy
@ -887,7 +869,6 @@ Examples include network gear that has an API but runs a proprietary OS,
devices with limited CPU or memory, or devices that could run a minion, but for
security reasons, will not.
%package syndic
Summary: The syndic component for saltstack
Group: System/Management
@ -895,13 +876,6 @@ Requires: %{name} = %{version}-%{release}
Requires: %{name}-master = %{version}-%{release}
%if %{with systemd}
%{?systemd_requires}
%else
%if 0%{?suse_version}
Requires(pre): %insserv_prereq
%endif
%endif
%if 0%{?suse_version}
Requires(pre): %fillup_prereq
%endif
%description syndic
@ -919,13 +893,6 @@ Recommends: sshpass
%endif
%if %{with systemd}
%{?systemd_requires}
%else
%if 0%{?suse_version}
Requires(pre): %insserv_prereq
%endif
%endif
%if 0%{?suse_version}
Requires(pre): %fillup_prereq
%endif
%description ssh
@ -1222,22 +1189,6 @@ ln -s service %{buildroot}%{_sbindir}/rcsalt-syndic
ln -s service %{buildroot}%{_sbindir}/rcsalt-minion
ln -s service %{buildroot}%{_sbindir}/rcsalt-api
install -Dpm 644 %{S:2} %{buildroot}/usr/lib/tmpfiles.d/salt.conf
%else
mkdir -p %{buildroot}%{_initddir}
## install init scripts
install -Dpm 0755 pkg/old/suse/salt-master %{buildroot}%{_initddir}/salt-master
install -Dpm 0755 pkg/old/suse/salt-syndic %{buildroot}%{_initddir}/salt-syndic
install -Dpm 0755 pkg/old/suse/salt-minion %{buildroot}%{_initddir}/salt-minion
install -Dpm 0755 pkg/old/suse/salt-api %{buildroot}%{_initddir}/salt-api
ln -sf %{_initddir}/salt-master %{buildroot}%{_sbindir}/rcsalt-master
ln -sf %{_initddir}/salt-syndic %{buildroot}%{_sbindir}/rcsalt-syndic
ln -sf %{_initddir}/salt-minion %{buildroot}%{_sbindir}/rcsalt-minion
ln -sf %{_initddir}/salt-api %{buildroot}%{_sbindir}/rcsalt-api
%endif
## Install sysV salt-minion watchdog for SLES11 and RHEL6
%if 0%{?rhel} == 6 || 0%{?suse_version} == 1110
install -Dpm 0755 scripts/suse/watchdog/salt-daemon-watcher %{buildroot}%{_bindir}/salt-daemon-watcher
%endif
#
@ -1348,14 +1299,9 @@ dbus-uuidgen --ensure
%if %{with systemd}
%if 0%{?suse_version}
%service_add_post salt-proxy@.service
%fillup_only
%else
%systemd_post salt-proxy@.service
%endif
%else
%if 0%{?suse_version}
%fillup_and_insserv
%endif
%endif
%postun proxy
@ -1365,11 +1311,6 @@ dbus-uuidgen --ensure
%else
%systemd_postun_with_restart salt-proxy@.service
%endif
%else
%if 0%{?suse_version}
%insserv_cleanup
%restart_on_update salt-proxy
%endif
%endif
%preun syndic
@ -1379,15 +1320,6 @@ dbus-uuidgen --ensure
%else
%systemd_preun salt-syndic.service
%endif
%else
%if 0%{?suse_version}
%stop_on_removal salt-syndic
%else
if [ $1 -eq 0 ] ; then
/sbin/service salt-syndic stop >/dev/null 2>&1
/sbin/chkconfig --del salt-syndic
fi
%endif
%endif
%pre syndic
@ -1401,14 +1333,9 @@ dbus-uuidgen --ensure
%if %{with systemd}
%if 0%{?suse_version}
%service_add_post salt-syndic.service
%fillup_only
%else
%systemd_post salt-syndic.service
%endif
%else
%if 0%{?suse_version}
%fillup_and_insserv
%endif
%endif
%postun syndic
@ -1418,11 +1345,6 @@ dbus-uuidgen --ensure
%else
%systemd_postun_with_restart salt-syndic.service
%endif
%else
%if 0%{?suse_version}
%insserv_cleanup
%restart_on_update salt-syndic
%endif
%endif
%preun master
@ -1432,15 +1354,6 @@ dbus-uuidgen --ensure
%else
%systemd_preun salt-master.service
%endif
%else
%if 0%{?suse_version}
%stop_on_removal salt-master
%else
if [ $1 -eq 0 ] ; then
/sbin/service salt-master stop >/dev/null 2>&1
/sbin/chkconfig --del salt-master
fi
%endif
%endif
%pre master
