From 5c8d7f791222b0c92875b54c186c3fc24047451a Mon Sep 17 00:00:00 2001
From: Lukas Vrabec <lvrabec@redhat.com>
Date: Aug 27 2019 19:28:37 +0000
Subject: [PATCH 1/2] * Tue Aug 13 2019 Lukas Vrabec <lvrabec@redhat.com> - 0.1.9-1

- New rebase https://github.com/containers/udica/releases/tag/v0.1.9

---

diff --git a/.gitignore b/.gitignore
index 1990382..0da17d5 100644
--- a/.gitignore
+++ b/.gitignore
@@ -6,3 +6,4 @@
 /v0.1.6.tar.gz
 /v0.1.7.tar.gz
 /v0.1.8.tar.gz
+/v0.1.9.tar.gz
diff --git a/0001-Update-tests-test_basic.podman.cil-test_basic.docker.patch b/0001-Update-tests-test_basic.podman.cil-test_basic.docker.patch
new file mode 100644
index 0000000..eda87e3
--- /dev/null
+++ b/0001-Update-tests-test_basic.podman.cil-test_basic.docker.patch
@@ -0,0 +1,61 @@
+From 1ef277aa4840a72ff474f6500bcc6576f37af0af Mon Sep 17 00:00:00 2001
+From: Lukas Vrabec <lvrabec@redhat.com>
+Date: Tue, 27 Aug 2019 21:20:16 +0200
+Subject: [PATCH] Update tests test_basic.podman.cil, test_basic.docker.cil.
+ Round 2
+
+Because of the new versions of SELinux policy in Fedora 30 and Fedora
+Rawhide, also several tests in Udica needed to be fixed to use new
+labels.
+---
+ tests/semanage.py           | 1 -
+ tests/test_basic.docker.cil | 3 ---
+ tests/test_basic.podman.cil | 5 +----
+ 3 files changed, 1 insertion(+), 8 deletions(-)
+
+diff --git a/tests/semanage.py b/tests/semanage.py
+index f64fda4..318a46a 100644
+--- a/tests/semanage.py
++++ b/tests/semanage.py
+@@ -156,7 +156,6 @@ fcontexts_homedirs = [
+     ('/var/spool/fcron/new\\.systab', 'system_u:object_r:system_cron_spool_t:s0'),
+     ('/var/spool/fcron/systab\\.orig', 'system_u:object_r:system_cron_spool_t:s0'),
+     ('/var/spool/postfix/etc/localtime', 'system_u:object_r:locale_t:s0'),
+-    ('/var/spool/cron', 'system_u:object_r:user_cron_spool_t:s0'),
+     ('/var/spool/cron/user', 'system_u:object_r:user_cron_spool_t:s0')
+ ]
+ 
+diff --git a/tests/test_basic.docker.cil b/tests/test_basic.docker.cil
+index b29cb32..220c53b 100644
+--- a/tests/test_basic.docker.cil
++++ b/tests/test_basic.docker.cil
+@@ -285,9 +285,6 @@
+     (allow process user_cron_spool_t ( dir ( open read getattr lock search ioctl add_name remove_name write ))) 
+     (allow process user_cron_spool_t ( file ( getattr read write append ioctl lock map open create  ))) 
+     (allow process user_cron_spool_t ( sock_file ( getattr read write append open  ))) 
+-    (allow process user_cron_spool_t ( dir ( open read getattr lock search ioctl add_name remove_name write ))) 
+-    (allow process user_cron_spool_t ( file ( getattr read write append ioctl lock map open create  ))) 
+-    (allow process user_cron_spool_t ( sock_file ( getattr read write append open  ))) 
+     (allow process var_spool_t ( dir ( open read getattr lock search ioctl add_name remove_name write ))) 
+     (allow process var_spool_t ( file ( getattr read write append ioctl lock map open create  ))) 
+     (allow process var_spool_t ( sock_file ( getattr read write append open  ))) 
+diff --git a/tests/test_basic.podman.cil b/tests/test_basic.podman.cil
+index 06b44e3..618fe07 100644
+--- a/tests/test_basic.podman.cil
++++ b/tests/test_basic.podman.cil
+@@ -287,10 +287,7 @@
+     (allow process user_cron_spool_t ( dir ( open read getattr lock search ioctl add_name remove_name write ))) 
+     (allow process user_cron_spool_t ( file ( getattr read write append ioctl lock map open create  ))) 
+     (allow process user_cron_spool_t ( sock_file ( getattr read write append open  ))) 
+-    (allow process user_cron_spool_t ( dir ( open read getattr lock search ioctl add_name remove_name write ))) 
+-    (allow process user_cron_spool_t ( file ( getattr read write append ioctl lock map open create  ))) 
+-    (allow process user_cron_spool_t ( sock_file ( getattr read write append open  ))) 
+     (allow process var_spool_t ( dir ( open read getattr lock search ioctl add_name remove_name write ))) 
+     (allow process var_spool_t ( file ( getattr read write append ioctl lock map open create  ))) 
+     (allow process var_spool_t ( sock_file ( getattr read write append open  ))) 
+-)
+\ No newline at end of file
++)
+-- 
+2.21.0
+
diff --git a/sources b/sources
index 4fb2ded..34d429b 100644
--- a/sources
+++ b/sources
@@ -1 +1 @@
-SHA512 (v0.1.8.tar.gz) = ada8f3183904ac0aa1715e564f708ce3bda02719ecc2587e3774205bba39e585f2df7392861317a4324e8ea2c2f6fa031c3a0f440be6ca5408398b238089b891
+SHA512 (v0.1.9.tar.gz) = 24cbece968e8a494074297cf62b80d71b862bfe9366d30be5dd0be5158609b20358a1de42932584c2ead0f75d2a197fb57e0856c391e82975f70eba6a51a2ec3
diff --git a/udica.spec b/udica.spec
index 62a4bda..95cde71 100644
--- a/udica.spec
+++ b/udica.spec
@@ -1,6 +1,6 @@
 Summary: A tool for generating SELinux security policies for containers
 Name: udica
-Version: 0.1.8
+Version: 0.1.9
 Release: 2%{?dist}
 Source0: https://github.com/containers/udica/archive/v%{version}.tar.gz
 License: GPLv3+
@@ -13,6 +13,7 @@ Requires: python3 python3-libsemanage python3-libselinux
 BuildRequires: python2 python2-devel python2-setuptools
 Requires: python2 libsemanage-python libselinux-python
 %endif
+patch01: 0001-Update-tests-test_basic.podman.cil-test_basic.docker.patch
 
