rpms / selinux-policy

Clone
Source Code
GIT

#129 * Tue Nov 24 2020 Zdenek Pytela <zpytela@redhat.com> - 3.14.7-9
Merged 3 years ago by zpytela. Opened 3 years ago by zpytela.
rpms/ zpytela/selinux-policy master  into  master

file modified
+18 -3 
@@ -1,11 +1,11 @@ 
 

  # github repo with selinux-policy base sources
 

  %global git0 https://github.com/fedora-selinux/selinux-policy
 

- %global commit0 a324430fd4e7a1bf6aa64757a951a8a6320aa47e
 

+ %global commit0 f1505fca7063b21b5f2ef90f904032c5cc023a22
 

  %global shortcommit0 %(c=%{commit0}; echo ${c:0:7})
 

  

  # github repo with selinux-policy contrib sources
 

  %global git1 https://github.com/fedora-selinux/selinux-policy-contrib
 

- %global commit1 0cfef67283f2b55664c99611f2fcdf8fd47c63d9
 

+ %global commit1 dad9c7670560b550c3837a3bd2237a94c3e54814
 

  %global shortcommit1 %(c=%{commit1}; echo ${c:0:7})
 

  

  %define distro redhat
 
@@ -29,7 +29,7 @@ 
 

  Summary: SELinux policy configuration
 

  Name: selinux-policy
 

  Version: 3.14.7
 

- Release: 8%{?dist}
 

+ Release: 9%{?dist}
 

  License: GPLv2+
 

  Source: %{git0}/archive/%{commit0}/%{name}-%{shortcommit0}.tar.gz
 

  Source29: %{git1}/archive/%{commit1}/%{name}-contrib-%{shortcommit1}.tar.gz
 
@@ -807,6 +807,21 @@ 
 

  %endif
 

  

  %changelog
 

+ * Tue Nov 24 2020 Zdenek Pytela <zpytela@redhat.com> - 3.14.7-9
 

+ - Allow varnish map its private tmp files
 

+ - Allow dovecot bind to smtp ports
 

+ - Change fetchmail temporary files path to /var/spool/mail
 

+ - Allow cups_pdf_t domain to communicate with unix_dgram_socket
 

+ - Set file context for symlinks in /etc/httpd to etc_t
 

+ - Allow rpmdb rw access to inherited console, ttys, and ptys
 

+ - Allow dnsmasq read public files
 

+ - Announce merging of selinux-policy and selinux-policy-contrib
 

+ - Label /etc/resolv.conf as net_conf_t only if it is a plain file
 

+ - Fix range for unreserved ports
 

+ - Add files_search_non_security_dirs() interface
 

+ - Introduce logging_syslogd_append_public_content tunable
 

+ - Add miscfiles_append_public_files() interface
 

+ 

  * Fri Nov 13 2020 Zdenek Pytela <zpytela@redhat.com> - 3.14.7-8
 

  - Set correct default file context for /usr/libexec/pcp/lib/*
 

  - Introduce rpmdb_t type

file modified
+3 -3 
@@ -1,4 +1,4 @@ 
 

- SHA512 (selinux-policy-a324430.tar.gz) = ea00f0e2e50f07d3394a38dc1c407e9d6848db26fd1c1b3a9550c8b109d3cc1d960ebff3f6b73d99a82bc5899790dfe87795f185d3de15eca9e1f5f9d5b8bbcd
 

- SHA512 (selinux-policy-contrib-0cfef67.tar.gz) = b894731b619fd015e47a39398e41b58d74b308f0f5bf6a5bcf9adb945854c49af160d7d5d111bad08df4f0c0e98c7588f4630469b11c65c51b1b51777868a1f0
 

- SHA512 (container-selinux.tgz) = 08fe2e197630012f3937ffa18bee5c658494e559ae3aa332bd9fac8a22ee4f7f12142ed18f92bd56486201798f3170cab3a1ed10241e7ebc91af2e1aafd42c68
 

+ SHA512 (selinux-policy-f1505fc.tar.gz) = 5831821766fbb6ae0c86d81b1f8d0ff1590f7fb26309e3a0ced33cb6348d61808dbf65ef78a2f91df951593bbd39397d8601307a5e530d606924f1d2c72f6cd8
 

+ SHA512 (selinux-policy-contrib-dad9c76.tar.gz) = 072136b1064f903f74d2ca42ba1753f8b3aea29c634644abc9a0fae700d3d642ec764d39608dc1f10542cb954d5cc838eafe6ecfb5e974c78d979fa8a93e962d
 

+ SHA512 (container-selinux.tgz) = 6dffeaaaea1c87052a1f8481d93ddca98899b63167f7c0a4960572431b08d3e34dff7b5cfb4dc6c62bac6d4ae30b964e0d410dcc6d1476d73cf048080ddd56e6
 

  SHA512 (macro-expander) = 243ee49f1185b78ac47e56ca9a3f3592f8975fab1a2401c0fcc7f88217be614fe31805bacec602b728e7fcfc21dcc17d90e9a54ce87f3a0c97624d9ad885aea4

  • Allow varnish map its private tmp files
  • Allow dovecot bind to smtp ports
  • Change fetchmail temporary files path to /var/spool/mail
  • Allow cups_pdf_t domain to communicate with unix_dgram_socket
  • Set file context for symlinks in /etc/httpd to etc_t
  • Allow rpmdb rw access to inherited console, ttys, and ptys
  • Allow dnsmasq read public files
  • Announce merging of selinux-policy and selinux-policy-contrib
  • Label /etc/resolv.conf as net_conf_t only if it is a plain file
  • Fix range for unreserved ports
  • Add files_search_non_security_dirs() interface
  • Introduce logging_syslogd_append_public_content tunable
  • Add miscfiles_append_public_files() interface

Build failed.

[citest]

Most of the tests fail expectedly. Some fail for a bug which has been fixed because old package is used in Fedora CI, cf.
https://fedora.softwarefactory-project.io/zuul/build/5d5a13d276c04dc483962e46fc4c4714/log/artifacts/FAIL-selinux-selinux-policy-cups-pdf-and-similar.log#626
and
https://osci-jenkins-1.ci.fedoraproject.org/job/fedora-ci/job/dist-git-pipeline/job/master/271/testReport/(root)/tests/selinux_selinux_policy_cups_pdf_and_similar/
section bz#1832521. Zulu build is correct.

Merging, a scratchbuild proved working.

Pull-Request has been merged by zpytela
3 years ago

Seems to suffer from the same problem as yesterday:
https://osci-jenkins-1.ci.fedoraproject.org/job/fedora-ci/job/dist-git-pipeline/job/master/402/testReport/(root)/tests/selinux_selinux_policy_cups_pdf_and_similar/

selinux-policy-3.14.7-8

Not sure I follow, we tested with this build:

https://koji.fedoraproject.org/koji/taskinfo?taskID=56236476

Yes it is selinux-policy-3.14.7-8 because that is what was built?

Ah ok, reinstall is missing in case of the same NVRs, fixing

This PR was to create a selinux-policy-3.14.7-89 build.

if so, there are more bugs here

investigating and will file it soon
Changes Summary 2
+18 -3
file changed
selinux-policy.spec
+3 -3
file changed
sources
Powered by Pagure 5.13.3
DocumentationFile an IssueAbout this InstanceSSH Hostkey/Fingerprint
© Red Hat, Inc. and others.