From c3cd574d4a4115c15716214778e3a9acfdfd077a Mon Sep 17 00:00:00 2001 From: Andrew Lukoshko Date: Mon, 26 Jun 2023 12:03:45 +0000 Subject: [PATCH] import CS passt-0^20230222.g4ddbcb9-4.el9_2 --- ...ELinux-interface-files-to-shared-inc.patch | 40 ------------------ SPECS/passt.spec | 42 +++++++++++-------- 2 files changed, 25 insertions(+), 57 deletions(-) delete mode 100644 SOURCES/0020-fedora-Install-SELinux-interface-files-to-shared-inc.patch diff --git a/SOURCES/0020-fedora-Install-SELinux-interface-files-to-shared-inc.patch b/SOURCES/0020-fedora-Install-SELinux-interface-files-to-shared-inc.patch deleted file mode 100644 index c33821c..0000000 --- a/SOURCES/0020-fedora-Install-SELinux-interface-files-to-shared-inc.patch +++ /dev/null @@ -1,40 +0,0 @@ -From 61676035ec5f58df4f4cca024c772d7e0b43d7dc Mon Sep 17 00:00:00 2001 -From: Stefano Brivio -Date: Fri, 10 Mar 2023 19:10:01 +0100 -Subject: [PATCH 20/20] fedora: Install SELinux interface files to shared - include directory - -Link: https://github.com/fedora-selinux/selinux-policy/pull/1613 -Signed-off-by: Stefano Brivio -(cherry picked from commit 70c0765b49e19b76639908a7686d8f795ba3ed24) ---- - contrib/fedora/passt.spec | 4 ++++ - 1 file changed, 4 insertions(+) - -diff --git a/contrib/fedora/passt.spec b/contrib/fedora/passt.spec -index 7f67bee..51cad90 100644 ---- a/contrib/fedora/passt.spec -+++ b/contrib/fedora/passt.spec -@@ -61,7 +61,9 @@ ln -sr %{buildroot}%{_mandir}/man1/pasta.1 %{buildroot}%{_mandir}/man1/pasta.avx - pushd contrib/selinux - make -f %{_datadir}/selinux/devel/Makefile - install -p -m 644 -D passt.pp %{buildroot}%{_datadir}/selinux/packages/%{name}/passt.pp -+install -p -m 644 -D passt.if %{buildroot}%{_datadir}/selinux/devel/include/contrib/passt.if - install -p -m 644 -D pasta.pp %{buildroot}%{_datadir}/selinux/packages/%{name}/pasta.pp -+install -p -m 644 -D pasta.if %{buildroot}%{_datadir}/selinux/devel/include/contrib/pasta.if - popd - - %post selinux -@@ -93,7 +95,9 @@ semodule -r pasta 2>/dev/null || : - %files selinux - %dir %{_datadir}/selinux/packages/%{name} - %{_datadir}/selinux/packages/%{name}/passt.pp -+%{_datadir}/selinux/devel/include/contrib/passt.if - %{_datadir}/selinux/packages/%{name}/pasta.pp -+%{_datadir}/selinux/devel/include/contrib/pasta.if - - %changelog - {{{ passt_git_changelog }}} --- -2.39.2 - diff --git a/SPECS/passt.spec b/SPECS/passt.spec index 6a9b56d..04a0fc7 100644 --- a/SPECS/passt.spec +++ b/SPECS/passt.spec @@ -12,7 +12,7 @@ Name: passt Version: 0^20230222.g4ddbcb9 -Release: 2%{?dist} +Release: 4%{?dist} Summary: User-mode networking daemons for virtual machines and namespaces License: AGPLv3+ and BSD Group: System Environment/Daemons @@ -38,7 +38,6 @@ Patch16: 0016-tcp-Clamp-MSS-value-when-queueing-data-to-tap-also-f.patch Patch17: 0017-contrib-selinux-Drop-example-from-headers-this-is-th.patch Patch18: 0018-contrib-selinux-Drop-unused-passt_read_data-interfac.patch Patch19: 0019-contrib-selinux-Split-interfaces-into-smaller-bits.patch -Patch20: 0020-fedora-Install-SELinux-interface-files-to-shared-inc.patch BuildRequires: gcc, make, git, checkpolicy, selinux-policy-devel Requires: (%{name}-selinux = %{version}-%{release} if selinux-policy-%{selinuxtype}) @@ -83,23 +82,25 @@ ln -sr %{buildroot}%{_mandir}/man1/pasta.1 %{buildroot}%{_mandir}/man1/pasta.avx pushd contrib/selinux make -f %{_datadir}/selinux/devel/Makefile -install -p -m 644 -D passt.pp %{buildroot}%{_datadir}/selinux/packages/%{name}/passt.pp -install -p -m 644 -D passt.if %{buildroot}%{_datadir}/selinux/devel/include/contrib/passt.if -install -p -m 644 -D pasta.pp %{buildroot}%{_datadir}/selinux/packages/%{name}/pasta.pp -install -p -m 644 -D pasta.if %{buildroot}%{_datadir}/selinux/devel/include/contrib/pasta.if +install -p -m 644 -D passt.pp %{buildroot}%{_datadir}/selinux/packages/%{selinuxtype}/passt.pp +install -p -m 644 -D passt.if %{buildroot}%{_datadir}/selinux/devel/include/distributed/passt.if +install -p -m 644 -D pasta.pp %{buildroot}%{_datadir}/selinux/packages/%{selinuxtype}/pasta.pp popd %pre selinux %selinux_relabel_pre -s %{selinuxtype} %post selinux -semodule -i %{_datadir}/selinux/packages/%{name}/passt.pp 2>/dev/null || : -semodule -i %{_datadir}/selinux/packages/%{name}/pasta.pp 2>/dev/null || : -%selinux_relabel_post -s %{selinuxtype} +%selinux_modules_install -s %{selinuxtype} %{_datadir}/selinux/packages/%{selinuxtype}/passt.pp +%selinux_modules_install -s %{selinuxtype} %{_datadir}/selinux/packages/%{selinuxtype}/pasta.pp -%preun selinux -semodule -r passt 2>/dev/null || : -semodule -r pasta 2>/dev/null || : +%postun selinux +if [ $1 -eq 0 ]; then + %selinux_modules_uninstall -s %{selinuxtype} passt + %selinux_modules_uninstall -s %{selinuxtype} pasta +fi + +%posttrans selinux %selinux_relabel_post -s %{selinuxtype} %files @@ -121,13 +122,20 @@ semodule -r pasta 2>/dev/null || : %endif %files selinux -%dir %{_datadir}/selinux/packages/%{name} -%{_datadir}/selinux/packages/%{name}/passt.pp -%{_datadir}/selinux/devel/include/contrib/passt.if -%{_datadir}/selinux/packages/%{name}/pasta.pp -%{_datadir}/selinux/devel/include/contrib/pasta.if +%{_datadir}/selinux/packages/%{selinuxtype}/passt.pp +%{_datadir}/selinux/devel/include/distributed/passt.if +%{_datadir}/selinux/packages/%{selinuxtype}/pasta.pp %changelog +* Sun Jun 11 2023 Stefano Brivio - 0^20230222.g4ddbcb9-4 +- Drop (pointless) patches 20, 21, 22, actually apply changes to the spec file! +- Refresh SELinux labels in scriptlets, require -selinux package (rhbz#2183089) +- Don't install useless SELinux interface file for pasta (rhbz#2183106) + +* Fri Apr 28 2023 Stefano Brivio - 0^20230222.g4ddbcb9-3 +- Refresh SELinux labels in scriptlets, require -selinux package (rhbz#2183089) +- Don't install useless SELinux interface file for pasta (rhbz#2183106) + * Thu Mar 16 2023 Stefano Brivio - 0^20230222.g4ddbcb9-2 - udp: Actually use host resolver to forward DNS queries (rhbz#2177075) - conf: Split add_dns{4,6}() out of get_dns() (rhbz#2177075)