1
0
Commit Graph

122 Commits

Author SHA256 Message Date
Dominique Leuenberger
231c1bddcc Accepting request 890550 from security:SELinux
Automatic submission by obs-autosubmit

OBS-URL: https://build.opensuse.org/request/show/890550
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/selinux-policy?expand=0&rev=11
2021-05-07 14:45:22 +00:00
Dominique Leuenberger
9770640975 Accepting request 888543 from security:SELinux
- Added Recommends for selinux-autorelabel (bsc#1181837)
- Prevent libreoffice fonts from changing types on every relabel 
  (bsc#1185265). Added fix_libraries.patch

- Transition unconfined users to ldconfig type (bsc#1183121).
  Extended fix_unconfineduser.patch

OBS-URL: https://build.opensuse.org/request/show/888543
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/selinux-policy?expand=0&rev=10
2021-04-29 20:44:23 +00:00
Dominique Leuenberger
46cba05af6 Accepting request 886701 from security:SELinux
OBS-URL: https://build.opensuse.org/request/show/886701
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/selinux-policy?expand=0&rev=9
2021-04-22 16:03:46 +00:00
Dominique Leuenberger
b3cf18cf4d Accepting request 878582 from security:SELinux
big toolchain update, please stage together. so versions change, so this has high potential to break stuff. Probably best to stage it isolated

OBS-URL: https://build.opensuse.org/request/show/878582
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/selinux-policy?expand=0&rev=8
2021-03-24 15:08:51 +00:00
Richard Brown
2deb9860fa Accepting request 874853 from security:SELinux
OBS-URL: https://build.opensuse.org/request/show/874853
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/selinux-policy?expand=0&rev=7
2021-03-02 11:27:42 +00:00
Dominique Leuenberger
4ffa4ec7ef Accepting request 862277 from security:SELinux
OBS-URL: https://build.opensuse.org/request/show/862277
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/selinux-policy?expand=0&rev=6
2021-01-15 18:44:19 +00:00
Dominique Leuenberger
6c79f08d5b Accepting request 847443 from security:SELinux
OBS-URL: https://build.opensuse.org/request/show/847443
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/selinux-policy?expand=0&rev=5
2020-11-13 17:54:46 +00:00
Dominique Leuenberger
ef24e4da10 Accepting request 844986 from security:SELinux
OBS-URL: https://build.opensuse.org/request/show/844986
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/selinux-policy?expand=0&rev=4
2020-11-02 13:04:02 +00:00
Dominique Leuenberger
b4b02dcd1a Accepting request 842814 from security:SELinux
OBS-URL: https://build.opensuse.org/request/show/842814
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/selinux-policy?expand=0&rev=3
2020-10-23 10:20:12 +00:00
Dominique Leuenberger
2425f1bc15 Accepting request 839873 from security:SELinux
Automatic submission by obs-autosubmit

OBS-URL: https://build.opensuse.org/request/show/839873
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/selinux-policy?expand=0&rev=2
2020-10-07 12:18:21 +00:00
Dominique Leuenberger
3de9778fbc Accepting request 832021 from security:SELinux
Policy is in better state now and should be fine for people with basic SELinux knowledge

OBS-URL: https://build.opensuse.org/request/show/832021
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/selinux-policy?expand=0&rev=1
2020-10-06 15:06:19 +00:00
Dominique Leuenberger
83a39a4ddd Accepting request 1030152 from security:SELinux
OBS-URL: https://build.opensuse.org/request/show/1030152
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/selinux-policy?expand=0&rev=34
2022-10-22 12:13:02 +00:00
Johannes Segitz
71b9302857 Accepting request 1030151 from home:jsegitz:branches:security:SELinux
- Update to version 20221019. Refreshed:
  * distro_suse_to_distro_redhat.patch
  * fix_apache.patch
  * fix_chronyd.patch
  * fix_cron.patch
  * fix_init.patch
  * fix_kernel_sysctl.patch
  * fix_networkmanager.patch
  * fix_rpm.patch
  * fix_sysnetwork.patch
  * fix_systemd.patch
  * fix_systemd_watch.patch
  * fix_unconfined.patch
  * fix_unconfineduser.patch
  * fix_unprivuser.patch
  * fix_xserver.patch
- Dropped fix_cockpit.patch as this is now packaged with cockpit itself
- Remove the ipa module, freeip ships their own module
- Added fix_alsa.patch to allow reading of config files in home directories
- Extended fix_networkmanager.patch and fix_postfix.patch to account
  for SUSE systems
- Added dontaudit_interface_kmod_tmpfs.patch to prevent AVCs when startproc
  queries the running processes
- Updated fix_snapper.patch to allow snapper to talk to rpm via dbus

