rpm/selinux-policy
SHA256
1
0
Fork 0
forked from pool/selinux-policy
Code Pull Requests Activity
5b345f822c
selinux-policy/fix_sysnetwork.patch

26 lines
1.4 KiB
Diff
Raw Normal View History

Accepting request 1035580 from home:jsegitz:branches:security:SELinux - Update to version 20221019. Refreshed: * distro_suse_to_distro_redhat.patch * fix_apache.patch * fix_chronyd.patch * fix_cron.patch * fix_init.patch * fix_kernel_sysctl.patch * fix_networkmanager.patch * fix_rpm.patch * fix_sysnetwork.patch * fix_systemd.patch * fix_systemd_watch.patch * fix_unconfined.patch * fix_unconfineduser.patch * fix_unprivuser.patch * fix_xserver.patch - Dropped fix_cockpit.patch as this is now packaged with cockpit itself - Remove the ipa module, freeip ships their own module - Added fix_alsa.patch to allow reading of config files in home directories - Extended fix_networkmanager.patch and fix_postfix.patch to account for SUSE systems - Added dontaudit_interface_kmod_tmpfs.patch to prevent AVCs when startproc queries the running processes - Updated fix_snapper.patch to allow snapper to talk to rpm via dbus OBS-URL: https://build.opensuse.org/request/show/1035580 OBS-URL: https://build.opensuse.org/package/show/security:SELinux/selinux-policy?expand=0&rev=155
2022-11-14 09:27:42 +01:00
Index: fedora-policy-20221019/policy/modules/system/sysnetwork.fc
Accepting request 734854 from home:jsegitz:branches:security:SELinux - Moved back to fedora policy (20190802) - Removed spec file conditionals for old SELinux userland - Removed config.tgz - Removed patches: * label_sysconfig.selinux.patch * label_var_run_rsyslog.patch * suse_additions_obs.patch * suse_additions_sslh.patch * suse_modifications_apache.patch * suse_modifications_cron.patch * suse_modifications_getty.patch * suse_modifications_logging.patch * suse_modifications_ntp.patch * suse_modifications_usermanage.patch * suse_modifications_virt.patch * suse_modifications_xserver.patch * sysconfig_network_scripts.patch * segenxml_interpreter.patch - Added patches: * fix_djbdns.patch * fix_dbus.patch * fix_gift.patch * fix_java.patch * fix_hadoop.patch * fix_thunderbird.patch * postfix_paths.patch * fix_nscd.patch * fix_sysnetwork.patch * fix_logging.patch * fix_xserver.patch OBS-URL: https://build.opensuse.org/request/show/734854 OBS-URL: https://build.opensuse.org/package/show/security:SELinux/selinux-policy?expand=0&rev=73
2019-10-04 04:15:03 +02:00
===================================================================
Accepting request 1035580 from home:jsegitz:branches:security:SELinux - Update to version 20221019. Refreshed: * distro_suse_to_distro_redhat.patch * fix_apache.patch * fix_chronyd.patch * fix_cron.patch * fix_init.patch * fix_kernel_sysctl.patch * fix_networkmanager.patch * fix_rpm.patch * fix_sysnetwork.patch * fix_systemd.patch * fix_systemd_watch.patch * fix_unconfined.patch * fix_unconfineduser.patch * fix_unprivuser.patch * fix_xserver.patch - Dropped fix_cockpit.patch as this is now packaged with cockpit itself - Remove the ipa module, freeip ships their own module - Added fix_alsa.patch to allow reading of config files in home directories - Extended fix_networkmanager.patch and fix_postfix.patch to account for SUSE systems - Added dontaudit_interface_kmod_tmpfs.patch to prevent AVCs when startproc queries the running processes - Updated fix_snapper.patch to allow snapper to talk to rpm via dbus OBS-URL: https://build.opensuse.org/request/show/1035580 OBS-URL: https://build.opensuse.org/package/show/security:SELinux/selinux-policy?expand=0&rev=155
2022-11-14 09:27:42 +01:00
--- fedora-policy-20221019.orig/policy/modules/system/sysnetwork.fc
+++ fedora-policy-20221019/policy/modules/system/sysnetwork.fc
Accepting request 1037928 from home:cahu:branches:security:SELinux - fix_sysnetwork.patch: firewalld uses /etc/sysconfig/network/ for network interface definition instead of /etc/sysconfig/network-scripts/, modified sysnetwork.fc to reflect that (bsc#1205580). OBS-URL: https://build.opensuse.org/request/show/1037928 OBS-URL: https://build.opensuse.org/package/show/security:SELinux/selinux-policy?expand=0&rev=157
2022-11-25 09:00:09 +01:00
@@ -33,9 +33,9 @@ ifdef(`distro_debian',`
/etc/dhcp3?/dhclient.* gen_context(system_u:object_r:dhcp_etc_t,s0)
ifdef(`distro_redhat',`
-/etc/sysconfig/network-scripts/.*resolv\.conf -- gen_context(system_u:object_r:net_conf_t,s0)
+/etc/sysconfig/network/.*resolv\.conf -- gen_context(system_u:object_r:net_conf_t,s0)
/etc/sysconfig/networking(/.*)? gen_context(system_u:object_r:net_conf_t,s0)
-/etc/sysconfig/network-scripts(/.*)? gen_context(system_u:object_r:net_conf_t,s0)
