9bbb7deff7
Accepting request 700150 from home:jsegitz:branches:Base:System
...
- Fixed versions. Removed set_version from _service file, doesn't
work with the new packaging. Call fix_version.sh to set current
date as version instead
- Fixed requires for -config and -zypp-plugin
OBS-URL: https://build.opensuse.org/request/show/700150
OBS-URL: https://build.opensuse.org/package/show/Base:System/permissions?expand=0&rev=218
2019-05-02 13:24:27 +00:00
741577cc7c
Accepting request 699578 from home:jsegitz:branches:Base:System
...
- Update to version 20190429:
* removed entry for /var/cache/man. Conflicts with packaging and man:man is
the better setting anyway (bsc#1133678)
* fixed error in description of permissions.paranoid. Make it clear that this
is not a usable profile, but intended as a base for own developments
OBS-URL: https://build.opensuse.org/request/show/699578
OBS-URL: https://build.opensuse.org/package/show/Base:System/permissions?expand=0&rev=217
2019-05-01 06:26:24 +00:00
edfc5837d1
Accepting request 693920 from home:jengelh:branches:Base:System
...
- Fix RPM group, fix hard requirement on documentation.
Update description typography.
OBS-URL: https://build.opensuse.org/request/show/693920
OBS-URL: https://build.opensuse.org/package/show/Base:System/permissions?expand=0&rev=216
2019-04-15 18:37:33 +00:00
e7563d435d
Accepting request 693721 from home:jsegitz:branches:Base:System
...
- Created new subpackages -config, -doc and standalone package chkstat
where we can start a better versioning scheme and require it from the
original package
OBS-URL: https://build.opensuse.org/request/show/693721
OBS-URL: https://build.opensuse.org/package/show/Base:System/permissions?expand=0&rev=215
2019-04-12 13:08:09 +00:00
f25290dd69
Accepting request 674173 from home:jsegitz:branches:Base:System
...
- Update to version 20190212:
* removed old entry for wodim
* removed old entry for netatalk
* removed old entry for suidperl
* removed old entriy for utempter
* removed old entriy for hostname
* removed old directory entries
* removed old entry for qemu-bridge-helper
* removed old entries for pccardctl
* removed old entries for isdnctrl
* removed old entries for unix(2)_chkpwd
* removed old entries for mount.nfs
* removed old entries for (u)mount
* removed old entry for fileshareset
* removed old entries for KDE
* removed old entry for heartbeat
* removed old entry for gnome-control-center
* removed old entry for pcp
* removed old entry for lpdfilter
* removed old entry for scotty
* removed old entry for ia32el
* removed old entry for squid
* removed old qpopper whitelist
* removed pt_chown entries. Not needed anymore and a bad idea anyway
* removed old majordomo entry
* removed stale entries for old ncpfs tools
* removed old entry for rmtab
* Fixed typo in icinga2 whitelist entry
* New whitelisting for /usr/lib/virtualbox/VirtualBoxVM and removed stale
entries for VirtualBox
OBS-URL: https://build.opensuse.org/request/show/674173
OBS-URL: https://build.opensuse.org/package/show/Base:System/permissions?expand=0&rev=213
2019-02-13 16:59:34 +00:00
Matthias Gerstner
687b016f47
Accepting request 649628 from home:mgerstner:branches:Base:System
...
- Update to version 20181116:
* zypper-plugin: new plugin to fix bsc#1114383
OBS-URL: https://build.opensuse.org/request/show/649628
OBS-URL: https://build.opensuse.org/package/show/Base:System/permissions?expand=0&rev=211
2018-11-16 16:39:18 +00:00
Matthias Gerstner
2808ce4fdd
- Update to version 20181112:
...
* singularity: remove -suid binaries that have been dropped since version
2.4 (bsc#1028304)
OBS-URL: https://build.opensuse.org/package/show/Base:System/permissions?expand=0&rev=210
2018-11-12 12:15:37 +00:00
Matthias Gerstner
a73387d528
- Update to version 20181030:
...
* capability whitelisting: allow cap_net_bind_service for ns-slapd from 389-ds
OBS-URL: https://build.opensuse.org/package/show/Base:System/permissions?expand=0&rev=208
2018-10-30 12:14:17 +00:00
Matthias Gerstner
7054263663
- Update to version 20181029:
...
* setuid whitelisting: add fusermount3 (bsc#1111230)
OBS-URL: https://build.opensuse.org/package/show/Base:System/permissions?expand=0&rev=207
2018-10-29 16:59:42 +00:00
Matthias Gerstner
6f2a944fac
- Update to version 20181025:
...
