rpm/selinux-policy
SHA256
1
0
Fork 0
forked from pool/selinux-policy
Code Pull Requests Activity
128 Commits 2 Branches 0 Tags 6.9 MiB
33d04f1b0d
Commit Graph

128 Commits

This Branch
This Branch
All Branches
Author SHA256 Message Date
Johannes Segitz
321f539d0b Accepting request 948331 from home:jsegitz:branches:security:SELinux 
- Update to version 20220124. Refreshed:
  * fix_hadoop.patch
  * fix_init.patch
  * fix_kernel_sysctl.patch
  * fix_systemd.patch
  * fix_systemd_watch.patch
- Added fix_hypervkvp.patch to fix issues with hyperv labeling 
  (bsc#1193987)

OBS-URL: https://build.opensuse.org/request/show/948331
OBS-URL: https://build.opensuse.org/package/show/security:SELinux/selinux-policy?expand=0&rev=124
 2022-01-24 08:43:41 +00:00
Dominique Leuenberger
036b3db5c3 Accepting request 947458 from security:SELinux 
OBS-URL: https://build.opensuse.org/request/show/947458
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/selinux-policy?expand=0&rev=21
 2022-01-21 00:25:14 +00:00
Johannes Segitz
445c681f20 Accepting request 947457 from home:jsegitz:branches:security:SELinux 
- Allow colord to use systemd hardenings (bsc#1194631)

OBS-URL: https://build.opensuse.org/request/show/947457
OBS-URL: https://build.opensuse.org/package/show/security:SELinux/selinux-policy?expand=0&rev=123
 2022-01-19 15:57:54 +00:00
Dominique Leuenberger
bf8e52f30a Accepting request 930935 from security:SELinux 
OBS-URL: https://build.opensuse.org/request/show/930935
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/selinux-policy?expand=0&rev=20
 2021-11-15 14:26:00 +00:00
Johannes Segitz
3e76bf7c4f Accepting request 930934 from home:jsegitz:branches:security:SELinux 
- Update to version 20211111. Refreshed:
  * fix_dbus.patch
  * fix_systemd.patch
  * fix_authlogin.patch
  * fix_auditd.patch
  * fix_kernel_sysctl.patch
  * fix_networkmanager.patch
  * fix_chronyd.patch
  * fix_unconfineduser.patch
  * fix_unconfined.patch
  * fix_firewalld.patch
  * fix_init.patch
  * fix_xserver.patch
  * fix_logging.patch
  * fix_hadoop.patch

OBS-URL: https://build.opensuse.org/request/show/930934
OBS-URL: https://build.opensuse.org/package/show/security:SELinux/selinux-policy?expand=0&rev=122
 2021-11-11 16:01:20 +00:00
Dominique Leuenberger
adaf9c93f6 Accepting request 927915 from security:SELinux 
OBS-URL: https://build.opensuse.org/request/show/927915
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/selinux-policy?expand=0&rev=19
 2021-10-30 21:13:30 +00:00
Johannes Segitz
a54d31d04f Accepting request 927719 from home:msmeissn:branches:security:SELinux 
- fix_wine.patch: give Wine .dll same context as .so (bsc#1191976)

OBS-URL: https://build.opensuse.org/request/show/927719
OBS-URL: https://build.opensuse.org/package/show/security:SELinux/selinux-policy?expand=0&rev=121
 2021-10-28 08:41:11 +00:00
Dominique Leuenberger
ab2665df35 Accepting request 922280 from security:SELinux 
OBS-URL: https://build.opensuse.org/request/show/922280
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/selinux-policy?expand=0&rev=18
 2021-10-01 20:28:54 +00:00
Johannes Segitz
569b406914 Accepting request 922219 from home:ematsumiya:branches:security:SELinux 
- Fix auditd service start with systemd hardening directives (boo#1190918)
  * add fix_auditd.patch

OBS-URL: https://build.opensuse.org/request/show/922219
OBS-URL: https://build.opensuse.org/package/show/security:SELinux/selinux-policy?expand=0&rev=120
 2021-09-30 06:48:59 +00:00
Dominique Leuenberger
377bd6dbf3 Accepting request 915717 from security:SELinux 
OBS-URL: https://build.opensuse.org/request/show/915717
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/selinux-policy?expand=0&rev=17
 2021-09-02 21:20:08 +00:00
Johannes Segitz
23c83e5de5 Accepting request 915716 from home:jsegitz:branches:security:SELinux 
- Modified fix_systemd.patch to allow systemd gpt generator access to
  udev files (bsc#1189280)

