rpm/selinux-policy
SHA256
1
0
Fork 0
forked from pool/selinux-policy
Code Pull Requests Activity
97 Commits 2 Branches 0 Tags 6.9 MiB
2c0b161ac5
Commit Graph

97 Commits

This Branch
This Branch
All Branches
Author SHA256 Message Date
Johannes Segitz
72477b3ac5 Accepting request 909369 from home:jsegitz:branches:security:SELinux 
- Update to version 20210716
- Remove interfaces for container module before building the package
  (bsc#1188184)
- Updated
  * fix_init.patch
  * fix_systemd_watch.patch
  to adapt to upstream changes

- Use tabrmd SELinux modules from tpm2.0-abrmd instead of storing
  here

- Update to version 20210419
- Dropped fix_gift.patch, module was removed
- Updated wicked.te to removed dropped interface
- Refreshed:
  * fix_cockpit.patch
  * fix_hadoop.patch
  * fix_init.patch
  * fix_logging.patch
  * fix_logrotate.patch
  * fix_networkmanager.patch
  * fix_nscd.patch
  * fix_rpm.patch
  * fix_selinuxutil.patch
  * fix_systemd.patch
  * fix_systemd_watch.patch
  * fix_thunderbird.patch
  * fix_unconfined.patch
  * fix_unconfineduser.patch
  * fix_unprivuser.patch

OBS-URL: https://build.opensuse.org/request/show/909369
OBS-URL: https://build.opensuse.org/package/show/security:SELinux/selinux-policy?expand=0&rev=113
 2021-07-30 09:07:13 +00:00
Johannes Segitz
0b03ae6097 Accepting request 904546 from home:aplanas:branches:security:SELinux 
- Add tabrmd SELinux modules from upstream (bsc#1187925)
  https://github.com/tpm2-software/tpm2-abrmd/tree/master/selinux
- Automatic spec-cleaner to fix ordering and misaligned spaces

OBS-URL: https://build.opensuse.org/request/show/904546
OBS-URL: https://build.opensuse.org/package/show/security:SELinux/selinux-policy?expand=0&rev=112
 2021-07-08 09:30:22 +00:00
Johannes Segitz
4cc65efd18 Added fix_systemd_watch.patch 
OBS-URL: https://build.opensuse.org/package/show/security:SELinux/selinux-policy?expand=0&rev=110
 2021-05-21 07:16:10 +00:00
Johannes Segitz
b8952f6e0d Accepting request 894639 from home:lnussel:branches:systemsmanagement:cockpit 
- allow systemd to watch /usr, /usr/lib, /etc, /etc/pki as we have path units
  that trigger on changes in those.
- own /usr/share/selinux/packages/$SELINUXTYPE/ and
  /var/lib/selinux/$SELINUXTYPE/active/modules/* to allow packages to install
  files there

OBS-URL: https://build.opensuse.org/request/show/894639
OBS-URL: https://build.opensuse.org/package/show/security:SELinux/selinux-policy?expand=0&rev=108
 2021-05-20 15:02:09 +00:00
Johannes Segitz
d46782358c Accepting request 893763 from home:lnussel:usrmove 
- allow cockpit socket to bind nodes (fix_cockpit.patch)
- use %autosetup to get rid of endless patch lines

OBS-URL: https://build.opensuse.org/request/show/893763
OBS-URL: https://build.opensuse.org/package/show/security:SELinux/selinux-policy?expand=0&rev=107
 2021-05-18 07:46:13 +00:00
Johannes Segitz
3b70ecf210 Accepting request 890549 from home:jsegitz:branches:security:SELinux 
- Updated fix_networkmanager.patch to allow NetworkManager to watch
  its configuration directories
- Added fix_dovecot.patch to fix dovecot authentication (bsc#1182207)

OBS-URL: https://build.opensuse.org/request/show/890549
OBS-URL: https://build.opensuse.org/package/show/security:SELinux/selinux-policy?expand=0&rev=105
 2021-05-05 07:01:43 +00:00
Johannes Segitz
81f34f7fca (bsc#1185265). Added fix_libraries.patch 
OBS-URL: https://build.opensuse.org/package/show/security:SELinux/selinux-policy?expand=0&rev=103
 2021-04-26 16:08:25 +00:00
Johannes Segitz
5a087ac379 Accepting request 888474 from home:jsegitz:branches:security:SELinux 
- Added Recommends for selinux-autorelabel (bsc#1181837)
- Prevent libreoffice fonts from changing types on every relabel 
  (bsc#1185265)