* setuid whitelisting: add authbind binary (bsc#1111251)
OBS-URL: https://build.opensuse.org/package/show/Base:System/permissions?expand=0&rev=206
2018-10-25 16:15:13 +00:00
Matthias Gerstner
f4d7d3598d
- Update to version 20180827:
...
* setuid whitelisting: add firejail binary (bsc#1059013)
OBS-URL: https://build.opensuse.org/package/show/Base:System/permissions?expand=0&rev=203
2018-08-27 09:16:16 +00:00
Matthias Gerstner
d7a67f7831
- Update to version 20180810:
...
* setuid whitelisting: add lxc-user-nic (bsc#988348)
OBS-URL: https://build.opensuse.org/package/show/Base:System/permissions?expand=0&rev=202
2018-08-10 09:23:22 +00:00
Matthias Gerstner
11a9977c9e
- Update to version 20180802:
...
* whitelisting: added smc-tools LD_PRELOAD library (bsc#1102956)
OBS-URL: https://build.opensuse.org/package/show/Base:System/permissions?expand=0&rev=200
2018-08-02 16:24:20 +00:00
255dbfc84f
Accepting request 624972 from home:mgerstner:branches:Base:System
...
- Update to version 20180724:
* Fix wrong file path in help string
* whitelisting: add spice-gtk usb helper setuid binary (bnc#1101420)
OBS-URL: https://build.opensuse.org/request/show/624972
OBS-URL: https://build.opensuse.org/package/show/Base:System/permissions?expand=0&rev=198
2018-07-24 11:46:06 +00:00
9ebc9d2aa6
- Update to version 20180508:
...
* Capabilities for usage of Wireshark for non-root (bsc#957624)
OBS-URL: https://build.opensuse.org/package/show/Base:System/permissions?expand=0&rev=195
2018-05-08 06:12:16 +00:00
ee933ba6a8
- Update to version 20180125:
...
* make btmp root:utmp (bsc#1050467)
OBS-URL: https://build.opensuse.org/package/show/Base:System/permissions?expand=0&rev=192
2018-01-25 12:54:05 +00:00
ac7a7aecfc
- Update to version 20180115:
...
* - polkit-default-privs: usbauth (bsc#1066877)
OBS-URL: https://build.opensuse.org/package/show/Base:System/permissions?expand=0&rev=191
2018-01-15 09:57:27 +00:00
0433ec9d56
Accepting request 548215 from home:kukuk:branches:Base:System
...
- fillup is required for post, not pre installation
OBS-URL: https://build.opensuse.org/request/show/548215
OBS-URL: https://build.opensuse.org/package/show/Base:System/permissions?expand=0&rev=189
2017-12-05 07:10:12 +00:00
d85ec2cc61
Accepting request 546606 from home:pluskalm:branches:Base:System
...
- Cleanup spec file with spec-cleaner
- Drop conditions/definitions related to old distros
OBS-URL: https://build.opensuse.org/request/show/546606
OBS-URL: https://build.opensuse.org/package/show/Base:System/permissions?expand=0&rev=188
2017-11-30 10:35:19 +00:00
f434538bbd
- Update to version 20171129:
...
* permissions: adding gvfs (bsc#1065864)
* Allow setgid incingacmd on directory /run/icinga2/cmd bsc#1069410
* Allow fping cap_net_raw (bsc#1047921)
OBS-URL: https://build.opensuse.org/package/show/Base:System/permissions?expand=0&rev=187
2017-11-29 17:02:48 +00:00
24ce7041d6
OBS-URL: https://build.opensuse.org/package/show/Base:System/permissions?expand=0&rev=186
2017-11-24 16:26:13 +00:00
2688fa191a
Accepting request 544692 from home:RBrownSUSE:branches:Base:System
...
Replace references to /var/adm/fillup-templates with new %_fillupdir macro (boo#1069468)
OBS-URL: https://build.opensuse.org/request/show/544692
OBS-URL: https://build.opensuse.org/package/show/Base:System/permissions?expand=0&rev=185
2017-11-23 14:58:07 +00:00
a7962163fe
- Update to version 20171121:
...
* - permissions: adding kwayland (bsc#1062182)
OBS-URL: https://build.opensuse.org/package/show/Base:System/permissions?expand=0&rev=182
2017-11-21 14:07:42 +00:00
b680cbc36d
- Update to version 20171106:
...
* Allow setuid root for singularity (group only) bsc#1028304
OBS-URL: https://build.opensuse.org/package/show/Base:System/permissions?expand=0&rev=180
2017-11-06 15:58:58 +00:00
fb770d791f
- Update to version 20171025:
...