OBS-URL: https://build.opensuse.org/request/show/915716
OBS-URL: https://build.opensuse.org/package/show/security:SELinux/selinux-policy?expand=0&rev=119
 2021-09-02 09:14:04 +00:00
Johannes Segitz
ec4c74f73a Accepting request 915205 from home:akedroutek:branches:security:SELinux 
- fix rebootmgr does not trigger the reboot properly (boo#1189878)
  * fix managing /etc/rebootmgr.conf
  * allow rebootmgr_t to cope with systemd and dbus messaging

OBS-URL: https://build.opensuse.org/request/show/915205
OBS-URL: https://build.opensuse.org/package/show/security:SELinux/selinux-policy?expand=0&rev=118
 2021-08-31 13:53:41 +00:00
Johannes Segitz
ae9139e375 Accepting request 914371 from home:jsegitz:branches:security:SELinux 
- Properly label cockpit files
- Allow wicked to communicate with network manager on DBUS (bsc#1188331)

OBS-URL: https://build.opensuse.org/request/show/914371
OBS-URL: https://build.opensuse.org/package/show/security:SELinux/selinux-policy?expand=0&rev=117
 2021-08-26 08:36:34 +00:00
Johannes Segitz
87ac70638e Accepting request 914043 from home:akedroutek:branches:security:SELinux 
- Added policy module for rebootmgr (jsc#SMO-28)

OBS-URL: https://build.opensuse.org/request/show/914043
OBS-URL: https://build.opensuse.org/package/show/security:SELinux/selinux-policy?expand=0&rev=116
 2021-08-24 14:50:15 +00:00
Richard Brown
51218d2b3a Accepting request 912873 from security:SELinux 
OBS-URL: https://build.opensuse.org/request/show/912873
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/selinux-policy?expand=0&rev=16
 2021-08-19 11:39:01 +00:00
Ales Kedroutek
e9e2930221 Accepting request 912846 from home:lnussel:usrmove 
- Allow systemd-sysctl to read kernel specific sysctl.conf
  (fix_kernel_sysctl.patch, boo#1184804)

OBS-URL: https://build.opensuse.org/request/show/912846
OBS-URL: https://build.opensuse.org/package/show/security:SELinux/selinux-policy?expand=0&rev=115
 2021-08-18 10:42:18 +00:00
Johannes Segitz
fdc38c861f Accepting request 911222 from home:lnussel:branches:security:SELinux 
- Fix quoting in postInstall macro

OBS-URL: https://build.opensuse.org/request/show/911222
OBS-URL: https://build.opensuse.org/package/show/security:SELinux/selinux-policy?expand=0&rev=114
 2021-08-11 12:31:49 +00:00
Dominique Leuenberger
25bc21e926 Accepting request 909370 from security:SELinux 
OBS-URL: https://build.opensuse.org/request/show/909370
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/selinux-policy?expand=0&rev=15
 2021-08-02 10:04:33 +00:00
Johannes Segitz
72477b3ac5 Accepting request 909369 from home:jsegitz:branches:security:SELinux 
- Update to version 20210716
- Remove interfaces for container module before building the package
  (bsc#1188184)
- Updated
  * fix_init.patch
  * fix_systemd_watch.patch
  to adapt to upstream changes

- Use tabrmd SELinux modules from tpm2.0-abrmd instead of storing
  here

- Update to version 20210419
- Dropped fix_gift.patch, module was removed
- Updated wicked.te to removed dropped interface
- Refreshed:
  * fix_cockpit.patch
  * fix_hadoop.patch
  * fix_init.patch
  * fix_logging.patch
  * fix_logrotate.patch
  * fix_networkmanager.patch
  * fix_nscd.patch
  * fix_rpm.patch
  * fix_selinuxutil.patch
  * fix_systemd.patch
  * fix_systemd_watch.patch
  * fix_thunderbird.patch
  * fix_unconfined.patch
  * fix_unconfineduser.patch
  * fix_unprivuser.patch

