.gitignore

@@ -1 +1,5 @@
-SOURCES/passt-a1e48a02ff3550eb7875a7df6726086e9b3a1213.tar.xz
+/passt-4129764ecaebf05a33e22d8d95bb3d8deaa14c14.tar.xz
+/passt-4663ccc89a7fcbf9d901a80730ee925fc7f64c59.tar.xz
+/passt-4ddbcb9c0c555838b123c018a9ebc9b7e14a87e5.tar.xz
+/passt-0af928eaa020c1062fdc91598dfdc533966e2afe.tar.xz
+/passt-b86afe3559c0bd3d24bc6fed7c60466cf141224c.tar.xz

.passt.metadata

@@ -1 +0,0 @@
-6561fdc75b29dc6566bc1fb30b88d6846ef5e23b SOURCES/passt-a1e48a02ff3550eb7875a7df6726086e9b3a1213.tar.xz

0001-selinux-Drop-user_namespace-create-allow-rules.patch

@@ -24,28 +24,29 @@ Signed-off-by: Stefano Brivio <sbrivio@redhat.com>
  2 files changed, 2 deletions(-)
 
 diff --git a/contrib/selinux/passt.te b/contrib/selinux/passt.te
-index c6cea34..131fadc 100644
+index facc2d1..de10f45 100644
 --- a/contrib/selinux/passt.te
 +++ b/contrib/selinux/passt.te
-@@ -92,7 +92,6 @@ allow syslogd_t self:cap_userns sys_ptrace;
+@@ -93,7 +93,6 @@ allow syslogd_t self:cap_userns sys_ptrace;
  allow passt_t self:process setcap;
  allow passt_t self:capability { sys_tty_config setpcap net_bind_service setuid setgid};
  allow passt_t self:cap_userns { setpcap sys_admin sys_ptrace };
 -allow passt_t self:user_namespace create;
  
- auth_read_passwd(passt_t)
- 
+ allow passt_t passwd_file_t:file read_file_perms;
+ sssd_search_lib(passt_t)
 diff --git a/contrib/selinux/pasta.te b/contrib/selinux/pasta.te
-index 69be081..892edae 100644
+index ed70c5f..3226e37 100644
 --- a/contrib/selinux/pasta.te
 +++ b/contrib/selinux/pasta.te
-@@ -110,7 +110,6 @@ init_daemon_domain(pasta_t, pasta_exec_t)
+@@ -113,7 +113,6 @@ init_daemon_domain(pasta_t, pasta_exec_t)
  
  allow pasta_t self:capability { setpcap net_bind_service sys_tty_config dac_read_search net_admin sys_resource setuid setgid };
  allow pasta_t self:cap_userns { setpcap sys_admin sys_ptrace net_admin net_bind_service };
 -allow pasta_t self:user_namespace create;
  
- auth_read_passwd(pasta_t)
- 
+ allow pasta_t passwd_file_t:file read_file_perms;
+ sssd_search_lib(pasta_t)
 -- 
 2.39.2
+

gating.yaml

@@ -0,0 +1,7 @@
+--- !Policy
+product_versions:
+  - rhel-9
+decision_context: osci_compose_gate
+rules:
+  - !PassingTestCaseRule {test_case_name: osci.brew-build.tier0.functional}
+  - !PassingTestCaseRule {test_case_name: kvm-ci.passt.x86_64.brew-build.gating.tier1.functional}

passt.spec

@@ -7,14 +7,14 @@
 # Copyright (c) 2022 Red Hat GmbH
 # Author: Stefano Brivio <sbrivio@redhat.com>
 
-%global git_hash a1e48a02ff3550eb7875a7df6726086e9b3a1213
+%global git_hash 4988e2b406313c579836dc31867d793cfe77535c
 %global selinuxtype targeted
 
 Name:		passt
-Version:	0^20250217.ga1e48a0
+Version:	0^20240326.g4988e2b
 Release:	1%{?dist}
 Summary:	User-mode networking daemons for virtual machines and namespaces
-License:	GPL-2.0-or-later AND BSD-3-Clause
+License:	GPLv2+ and BSD
 Group:		System Environment/Daemons
 URL:		https://passt.top/
 Source:		https://passt.top/passt/snapshot/passt-%{git_hash}.tar.xz
@@ -46,7 +46,7 @@ Requires(preun): %{name}
 Requires(preun): policycoreutils
 
 %description selinux
-This package adds SELinux enforcement to passt(1), pasta(1), passt-repair(1).
+This package adds SELinux enforcement to passt(1) and pasta(1).
 
