rpms/fapolicyd
7
0
Fork 0
Code Issues Pull Requests Releases Activity
93 Commits 7 Branches 63 Tags 611 KiB
d08d2c8d89
Commit Graph

93 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Petr Lautrbach
d08d2c8d89 fapolicyd-1.3.3-107 
- Fix owner:group of /etc/fapolicyd on boot
Resolves: RHEL-104873
 2025-08-20 09:46:35 +02:00
Petr Lautrbach
09536152e5 Change /usr/share/fapolicyd to root:root 
fapolicyd group does not have write access anyway.

Fixes problem with dynamic user in image mode where it's not possible to
use tmpfiles.d as the filesystem is readonly

Resolves: RHEL-104873
 2025-08-20 09:37:26 +02:00
Petr Lautrbach
e1bfe7b101 Fix owner:group of /etc/fapolicyd on boot 
On image based systems, fapolicyd user and group could have a different
uid used during container build and in booted container

Resolves: RHEL-104873
 2025-08-20 09:35:52 +02:00
Petr Lautrbach
562d9eed5f fapolicyd-1.3.3-106 
- Add /var/lib/fapolicyd to tmpfiles
Resolves: RHEL-104873
- Allow fapolicyd to connect to systemd-machined
Resolves: RHEL-77071
 2025-08-18 08:47:35 +02:00
Petr Lautrbach
ac30c65223 Allow fapolicyd to connect to systemd-machined 
Resolves: RHEL-77071
 2025-08-18 07:42:23 +02:00
Petr Lautrbach
70b0c24724 Add /var/lib/fapolicyd to tmpfiles 
On image based system, /var/lib/fapolicyd is not created during rpm
installation but needs to be created during boot using tmpfiles.d

Fixes:
    fapolicyd[1463]: Failed writing db version No such file or directory

Resolves: RHEL-104873
 2025-08-18 07:20:44 +02:00
Petr Lautrbach
ce823087c8 install fapolicyd sysusers.d configuration 
See https://docs.fedoraproject.org/en-US/packaging-guidelines/UsersAndGroups/

Fixes creating user and groups on image mode system

Resolves: RHEL-104873
 2025-08-18 07:17:04 +02:00
Radovan Sroka
1165ecc896 RHEL 10.1 ERRATUM 
- add selinux patch for bin/sbin equivalence

- "fapolicyd-cli --file add" crashes when processing sockets
Resolves: RHEL-105425

Signed-off-by: Radovan Sroka <rsroka@redhat.com>
 2025-07-29 11:42:07 +02:00
Radovan Sroka
99663924fa RHEL 10.1 ERRATUM 
- RPMDB crashes with SIGBUS when updating the RPMDB repeatedly
Resolves: RHEL-94540

- fixed failures in CI

Signed-off-by: Radovan Sroka <rsroka@redhat.com>
 2025-07-24 10:19:31 +02:00
Radovan Sroka
60a6dd7b73
RHEL 10.1 ERRATUM 
- RPMDB crashes with SIGBUS when updating the RPMDB repeatedly
Resolves: RHEL-94540
- File /run/fapolicyd differs from RPM expectations
Resolves: RHEL-94536
- fapolicyd.service badly instructs how to start after nss-user-lookup.target
Resolves: RHEL-94538
- fapolicy rule containing 'pattern=normal' produces error
Resolves: RHEL-94537

Signed-off-by: Radovan Sroka <rsroka@redhat.com>
 2025-05-30 14:49:00 +02:00
Troy Dawson
62a57978ad Bump release for October 2024 mass rebuild: 
Resolves: RHEL-64018
 2024-10-29 08:23:22 -07:00
Super User
770310f479 Remove test dir, using .fmf plan 2024-07-10 15:36:33 +02:00
Troy Dawson
8300d9ece6 Bump release for June 2024 mass rebuild 2024-06-24 08:41:47 -07:00
koncpa
aeda2278c4 Update name of passing set ot tests in gating 2024-05-22 12:07:33 +02:00
koncpa
6d57786560 Add gating.yaml to require test as part of gating 2024-05-20 15:50:43 +02:00
Radovan Sroka
f795d5fc20
RHEL 10.0.0 ERRATUM 
- rebase to fapolicy-1.3.3 and fapolicyd-selinux-0.7
Resolves: RHEL-36287