OBS-URL: https://build.opensuse.org/request/show/1030151
OBS-URL: https://build.opensuse.org/package/show/security:SELinux/selinux-policy?expand=0&rev=153
2022-10-20 12:00:31 +00:00
Fabian Vogt
d9e31acb09 Accepting request 1008716 from security:SELinux
Automatic submission by obs-autosubmit

OBS-URL: https://build.opensuse.org/request/show/1008716
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/selinux-policy?expand=0&rev=33
2022-10-10 16:43:41 +00:00
Richard Brown
745ca40e7d Accepting request 1007016 from security:SELinux
- Update fix_networkmanager.patch to ensure NetworkManager chrony
  dispatcher is properly labled and update fix_chronyd.patch to ensure
  chrony helper script has proper label to be used by NetworkManager.
  Also allow NetworkManager_dispatcher_custom_t to query systemd status
  (bsc#1203824)

- Update fix_xserver.patch to add greetd support (bsc#1198559)

- Revamped rtorrent module

OBS-URL: https://build.opensuse.org/request/show/1007016
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/selinux-policy?expand=0&rev=32
2022-09-30 15:57:06 +00:00
Johannes Segitz
46df3a4a90 Accepting request 1007183 from home:jsegitz:branches:security:SELinux
- Updated quilt couldn't unpack tarball. This will cause ongoing issues
  so drop the sed statement in the %prep section and add 
  distro_suse_to_distro_redhat.patch to add the necessary changes
  via a patch

OBS-URL: https://build.opensuse.org/request/show/1007183
OBS-URL: https://build.opensuse.org/package/show/security:SELinux/selinux-policy?expand=0&rev=150
2022-09-30 08:11:19 +00:00
Johannes Segitz
7954ef729d OBS-URL: https://build.opensuse.org/package/show/security:SELinux/selinux-policy?expand=0&rev=149 2022-09-29 15:53:47 +00:00
Johannes Segitz
e785903b85 Accepting request 1007013 from home:jsegitz:branches:security:SELinux
chrony helper script has proper label to be used by NetworkManager.
  Also allow NetworkManager_dispatcher_custom_t to query systemd status

OBS-URL: https://build.opensuse.org/request/show/1007013
OBS-URL: https://build.opensuse.org/package/show/security:SELinux/selinux-policy?expand=0&rev=148
2022-09-29 15:51:37 +00:00
Johannes Segitz
d25433c6c5 Accepting request 1006965 from home:jsegitz:branches:security:SELinux
- Update fix_networkmanager.patch to ensure NetworkManager chrony
  dispatcher is properly labled and update fix_chronyd.patch to ensure
  chrony helper script has proper label to be used by NetworkManager
  (bsc#1203824)

>>>>>>> ./selinux-policy.changes.new
- Revamped rtorrent module

OBS-URL: https://build.opensuse.org/request/show/1006965
OBS-URL: https://build.opensuse.org/package/show/security:SELinux/selinux-policy?expand=0&rev=147
2022-09-29 14:06:49 +00:00
Johannes Segitz
31bb56f011 Accepting request 1006413 from home:fbonazzi:branches:security:SELinux
- Update fix_xserver.patch to add greetd support (bsc#1198559)

