import container-selinux-2.167.0-1.module+el8.5.0+12397+bf23b712
This commit is contained in:
parent
912db4c410
commit
1a712b8809
@ -1 +1 @@
|
|||||||
bb18101c1ab06b47a88b51df2fd87dcfa3d51412 SOURCES/v2.158.0.tar.gz
|
98b7f05ef0e86a3c21f9da1c315eb0f9a1c58df4 SOURCES/v2.167.0.tar.gz
|
||||||
|
2
.gitignore
vendored
2
.gitignore
vendored
@ -1 +1 @@
|
|||||||
SOURCES/v2.158.0.tar.gz
|
SOURCES/v2.167.0.tar.gz
|
||||||
|
12
SOURCES/container-selinux-1957904.patch
Normal file
12
SOURCES/container-selinux-1957904.patch
Normal file
@ -0,0 +1,12 @@
|
|||||||
|
diff -up container-selinux-2.163.0/container.te.orig container-selinux-2.163.0/container.te
|
||||||
|
--- container-selinux-2.163.0/container.te.orig 2021-06-16 16:14:04.107700701 +0200
|
||||||
|
+++ container-selinux-2.163.0/container.te 2021-06-16 16:14:29.756010679 +0200
|
||||||
|
@@ -454,7 +454,7 @@ modutils_domtrans_kmod(container_runtime
|
||||||
|
systemd_status_all_unit_files(container_runtime_domain)
|
||||||
|
systemd_start_systemd_services(container_runtime_domain)
|
||||||
|
systemd_dbus_chat_logind(container_runtime_domain)
|
||||||
|
-systemd_chat_resolved(container_runtime_domain)
|
||||||
|
+#systemd_chat_resolved(container_runtime_domain)
|
||||||
|
|
||||||
|
userdom_stream_connect(container_runtime_domain)
|
||||||
|
userdom_search_user_home_content(container_runtime_domain)
|
12
SOURCES/rhel-fix.patch
Normal file
12
SOURCES/rhel-fix.patch
Normal file
@ -0,0 +1,12 @@
|
|||||||
|
diff -up container-selinux-2.161.1/container.te.orig container-selinux-2.161.1/container.te
|
||||||
|
--- container-selinux-2.161.1/container.te.orig 2021-05-06 14:55:57.952216763 +0200
|
||||||
|
+++ container-selinux-2.161.1/container.te 2021-05-06 14:56:02.027287991 +0200
|
||||||
|
@@ -114,7 +114,7 @@ mls_trusted_object(container_runtime_t)
|
||||||
|
#
|
||||||
|
allow container_runtime_domain self:capability { chown kill fowner fsetid mknod net_admin net_bind_service net_raw setfcap sys_resource };
|
||||||
|
allow container_runtime_domain self:tun_socket { create_socket_perms relabelto };
|
||||||
|
-allow container_runtime_domain self:lockdown { confidentiality integrity };
|
||||||
|
+#allow container_runtime_domain self:lockdown { confidentiality integrity };
|
||||||
|
allow container_runtime_domain self:process ~setcurrent;
|
||||||
|
allow container_runtime_domain self:passwd rootok;
|
||||||
|
allow container_runtime_domain self:fd use;
|
@ -19,12 +19,14 @@
|
|||||||
|
|
||||||
Epoch: 2
|
Epoch: 2
|
||||||
Name: container-selinux
|
Name: container-selinux
|
||||||
Version: 2.158.0
|
Version: 2.167.0
|
||||||
Release: 1%{?dist}
|
Release: 1%{?dist}
|
||||||
License: GPLv2
|
License: GPLv2
|
||||||
URL: %{git0}
|
URL: %{git0}
|
||||||
Summary: SELinux policies for container runtimes
|
Summary: SELinux policies for container runtimes
|
||||||
Source0: %{git0}/archive/v%{version}.tar.gz
|
Source0: %{git0}/archive/v%{version}.tar.gz
|
||||||
|
Patch0: rhel-fix.patch
|
||||||
|
Patch1: container-selinux-1957904.patch
|
||||||
BuildArch: noarch
|
BuildArch: noarch
|
||||||
BuildRequires: git
|
BuildRequires: git
|
||||||
BuildRequires: pkgconfig(systemd)
|
BuildRequires: pkgconfig(systemd)
|
||||||
@ -106,6 +108,67 @@ fi
|
|||||||
%{_datadir}/containers/selinux/contexts
|
%{_datadir}/containers/selinux/contexts
|
||||||
|
|
||||||
%changelog
|
%changelog
|
||||||
|
* Thu Aug 26 2021 Jindrich Novy <jnovy@redhat.com> - 2:2.167.0-1
|