Signed-off-by: Radovan Sroka <rsroka@redhat.com>

Signed-off-by: Radovan Sroka <rsroka@redhat.com>
 2024-05-17 13:12:15 +02:00
koncpa
caa5d4153c Remove wrongly added plan and add new ci plans 
Resolves: RHEL-36744

Signed-off-by: Patrik Koncity <pkoncity@redhat.com>
 2024-05-17 12:28:48 +02:00
Radovan Sroka
c5a1b34c64
RHEL 10.0.0 ERRATUM 
- rebase to fapolicy-1.3.3 and fapolicyd-selinux-0.7
Resolves: RHEL-36287

Signed-off-by: Radovan Sroka <rsroka@redhat.com>
 2024-05-14 13:26:54 +02:00
Fedora Release Engineering
d226921cd2 Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild 2024-01-24 11:11:09 +00:00
Fedora Release Engineering
10acac14a1 Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild 2024-01-19 18:52:08 +00:00
Patrik Koncity
93473de397 Change url with location of fapolicyd tests 2023-11-23 14:20:48 +01:00
Fedora Release Engineering
17b27aa7b1 Rebuilt for https://fedoraproject.org/wiki/Fedora_39_Mass_Rebuild 
Signed-off-by: Fedora Release Engineering <releng@fedoraproject.org>
 2023-07-19 19:16:08 +00:00
Radovan Sroka
cc47ad2109
Rebase to v1.3.2 
Signed-off-by: Radovan Sroka <rsroka@redhat.com>
 2023-07-10 10:32:14 +02:00
Radovan Sroka
32d8ed48cf
Update changelog and rebuild 
Signed-off-by: Radovan Sroka <rsroka@redhat.com>
 2023-06-15 17:35:43 +02:00
Radovan Sroka
419c239eb4
Rebase to fapolicyd v1.3.1 and selinux v0.6 
Signed-off-by: Radovan Sroka <rsroka@redhat.com>
 2023-06-15 17:30:07 +02:00
Radovan Sroka
8642d5655d
- migrated to SPDX license 
Signed-off-by: Radovan Sroka <rsroka@redhat.com>
 2023-06-13 11:37:17 +02:00
Petr Písař
641efeefbb Rebuild against rpm-4.19 (https://fedoraproject.org/wiki/Changes/RPM-4.19) 2023-05-19 14:57:42 +02:00
Radovan Sroka
9db0c740b0
- SPDX Migration 
Signed-off-by: Radovan Sroka <rsroka@redhat.com>
 2023-03-15 12:26:55 +01:00
Radovan Sroka
2292734883
Rebase to v1.2 
Signed-off-by: Radovan Sroka <rsroka@redhat.com>
 2023-02-10 16:16:12 +01:00
Fedora Release Engineering
23487839d7 Rebuilt for https://fedoraproject.org/wiki/Fedora_38_Mass_Rebuild 
Signed-off-by: Fedora Release Engineering <releng@fedoraproject.org>
 2023-01-19 03:02:33 +00:00
Vit Mojzis
2e8800c45d tests: Add decentralized SELinux policy test 
- Test for unsound/dangerous SELinux policy practices
- Perform static policy code check using SELint

