Rebase fapolicyd to 0.9.3

- dramatically improved startup time
- fapolicyd-cli has picked up --list and --ftype commands to help debug/write policy
- file type identification has been improved
- trust database statistics have been added to the reports

.gitignore

@@ -8,3 +8,4 @@
 /fapolicyd-selinux-0.1.tar.gz
 /fapolicyd-selinux-0.2.tar.gz
 /fapolicyd-0.9.2.tar.gz
+/fapolicyd-0.9.3.tar.gz

fapolicyd-conf.patch

@@ -1,9 +0,0 @@
-diff -up ./init/fapolicyd.conf.fix ./init/fapolicyd.conf
---- ./init/fapolicyd.conf.fix	2020-02-03 12:18:23.775222689 +0100
-+++ ./init/fapolicyd.conf	2020-02-03 12:18:42.567359324 +0100
-@@ -14,4 +14,4 @@ db_max_size = 250
- subj_cache_size = 1024
- obj_cache_size = 6144
- watch_fs = ext2,ext3,ext4,tmpfs,xfs,vfat,iso9660
--trust = rpmdb,files
-+trust = rpmdb,file

fapolicyd.spec

@@ -4,15 +4,15 @@
 
 Summary: Application Whitelisting Daemon
 Name: fapolicyd
-Version: 0.9.2
-Release: 2%{?dist}
+Version: 0.9.3
+Release: 1%{?dist}
 License: GPLv3+
 URL: http://people.redhat.com/sgrubb/fapolicyd
 Source0: https://people.redhat.com/sgrubb/fapolicyd/%{name}-%{version}.tar.gz
 Source1: https://github.com/linux-application-whitelisting/%{name}-selinux/releases/download/v%{semodule_version}/%{name}-selinux-%{semodule_version}.tar.gz
 BuildRequires: kernel-headers
 BuildRequires: autoconf automake make gcc libtool
-BuildRequires: systemd-devel libgcrypt-devel rpm-devel file-devel
+BuildRequires: systemd-devel libgcrypt-devel rpm-devel file-devel file
 BuildRequires: libcap-ng-devel libseccomp-devel lmdb-devel
 BuildRequires: python3-devel
 Recommends: %{name}-selinux
@@ -21,8 +21,7 @@ Requires(post): systemd-units
 Requires(preun): systemd-units
 Requires(postun): systemd-units
 
-Patch1: fapolicyd-conf.patch
-Patch2: selinux.patch
+Patch1: selinux.patch
 
 %description
 Fapolicyd (File Access Policy Daemon) implements application whitelisting
@@ -53,8 +52,7 @@ sed -i "s/%python2_path%/`readlink -f %{__python2} | sed 's/\//\\\\\//g'`/g" ini
 sed -i "s/%python3_path%/`readlink -f %{__python3} | sed 's/\//\\\\\//g'`/g" init/%{name}.rules
 sed -i "s/%ld_so_path%/`find /usr/lib64/ -type f -name 'ld-2\.*.so' | sed 's/\//\\\\\//g'`/g" init/%{name}.rules
 
-%patch1 -p1 -b .default-conf
-%patch2 -p1 -b .selinux
+%patch1 -p1 -b .selinux
 
 %build
 
@@ -121,10 +119,11 @@ getent passwd %{name} >/dev/null || useradd -r -M -d %{_localstatedir}/lib/%{nam
 %attr(644,root,root) %{_mandir}/man8/*
 %attr(644,root,root) %{_mandir}/man5/*
 %attr(644,root,root) %{_mandir}/man1/*
+%attr(644,root,root) %{_datadir}/%{name}/*
 %ghost %{_localstatedir}/log/%{name}-access.log
 %attr(770,root,%{name}) %dir %{_localstatedir}/lib/%{name}
 %attr(770,root,%{name}) %dir /run/%{name}
-%ghost %{_localstatedir}/run/%{name}/%{name}.fifo
+%ghost /run/%{name}/%{name}.fifo
 %ghost %{_localstatedir}/lib/%{name}/data.mdb
 %ghost %{_localstatedir}/lib/%{name}/lock.mdb
 %{python3_sitelib}/dnf-plugins/%{name}-dnf-plugin.py
@@ -149,6 +148,13 @@ fi
 
 
 %changelog
+* Mon Feb 24 2020 Radovan Sroka <rsroka@redhat.com> - 0.9.3-1
+- rebase fapolicyd to 0.9.3
+- dramatically improved startup time
+- fapolicyd-cli has picked up --list and --ftype commands to help debug/write policy
+- file type identification has been improved
+- trust database statistics have been added to the reports
+
 * Tue Feb 04 2020 Radovan Sroka <rsroka@redhat.com> - 0.9.2-2
 - Label all fifo_file as fapolicyd_var_run_t in /var/run.
 - Allow fapolicyd_t domain to create fifo files labeled as

sources

@@ -1,2 +1,2 @@
-SHA512 (fapolicyd-0.9.2.tar.gz) = 472282f2bf31788e3fb4e41648ddbffe2c550396bd371bb85f685773de76333bd55abd63e0145d6abe3b2c8bf72946138448eb0582bb693893310f81741a201b
+SHA512 (fapolicyd-0.9.3.tar.gz) = e605bc0f90d5deb623af474ecad9b6497d152706699a1887509cdabdc4f06ba7a0d09f896cbe324542e7dfe0f988ad6755e1790988ec269d0f60c6962a6a243a
 SHA512 (fapolicyd-selinux-0.2.tar.gz) = 9ffefab4102168be672a9e84b2fff3c4fbabf65b77432a4b4e6f9619b13e23dba27c2fb5e5015830b90104aff50d7ef21337de137d14d622970c1f17accf23ad