* Stricter permissions on cron directories (paranoid) and stricter permissions on sshd_config (secure/paranoid)
OBS-URL: https://build.opensuse.org/package/show/Base:System/permissions?expand=0&rev=177
2017-10-25 15:51:58 +00:00
8b1949dd93
- Update to version 20170928:
...
* Fix invalid syntax bsc#1048645 bsc#1060738
OBS-URL: https://build.opensuse.org/package/show/Base:System/permissions?expand=0&rev=174
2017-09-28 10:48:52 +00:00
ae2fcfcc83
- Update to version 20170927:
...
* fix typos in manpages
OBS-URL: https://build.opensuse.org/package/show/Base:System/permissions?expand=0&rev=173
2017-09-27 14:50:43 +00:00
88add7774f
- Update to version 20170922:
...
* Allow setuid root for singularity (group only) bsc#1028304
OBS-URL: https://build.opensuse.org/package/show/Base:System/permissions?expand=0&rev=171
2017-09-22 14:01:01 +00:00
79244e6f3c
- Update to version 20170913:
...
* Allow setuid for shadow newuidmap, newgidmap bsc#979282, bsc#1048645)
OBS-URL: https://build.opensuse.org/package/show/Base:System/permissions?expand=0&rev=168
2017-09-13 16:53:54 +00:00
c8a528761f
OBS-URL: https://build.opensuse.org/package/show/Base:System/permissions?expand=0&rev=163
2017-09-06 09:43:17 +00:00
0ca1d5fbf3
Accepting request 501680 from home:dimstar:Factory
...
- BuildIgnore group(trusted): we don't really care for this group
in the buildroot and do not want to get system-users into the
bootstrap cycle as we can avoid it.
OBS-URL: https://build.opensuse.org/request/show/501680
OBS-URL: https://build.opensuse.org/package/show/Base:System/permissions?expand=0&rev=159
2017-06-07 11:15:04 +00:00
c7d23f34dd
- Require: group(trusted), as we are handing it out to some unsuspecting
...
binaries and it is no longer default.
OBS-URL: https://build.opensuse.org/package/show/Base:System/permissions?expand=0&rev=157
2017-06-03 07:22:19 +00:00
f06adee271
- Update to version 20170602:
...
* make /etc/ppp owned by root:root. The group dialout usage is no longer used
OBS-URL: https://build.opensuse.org/package/show/Base:System/permissions?expand=0&rev=156
2017-06-02 10:55:29 +00:00
ba70df90ac
OBS-URL: https://build.opensuse.org/package/show/Base:System/permissions?expand=0&rev=154
2017-06-02 10:53:34 +00:00
f28a99e103
- Update to version 20160807:
...
* suexec2 is a symlink, no need for permissions handling
OBS-URL: https://build.opensuse.org/package/show/Base:System/permissions?expand=0&rev=151
2016-08-07 12:03:42 +00:00
3b16bfa06f
OBS-URL: https://build.opensuse.org/package/show/Base:System/permissions?expand=0&rev=146
2016-08-02 08:29:24 +00:00
6899251720
Accepting request 397400 from home:dimstar:branches:Base:System
...
- Introduce _service to easier update the package. For simplicity,
change the version from yyyy.mm.dd to yyyymmdd (which is eactly
%cd in the _service defintion). Upgrading is no problem.
It's up to the maintainer if you prefer this method or whatever you
currently use...
the _service allows to do an update with those commands:
===
osc co Base:System permissions
cd Base:System/permissions
rm *xz
osc service dr
osc ar
osc ci -m 'Update done'
===
It will add use the commit messages from git to formulate the .changelog in the form:
+ Update to version YYYYMMDD:
- Git commitlog 1
- Git commitlog 1
Feel free to use or reject
OBS-URL: https://build.opensuse.org/request/show/397400
OBS-URL: https://build.opensuse.org/package/show/Base:System/permissions?expand=0&rev=144
2016-05-23 14:04:56 +00:00
5b294da664
Accepting request 397396 from home:msmeissn:branches:Base:System
...
- chage only needs read rights to /etc/shadow, so setgid shadow is sufficient (bsc#975352)
- permissions: adding gstreamer ptp file caps (bsc#960173)
OBS-URL: https://build.opensuse.org/request/show/397396
OBS-URL: https://build.opensuse.org/package/show/Base:System/permissions?expand=0&rev=143
2016-05-23 09:01:41 +00:00
2026868fe9
Accepting request 353869 from home:msmeissn:branches:Base:System
...
- the apache folks renamed suexec2 to suexec with symlink. adjust both (bsc#962060)
OBS-URL: https://build.opensuse.org/request/show/353869
OBS-URL: https://build.opensuse.org/package/show/Base:System/permissions?expand=0&rev=141
2016-01-15 14:42:31 +00:00
b6e28807c2
Accepting request 353278 from home:msmeissn:branches:Base:System
...