For more details and debugging tips see
https://fedoraproject.org/wiki/SELinux/IndependentPolicy#Testing
 2023-01-04 12:21:14 +00:00
Radovan Sroka
f4df635448 Rebuild for eln 
Signed-off-by: Radovan Sroka <rsroka@redhat.com>
 2022-12-02 17:52:14 +01:00
Yaakov Selkowitz
79313b5a89 Apply RHEL patches last 
The implicit declarations fix broken the ELN build due to overlapping
patches.  Applying the RHEL patches last, and adjusting them as needed
for Fedora changes, is the simplest way to make both builds successful.
 2022-11-28 11:48:13 -05:00
Florian Weimer
49f103321f Avoid implicit declaration of rpmFreeCrypto 
Related to:

  <https://fedoraproject.org/wiki/Changes/PortingToModernC>
  <https://fedoraproject.org/wiki/Toolchain/PortingToModernC>
 2022-11-28 11:58:06 +01:00
Radovan Sroka
ada077c995 Rebase to 1.1.7 
fix build problem

Signed-off-by: Radovan Sroka <rsroka@redhat.com>
 2022-11-28 11:15:08 +01:00
Radovan Sroka
4878f09f92 Rebase to 1.1.7 
Signed-off-by: Radovan Sroka <rsroka@redhat.com>
 2022-11-28 11:11:59 +01:00
Radovan Sroka
a99b7efd3e Fix eln building 
Signed-off-by: Radovan Sroka <rsroka@redhat.com>
 2022-09-29 14:19:15 +02:00
Radovan Sroka
6228fd0a74 Rebase to 1.1.5 
Signed-off-by: Radovan Sroka <rsroka@redhat.com>
 2022-09-29 11:11:31 +02:00
Nikola Knazekova
ef414090b1 selinux: Update based on latest packaging guide 
https://fedoraproject.org/wiki/SELinux/IndependentPolicy
Add dependency on selinux-policy-targeted
Exclude installed policy module file from RPM verification

Signed-off-by: Nikola Knazekova <nknazeko@redhat.com>
 2022-09-26 13:02:39 +02:00
Radovan Sroka
0ede76ffa9
Fix bash completition definition in spec 
Resolves: rhbz#2123065

Signed-off-by: Radovan Sroka <rsroka@redhat.com>
 2022-08-31 19:14:26 +02:00
Radovan Sroka
78db532590
Add correct openssl and systemd dependencies 
Signed-off-by: Radovan Sroka <rsroka@redhat.com>
 2022-08-30 21:07:24 +02:00
Radovan Sroka
26e3a4e777 Rebase to 1.1.4 
Signed-off-by: Radovan Sroka <rsroka@redhat.com>
 2022-08-18 18:05:02 +02:00
Fedora Release Engineering
4be9ee7cf5 Rebuilt for https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild 
Signed-off-by: Fedora Release Engineering <releng@fedoraproject.org>
 2022-07-21 02:45:08 +00:00
Radovan Sroka
6f0c3726ad Removed dnf plugin 
Signed-off-by: Radovan Sroka <rsroka@redhat.com>
 2022-06-22 10:28:16 +02:00
Radovan Sroka
40537635b8 Rebase to 1.1.3 
Signed-off-by: Radovan Sroka <rsroka@redhat.com>
 2022-06-22 10:20:36 +02:00
Python Maint
fe8fa4b2c2 Rebuilt for Python 3.11 2022-06-15 18:15:35 +02:00
Radovan Sroka
182cc455be
Rebase to v1.1.2 
- fixed CVE-2022-1117
Resolves: rhbz#2089692

Signed-off-by: Radovan Sroka <rsroka@redhat.com>
 2022-05-25 13:41:20 +02:00
Radovan Sroka
f1912834ed
Forgot to add sources 
Signed-off-by: Radovan Sroka <rsroka@redhat.com>
 2022-03-30 14:12:06 +02:00
Radovan Sroka
16e5a8779e
Rebase to v1.1.1 
Signed-off-by: Radovan Sroka <rsroka@redhat.com>
 2022-03-30 14:01:49 +02:00
Radovan Sroka
0ce7579393 fapolicyd.rules should be ghost file 2022-02-15 15:50:27 +01:00