OBS-URL: https://build.opensuse.org/request/show/909369
OBS-URL: https://build.opensuse.org/package/show/security:SELinux/selinux-policy?expand=0&rev=113
 2021-07-30 09:07:13 +00:00
Dominique Leuenberger
b82ea14783 Accepting request 904732 from security:SELinux 
OBS-URL: https://build.opensuse.org/request/show/904732
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/selinux-policy?expand=0&rev=14
 2021-07-11 23:24:43 +00:00
Johannes Segitz
0b03ae6097 Accepting request 904546 from home:aplanas:branches:security:SELinux 
- Add tabrmd SELinux modules from upstream (bsc#1187925)
  https://github.com/tpm2-software/tpm2-abrmd/tree/master/selinux
- Automatic spec-cleaner to fix ordering and misaligned spaces

OBS-URL: https://build.opensuse.org/request/show/904546
OBS-URL: https://build.opensuse.org/package/show/security:SELinux/selinux-policy?expand=0&rev=112
 2021-07-08 09:30:22 +00:00
Dominique Leuenberger
77831e640c Accepting request 894727 from security:SELinux 
- allow systemd to watch /usr, /usr/lib, /etc, /etc/pki as we have path units
  that trigger on changes in those.
  Added fix_systemd_watch.patch
- own /usr/share/selinux/packages/$SELINUXTYPE/ and
  /var/lib/selinux/$SELINUXTYPE/active/modules/* to allow packages to install
  files there

OBS-URL: https://build.opensuse.org/request/show/894727
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/selinux-policy?expand=0&rev=13
 2021-05-23 21:30:29 +00:00
Johannes Segitz
4cc65efd18 Added fix_systemd_watch.patch 
OBS-URL: https://build.opensuse.org/package/show/security:SELinux/selinux-policy?expand=0&rev=110
 2021-05-21 07:16:10 +00:00
Dominique Leuenberger
06c67ef4c2 Accepting request 893917 from security:SELinux 
OBS-URL: https://build.opensuse.org/request/show/893917
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/selinux-policy?expand=0&rev=12
 2021-05-20 17:24:24 +00:00
Johannes Segitz
b8952f6e0d Accepting request 894639 from home:lnussel:branches:systemsmanagement:cockpit 
- allow systemd to watch /usr, /usr/lib, /etc, /etc/pki as we have path units
  that trigger on changes in those.
- own /usr/share/selinux/packages/$SELINUXTYPE/ and
  /var/lib/selinux/$SELINUXTYPE/active/modules/* to allow packages to install
  files there

OBS-URL: https://build.opensuse.org/request/show/894639
OBS-URL: https://build.opensuse.org/package/show/security:SELinux/selinux-policy?expand=0&rev=108
 2021-05-20 15:02:09 +00:00
Johannes Segitz
d46782358c Accepting request 893763 from home:lnussel:usrmove 
- allow cockpit socket to bind nodes (fix_cockpit.patch)
- use %autosetup to get rid of endless patch lines

OBS-URL: https://build.opensuse.org/request/show/893763
OBS-URL: https://build.opensuse.org/package/show/security:SELinux/selinux-policy?expand=0&rev=107
 2021-05-18 07:46:13 +00:00
Dominique Leuenberger
4f868ac4c7 Accepting request 890550 from security:SELinux 
Automatic submission by obs-autosubmit

OBS-URL: https://build.opensuse.org/request/show/890550
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/selinux-policy?expand=0&rev=11
 2021-05-07 14:45:22 +00:00
Johannes Segitz
3b70ecf210 Accepting request 890549 from home:jsegitz:branches:security:SELinux 
- Updated fix_networkmanager.patch to allow NetworkManager to watch
  its configuration directories
- Added fix_dovecot.patch to fix dovecot authentication (bsc#1182207)

OBS-URL: https://build.opensuse.org/request/show/890549
OBS-URL: https://build.opensuse.org/package/show/security:SELinux/selinux-policy?expand=0&rev=105
 2021-05-05 07:01:43 +00:00
Dominique Leuenberger
58cf3360bf Accepting request 888543 from security:SELinux 
- Added Recommends for selinux-autorelabel (bsc#1181837)
- Prevent libreoffice fonts from changing types on every relabel 
  (bsc#1185265). Added fix_libraries.patch

