From bd24bb8f25c34fc62612e50f19e5c56e392a752e4db23b85fd77ef728f2cd005 Mon Sep 17 00:00:00 2001 From: Dominique Leuenberger Date: Thu, 17 Mar 2022 16:02:07 +0000 Subject: [PATCH] Accepting request 962468 from devel:kubic OBS-URL: https://build.opensuse.org/request/show/962468 OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/k3s-selinux?expand=0&rev=2 --- _service | 3 ++- _servicedata | 2 +- k3s-selinux-0.5.latest.1.tar.gz | 3 --- k3s-selinux-1.1.stable.1.tar.gz | 3 +++ k3s-selinux.changes | 14 +++++++++++ k3s-selinux.spec | 41 ++++++++++++++++----------------- k3s.if | 27 ---------------------- 7 files changed, 40 insertions(+), 53 deletions(-) delete mode 100644 k3s-selinux-0.5.latest.1.tar.gz create mode 100644 k3s-selinux-1.1.stable.1.tar.gz delete mode 100644 k3s.if diff --git a/_service b/_service index 5a82b16..1ebaabb 100644 --- a/_service +++ b/_service @@ -3,10 +3,11 @@ https://github.com/k3s-io/k3s-selinux git .git - v0.5.stable.1 + v1.1.stable.1 @PARENT_TAG@ enable v(.*) + *stable* k3s-selinux diff --git a/_servicedata b/_servicedata index f4c2b92..52361cd 100644 --- a/_servicedata +++ b/_servicedata @@ -1,4 +1,4 @@ https://github.com/k3s-io/k3s-selinux - e4307b98dd1e4c1d9a1cdb09af8b48ad1e91f8f5 \ No newline at end of file + f1b9b539a38c01781cbb03d88f9b3a47788b3aa1 \ No newline at end of file diff --git a/k3s-selinux-0.5.latest.1.tar.gz b/k3s-selinux-0.5.latest.1.tar.gz deleted file mode 100644 index 453c58f..0000000 --- a/k3s-selinux-0.5.latest.1.tar.gz +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:92069501b3f5d90e1e809ef1c54a55e68b1a01b3f73fcd7401b580a3e562559c -size 10903 diff --git a/k3s-selinux-1.1.stable.1.tar.gz b/k3s-selinux-1.1.stable.1.tar.gz new file mode 100644 index 0000000..732a36b --- /dev/null +++ b/k3s-selinux-1.1.stable.1.tar.gz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:67e7d5d9901ed338050deec95ab459accb0da1125efc74473d1d3385cb92ce73 +size 11818 diff --git a/k3s-selinux.changes b/k3s-selinux.changes index fea5db1..fa14610 100644 --- a/k3s-selinux.changes +++ b/k3s-selinux.changes @@ -1,3 +1,17 @@ +------------------------------------------------------------------- +Wed Mar 16 17:40:02 UTC 2022 - kastl@b1-systems.de + +- Update to version 1.1.stable.1: + * fix centos 7 +- remove file k3s.if as it is now included in a release + +------------------------------------------------------------------- +Wed Mar 16 17:39:11 UTC 2022 - kastl@b1-systems.de + +- Update to version 1.0.stable.1: + * centos 8 vault: side-step eol problems (#28) + * k3s-root: reduced executable privileges (#26) + ------------------------------------------------------------------- Wed Jan 26 11:52:45 UTC 2022 - Richard Brown diff --git a/k3s-selinux.spec b/k3s-selinux.spec index 1505d0c..bb06cf0 100644 --- a/k3s-selinux.spec +++ b/k3s-selinux.spec @@ -15,6 +15,7 @@ # Please submit bugfixes or comments via https://bugs.opensuse.org/ # + %define k3s_relabel_files() \ mkdir -p /var/lib/cni; \ mkdir -p /var/lib/kubelet/pods; \ @@ -33,37 +34,36 @@ %define selinux_policyver 20210716-3.1 %define container_policyver 2.164.2-1.1 -Name: k3s-selinux -Version: 0.5.latest.1 -Release: 0 -Summary: SELinux policy module for k3s +Name: k3s-selinux +Version: 1.1.stable.1 +Release: 0 +Summary: SELinux policy module for k3s -Group: System Environment/Base -License: Apache-2.0 -URL: http://k3s.io/k3s-selinux -Source: %{name}-%{version}.tar.gz -Source1: k3s.if +Group: System Environment/Base +License: Apache-2.0 +URL: http://k3s.io/k3s-selinux +Source: %{name}-%{version}.tar.gz -BuildArch: noarch -BuildRequires: container-selinux >= %{container_policyver} -BuildRequires: git -BuildRequires: selinux-policy >= %{selinux_policyver} -BuildRequires: selinux-policy-devel >= %{selinux_policyver} +BuildArch: noarch +BuildRequires: container-selinux >= %{container_policyver} +BuildRequires: git +BuildRequires: selinux-policy >= %{selinux_policyver} +BuildRequires: selinux-policy-devel >= %{selinux_policyver} -Requires: policycoreutils, selinux-tools +Requires: policycoreutils +Requires: selinux-tools Requires(post): selinux-policy-base >= %{selinux_policyver}, policycoreutils, container-selinux >= %{container_policyver} -Requires(postun): policycoreutils +Requires(postun):policycoreutils -Provides: %{name} = %{version}-%{release} -Obsoletes: k3s-selinux <= 0.5 -Conflicts: rke2-selinux +Provides: %{name} = %{version}-%{release} +Obsoletes: k3s-selinux <= 0.5 +Conflicts: rke2-selinux %description This package installs and sets up the SELinux policy security module for k3s. %prep %setup -q -install -m 644 %{SOURCE1} policy/microos/k3s.if %build cd policy/microos @@ -99,4 +99,3 @@ fi; %{_datadir}/selinux/devel/include/contrib/k3s.if %changelog - diff --git a/k3s.if b/k3s.if deleted file mode 100644 index a40c7a3..0000000 --- a/k3s.if +++ /dev/null @@ -1,27 +0,0 @@ -####################################################################### -## -## Creates types and rules for a k3s runtime domain. -## -## -## -## Prefix for the domain. -## -## -# -template(`k3s_runtime_domain_template',` - gen_require(` - attribute container_runtime_domain, exec_type; - role system_r, sysadm_r; - ') - - attribute $1_domain; - type $1_t, $1_domain; - role system_r types $1_t; - role sysadm_r types $1_t; - - can_exec($1_t, exec_type) - domain_type($1_t) - domain_entry_file($1_domain, $1_t) - - admin_pattern(container_runtime_domain, $1_t) -')