- pinger needs to be squid:root, not root:squid (there is no squid group) bsc#961363
- add suexec with 0755 to all standard profiles. this can and should be overridden in permissions.local if you need it setuid root. bsc#951765 bsc#263789
- added missing / to the squid specific directories (bsc#950557)
OBS-URL: https://build.opensuse.org/request/show/353278
OBS-URL: https://build.opensuse.org/package/show/Base:System/permissions?expand=0&rev=140
2016-01-12 16:30:34 +00:00
7723b028aa
Accepting request 334552 from home:msmeissn:branches:Base:System
...
- adjusted radosgw to root:www mode 0750 (bsc#943471)
OBS-URL: https://build.opensuse.org/request/show/334552
OBS-URL: https://build.opensuse.org/package/show/Base:System/permissions?expand=0&rev=138
2015-09-28 14:36:36 +00:00
e1788e4035
Accepting request 334443 from home:msmeissn:branches:Base:System
...
- radosgw can get capability cap_bind_net_service (bsc#943471)
OBS-URL: https://build.opensuse.org/request/show/334443
OBS-URL: https://build.opensuse.org/package/show/Base:System/permissions?expand=0&rev=137
2015-09-28 13:36:03 +00:00
caaf70201f
Accepting request 311171 from home:msmeissn:branches:Base:System
...
- remove /usr/bin/get_printing_ticket; (bnc#906336)
OBS-URL: https://build.opensuse.org/request/show/311171
OBS-URL: https://build.opensuse.org/package/show/Base:System/permissions?expand=0&rev=135
2015-06-08 16:26:06 +00:00
987b4c1e61
Accepting request 263879 from home:msmeissn:branches:Base:System
...
- Added iouyap capabilities (bnc#904060)
OBS-URL: https://build.opensuse.org/request/show/263879
OBS-URL: https://build.opensuse.org/package/show/Base:System/permissions?expand=0&rev=133
2014-12-04 07:34:28 +00:00
55fdaea9a3
Accepting request 259902 from home:msmeissn:branches:Base:System
...
- %{_bindir}/get_printing_ticket turned to mode 700, setuid root no longer needed (bnc#685093)
- permissions: incorporating squid changes from bnc#891268
- hint that chkstat --system --set needs to be run after editing bnc#895647
OBS-URL: https://build.opensuse.org/request/show/259902
OBS-URL: https://build.opensuse.org/package/show/Base:System/permissions?expand=0&rev=131
2014-11-05 17:23:09 +00:00
2b1381f5ed
Accepting request 246515 from home:msmeissn:branches:Base:System
...
- Do not applies permissions from backup files (~ / .rpmsave / .rpmnew) (bnc#893370)
- do not mention SuSEconfig anymore, long dead (bnc#843083)
OBS-URL: https://build.opensuse.org/request/show/246515
OBS-URL: https://build.opensuse.org/package/show/Base:System/permissions?expand=0&rev=129
2014-08-26 13:05:22 +00:00
1febc609ea
Accepting request 243379 from home:msmeissn:branches:Base:System
...
- append a / to /var/log/journal so the framework makes sure it is a directory bnc#888151
OBS-URL: https://build.opensuse.org/request/show/243379
OBS-URL: https://build.opensuse.org/package/show/Base:System/permissions?expand=0&rev=127
2014-08-01 11:42:04 +00:00
dba36f4d8f
Accepting request 242029 from home:msmeissn:branches:Base:System
...
- make innbind mode 4550 (bnc#876287)
- permissions: Adding systemd-journal directory (bnc#888151)
OBS-URL: https://build.opensuse.org/request/show/242029
OBS-URL: https://build.opensuse.org/package/show/Base:System/permissions?expand=0&rev=125
2014-07-23 15:21:41 +00:00
111602a6c6
Accepting request 241753 from home:msmeissn:branches:Base:System
...
- permissions: Adding new kdesud path for KDE5 (bnc#872276)
OBS-URL: https://build.opensuse.org/request/show/241753
OBS-URL: https://build.opensuse.org/package/show/Base:System/permissions?expand=0&rev=124
2014-07-21 14:12:53 +00:00
d1796cf746
Accepting request 239152 from home:msmeissn:branches:Base:System
...
- vlock_main lost its permission checking, so remove from here.
OBS-URL: https://build.opensuse.org/request/show/239152
OBS-URL: https://build.opensuse.org/package/show/Base:System/permissions?expand=0&rev=122
2014-07-01 11:47:17 +00:00