- Transition unconfined users to ldconfig type (bsc#1183121).
  Extended fix_unconfineduser.patch

OBS-URL: https://build.opensuse.org/request/show/888543
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/selinux-policy?expand=0&rev=10
 2021-04-29 20:44:23 +00:00
Johannes Segitz
81f34f7fca (bsc#1185265). Added fix_libraries.patch 
OBS-URL: https://build.opensuse.org/package/show/security:SELinux/selinux-policy?expand=0&rev=103
 2021-04-26 16:08:25 +00:00
Johannes Segitz
5a087ac379 Accepting request 888474 from home:jsegitz:branches:security:SELinux 
- Added Recommends for selinux-autorelabel (bsc#1181837)
- Prevent libreoffice fonts from changing types on every relabel 
  (bsc#1185265)

OBS-URL: https://build.opensuse.org/request/show/888474
OBS-URL: https://build.opensuse.org/package/show/security:SELinux/selinux-policy?expand=0&rev=102
 2021-04-26 12:07:40 +00:00
Johannes Segitz
0bda3469f4 Accepting request 888009 from home:jsegitz:branches:security:SELinux 
- Transition unconfined users to ldconfig type (bsc#1183121).
  Extended fix_unconfineduser.patch

OBS-URL: https://build.opensuse.org/request/show/888009
OBS-URL: https://build.opensuse.org/package/show/security:SELinux/selinux-policy?expand=0&rev=101
 2021-04-23 11:50:03 +00:00
Dominique Leuenberger
2b7ba1f084 Accepting request 886701 from security:SELinux 
OBS-URL: https://build.opensuse.org/request/show/886701
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/selinux-policy?expand=0&rev=9
 2021-04-22 16:03:46 +00:00
Johannes Segitz
8ca14f4905 Accepting request 886700 from home:jsegitz:branches:security:SELinux 
- Update to version 20210419
- Refreshed:
  * fix_dbus.patch
  * fix_hadoop.patch
  * fix_init.patch
  * fix_unprivuser.patch

OBS-URL: https://build.opensuse.org/request/show/886700
OBS-URL: https://build.opensuse.org/package/show/security:SELinux/selinux-policy?expand=0&rev=99
 2021-04-19 13:39:08 +00:00
Dominique Leuenberger
5329db915c Accepting request 878582 from security:SELinux 
big toolchain update, please stage together. so versions change, so this has high potential to break stuff. Probably best to stage it isolated

OBS-URL: https://build.opensuse.org/request/show/878582
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/selinux-policy?expand=0&rev=8
 2021-03-24 15:08:51 +00:00
Johannes Segitz
095423f93a Accepting request 878541 from home:akedroutek:branches:security:SELinux 
bsc#1183177

OBS-URL: https://build.opensuse.org/request/show/878541
OBS-URL: https://build.opensuse.org/package/show/security:SELinux/selinux-policy?expand=0&rev=97
 2021-03-12 14:43:38 +00:00
Johannes Segitz
21d0a40c65 OBS-URL: https://build.opensuse.org/package/show/security:SELinux/selinux-policy?expand=0&rev=96 2021-03-12 07:59:19 +00:00
Richard Brown
fc04e57b85 Accepting request 874853 from security:SELinux 
OBS-URL: https://build.opensuse.org/request/show/874853
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/selinux-policy?expand=0&rev=7
 2021-03-02 11:27:42 +00:00
Johannes Segitz
8c9c1d2173 Accepting request 874817 from home:kukuk:selinux 
- Update to version 20210223
- Change name of tar file to a more common schema to allow
  parallel installation of several source versions
- Adjust fix_init.patch

OBS-URL: https://build.opensuse.org/request/show/874817
OBS-URL: https://build.opensuse.org/package/show/security:SELinux/selinux-policy?expand=0&rev=94
 2021-02-24 13:12:28 +00:00
Dominique Leuenberger
0a5898fa12 Accepting request 862277 from security:SELinux 
OBS-URL: https://build.opensuse.org/request/show/862277
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/selinux-policy?expand=0&rev=6
 2021-01-15 18:44:19 +00:00
Ales Kedroutek
0ebcd6f872 Accepting request 862245 from home:kukuk:selinux 
- Update to version 20210111
  - Drop fix_policykit.patch (integrated upstream)
  - Adjust fix_iptables.patch
  - update container policy