OBS-URL: https://build.opensuse.org/request/show/1006413
OBS-URL: https://build.opensuse.org/package/show/security:SELinux/selinux-policy?expand=0&rev=146
2022-09-28 07:58:24 +00:00
Dominique Leuenberger
f9338cb4f6 Accepting request 1000830 from security:SELinux
OBS-URL: https://build.opensuse.org/request/show/1000830
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/selinux-policy?expand=0&rev=31
2022-09-03 21:18:36 +00:00
Johannes Segitz
f2882ce2e3 Accepting request 999336 from home:kukuk:branches:security:SELinux
- Move SUSE directory from manual page section to html docu

OBS-URL: https://build.opensuse.org/request/show/999336
OBS-URL: https://build.opensuse.org/package/show/security:SELinux/selinux-policy?expand=0&rev=144
2022-09-02 07:11:53 +00:00
Dominique Leuenberger
e1641c758c Accepting request 999231 from security:SELinux
OBS-URL: https://build.opensuse.org/request/show/999231
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/selinux-policy?expand=0&rev=30
2022-08-25 13:09:16 +00:00
33f33589cc Accepting request 999189 from home:djz88:branches:security:SELinux
Corrected wrong bnc in changelog (correct is bnc#1201015)

OBS-URL: https://build.opensuse.org/request/show/999189
OBS-URL: https://build.opensuse.org/package/show/security:SELinux/selinux-policy?expand=0&rev=142
2022-08-25 10:10:46 +00:00
Richard Brown
e752fcf067 Accepting request 991558 from security:SELinux
OBS-URL: https://build.opensuse.org/request/show/991558
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/selinux-policy?expand=0&rev=29
2022-07-29 14:47:11 +00:00
Johannes Segitz
bb74e8e79e Accepting request 991528 from home:djz88:branches:security:SELinux
OBS-URL: https://build.opensuse.org/request/show/991528
OBS-URL: https://build.opensuse.org/package/show/security:SELinux/selinux-policy?expand=0&rev=140
2022-07-28 13:16:02 +00:00
Johannes Segitz
2c8b63a3f9 Accepting request 991423 from home:cahu:branches:security:SELinux
- fix_networkmanager.patch: Allow NetworkManager_dispatcher_tlp_t 
  and NetworkManager_dispatcher_custom_t to access nscd socket 
  (bsc#1201741)

OBS-URL: https://build.opensuse.org/request/show/991423
OBS-URL: https://build.opensuse.org/package/show/security:SELinux/selinux-policy?expand=0&rev=139
2022-07-27 15:24:55 +00:00
Richard Brown
9ba19293f6 Accepting request 989143 from security:SELinux
OBS-URL: https://build.opensuse.org/request/show/989143
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/selinux-policy?expand=0&rev=28
2022-07-18 16:32:44 +00:00
Johannes Segitz
c45601e60c Accepting request 989142 from home:jsegitz:branches:security:SELinux
- Update to version 20220714. Refreshed:
  * fix_init.patch
  * fix_systemd_watch.patch

OBS-URL: https://build.opensuse.org/request/show/989142
OBS-URL: https://build.opensuse.org/package/show/security:SELinux/selinux-policy?expand=0&rev=137
2022-07-14 11:30:19 +00:00
Dominique Leuenberger
49901ddf56 Accepting request 988936 from security:SELinux
OBS-URL: https://build.opensuse.org/request/show/988936
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/selinux-policy?expand=0&rev=27
2022-07-13 12:55:54 +00:00
Johannes Segitz
08dba4d639 Accepting request 988934 from home:jsegitz:branches:security:SELinux
- Update fix_systemd.patch to add cap sys_admin and kernel_dgram_send for
  systemd_gpt_generator_t (bsc#1200911)

OBS-URL: https://build.opensuse.org/request/show/988934
OBS-URL: https://build.opensuse.org/package/show/security:SELinux/selinux-policy?expand=0&rev=135
2022-07-13 08:54:50 +00:00
Johannes Segitz
80bdcc2619 Accepting request 988924 from home:jsegitz:branches:security:SELinux
- Update fix_systemd.patch to add sys_admin systemd_gpt_generator_t
  (bsc#1200911)

- postfix: Label PID files and some helpers correctly (bsc#1197242)