 %description
 Tool for generating SELinux security profiles for containers based on
@@ -60,6 +61,9 @@ install -m 0644 udica/man/man8/udica.8 %{buildroot}%{_mandir}/man8/udica.8
 %endif
 
 %changelog
+* Tue Aug 13 2019 Lukas Vrabec <lvrabec@redhat.com> - 0.1.9-2
+- New rebase https://github.com/containers/udica/releases/tag/v0.1.9
+
 * Sat Jul 27 2019 Fedora Release Engineering <releng@fedoraproject.org> - 0.1.8-2
 - Rebuilt for https://fedoraproject.org/wiki/Fedora_31_Mass_Rebuild
 

From ac2d797d95ae700332ef8ada99882fd8022bc84a Mon Sep 17 00:00:00 2001
From: Lukas Vrabec <lvrabec@redhat.com>
Date: Aug 27 2019 19:29:53 +0000
Subject: [PATCH 2/2] Fix tests


---

diff --git a/tests/sanity/runtest.sh b/tests/sanity/runtest.sh
index 5c66cfe..c8c5f34 100755
--- a/tests/sanity/runtest.sh
+++ b/tests/sanity/runtest.sh
@@ -51,12 +51,13 @@ rlJournalStart
 
         rlRun "podman exec test ls /home" 1,2
         rlRun "podman exec test touch /var/spool/test" 1
+        rlRun "podman exec test dnf install nmap-ncat -y" 0
         rlWatchdog "rlRun \"podman exec test nc -l 53\"" 3
 
         CONT_ID=$(podman ps | grep test | cut -d ' ' -f 1)
         rlRun "podman inspect $CONT_ID | udica my_container >$OUTPUT_FILE"
         rlRun "podman stop test"
-        rlRun "podman rm test"
+        rlRun "podman rm --force test"
 
         rlRun "cat $OUTPUT_FILE"
         rlAssertExists "my_container.cil"
@@ -71,10 +72,11 @@ rlJournalStart
 
         rlRun "podman exec test2 ls /home" 0
         rlRun "podman exec test2 touch /var/spool/test" 0
-        rlWatchdog "rlRun \"podman exec test2 nc -l 53\" 1" 3
+        rlRun "podman exec test2 dnf install nmap-ncat -y" 0
+        rlWatchdog "rlRun \"podman exec test2 nc -l 53\" 2" 3
 
         rlRun "podman stop test2"
-        rlRun "podman rm test2"
+        rlRun "podman rm --force test2"
 
         rlRun "semodule -r my_container base_container net_container home_container"
         rlRun "rm my_container.cil"