OBS-URL: https://build.opensuse.org/request/show/888474
OBS-URL: https://build.opensuse.org/package/show/security:SELinux/selinux-policy?expand=0&rev=102
 2021-04-26 12:07:40 +00:00
Johannes Segitz
0bda3469f4 Accepting request 888009 from home:jsegitz:branches:security:SELinux 
- Transition unconfined users to ldconfig type (bsc#1183121).
  Extended fix_unconfineduser.patch

OBS-URL: https://build.opensuse.org/request/show/888009
OBS-URL: https://build.opensuse.org/package/show/security:SELinux/selinux-policy?expand=0&rev=101
 2021-04-23 11:50:03 +00:00
Johannes Segitz
8ca14f4905 Accepting request 886700 from home:jsegitz:branches:security:SELinux 
- Update to version 20210419
- Refreshed:
  * fix_dbus.patch
  * fix_hadoop.patch
  * fix_init.patch
  * fix_unprivuser.patch

OBS-URL: https://build.opensuse.org/request/show/886700
OBS-URL: https://build.opensuse.org/package/show/security:SELinux/selinux-policy?expand=0&rev=99
 2021-04-19 13:39:08 +00:00
Johannes Segitz
095423f93a Accepting request 878541 from home:akedroutek:branches:security:SELinux 
bsc#1183177

OBS-URL: https://build.opensuse.org/request/show/878541
OBS-URL: https://build.opensuse.org/package/show/security:SELinux/selinux-policy?expand=0&rev=97
 2021-03-12 14:43:38 +00:00
Johannes Segitz
21d0a40c65 OBS-URL: https://build.opensuse.org/package/show/security:SELinux/selinux-policy?expand=0&rev=96 2021-03-12 07:59:19 +00:00
Johannes Segitz
8c9c1d2173 Accepting request 874817 from home:kukuk:selinux 
- Update to version 20210223
- Change name of tar file to a more common schema to allow
  parallel installation of several source versions
- Adjust fix_init.patch

OBS-URL: https://build.opensuse.org/request/show/874817
OBS-URL: https://build.opensuse.org/package/show/security:SELinux/selinux-policy?expand=0&rev=94
 2021-02-24 13:12:28 +00:00
Ales Kedroutek
0ebcd6f872 Accepting request 862245 from home:kukuk:selinux 
- Update to version 20210111
  - Drop fix_policykit.patch (integrated upstream)
  - Adjust fix_iptables.patch
  - update container policy

OBS-URL: https://build.opensuse.org/request/show/862245
OBS-URL: https://build.opensuse.org/package/show/security:SELinux/selinux-policy?expand=0&rev=92
 2021-01-11 12:17:10 +00:00
Johannes Segitz
cc07b260a6 Accepting request 847442 from home:jsegitz:branches:security:SELinux 
- Updated fix_corecommand.patch to set correct types for the OBS
  build tools

OBS-URL: https://build.opensuse.org/request/show/847442
OBS-URL: https://build.opensuse.org/package/show/security:SELinux/selinux-policy?expand=0&rev=90
 2020-11-10 09:33:20 +00:00
Johannes Segitz
4877d5cafa Accepting request 844783 from home:kukuk:selinux 
- wicked.fc: add libexec directories
- Update to version 20201029
  - update container policy

OBS-URL: https://build.opensuse.org/request/show/844783
OBS-URL: https://build.opensuse.org/package/show/security:SELinux/selinux-policy?expand=0&rev=88
 2020-10-30 08:59:42 +00:00
Johannes Segitz
4477ef8a3c Accepting request 842070 from home:kukuk:selinux 
- Update to version 20201016
- Use python3 to build (fc_sort.c was replaced by fc_sort.py which
  uses python3)
- Drop SELINUX=disabled, "selinux=0" kernel commandline option has
  to be used instead. New default is "permissive" [bsc#1176923].

OBS-URL: https://build.opensuse.org/request/show/842070
OBS-URL: https://build.opensuse.org/package/show/security:SELinux/selinux-policy?expand=0&rev=86
 2020-10-20 12:57:14 +00:00
Johannes Segitz
6fa6803f18 Accepting request 833509 from home:jsegitz:branches:security:SELinux 
- Update to version 20200910. Refreshed
  * fix_authlogin.patch
  * fix_nagios.patch
  * fix_systemd.patch
  * fix_usermanage.patch
- Delete suse_specific.patch, moved content into fix_selinuxutil.patch
- Cleanup of booleans-* presets
  * Enabled
    user_rw_noexattrfile
    unconfined_chrome_sandbox_transition
    unconfined_mozilla_plugin_transition
    for the minimal policy
  * Disabled
    xserver_object_manager
    for the MLS policy
  * Disabled
    openvpn_enable_homedirs
    privoxy_connect_any
    selinuxuser_direct_dri_enabled
    selinuxuser_ping (aka user_ping)
    squid_connect_any
    telepathy_tcp_connect_generic_network_ports
    for the targeted policy
  Change your local config if you need them
- Build HTML version of manpages for the -devel package