 %prep
 %autosetup -S git_am -n passt-%{git_hash}
@@ -84,7 +84,6 @@ make -f %{_datadir}/selinux/devel/Makefile
 install -p -m 644 -D passt.pp %{buildroot}%{_datadir}/selinux/packages/%{selinuxtype}/passt.pp
 install -p -m 644 -D passt.if %{buildroot}%{_datadir}/selinux/devel/include/distributed/passt.if
 install -p -m 644 -D pasta.pp %{buildroot}%{_datadir}/selinux/packages/%{selinuxtype}/pasta.pp
-install -p -m 644 -D passt-repair.pp %{buildroot}%{_datadir}/selinux/packages/%{selinuxtype}/passt-repair.pp
 popd
 
 %pre selinux
@@ -93,13 +92,11 @@ popd
 %post selinux
 %selinux_modules_install -s %{selinuxtype} %{_datadir}/selinux/packages/%{selinuxtype}/passt.pp
 %selinux_modules_install -s %{selinuxtype} %{_datadir}/selinux/packages/%{selinuxtype}/pasta.pp
-%selinux_modules_install -s %{selinuxtype} %{_datadir}/selinux/packages/%{selinuxtype}/passt-repair.pp
 
 %postun selinux
 if [ $1 -eq 0 ]; then
 	%selinux_modules_uninstall -s %{selinuxtype} passt
 	%selinux_modules_uninstall -s %{selinuxtype} pasta
-	%selinux_modules_uninstall -s %{selinuxtype} passt-repair
 fi
 
 %posttrans selinux
@@ -113,11 +110,9 @@ fi
 %{_bindir}/passt
 %{_bindir}/pasta
 %{_bindir}/qrap
-%{_bindir}/passt-repair
 %{_mandir}/man1/passt.1*
 %{_mandir}/man1/pasta.1*
 %{_mandir}/man1/qrap.1*
-%{_mandir}/man1/passt-repair.1*
 %ifarch x86_64
 %{_bindir}/passt.avx2
 %{_mandir}/man1/passt.avx2.1*
@@ -129,34 +124,9 @@ fi
 %{_datadir}/selinux/packages/%{selinuxtype}/passt.pp
 %{_datadir}/selinux/devel/include/distributed/passt.if
 %{_datadir}/selinux/packages/%{selinuxtype}/pasta.pp
-%{_datadir}/selinux/packages/%{selinuxtype}/passt-repair.pp
 
 %changelog
-* Mon Feb 17 2025 Stefano Brivio <sbrivio@redhat.com> - 0^20250217.ga1e48a0-1
-- Resolves: RHEL-79787
-
-* Wed Jan 22 2025 Stefano Brivio <sbrivio@redhat.com> - 0^20250121.g4f2c8e7-3
-- Resolves: RHEL-75654
-
-* Tue Jan 21 2025 Stefano Brivio <sbrivio@redhat.com> - 0^20250121.g4f2c8e7-1
-- Resolves: RHEL-75654
-
-* Thu Nov 21 2024 Stefano Brivio <sbrivio@redhat.com> - 0^20241121.g238c69f-1
-- Resolves: RHEL-65502
-
-* Wed Aug 14 2024 Stefano Brivio <sbrivio@redhat.com> - 0^20240806-gee36266-2
-- Resolves: RHEL-54268
-
-* Wed Aug  7 2024 Stefano Brivio <sbrivio@redhat.com> - 0^20240806.gee36266-1
-- Resolves: RHEL-53189
-
-* Fri Aug  2 2024 Stefano Brivio <sbrivio@redhat.com> - 0^20240726.g57a21d2-1
-- Resolves: RHEL-52638
-
-* Mon Jun 24 2024 Stefano Brivio <sbrivio@redhat.com> - 0^20240624.g1ee2eca-1
-- Resolves: RHEL-44837
-
-* Wed May 22 2024 Stefano Brivio <sbrivio@redhat.com> - 0^20240510.g7288448-1
+* Tue May 21 2024 Marcel Haerri <mharri@redhat.com> - 0^20240326.g4988e2b-1
 - Resolves: RHEL-37647
 
 * Fri Dec 15 2023 Stefano Brivio <sbrivio@redhat.com> - 0^20231204.gb86afe3-1

sources

@@ -0,0 +1 @@
+SHA512 (passt-4988e2b406313c579836dc31867d793cfe77535c.tar.xz) = 16ce02c9b9796d0df85364e74fd3bf31715f2345c07140e59be952bfe66abfdff2d0e22939e204c46c671148ce9b22513a200848f26b06854bffdcf6f28c994f