From ba70df90ac4eb3370fd2539b4b050fb91defa18f8be16a57bbc601a043a90550 Mon Sep 17 00:00:00 2001 From: Marcus Meissner Date: Fri, 2 Jun 2017 10:53:34 +0000 Subject: [PATCH 1/6] OBS-URL: https://build.opensuse.org/package/show/Base:System/permissions?expand=0&rev=154 --- permissions.spec | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/permissions.spec b/permissions.spec index 409951f..d03dc6a 100644 --- a/permissions.spec +++ b/permissions.spec @@ -1,7 +1,7 @@ # # spec file for package permissions # -# Copyright (c) 2016 SUSE LINUX GmbH, Nuernberg, Germany. +# Copyright (c) 2017 SUSE LINUX GmbH, Nuernberg, Germany. # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -25,9 +25,9 @@ Release: 0 Provides: aaa_base:/etc/permissions PreReq: %fillup_prereq Summary: SUSE Linux Default Permissions +# Maintained in github by the security team. License: GPL-2.0+ Group: Productivity/Security -# Maintained in github by the security team. Source: permissions-%{version}.tar.xz BuildRoot: %{_tmppath}/%{name}-%{version}-build Url: http://github.com/openSUSE/permissions From 80e970fabb950d9ee546516baca4b71a4f3965e667f7ccb847c4983de38f193b Mon Sep 17 00:00:00 2001 From: Marcus Meissner Date: Fri, 2 Jun 2017 10:54:25 +0000 Subject: [PATCH 2/6] OBS-URL: https://build.opensuse.org/package/show/Base:System/permissions?expand=0&rev=155 --- _servicedata | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/_servicedata b/_servicedata index 3476f78..ff1f063 100644 --- a/_servicedata +++ b/_servicedata @@ -1,4 +1,4 @@ https://github.com/openSUSE/permissions.git - 8ee9ae34fc10f290b5cd4b3295004704cde86a5a \ No newline at end of file + 1cf8eb193920f201e1d313046bba2271f745bd0e From f06adee271545488d198f286b83d63e4215d6edf4544e4890fb2feed3264d74b Mon Sep 17 00:00:00 2001 From: Marcus Meissner Date: Fri, 2 Jun 2017 10:55:29 +0000 Subject: [PATCH 3/6] - Update to version 20170602: * make /etc/ppp owned by root:root. The group dialout usage is no longer used OBS-URL: https://build.opensuse.org/package/show/Base:System/permissions?expand=0&rev=156 --- permissions-20160807.tar.xz | 3 --- permissions-20170602.tar.xz | 3 +++ permissions.changes | 6 ++++++ permissions.spec | 2 +- 4 files changed, 10 insertions(+), 4 deletions(-) delete mode 100644 permissions-20160807.tar.xz create mode 100644 permissions-20170602.tar.xz diff --git a/permissions-20160807.tar.xz b/permissions-20160807.tar.xz deleted file mode 100644 index 0b45760..0000000 --- a/permissions-20160807.tar.xz +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:fbf850e74b5b2cf1c181460e4d40e1c39320bd35d6638cea1b1ec5167281258e -size 19728 diff --git a/permissions-20170602.tar.xz b/permissions-20170602.tar.xz new file mode 100644 index 0000000..852c644 --- /dev/null +++ b/permissions-20170602.tar.xz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:9348c6d19ecfd6244ddb1befa7e992fec7cf920a7edb71005a4bbae4da54610d +size 19700 diff --git a/permissions.changes b/permissions.changes index 1c63a64..56adf86 100644 --- a/permissions.changes +++ b/permissions.changes @@ -1,3 +1,9 @@ +------------------------------------------------------------------- +Fri Jun 2 10:55:09 UTC 2017 - meissner@suse.com + +- Update to version 20170602: + * make /etc/ppp owned by root:root. The group dialout usage is no longer used + ------------------------------------------------------------------- Sun Aug 07 12:00:00 UTC 2016 - meissner@suse.com diff --git a/permissions.spec b/permissions.spec index d03dc6a..2556bc9 100644 --- a/permissions.spec +++ b/permissions.spec @@ -20,7 +20,7 @@ BuildRequires: libcap-devel Name: permissions -Version: 20160807 +Version: 20170602 Release: 0 Provides: aaa_base:/etc/permissions PreReq: %fillup_prereq From c7d23f34dd683f2b4ab82b69a160ed5dd4c863caf277f3db0048b832e844ec9b Mon Sep 17 00:00:00 2001 From: Marcus Meissner