OBS-URL: https://build.opensuse.org/request/show/833509
OBS-URL: https://build.opensuse.org/package/show/security:SELinux/selinux-policy?expand=0&rev=83
 2020-09-10 15:07:50 +00:00
Dominique Leuenberger
ded584ab59 Accepting request 832021 from security:SELinux 
Policy is in better state now and should be fine for people with basic SELinux knowledge

OBS-URL: https://build.opensuse.org/request/show/832021
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/selinux-policy?expand=0&rev=1
 2020-10-06 15:06:19 +00:00
Johannes Segitz
7a2750f7a0 Accepting request 831657 from home:jsegitz:branches:security:SELinux 
- Drop BuildRequires for python, python-xml. It's not needed anymore

OBS-URL: https://build.opensuse.org/request/show/831657
OBS-URL: https://build.opensuse.org/package/show/security:SELinux/selinux-policy?expand=0&rev=82
 2020-09-03 11:35:20 +00:00
Johannes Segitz
83bae1c6b9 Accepting request 831126 from home:jsegitz:branches:security:SELinux 
- Drop fix_dbus.patch_orig, was included by accident
- Drop segenxml_interpreter.patch, not used anymore

OBS-URL: https://build.opensuse.org/request/show/831126
OBS-URL: https://build.opensuse.org/package/show/security:SELinux/selinux-policy?expand=0&rev=81
 2020-09-01 13:35:46 +00:00
Marcus Meissner
6410182343 Accepting request 825946 from home:kukuk:selinux 
- macros.selinux-policy: move rpm-state directory to /run and
  make sure it exists

OBS-URL: https://build.opensuse.org/request/show/825946
OBS-URL: https://build.opensuse.org/package/show/security:SELinux/selinux-policy?expand=0&rev=80
 2020-08-20 10:56:43 +00:00
Johannes Segitz
44bfe07756 Accepting request 824841 from home:kukuk:selinux 
- Cleanup spec file and follow more closely Fedora
- Label /sys/kernel/uevent_helper with tmpfiles.d/selinux-policy.conf
- Move config to /etc/selinux/config and create during %post install
  to be compatible with upstream and documentation.
- Add RPM macros for SELinux (macros.selinux-policy)
- Install booleans.subs_dist
- Remove unused macros
- Sync make/install macros with Fedora spec file
- Introduce sandbox sub-package

OBS-URL: https://build.opensuse.org/request/show/824841
OBS-URL: https://build.opensuse.org/package/show/security:SELinux/selinux-policy?expand=0&rev=79
 2020-08-10 12:35:50 +00:00
Johannes Segitz
f7ff503048 Accepting request 823545 from home:kukuk:selinux 
- Add policycoreutils-devel as BuildRequires

OBS-URL: https://build.opensuse.org/request/show/823545
OBS-URL: https://build.opensuse.org/package/show/security:SELinux/selinux-policy?expand=0&rev=78
 2020-07-30 12:23:17 +00:00
Johannes Segitz
f9eb198b55 Accepting request 821528 from home:jsegitz:branches:security:SELinux 
- Update to version 20200717. Refreshed
  * fix_fwupd.patch
  * fix_hadoop.patch
  * fix_init.patch
  * fix_irqbalance.patch
  * fix_logrotate.patch
  * fix_nagios.patch
  * fix_networkmanager.patch
  * fix_postfix.patch
  * fix_sysnetwork.patch
  * fix_systemd.patch
  * fix_thunderbird.patch
  * fix_unconfined.patch
  * fix_unprivuser.patch
  * selinux-policy.spec
- Added update.sh to make updating easier

- Updated fix_unconfineduser.patch to allow unconfined_dbusd_t access
  to accountsd dbus
- New patch:
  * fix_nis.patch
- Updated patches:
  * fix_postfix.patch: Transition is done in distribution specific script

OBS-URL: https://build.opensuse.org/request/show/821528
OBS-URL: https://build.opensuse.org/package/show/security:SELinux/selinux-policy?expand=0&rev=77
 2020-07-17 14:00:13 +00:00
Johannes Segitz
e10fb17535 Accepting request 810877 from home:jsegitz:branches:security:SELinux 
- Added module for wicked
- New patches:
  * fix_authlogin.patch
  * fix_screen.patch
  * fix_unprivuser.patch
  * fix_rpm.patch
  * fix_apache.patch