- Add fix_userdomain.patch to dontaudit UDP rpc ports (bsc#1193984)

OBS-URL: https://build.opensuse.org/request/show/988924
OBS-URL: https://build.opensuse.org/package/show/security:SELinux/selinux-policy?expand=0&rev=134
2022-07-13 08:15:29 +00:00
Dominique Leuenberger
c9dc623f03 Accepting request 984856 from security:SELinux
OBS-URL: https://build.opensuse.org/request/show/984856
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/selinux-policy?expand=0&rev=26
2022-06-25 08:23:52 +00:00
Johannes Segitz
a7283c99d6 Accepting request 984855 from home:jsegitz:branches:security:SELinux
- Update to version 20220624. Refreshed:
  * fix_init.patch
  * fix_kernel_sysctl.patch
  * fix_logging.patch
  * fix_networkmanager.patch
  * fix_unprivuser.patch
  Dropped fix_hadoop.patch, not necessary anymore
* Updated fix_locallogin.patch to allow accesses for nss-systemd 
  (bsc#1199630)

OBS-URL: https://build.opensuse.org/request/show/984855
OBS-URL: https://build.opensuse.org/package/show/security:SELinux/selinux-policy?expand=0&rev=132
2022-06-24 09:40:15 +00:00
Dominique Leuenberger
a185359d28 Accepting request 978298 from security:SELinux
OBS-URL: https://build.opensuse.org/request/show/978298
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/selinux-policy?expand=0&rev=25
2022-06-20 13:36:43 +00:00
Johannes Segitz
11a4df6bd1 Accepting request 978296 from home:jsegitz:branches:security:SELinux
- Update to version 20220520 to pass stricter 3.4 toolchain checks

OBS-URL: https://build.opensuse.org/request/show/978296
OBS-URL: https://build.opensuse.org/package/show/security:SELinux/selinux-policy?expand=0&rev=130
2022-05-20 14:53:12 +00:00
Johannes Segitz
0ae8014c7e Accepting request 978251 from home:jsegitz:branches:security:SELinux_3.3
- Update to version 20220428. Refreshed:
  * fix_apache.patch
  * fix_hadoop.patch
  * fix_init.patch
  * fix_iptables.patch
  * fix_kernel_sysctl.patch
  * fix_networkmanager.patch
  * fix_systemd.patch
  * fix_systemd_watch.patch
  * fix_unprivuser.patch
  * fix_usermanage.patch
  * fix_wine.patch

OBS-URL: https://build.opensuse.org/request/show/978251
OBS-URL: https://build.opensuse.org/package/show/security:SELinux/selinux-policy?expand=0&rev=129
2022-05-20 09:46:20 +00:00
Johannes Segitz
c6e85fecc6 Accepting request 978218 from home:jsegitz:branches:security:SELinux_3.3
- Add fix_dnsmasq.patch to fix problems with virtualization on Microos
  (bsc#1199518)

- Modified fix_init.patch to allow init to setup contrained environment
  for accountsservice. This needs a better, more general solution
  (bsc#1197610)

- Add systemd_domain_dyntrans_type.patch to allow systemd to dyntransition.
  This happens in certain boot conditions (bsc#1182500)
- Changed fix_unconfineduser.patch to not transition into ldconfig_t
  from unconfined_t (bsc#1197169)

OBS-URL: https://build.opensuse.org/request/show/978218
OBS-URL: https://build.opensuse.org/package/show/security:SELinux/selinux-policy?expand=0&rev=128
2022-05-20 07:36:43 +00:00
Dominique Leuenberger
51fabeb6bb Accepting request 957363 from security:SELinux
Automatic submission by obs-autosubmit

OBS-URL: https://build.opensuse.org/request/show/957363
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/selinux-policy?expand=0&rev=24
2022-02-26 16:01:58 +00:00
Johannes Segitz
d6ac89f53f Accepting request 955626 from home:kwk:branches:security:SELinux
- use %license tag for COPYING file

