pool/selinux-policy
SHA256
4
0
Fork 1
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Accepting request 1115652 from security:SELinux

Browse Source 
OBS-URL: https://build.opensuse.org/request/show/1115652
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/selinux-policy?expand=0&rev=49
This commit is contained in:
Ana Guerrero 2023-10-05 18:03:04 +00:00 committed by Git OBS Bridge
commit 62c76c5b39
3 changed files with 23 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
macros.selinux-policy
View File

@ -28,7 +28,7 @@
%_selinux_store_policy_path %{_selinux_store_path}/${_policytype} %_selinux_store_policy_path %{_selinux_store_path}/${_policytype}
%_file_context_file %{_sysconfdir}/selinux/${SELINUXTYPE}/contexts/files/file_contexts %_file_context_file %{_sysconfdir}/selinux/${SELINUXTYPE}/contexts/files/file_contexts
%_file_context_file_pre /run/rpm-state/file_contexts.pre %_file_context_file_pre /var/adm/update-scripts/file_contexts.pre
%_file_custom_defined_booleans %{_selinux_store_policy_path}/rpmbooleans.custom %_file_custom_defined_booleans %{_selinux_store_policy_path}/rpmbooleans.custom
%_file_custom_defined_booleans_tmp %{_selinux_store_policy_path}/rpmbooleans.custom.tmp %_file_custom_defined_booleans_tmp %{_selinux_store_policy_path}/rpmbooleans.custom.tmp
@ -92,7 +92,7 @@ if %{_sbindir}/selinuxenabled; then \
_policytype="targeted" \ _policytype="targeted" \
fi \ fi \
if [ "${SELINUXTYPE}" = "${_policytype}" ]; then \ if [ "${SELINUXTYPE}" = "${_policytype}" ]; then \
mkdir -p /run/rpm-state \ mkdir -p $(dirname %{_file_context_file_pre}) \
[ -f %{_file_context_file_pre} ] || cp -f %{_file_context_file} %{_file_context_file_pre} \ [ -f %{_file_context_file_pre} ] || cp -f %{_file_context_file} %{_file_context_file_pre} \
fi \ fi \
fi \ fi \

13
selinux-policy.changes
View File

@ -1,3 +1,16 @@
-------------------------------------------------------------------
Wed Oct 4 14:40:03 UTC 2023 - Johannes Segitz <jsegitz@suse.com>
- Use /var/adm/update-scripts in macros.selinux-policy. The rpm state
directory doesn't exist on SUSE systems (bsc#1213593)
-------------------------------------------------------------------
Tue Sep 19 07:57:02 UTC 2023 - Johannes Segitz <jsegitz@suse.com>
- Modified update.sh to require first parameter "full" to also
update container-selinux. For maintenance updates you usually
don't want it to be updated
------------------------------------------------------------------- -------------------------------------------------------------------
Fri Jul 28 14:49:04 UTC 2023 - filippo.bonazzi@suse.com Fri Jul 28 14:49:04 UTC 2023 - filippo.bonazzi@suse.com

15
update.sh
View File

@ -2,18 +2,20 @@
date=$(date '+%Y%m%d') date=$(date '+%Y%m%d')
base_name_pattern='selinux-policy-*.tar.xz' base_name_pattern='selinux-policy-*.tar.xz'
echo Update to $date echo Update to $date
old_tar_file=$(ls -1 $base_name_pattern) old_tar_file=$(ls -1 $base_name_pattern)
osc service manualrun osc service manualrun
rm -rf container-selinux if [ "$1" = "full" ]; then
git clone --depth 1 https://github.com/containers/container-selinux.git echo doing full update including container-selinux
rm -f container.* rm -rf container-selinux
mv container-selinux/container.* . git clone --depth 1 https://github.com/containers/container-selinux.git
rm -rf container-selinux rm -f container.*
mv container-selinux/container.* .
rm -rf container-selinux
fi
# delete old files. Might need a better sanity check # delete old files. Might need a better sanity check
tar_cnt=$(ls -1 $base_name_pattern | wc -l) tar_cnt=$(ls -1 $base_name_pattern | wc -l)
@ -24,4 +26,3 @@ if [ $tar_cnt -gt 1 ]; then
fi fi
osc status osc status