From ba1bd3e9e721929d32815c204150c0f1d3f25989 Mon Sep 17 00:00:00 2001 From: Oyvind Albrigtsen Date: Tue, 8 Apr 2025 09:43:16 +0200 Subject: [PATCH] - Add tmpfiles.d file to make systemd-tmpfiles create/set correct ownership/permissions of /var/lib/haproxy Resolves: RHEL-120174 --- haproxy.spec | 13 +++++++++++-- 1 file changed, 11 insertions(+), 2 deletions(-) diff --git a/haproxy.spec b/haproxy.spec index 4393d2a..539f7df 100644 --- a/haproxy.spec +++ b/haproxy.spec @@ -8,7 +8,7 @@ Name: haproxy Version: 3.0.5 -Release: 4%{?dist} +Release: 5%{?dist} Summary: HAProxy reverse proxy for high availability environments License: GPL-2.0-or-later @@ -50,8 +50,8 @@ availability environments. Indeed, it can: %prep %setup -q -%build +%build make %{?_smp_mflags} CPU="generic" TARGET="linux-glibc" USE_OPENSSL=1 USE_PCRE2=1 USE_SLZ=1 USE_LUA=1 USE_CRYPT_H=1 USE_SYSTEMD=1 USE_LINUX_TPROXY=1 USE_GETADDRINFO=1 USE_PROMEX=1 DEFINE=-DMAX_SESS_STKCTR=12 ADDINC="%{build_cflags}" ADDLIB="%{build_ldflags}" make admin/halog/halog ADDINC="%{build_cflags}" ADDLIB="%{build_ldflags}" @@ -94,6 +94,9 @@ do rm -f $textfile.old done +mkdir -p %{buildroot}%{_tmpfilesdir} +echo "d /var/lib/haproxy 0755 root root - -" > %{buildroot}%{_tmpfilesdir}/%{name}.conf + %pre %sysusers_create_compat %{SOURCE5} @@ -125,8 +128,14 @@ done %{_bindir}/ip6range %{_mandir}/man1/* %{_sysusersdir}/%{name}.conf +%{_tmpfilesdir}/%{name}.conf %changelog +* Mon Oct 20 2025 Oyvind Albrigtsen - 3.0.5-5 +- Add tmpfiles.d file to make systemd-tmpfiles create/set correct + ownership/permissions of /var/lib/haproxy + Resolves: RHEL-120174 + * Wed Jan 8 2025 Oyvind Albrigtsen - 3.0.5-4 - Fix CVE-2024-53008 Resolves: RHEL-69415