OBS-URL: https://build.opensuse.org/request/show/862245
OBS-URL: https://build.opensuse.org/package/show/security:SELinux/selinux-policy?expand=0&rev=92
 2021-01-11 12:17:10 +00:00
Dominique Leuenberger
54f8cdf045 Accepting request 847443 from security:SELinux 
OBS-URL: https://build.opensuse.org/request/show/847443
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/selinux-policy?expand=0&rev=5
 2020-11-13 17:54:46 +00:00
Johannes Segitz
cc07b260a6 Accepting request 847442 from home:jsegitz:branches:security:SELinux 
- Updated fix_corecommand.patch to set correct types for the OBS
  build tools

OBS-URL: https://build.opensuse.org/request/show/847442
OBS-URL: https://build.opensuse.org/package/show/security:SELinux/selinux-policy?expand=0&rev=90
 2020-11-10 09:33:20 +00:00
Dominique Leuenberger
a22fb6b6d3 Accepting request 844986 from security:SELinux 
OBS-URL: https://build.opensuse.org/request/show/844986
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/selinux-policy?expand=0&rev=4
 2020-11-02 13:04:02 +00:00
Johannes Segitz
4877d5cafa Accepting request 844783 from home:kukuk:selinux 
- wicked.fc: add libexec directories
- Update to version 20201029
  - update container policy

OBS-URL: https://build.opensuse.org/request/show/844783
OBS-URL: https://build.opensuse.org/package/show/security:SELinux/selinux-policy?expand=0&rev=88
 2020-10-30 08:59:42 +00:00
Dominique Leuenberger
2453061091 Accepting request 842814 from security:SELinux 
OBS-URL: https://build.opensuse.org/request/show/842814
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/selinux-policy?expand=0&rev=3
 2020-10-23 10:20:12 +00:00
Johannes Segitz
4477ef8a3c Accepting request 842070 from home:kukuk:selinux 
- Update to version 20201016
- Use python3 to build (fc_sort.c was replaced by fc_sort.py which
  uses python3)
- Drop SELINUX=disabled, "selinux=0" kernel commandline option has
  to be used instead. New default is "permissive" [bsc#1176923].

OBS-URL: https://build.opensuse.org/request/show/842070
OBS-URL: https://build.opensuse.org/package/show/security:SELinux/selinux-policy?expand=0&rev=86
 2020-10-20 12:57:14 +00:00
Dominique Leuenberger
4b6a0b8466 Accepting request 839873 from security:SELinux 
Automatic submission by obs-autosubmit

OBS-URL: https://build.opensuse.org/request/show/839873
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/selinux-policy?expand=0&rev=2
 2020-10-07 12:18:21 +00:00
Dominique Leuenberger
ded584ab59 Accepting request 832021 from security:SELinux 
Policy is in better state now and should be fine for people with basic SELinux knowledge

OBS-URL: https://build.opensuse.org/request/show/832021
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/selinux-policy?expand=0&rev=1
 2020-10-06 15:06:19 +00:00
Johannes Segitz
6fa6803f18 Accepting request 833509 from home:jsegitz:branches:security:SELinux 
- Update to version 20200910. Refreshed
  * fix_authlogin.patch
  * fix_nagios.patch
  * fix_systemd.patch
  * fix_usermanage.patch
- Delete suse_specific.patch, moved content into fix_selinuxutil.patch
- Cleanup of booleans-* presets
  * Enabled
    user_rw_noexattrfile
    unconfined_chrome_sandbox_transition
    unconfined_mozilla_plugin_transition
    for the minimal policy
  * Disabled
    xserver_object_manager
    for the MLS policy
  * Disabled
    openvpn_enable_homedirs
    privoxy_connect_any
    selinuxuser_direct_dri_enabled
    selinuxuser_ping (aka user_ping)
    squid_connect_any
    telepathy_tcp_connect_generic_network_ports
    for the targeted policy
  Change your local config if you need them
- Build HTML version of manpages for the -devel package

OBS-URL: https://build.opensuse.org/request/show/833509
OBS-URL: https://build.opensuse.org/package/show/security:SELinux/selinux-policy?expand=0&rev=83
 2020-09-10 15:07:50 +00:00