OBS-URL: https://build.opensuse.org/request/show/955626
OBS-URL: https://build.opensuse.org/package/show/security:SELinux/selinux-policy?expand=0&rev=127
2022-02-17 13:51:31 +00:00
Dominique Leuenberger
f8fd46faf9 Accepting request 953129 from security:SELinux
OBS-URL: https://build.opensuse.org/request/show/953129
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/selinux-policy?expand=0&rev=23
2022-02-11 22:07:09 +00:00
Johannes Segitz
62d16518b2 Accepting request 953125 from home:jsegitz:branches:security:SELinux
- Updated fix_cron.patch. Adjust labeling for at (bsc#1195683)

OBS-URL: https://build.opensuse.org/request/show/953125
OBS-URL: https://build.opensuse.org/package/show/security:SELinux/selinux-policy?expand=0&rev=126
2022-02-10 10:25:04 +00:00
Johannes Segitz
863e94abf1 Accepting request 953118 from home:fbonazzi:branches:security:SELinux
- Fix bitlbee runtime directory (bsc#1193230)
  * add fix_bitlbee.patch

OBS-URL: https://build.opensuse.org/request/show/953118
OBS-URL: https://build.opensuse.org/package/show/security:SELinux/selinux-policy?expand=0&rev=125
2022-02-10 10:24:00 +00:00
Dominique Leuenberger
14bc6e561c Accepting request 948335 from security:SELinux
OBS-URL: https://build.opensuse.org/request/show/948335
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/selinux-policy?expand=0&rev=22
2022-01-26 20:26:31 +00:00
Johannes Segitz
321f539d0b Accepting request 948331 from home:jsegitz:branches:security:SELinux
- Update to version 20220124. Refreshed:
  * fix_hadoop.patch
  * fix_init.patch
  * fix_kernel_sysctl.patch
  * fix_systemd.patch
  * fix_systemd_watch.patch
- Added fix_hypervkvp.patch to fix issues with hyperv labeling 
  (bsc#1193987)

OBS-URL: https://build.opensuse.org/request/show/948331
OBS-URL: https://build.opensuse.org/package/show/security:SELinux/selinux-policy?expand=0&rev=124
2022-01-24 08:43:41 +00:00
Dominique Leuenberger
036b3db5c3 Accepting request 947458 from security:SELinux
OBS-URL: https://build.opensuse.org/request/show/947458
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/selinux-policy?expand=0&rev=21
2022-01-21 00:25:14 +00:00
Johannes Segitz
445c681f20 Accepting request 947457 from home:jsegitz:branches:security:SELinux
- Allow colord to use systemd hardenings (bsc#1194631)

OBS-URL: https://build.opensuse.org/request/show/947457
OBS-URL: https://build.opensuse.org/package/show/security:SELinux/selinux-policy?expand=0&rev=123
2022-01-19 15:57:54 +00:00
Dominique Leuenberger
bf8e52f30a Accepting request 930935 from security:SELinux
OBS-URL: https://build.opensuse.org/request/show/930935
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/selinux-policy?expand=0&rev=20
2021-11-15 14:26:00 +00:00
Johannes Segitz
3e76bf7c4f Accepting request 930934 from home:jsegitz:branches:security:SELinux
- Update to version 20211111. Refreshed:
  * fix_dbus.patch
  * fix_systemd.patch
  * fix_authlogin.patch
  * fix_auditd.patch
  * fix_kernel_sysctl.patch
  * fix_networkmanager.patch
  * fix_chronyd.patch
  * fix_unconfineduser.patch
  * fix_unconfined.patch
  * fix_firewalld.patch
  * fix_init.patch
  * fix_xserver.patch
  * fix_logging.patch
  * fix_hadoop.patch

OBS-URL: https://build.opensuse.org/request/show/930934
OBS-URL: https://build.opensuse.org/package/show/security:SELinux/selinux-policy?expand=0&rev=122
2021-11-11 16:01:20 +00:00
Dominique Leuenberger
adaf9c93f6 Accepting request 927915 from security:SELinux
OBS-URL: https://build.opensuse.org/request/show/927915
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/selinux-policy?expand=0&rev=19
2021-10-30 21:13:30 +00:00