- Added module for rtorrent
- Enable snapper module in minimum policy to reduce issues on BTRFS
  Updated fix_snapper.patch to prevent relabling of snapshot

OBS-URL: https://build.opensuse.org/request/show/810877
OBS-URL: https://build.opensuse.org/package/show/security:SELinux/selinux-policy?expand=0&rev=76
 2020-06-02 15:31:08 +00:00
Johannes Segitz
cf699a6f0f Accepting request 785956 from home:jsegitz:branches:security:SELinux 
- New patches:
  * fix_accountsd.patch
  * fix_automount.patch
  * fix_colord.patch
  * fix_mcelog.patch
  * fix_sslh.patch
  * fix_nagios.patch
  * fix_openvpn.patch
  * fix_cron.patch
  * fix_usermanage.patch
  * fix_smartmon.patch
  * fix_geoclue.patch
  * suse_specific.patch
  Default systems should now work without selinuxuser_execmod
- Removed xdm_entrypoint_pam.patch, necessary change is in
  fix_unconfineduser.patch
- Enable SUSE specific settings again

OBS-URL: https://build.opensuse.org/request/show/785956
OBS-URL: https://build.opensuse.org/package/show/security:SELinux/selinux-policy?expand=0&rev=75
 2020-03-17 14:46:20 +00:00
Johannes Segitz
1fd70ac29b Accepting request 781805 from home:jsegitz:branches:security:SELinux 
- Update to version 20200219
  Refreshed fix_hadoop.patch
  Updated 
  * fix_dbus.patch
  * fix_hadoop.patch
  * fix_nscd.patch
  * fix_xserver.patch
  Renamed postfix_paths.patch to fix_postfix.patch
  Added
  * fix_init.patch
  * fix_locallogin.patch
  * fix_policykit.patch
  * fix_iptables.patch
  * fix_irqbalance.patch
  * fix_ntp.patch
  * fix_fwupd.patch
  * fix_firewalld.patch
  * fix_logrotate.patch
  * fix_selinuxutil.patch
  * fix_corecommand.patch
  * fix_snapper.patch
  * fix_systemd.patch
  * fix_unconfined.patch
  * fix_unconfineduser.patch
  * fix_chronyd.patch
  * fix_networkmanager.patch
  * xdm_entrypoint_pam.patch
- Removed modules minimum_temp_fixes and targeted_temp_fixes
  from the corresponding policies
- Reduced default module list of minimum policy by removing

OBS-URL: https://build.opensuse.org/request/show/781805
OBS-URL: https://build.opensuse.org/package/show/security:SELinux/selinux-policy?expand=0&rev=74
 2020-03-05 10:13:59 +00:00
Johannes Segitz
cbd186764a Accepting request 734854 from home:jsegitz:branches:security:SELinux 
- Moved back to fedora policy (20190802)
- Removed spec file conditionals for old SELinux userland
- Removed config.tgz
- Removed patches:
  * label_sysconfig.selinux.patch
  * label_var_run_rsyslog.patch
  * suse_additions_obs.patch
  * suse_additions_sslh.patch
  * suse_modifications_apache.patch
  * suse_modifications_cron.patch
  * suse_modifications_getty.patch
  * suse_modifications_logging.patch
  * suse_modifications_ntp.patch
  * suse_modifications_usermanage.patch
  * suse_modifications_virt.patch
  * suse_modifications_xserver.patch
  * sysconfig_network_scripts.patch
  * segenxml_interpreter.patch
- Added patches:
  * fix_djbdns.patch
  * fix_dbus.patch
  * fix_gift.patch
  * fix_java.patch
  * fix_hadoop.patch
  * fix_thunderbird.patch
  * postfix_paths.patch
  * fix_nscd.patch
  * fix_sysnetwork.patch
  * fix_logging.patch
  * fix_xserver.patch

OBS-URL: https://build.opensuse.org/request/show/734854
OBS-URL: https://build.opensuse.org/package/show/security:SELinux/selinux-policy?expand=0&rev=73
 2019-10-04 02:15:03 +00:00
Vítězslav Čížek
deab87434d Accepting request 714653 from home:jsegitz:branches:security:SELinux 
- Update to refpolicy 20190609. New modules for stubby and several
  systemd updates, including initial support for systemd --user
  sessions.
  Refreshed
  * label_var_run_rsyslog.patch
  * suse_modifications_cron.patch
  * suse_modifications_logging.patch
  * suse_modifications_ntp.patch
  * suse_modifications_usermanage.patch
  * suse_modifications_xserver.patch
  * sysconfig_network_scripts.patch

