From a54d31d04f95931c357542249fb0f287e11a3c21e60d84f0295a8de7ddbdb18f Mon Sep 17 00:00:00 2001
From: Johannes Segitz <jsegitz@suse.com>
Date: Thu, 28 Oct 2021 08:41:11 +0000
Subject: [PATCH] Accepting request 927719 from
 home:msmeissn:branches:security:SELinux

- fix_wine.patch: give Wine .dll same context as .so (bsc#1191976)

OBS-URL: https://build.opensuse.org/request/show/927719
OBS-URL: https://build.opensuse.org/package/show/security:SELinux/selinux-policy?expand=0&rev=121
---
 fix_wine.patch         | 23 +++++++++++++++++++++++
 selinux-policy.changes |  5 +++++
 selinux-policy.spec    |  1 +
 3 files changed, 29 insertions(+)
 create mode 100644 fix_wine.patch

diff --git a/fix_wine.patch b/fix_wine.patch
new file mode 100644
index 0000000..0a5f9d1
--- /dev/null
+++ b/fix_wine.patch
@@ -0,0 +1,23 @@
+Index: fedora-policy-20210716/policy/modules/system/libraries.fc
+===================================================================
+--- fedora-policy-20210716.orig/policy/modules/system/libraries.fc
++++ fedora-policy-20210716/policy/modules/system/libraries.fc
+@@ -90,7 +90,7 @@ ifdef(`distro_redhat',`
+ /opt/Adobe/Reader.?/Reader/intellinux/plug_ins/.*\.api -- gen_context(system_u:object_r:textrel_shlib_t,s0)
+ /opt/Adobe/Reader.?/Reader/intellinux/SPPlugins/.*\.ap[il] -- gen_context(system_u:object_r:lib_t,s0)
+ /opt/cisco-vpnclient/lib/libvpnapi\.so	--	gen_context(system_u:object_r:textrel_shlib_t,s0)
+-/opt/cx.*/lib/wine/.+\.so		--	gen_context(system_u:object_r:textrel_shlib_t,s0)
++/opt/cx.*/lib/wine/.+\.(so|dll)		--	gen_context(system_u:object_r:textrel_shlib_t,s0)
+ /opt/f-secure/fspms/libexec/librapi\.so(\.[^/]*)* -- gen_context(system_u:object_r:textrel_shlib_t,s0)
+ /opt/ibm/java.*/jre/.+\.jar		--	gen_context(system_u:object_r:lib_t,s0)
+ /opt/ibm/java.*/jre/.+\.so(\.[^/]*)*	--	gen_context(system_u:object_r:textrel_shlib_t,s0)
+@@ -173,7 +173,8 @@ ifdef(`distro_redhat',`
+ /usr/lib/systemd/libsystemd-shared-[0-9]+\.so.*	--	gen_context(system_u:object_r:lib_t,s0)
+ 
+ /usr/.*\.so(\.[^/]*)*		--	gen_context(system_u:object_r:lib_t,s0)
+-/usr/lib/wine/.+\.so	--	gen_context(system_u:object_r:textrel_shlib_t,s0)
++/usr/lib/wine/.+\.so		--	gen_context(system_u:object_r:textrel_shlib_t,s0)
++/usr/lib/wine/*-windows/*	--	gen_context(system_u:object_r:textrel_shlib_t,s0)
+ /usr/NX/lib/libXcomp\.so.*		--	gen_context(system_u:object_r:textrel_shlib_t,s0)
+ /usr/NX/lib/libjpeg\.so.* 		--	gen_context(system_u:object_r:textrel_shlib_t,s0)
+ 
diff --git a/selinux-policy.changes b/selinux-policy.changes
index d51807e..87e9a1a 100644
--- a/selinux-policy.changes
+++ b/selinux-policy.changes
@@ -1,3 +1,8 @@
+-------------------------------------------------------------------
+Mon Oct 25 11:35:24 UTC 2021 - Marcus Meissner <meissner@suse.com>
+
+- fix_wine.patch: give Wine .dll same context as .so (bsc#1191976)
+
 -------------------------------------------------------------------
 Tue Sep 28 12:44:22 UTC 2021 - Enzo Matsumiya <ematsumiya@suse.com>
 
diff --git a/selinux-policy.spec b/selinux-policy.spec
index fd3ad19..e916d1e 100644
--- a/selinux-policy.spec
+++ b/selinux-policy.spec
@@ -137,6 +137,7 @@ Patch053:       fix_systemd_watch.patch
 # kernel specific sysctl.conf (boo#1184804)
 Patch054:       fix_kernel_sysctl.patch
 Patch055:       fix_auditd.patch
+Patch056:       fix_wine.patch
 
 Patch100:       sedoctool.patch