@ -1476,16 +1389,9 @@ if [ "${systemd_ver%%.*}" -lt 228 ]; then
fi
%if 0%{?suse_version}
%service_add_post salt-master.service
%fillup_only
%else
%systemd_post salt-master.service
%endif
%else
%if 0%{?suse_version}
%fillup_and_insserv
%else
/sbin/chkconfig --add salt-master
%endif
%endif
%postun master
@ -1495,15 +1401,6 @@ fi
%else
%systemd_postun_with_restart salt-master.service
%endif
%else
%if 0%{?suse_version}
%restart_on_update salt-master
%insserv_cleanup
%else
if [ "$1" -ge "1" ] ; then
/sbin/service salt-master condrestart >/dev/null 2>&1 || :
fi
%endif
%endif
%preun minion
@ -1513,15 +1410,6 @@ fi
%else
%systemd_preun salt-minion.service
%endif
%else
%if 0%{?suse_version}
%stop_on_removal salt-minion
%else
if [ $1 -eq 0 ] ; then
/sbin/service salt-minion stop >/dev/null 2>&1
/sbin/chkconfig --del salt-minion
fi
%endif
%endif
%pre minion
@ -1535,16 +1423,9 @@ fi
%if %{with systemd}
%if 0%{?suse_version}
%service_add_post salt-minion.service
%fillup_only
%else
%systemd_post salt-minion.service
%endif
%else
%if 0%{?suse_version}
%fillup_and_insserv
%else
/sbin/chkconfig --add salt-minion
%endif
%endif
%postun minion
@ -1554,15 +1435,6 @@ fi
%else
%systemd_postun_with_restart salt-minion.service
%endif
%else
%if 0%{?suse_version}
%insserv_cleanup
%restart_on_update salt-minion
%else
if [ "$1" -ge "1" ] ; then
/sbin/service salt-minion condrestart >/dev/null 2>&1 || :
fi
%endif
%endif
%preun api
@ -1590,10 +1462,6 @@ fi
%else
%systemd_post salt-api.service
%endif
%else
%if 0%{?suse_version}
%fillup_and_insserv
%endif
%endif
%postun api
@ -1603,11 +1471,6 @@ fi
%else
%systemd_postun_with_restart salt-api.service
%endif
%else
%if 0%{?suse_version}
%insserv_cleanup
%restart_on_update
%endif
%endif
%if 0%{?_alternatives}
@ -1634,11 +1497,9 @@ rm -f %{_localstatedir}/cache/salt/minion/thin/version
%files api
%defattr(-,root,root)
%{_bindir}/salt-api
%{_sbindir}/rcsalt-api
%if %{with systemd}
%{_sbindir}/rcsalt-api
%{_unitdir}/salt-api.service
%else
%{_initddir}/salt-api
%endif
%{_mandir}/man1/salt-api.1.*
@ -1664,11 +1525,9 @@ rm -f %{_localstatedir}/cache/salt/minion/thin/version
%defattr(-,root,root)
%{_bindir}/salt-syndic
%{_mandir}/man1/salt-syndic.1.gz
%{_sbindir}/rcsalt-syndic
%if %{with systemd}
%{_sbindir}/rcsalt-syndic
%{_unitdir}/salt-syndic.service
%else
%{_initddir}/salt-syndic
%endif
%files minion
@ -1680,7 +1539,9 @@ rm -f %{_localstatedir}/cache/salt/minion/thin/version
%dir %attr(0750, root, root) %{_sysconfdir}/salt/minion.d/
%dir %attr(0750, root, root) %{_sysconfdir}/salt/pki/minion/
%dir %attr(0750, root, root) %{_localstatedir}/cache/salt/minion/
%if %{with systemd}
%{_sbindir}/rcsalt-minion
%endif
# Install plugin only on SUSE machines
%if 0%{?suse_version}
@ -1701,13 +1562,6 @@ rm -f %{_localstatedir}/cache/salt/minion/thin/version
%if %{with systemd}
%{_unitdir}/salt-minion.service
%else
%config(noreplace) %{_initddir}/salt-minion
%endif
## Install sysV salt-minion watchdog for SLES11 and RHEL6
%if 0%{?rhel} == 6 || 0%{?suse_version} == 1110
%{_bindir}/salt-daemon-watcher
%endif
%files proxy
@ -1733,11 +1587,9 @@ rm -f %{_localstatedir}/cache/salt/minion/thin/version
%if 0%{?suse_version} <= 1500
%config(noreplace) %{_sysconfdir}/sysconfig/SuSEfirewall2.d/services/salt
%endif
%{_sbindir}/rcsalt-master
%if %{with systemd}
%{_sbindir}/rcsalt-master
%{_unitdir}/salt-master.service
%else
%config(noreplace) %{_initddir}/salt-master
%endif
#
%config(noreplace) %attr(0640, root, salt) %{_sysconfdir}/salt/master