Date: Sat, 3 Jun 2017 07:22:19 +0000 Subject: [PATCH 4/6] - Require: group(trusted), as we are handing it out to some unsuspecting binaries and it is no longer default. OBS-URL: https://build.opensuse.org/package/show/Base:System/permissions?expand=0&rev=157 --- permissions.changes | 6 ++++++ permissions.spec | 3 +++ 2 files changed, 9 insertions(+) diff --git a/permissions.changes b/permissions.changes index 56adf86..3d63ca3 100644 --- a/permissions.changes +++ b/permissions.changes @@ -1,3 +1,9 @@ +------------------------------------------------------------------- +Sat Jun 3 07:21:24 UTC 2017 - meissner@suse.com + +- Require: group(trusted), as we are handing it out to some unsuspecting + binaries and it is no longer default. + ------------------------------------------------------------------- Fri Jun 2 10:55:09 UTC 2017 - meissner@suse.com diff --git a/permissions.spec b/permissions.spec index 2556bc9..ee5b093 100644 --- a/permissions.spec +++ b/permissions.spec @@ -28,6 +28,9 @@ Summary: SUSE Linux Default Permissions # Maintained in github by the security team. License: GPL-2.0+ Group: Productivity/Security +%if 0%{?suse_version} >= 1330 +Requires(pre): group(trusted) +%endif Source: permissions-%{version}.tar.xz BuildRoot: %{_tmppath}/%{name}-%{version}-build Url: http://github.com/openSUSE/permissions From 310cebf5b3b601bf84692e803281e87eac13d5eb07732fb0fb3e6c6804b68fe0 Mon Sep 17 00:00:00 2001 From: Marcus Meissner Date: Sat, 3 Jun 2017 07:23:37 +0000 Subject: [PATCH 5/6] binaries and it is no longer default. (bsc#1041159 for fuse, also cronie, etc) OBS-URL: https://build.opensuse.org/package/show/Base:System/permissions?expand=0&rev=158 --- permissions.changes | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/permissions.changes b/permissions.changes index 3d63ca3..d4c0825 100644 --- a/permissions.changes +++ b/permissions.changes @@ -2,7 +2,7 @@ Sat Jun 3 07:21:24 UTC 2017 - meissner@suse.com - Require: group(trusted), as we are handing it out to some unsuspecting - binaries and it is no longer default. + binaries and it is no longer default. (bsc#1041159 for fuse, also cronie, etc) ------------------------------------------------------------------- Fri Jun 2 10:55:09 UTC 2017 - meissner@suse.com From 0ca1d5fbf3c189f03703c0614c25678d22953bc57a998665a379d204a9194f81 Mon Sep 17 00:00:00 2001 From: Marcus Meissner Date: Wed, 7 Jun 2017 11:15:04 +0000 Subject: [PATCH 6/6] Accepting request 501680 from home:dimstar:Factory - BuildIgnore group(trusted): we don't really care for this group in the buildroot and do not want to get system-users into the bootstrap cycle as we can avoid it. OBS-URL: https://build.opensuse.org/request/show/501680 OBS-URL: https://build.opensuse.org/package/show/Base:System/permissions?expand=0&rev=159 --- permissions.changes | 7 +++++++ permissions.spec | 1 + 2 files changed, 8 insertions(+) diff --git a/permissions.changes b/permissions.changes index d4c0825..050c67d 100644 --- a/permissions.changes +++ b/permissions.changes @@ -1,3 +1,10 @@ +------------------------------------------------------------------- +Wed Jun 7 10:58:37 UTC 2017 - dimstar@opensuse.org + +- BuildIgnore group(trusted): we don't really care for this group + in the buildroot and do not want to get system-users into the + bootstrap cycle as we can avoid it. + ------------------------------------------------------------------- Sat Jun 3 07:21:24 UTC 2017 - meissner@suse.com diff --git a/permissions.spec b/permissions.spec index ee5b093..e2b16a0 100644 --- a/permissions.spec +++ b/permissions.spec @@ -30,6 +30,7 @@ License: GPL-2.0+ Group: Productivity/Security %if 0%{?suse_version} >= 1330 Requires(pre): group(trusted) +#!BuildIgnore: group(trusted) %endif Source: permissions-%{version}.tar.xz BuildRoot: %{_tmppath}/%{name}-%{version}-build