OBS-URL: https://build.opensuse.org/request/show/714653
OBS-URL: https://build.opensuse.org/package/show/security:SELinux/selinux-policy?expand=0&rev=72
 2019-07-16 12:19:29 +00:00
Johannes Segitz
177da0b45c Accepting request 671813 from home:jsegitz:branches:security:SELinux 
- Update to refpolicy 20190201. New modules for chromium, hostapd,
  and sigrok and minor fixes for existing modules.
  Refreshed suse_modifications_usermanage.patch

OBS-URL: https://build.opensuse.org/request/show/671813
OBS-URL: https://build.opensuse.org/package/show/security:SELinux/selinux-policy?expand=0&rev=71
 2019-02-05 10:31:52 +00:00
Johannes Segitz
e960092653 Accepting request 652476 from home:jsegitz:branches:security:SELinux 
- Change default state to disabled and disable SELinux after 
  uninstallation of policy to prevent unbootable system 
  (bsc#1108949, bsc#1109590)

OBS-URL: https://build.opensuse.org/request/show/652476
OBS-URL: https://build.opensuse.org/package/show/security:SELinux/selinux-policy?expand=0&rev=70
 2018-11-28 16:54:07 +00:00
Johannes Segitz
5791105ca8 OBS-URL: https://build.opensuse.org/package/show/security:SELinux/selinux-policy?expand=0&rev=69 2018-11-28 08:55:02 +00:00
Johannes Segitz
50b70e6d39 OBS-URL: https://build.opensuse.org/package/show/security:SELinux/selinux-policy?expand=0&rev=68 2018-11-27 09:16:35 +00:00
Pavol Rusnak
f9b110e284 OBS-URL: https://build.opensuse.org/package/show/security:SELinux/selinux-policy?expand=0&rev=13 2009-06-26 10:56:38 +00:00
Pavol Rusnak
addca201f3 Copy from home:thomasbiege:branches:security:SELinux/selinux-policy via accept of submit request 13137 
Request was accepted with message:

OBS-URL: https://build.opensuse.org/package/show/security:SELinux/selinux-policy?expand=0&rev=12
 2009-06-26 10:37:09 +00:00
Pavol Rusnak
afdfa07cb7 a 
OBS-URL: https://build.opensuse.org/package/show/security:SELinux/selinux-policy?expand=0&rev=11
 2009-01-14 13:25:47 +00:00
Pavol Rusnak
951bb67845 fix 
OBS-URL: https://build.opensuse.org/package/show/security:SELinux/selinux-policy?expand=0&rev=10
 2008-11-04 17:27:17 +00:00
Pavol Rusnak
d1d3770b71 uaa 
OBS-URL: https://build.opensuse.org/package/show/security:SELinux/selinux-policy?expand=0&rev=9
 2008-11-04 16:41:12 +00:00
Pavol Rusnak
a94a8f0ac8 fix 
OBS-URL: https://build.opensuse.org/package/show/security:SELinux/selinux-policy?expand=0&rev=8
 2008-10-21 09:29:56 +00:00
Pavol Rusnak
74766bfcc8 fix 
OBS-URL: https://build.opensuse.org/package/show/security:SELinux/selinux-policy?expand=0&rev=7
 2008-10-21 09:14:00 +00:00
Pavol Rusnak
4ae7ccbfb5 fix 
OBS-URL: https://build.opensuse.org/package/show/security:SELinux/selinux-policy?expand=0&rev=6
 2008-10-20 15:43:57 +00:00
Pavol Rusnak
31af32eb55 fix 
OBS-URL: https://build.opensuse.org/package/show/security:SELinux/selinux-policy?expand=0&rev=5
 2008-10-20 14:52:33 +00:00
Pavol Rusnak
78ef3a46b9 add m4 
OBS-URL: https://build.opensuse.org/package/show/security:SELinux/selinux-policy?expand=0&rev=4
 2008-10-20 10:00:04 +00:00
Pavol Rusnak
538b74b2ca fix 
OBS-URL: https://build.opensuse.org/package/show/security:SELinux/selinux-policy?expand=0&rev=3
 2008-10-16 14:08:52 +00:00
Pavol Rusnak
a69e4bc3d5 update 
OBS-URL: https://build.opensuse.org/package/show/security:SELinux/selinux-policy?expand=0&rev=2
 2008-10-16 12:17:57 +00:00
Pavol Rusnak
c96c5d88e5 initial import 
OBS-URL: https://build.opensuse.org/package/show/security:SELinux/selinux-policy?expand=0&rev=1
 2008-07-22 09:56:50 +00:00