From 445c681f20129b01cc47fdd90cd6ebad497c1194b736fefb275eb890b59f24a2 Mon Sep 17 00:00:00 2001
From: Johannes Segitz <jsegitz@suse.com>
Date: Wed, 19 Jan 2022 15:57:54 +0000
Subject: [PATCH] Accepting request 947457 from
 home:jsegitz:branches:security:SELinux

- Allow colord to use systemd hardenings (bsc#1194631)

OBS-URL: https://build.opensuse.org/request/show/947457
OBS-URL: https://build.opensuse.org/package/show/security:SELinux/selinux-policy?expand=0&rev=123
---
 fix_colord.patch       | 18 +++++++++++++++---
 selinux-policy.changes |  5 +++++
 selinux-policy.spec    |  2 +-
 3 files changed, 21 insertions(+), 4 deletions(-)

diff --git a/fix_colord.patch b/fix_colord.patch
index c11b27b..763641f 100644
--- a/fix_colord.patch
+++ b/fix_colord.patch
@@ -1,7 +1,7 @@
-Index: fedora-policy/policy/modules/contrib/colord.fc
+Index: fedora-policy-20211111/policy/modules/contrib/colord.fc
 ===================================================================
---- fedora-policy.orig/policy/modules/contrib/colord.fc
-+++ fedora-policy/policy/modules/contrib/colord.fc
+--- fedora-policy-20211111.orig/policy/modules/contrib/colord.fc
++++ fedora-policy-20211111/policy/modules/contrib/colord.fc
 @@ -6,6 +6,8 @@
  
  /usr/libexec/colord	--	gen_context(system_u:object_r:colord_exec_t,s0)
@@ -11,3 +11,15 @@ Index: fedora-policy/policy/modules/contrib/colord.fc
  
  /usr/lib/systemd/system/colord.*  -- gen_context(system_u:object_r:colord_unit_file_t,s0)
  
+Index: fedora-policy-20211111/policy/modules/contrib/colord.te
+===================================================================
+--- fedora-policy-20211111.orig/policy/modules/contrib/colord.te
++++ fedora-policy-20211111/policy/modules/contrib/colord.te
+@@ -17,6 +17,7 @@ type colord_t;
+ type colord_exec_t;
+ dbus_system_domain(colord_t, colord_exec_t)
+ init_daemon_domain(colord_t, colord_exec_t)
++init_nnp_daemon_domain(colord_t)
+ 
+ type colord_tmp_t;
+ files_tmp_file(colord_tmp_t)
diff --git a/selinux-policy.changes b/selinux-policy.changes
index 5fc9185..87ce04b 100644
--- a/selinux-policy.changes
+++ b/selinux-policy.changes
@@ -1,3 +1,8 @@
+-------------------------------------------------------------------
+Fri Jan 14 15:07:00 UTC 2022 - Johannes Segitz <jsegitz@suse.com>
+
+- Allow colord to use systemd hardenings (bsc#1194631)
+
 -------------------------------------------------------------------
 Thu Nov 11 14:21:47 UTC 2021 - Johannes Segitz <jsegitz@suse.com>
 
diff --git a/selinux-policy.spec b/selinux-policy.spec
index b90c137..28271da 100644
--- a/selinux-policy.spec
+++ b/selinux-policy.spec
@@ -1,7 +1,7 @@
 #
 # spec file for package selinux-policy
 #
-# Copyright (c) 2021 SUSE LLC
+# Copyright (c) 2022 SUSE LLC
 #
 # All modifications and additions to the file contributed by third parties
 # remain the property of their copyright owners, unless otherwise agreed