From 7cbab402c10445a983956099f163204b3e3681c69910da3d355eed31d7098c4c Mon Sep 17 00:00:00 2001
From: Johannes Segitz <jsegitz@suse.com>
Date: Fri, 25 Nov 2022 08:00:09 +0000
Subject: [PATCH] Accepting request 1037928 from
 home:cahu:branches:security:SELinux

- fix_sysnetwork.patch: firewalld uses /etc/sysconfig/network/ for
  network interface definition instead of /etc/sysconfig/network-scripts/,
  modified sysnetwork.fc to reflect that (bsc#1205580).

OBS-URL: https://build.opensuse.org/request/show/1037928
OBS-URL: https://build.opensuse.org/package/show/security:SELinux/selinux-policy?expand=0&rev=157
---
 fix_sysnetwork.patch   | 12 ++++++++++++
 selinux-policy.changes |  7 +++++++
 2 files changed, 19 insertions(+)

diff --git a/fix_sysnetwork.patch b/fix_sysnetwork.patch
index b7f0b13..81fb138 100644
--- a/fix_sysnetwork.patch
+++ b/fix_sysnetwork.patch
@@ -2,6 +2,18 @@ Index: fedora-policy-20221019/policy/modules/system/sysnetwork.fc
 ===================================================================
 --- fedora-policy-20221019.orig/policy/modules/system/sysnetwork.fc
 +++ fedora-policy-20221019/policy/modules/system/sysnetwork.fc
+@@ -33,9 +33,9 @@ ifdef(`distro_debian',`
+ /etc/dhcp3?/dhclient.*		gen_context(system_u:object_r:dhcp_etc_t,s0)
+ 
+ ifdef(`distro_redhat',`
+-/etc/sysconfig/network-scripts/.*resolv\.conf -- gen_context(system_u:object_r:net_conf_t,s0)
++/etc/sysconfig/network/.*resolv\.conf -- gen_context(system_u:object_r:net_conf_t,s0)
+ /etc/sysconfig/networking(/.*)? gen_context(system_u:object_r:net_conf_t,s0)
+-/etc/sysconfig/network-scripts(/.*)? gen_context(system_u:object_r:net_conf_t,s0)
++/etc/sysconfig/network(/.*)? gen_context(system_u:object_r:net_conf_t,s0)
+ /var/run/systemd/network(/.*)?  gen_context(system_u:object_r:net_conf_t,s0)
+ /var/run/systemd/resolve/resolv\.conf   --  gen_context(system_u:object_r:net_conf_t,s0)
+ /var/run/systemd/resolve/stub-resolv\.conf  gen_context(system_u:object_r:net_conf_t,s0)
 @@ -103,6 +103,8 @@ ifdef(`distro_debian',`
  /var/run/network(/.*)?	gen_context(system_u:object_r:net_conf_t,s0)
  ')
diff --git a/selinux-policy.changes b/selinux-policy.changes
index 66c1d72..11c7ec3 100644
--- a/selinux-policy.changes
+++ b/selinux-policy.changes
@@ -1,3 +1,10 @@
+-------------------------------------------------------------------
+Thu Nov 24 13:40:16 UTC 2022 - Hu <cathy.hu@suse.com>
+
+- fix_sysnetwork.patch: firewalld uses /etc/sysconfig/network/ for
+  network interface definition instead of /etc/sysconfig/network-scripts/,
+  modified sysnetwork.fc to reflect that (bsc#1205580). 
+
 -------------------------------------------------------------------
 Wed Oct 19 11:45:57 UTC 2022 - Johannes Segitz <jsegitz@suse.com>