||||||
|
- update to https://github.com/containers/container-selinux/releases/tag/v2.167.0
|
||||||
|
- Related: #1934415
|
||||||
|
|
||||||
|
* Wed Aug 25 2021 Jindrich Novy <jnovy@redhat.com> - 2:2.165.1-2
|
||||||
|
- update to https://github.com/containers/container-selinux/releases/tag/v2.165.1
|
||||||
|
- Related: #1934415
|
||||||
|
|
||||||
|
* Tue Aug 03 2021 Jindrich Novy <jnovy@redhat.com> - 2:2.164.2-1
|
||||||
|
- update to https://github.com/containers/container-selinux/releases/tag/v2.164.2
|
||||||
|
- Related: #1934415
|
||||||
|
|
||||||
|
* Wed Jul 21 2021 Jindrich Novy <jnovy@redhat.com> - 2:2.164.1-1
|
||||||
|
- update to https://github.com/containers/container-selinux/releases/tag/v2.164.1
|
||||||
|
- Related: #1934415
|
||||||
|
|
||||||
|
* Thu Jun 17 2021 Jindrich Novy <jnovy@redhat.com> - 2:2.163.0-2
|
||||||
|
- fix the build of 2.163.0
|
||||||
|
- Resolves: #1957904
|
||||||
|
|
||||||
|
* Tue Jun 15 2021 Jindrich Novy <jnovy@redhat.com> - 2:2.163.0-1
|
||||||
|
- update to https://github.com/containers/container-selinux/releases/tag/v2.163.0
|
||||||
|
- Related: #1934415
|
||||||
|
|
||||||
|
* Tue May 25 2021 Jindrich Novy <jnovy@redhat.com> - 2:2.162.2-1
|
||||||
|
- update to https://github.com/containers/container-selinux/releases/tag/v2.162.2
|
||||||
|
- Related: #1934415
|
||||||
|
|
||||||
|
* Wed May 19 2021 Jindrich Novy <jnovy@redhat.com> - 2:2.162.1-1
|
||||||
|
- update to https://github.com/containers/container-selinux/releases/tag/v2.162.1
|
||||||
|
- Related: #1934415
|
||||||
|
|
||||||
|
* Tue May 11 2021 Jindrich Novy <jnovy@redhat.com> - 2:2.162.0-1
|
||||||
|
- update to https://github.com/containers/container-selinux/releases/tag/v2.162.0
|
||||||
|
- Related: #1934415
|
||||||
|
|
||||||
|
* Thu May 06 2021 Jindrich Novy <jnovy@redhat.com> - 2:2.161.1-2
|
||||||
|
- do not use lockdown class yet - it is not available in RHEL
|
||||||
|
- Related: #1934415
|
||||||
|
|
||||||
|
* Thu May 06 2021 Jindrich Novy <jnovy@redhat.com> - 2:2.161.1-1
|
||||||
|
- update to https://github.com/containers/container-selinux/releases/tag/v2.161.1
|
||||||
|
- Related: #1934415
|
||||||
|
|
||||||
|
* Wed Apr 28 2021 Jindrich Novy <jnovy@redhat.com> - 2:2.160.2-1
|
||||||
|
- update to https://github.com/containers/container-selinux/releases/tag/v2.160.2
|
||||||
|
- Related: #1934415
|
||||||
|
|
||||||
|
* Mon Apr 26 2021 Jindrich Novy <jnovy@redhat.com> - 2:2.160.1-1
|
||||||
|
- update to
|
||||||
|
https://github.com/containers/container-selinux/releases/tag/v2.160.1
|
||||||
|
- Related: #1934415
|
||||||
|
|
||||||
|
* Wed Mar 31 2021 Jindrich Novy <jnovy@redhat.com> - 2:2.160.0-1
|
||||||
|
- update to https://github.com/containers/container-selinux/releases/tag/v2.160.0
|
||||||
|
- Related: #1934415
|
||||||
|
|
||||||
|
* Tue Mar 23 2021 Jindrich Novy <jnovy@redhat.com> - 2:2.159.0-1
|
||||||
|
- update to https://github.com/containers/container-selinux/releases/tag/v2.159.0
|
||||||
|
- Related: #1934415
|
||||||
|
|
||||||
* Fri Feb 12 2021 Jindrich Novy <jnovy@redhat.com> - 2:2.158.0-1
|
* Fri Feb 12 2021 Jindrich Novy <jnovy@redhat.com> - 2:2.158.0-1
|
||||||
- update to https://github.com/containers/container-selinux/releases/tag/v2.158.0
|
- update to https://github.com/containers/container-selinux/releases/tag/v2.158.0
|
||||||
- Related: #1883490
|
- Related: #1883490
|
||||||
|
Loading…
Reference in New Issue
Block a user