Update to 210-1

- Overview: Add CPU utilization to usage card - Dashboard: Support SSH identity unlocking when adding new machines - SElinux: Introduce an Ansible automation script - Machines: Support “bridge” type network interfaces - Machines: Support “bus” type disk configuration
2020-01-08 17:19:37 +00:00 · 2020-01-08 17:19:37 +00:00 · 0864035b2c
commit 0864035b2c
parent 4c23d89cc0
3 changed files with 11 additions and 47 deletions
--- a/.gitignore
+++ b/.gitignore
@ -165,3 +165,4 @@
 /cockpit-207.tar.xz
 /cockpit-208.tar.xz
 /cockpit-209.tar.xz
+/cockpit-210.tar.xz
--- a/cockpit.spec
+++ b/cockpit.spec
@ -1,5 +1,5 @@
 # This spec file has been automatically updated
-Version:        209
+Version:        210
 Release: 1%{?dist}
 #
 # This file is maintained at the following location:
@ -399,15 +399,6 @@ Suggests: sssd-dbus
 Requires(post): systemd
 Requires(preun): systemd
 Requires(postun): systemd
-%if %{defined wip}
-# HACK: don't apply selinux %post dependencies to CI builds, it would require refreshing images
-%else
-%if 0%{?rhel}
-# for SELinux policy adjustment in %post below
-Requires(post): /usr/sbin/semanage
-Requires(post): policycoreutils
-%endif
-%endif

 %description ws
 The Cockpit Web Service listens on the network, and authenticates users.
@ -465,42 +456,6 @@ getent passwd cockpit-wsinstance >/dev/null || useradd -r -g cockpit-wsinstance
 # firewalld only partially picks up changes to its services files without this
 test -f %{_bindir}/firewall-cmd && firewall-cmd --reload --quiet || true

-%if 0%{?rhel}
-# HACK: SELinux policy adjustment for cockpit-tls; see https://github.com/fedora-selinux/selinux-policy-contrib/pull/114
-set -ex
-echo "Applying SELinux policy change for cockpit-tls.."
-semanage fcontext -a /usr/libexec/cockpit-tls -t cockpit_ws_exec_t || true
-restorecon /usr/libexec/cockpit-tls
-tmp=$(mktemp -d)
-cat <<EOF > $tmp/local.te
-module local 1.0;
-require {
-    type cockpit_ws_t;
-    type cockpit_ws_exec_t;
-    type cockpit_session_t;
-    type cockpit_var_run_t;
-    class unix_stream_socket { create_stream_socket_perms connectto };
-    class file { open read map getattr execute_no_trans};
-    class dir { getattr search open read };
-}
-
-allow cockpit_ws_t cockpit_ws_t:unix_stream_socket { create_stream_socket_perms connectto };
-allow cockpit_ws_t cockpit_ws_exec_t:file { execute_no_trans };
-
-# https://github.com/fedora-selinux/selinux-policy-contrib/pull/130
-allow cockpit_session_t cockpit_var_run_t:file { open read map getattr };
-EOF
-checkmodule -M -m -o $tmp/local.mod $tmp/local.te
-semodule_package -o $tmp/local.pp -m $tmp/local.mod
-semodule -i $tmp/local.pp
-rm -rf "$tmp"
-
-# HACK: SELinux policy adjustment for cockpit-tls; see https://github.com/fedora-selinux/selinux-policy-contrib/pull/161
-echo "Applying SELinux policy change for cockpit-wsinstance-factory..."
-semanage fcontext -a /usr/libexec/cockpit-wsinstance-factory -t cockpit_ws_exec_t || true
-restorecon /usr/libexec/cockpit-wsinstance-factory
-%endif
-
 %preun ws
 %systemd_preun cockpit.socket

@ -709,6 +664,14 @@ via PackageKit.

 # The changelog is automatically generated and merged
 %changelog
+* Wed Jan 08 2020 Katerina Koukiou <kkoukiou@redhat.com> - 210-1
+
+- Overview: Add CPU utilization to usage card
+- Dashboard: Support SSH identity unlocking when adding new machines
+- SElinux: Introduce an Ansible automation script
+- Machines: Support “bridge” type network interfaces
+- Machines: Support “bus” type disk configuration
+
 * Fri Dec 13 2019 Marius Vollmer <mvollmer@redhat.com> - 209-1

 - New overview design
--- a/2
+++ b/2
@ -1 +1 @@
-SHA512 (cockpit-209.tar.xz) = e81153d926c13f55ba13accf2b448eaffc3e7a3faee06f07b890eb9525d6063ab3727ab2622e1ad64a7fd16f03e48973a67bd8cda4be5541379930d6799cb46a
+SHA512 (cockpit-210.tar.xz) = 2682dc47f31ded2caf1cac9800adda32483de082f0c84c4301240859dbeb893d811598b813d4b0b791cd3b45b4c0d9fa42a502587e0ee0916d8b92aa9eb1495d