Rebase to fapolicyd v1.3.1 and selinux v0.6

Signed-off-by: Radovan Sroka <rsroka@redhat.com>
2023-06-15 17:29:15 +02:00 · 2023-06-15 17:29:15 +02:00 · 419c239eb4
commit 419c239eb4
parent 8642d5655d
4 changed files with 27 additions and 8 deletions
--- a/.gitignore
+++ b/.gitignore
@ -27,3 +27,5 @@
 /fapolicyd-1.1.7.tar.gz
 /fapolicyd-selinux-0.5.tar.gz
 /fapolicyd-1.2.tar.gz
+/fapolicyd-1.3.1.tar.gz
+/fapolicyd-selinux-0.6.tar.gz
--- a/fapolicyd.spec
+++ b/fapolicyd.spec
@ -1,11 +1,11 @@
 %global selinuxtype targeted
 %global moduletype contrib
-%define semodule_version 0.5
+%define semodule_version 0.6

 Summary: Application Whitelisting Daemon
 Name: fapolicyd
-Version: 1.2
-Release: 6%{?dist}
+Version: 1.3.1
+Release: 1%{?dist}
 License: GPL-3.0-or-later
 URL: http://people.redhat.com/sgrubb/fapolicyd
 Source0: https://people.redhat.com/sgrubb/fapolicyd/%{name}-%{version}.tar.gz
@ -30,6 +30,8 @@ Requires(post): systemd-units
 Requires(preun): systemd-units
 Requires(postun): systemd-units

+Patch1: selinux.patch
+
 # RHEL-specific patches
 Patch100: fapolicyd-uthash-bundle.patch

@ -59,10 +61,12 @@ The %{name}-selinux package contains selinux policy for the %{name} daemon.
 # selinux
 %setup -q -D -T -a 1

+%patch 1 -p1 -b .selinux
+
 %if 0%{?rhel} != 0
 # uthash
 %setup -q -D -T -a 2
-%patch100 -p1 -b .uthash
+%patch 100 -p1 -b .uthash
 %endif

 # generate rules for python
@ -79,7 +83,7 @@ interpret=`readelf -e /usr/bin/bash \
 sed -i "s|%ld_so_path%|`realpath $interpret`|g" rules.d/*.rules

 %build
-#cp INSTALL INSTALL.tmp
+cp INSTALL INSTALL.tmp
 ./autogen.sh
 %configure \
    --with-audit \
@ -170,7 +174,7 @@ fi
 %ghost %{_sysconfdir}/%{name}/rules.d/*
 %ghost %{_sysconfdir}/%{name}/%{name}.rules
 %config(noreplace) %attr(644,root,%{name}) %{_sysconfdir}/%{name}/%{name}.conf
-%config(noreplace) %attr(644,root,%{name}) %{_sysconfdir}/%{name}/rpm-filter.conf
+%config(noreplace) %attr(644,root,%{name}) %{_sysconfdir}/%{name}/%{name}-filter.conf
 %config(noreplace) %attr(644,root,%{name}) %{_sysconfdir}/%{name}/%{name}.trust
 %ghost %attr(644,root,%{name}) %{_sysconfdir}/%{name}/compiled.rules
 %attr(644,root,root) %{_unitdir}/%{name}.service
--- a/selinux.patch
+++ b/selinux.patch
@ -0,0 +1,13 @@
+diff -up ./fapolicyd-selinux-0.6/fapolicyd.te.fix ./fapolicyd-selinux-0.6/fapolicyd.te
+--- ./fapolicyd-selinux-0.6/fapolicyd.te.fix	2023-06-15 17:11:47.964646794 +0200
+++ ./fapolicyd-selinux-0.6/fapolicyd.te	2023-06-15 17:13:10.426477653 +0200
+@@ -50,6 +50,9 @@ ifdef(`watch_mount_dirs_pattern',`
+ 
+ ifdef(`fs_watch_all_fs',`
+     fs_watch_all_fs(fapolicyd_t)
+')
+
+ifdef(`files_watch_sb_all_mountpoints',`
+     files_watch_sb_all_mountpoints(fapolicyd_t)
+ ')
+ 
--- a/4
+++ b/4
@ -1,3 +1,3 @@
-SHA512 (fapolicyd-1.2.tar.gz) = 42c2a66f9b28f96597544bff72022d8735ba8700f022bb7a4d2ab74df43924e372c6e25af0af9d737710b0b835163775002f330bd5adf2964831902b755bebc7
-SHA512 (fapolicyd-selinux-0.5.tar.gz) = 15f35fcbc8f9a387483be1501693ebfa0e909b6e27fdadd4b89d8541db18738c61074d9fbd3cb8b574edc873bca10fd56767b7b77ad559d93dbb5ef005708273
+SHA512 (fapolicyd-1.3.1.tar.gz) = 319b793db0f59ef49d67c0734aa379501f2ceec206eeedbd5f193c6148bb4f2327a00546c6eeccc38500ef3be60354fee2ca643e7a2c2e668dea5a93034ce69c
+SHA512 (fapolicyd-selinux-0.6.tar.gz) = db3fb9fce2146cd9137585eae271e727aee4d774e385bbffa10ae70c6e40cf58f2e7aecd8ff8bc3ae446d75089f3ab1bd615237866d600df4acef6747a0c77c7
 SHA512 (uthash-2.3.0.tar.gz) = 3b01f1074790fb242900411cb16eb82c1a9afcf58e3196a0f4611d9d7ef94690ad38c0a500e7783d3efa20328aa8d6ab14f246be63b3b3d385502ba2b6b2a294