+/etc/sysconfig/network(/.*)? gen_context(system_u:object_r:net_conf_t,s0)
/var/run/systemd/network(/.*)? gen_context(system_u:object_r:net_conf_t,s0)
/var/run/systemd/resolve/resolv\.conf -- gen_context(system_u:object_r:net_conf_t,s0)
/var/run/systemd/resolve/stub-resolv\.conf gen_context(system_u:object_r:net_conf_t,s0)
Accepting request 1035580 from home:jsegitz:branches:security:SELinux - Update to version 20221019. Refreshed: * distro_suse_to_distro_redhat.patch * fix_apache.patch * fix_chronyd.patch * fix_cron.patch * fix_init.patch * fix_kernel_sysctl.patch * fix_networkmanager.patch * fix_rpm.patch * fix_sysnetwork.patch * fix_systemd.patch * fix_systemd_watch.patch * fix_unconfined.patch * fix_unconfineduser.patch * fix_unprivuser.patch * fix_xserver.patch - Dropped fix_cockpit.patch as this is now packaged with cockpit itself - Remove the ipa module, freeip ships their own module - Added fix_alsa.patch to allow reading of config files in home directories - Extended fix_networkmanager.patch and fix_postfix.patch to account for SUSE systems - Added dontaudit_interface_kmod_tmpfs.patch to prevent AVCs when startproc queries the running processes - Updated fix_snapper.patch to allow snapper to talk to rpm via dbus OBS-URL: https://build.opensuse.org/request/show/1035580 OBS-URL: https://build.opensuse.org/package/show/security:SELinux/selinux-policy?expand=0&rev=155
2022-11-14 09:27:42 +01:00
@@ -103,6 +103,8 @@ ifdef(`distro_debian',`
Accepting request 734854 from home:jsegitz:branches:security:SELinux - Moved back to fedora policy (20190802) - Removed spec file conditionals for old SELinux userland - Removed config.tgz - Removed patches: * label_sysconfig.selinux.patch * label_var_run_rsyslog.patch * suse_additions_obs.patch * suse_additions_sslh.patch * suse_modifications_apache.patch * suse_modifications_cron.patch * suse_modifications_getty.patch * suse_modifications_logging.patch * suse_modifications_ntp.patch * suse_modifications_usermanage.patch * suse_modifications_virt.patch * suse_modifications_xserver.patch * sysconfig_network_scripts.patch * segenxml_interpreter.patch - Added patches: * fix_djbdns.patch * fix_dbus.patch * fix_gift.patch * fix_java.patch * fix_hadoop.patch * fix_thunderbird.patch * postfix_paths.patch * fix_nscd.patch * fix_sysnetwork.patch * fix_logging.patch * fix_xserver.patch OBS-URL: https://build.opensuse.org/request/show/734854 OBS-URL: https://build.opensuse.org/package/show/security:SELinux/selinux-policy?expand=0&rev=73
2019-10-04 04:15:03 +02:00
/var/run/network(/.*)? gen_context(system_u:object_r:net_conf_t,s0)
')
+/var/run/netconfig(/.*)? gen_context(system_u:object_r:net_conf_t,s0)
+
Accepting request 821528 from home:jsegitz:branches:security:SELinux - Update to version 20200717. Refreshed * fix_fwupd.patch * fix_hadoop.patch * fix_init.patch * fix_irqbalance.patch * fix_logrotate.patch * fix_nagios.patch * fix_networkmanager.patch * fix_postfix.patch * fix_sysnetwork.patch * fix_systemd.patch * fix_thunderbird.patch * fix_unconfined.patch * fix_unprivuser.patch * selinux-policy.spec - Added update.sh to make updating easier - Updated fix_unconfineduser.patch to allow unconfined_dbusd_t access to accountsd dbus - New patch: * fix_nis.patch - Updated patches: * fix_postfix.patch: Transition is done in distribution specific script OBS-URL: https://build.opensuse.org/request/show/821528 OBS-URL: https://build.opensuse.org/package/show/security:SELinux/selinux-policy?expand=0&rev=77
2020-07-17 16:00:13 +02:00
/var/run/netns -d gen_context(system_u:object_r:ifconfig_var_run_t,s0)
/var/run/netns/[^/]+ <<none>>
Accepting request 734854 from home:jsegitz:branches:security:SELinux - Moved back to fedora policy (20190802) - Removed spec file conditionals for old SELinux userland - Removed config.tgz - Removed patches: * label_sysconfig.selinux.patch * label_var_run_rsyslog.patch * suse_additions_obs.patch * suse_additions_sslh.patch * suse_modifications_apache.patch * suse_modifications_cron.patch * suse_modifications_getty.patch * suse_modifications_logging.patch * suse_modifications_ntp.patch * suse_modifications_usermanage.patch * suse_modifications_virt.patch * suse_modifications_xserver.patch * sysconfig_network_scripts.patch * segenxml_interpreter.patch - Added patches: * fix_djbdns.patch * fix_dbus.patch * fix_gift.patch * fix_java.patch * fix_hadoop.patch * fix_thunderbird.patch * postfix_paths.patch * fix_nscd.patch * fix_sysnetwork.patch * fix_logging.patch * fix_xserver.patch OBS-URL: https://build.opensuse.org/request/show/734854 OBS-URL: https://build.opensuse.org/package/show/security:SELinux/selinux-policy?expand=0&rev=73
2019-10-04 04:15:03 +02:00
Copy Permalink