rpms/passt
6
0
Fork 0
Code Issues Pull Requests Releases Activity

Compare commits

base: rpms:c9-beta
Branches Tags
rpms:c9-beta
rpms:c9s
rpms:c10s
rpms:c9
rpms:c9s-20240326.g4988e2b-1
rpms:imports/c9-beta/passt-0_20250217.ga1e48a0-1.el9
rpms:imports/c10s/passt-0_20250217.ga1e48a0-1.el10
rpms:imports/c9/passt-0_20240806.gee36266-6.el9_5
rpms:imports/c10s/passt-0_20250121.g4f2c8e7-3.el10
rpms:imports/c10s/passt-0_20250121.g4f2c8e7-1.el10
rpms:imports/c10s/passt-0_20241121.g238c69f-1.el10
rpms:imports/c10s/passt-0_20240806.gee36266-3.el10
rpms:imports/c9-beta/passt-0_20240806.gee36266-2.el9
rpms:imports/c10s/passt-0_20240806.gee36266-2.el10
rpms:imports/c10s/passt-0%5e20240806.gee36266-1.el10
rpms:imports/c9-beta/passt-0%5e20230818.g0af928e-4.el9
rpms:imports/c9/passt-0%5e20230222.g4ddbcb9-4.el9_2
rpms:imports/c9/passt-0%5e20230222.g4ddbcb9-2.el9_2
rpms:imports/c9-beta/passt-0%5e20230222.g4ddbcb9-1.el9
..
compare: rpms:c9s-20240326.g4988e2b-1
Branches Tags
rpms:c9-beta
rpms:c9s
rpms:c10s
rpms:c9
rpms:c9s-20240326.g4988e2b-1
rpms:imports/c9-beta/passt-0_20250217.ga1e48a0-1.el9
rpms:imports/c10s/passt-0_20250217.ga1e48a0-1.el10
rpms:imports/c9/passt-0_20240806.gee36266-6.el9_5
rpms:imports/c10s/passt-0_20250121.g4f2c8e7-3.el10
rpms:imports/c10s/passt-0_20250121.g4f2c8e7-1.el10
rpms:imports/c10s/passt-0_20241121.g238c69f-1.el10
rpms:imports/c10s/passt-0_20240806.gee36266-3.el10
rpms:imports/c9-beta/passt-0_20240806.gee36266-2.el9
rpms:imports/c10s/passt-0_20240806.gee36266-2.el10
rpms:imports/c10s/passt-0%5e20240806.gee36266-1.el10
rpms:imports/c9-beta/passt-0%5e20230818.g0af928e-4.el9
rpms:imports/c9/passt-0%5e20230222.g4ddbcb9-4.el9_2
rpms:imports/c9/passt-0%5e20230222.g4ddbcb9-2.el9_2
rpms:imports/c9-beta/passt-0%5e20230222.g4ddbcb9-1.el9

No commits in common. "c9-beta" and "c9s-20240326.g4988e2b-1" have entirely different histories.
c9-beta ... c9s-202403

6 changed files with 27 additions and 45 deletions
Show Stats Expand all files Collapse all files

6
.gitignore vendored
View File

@ -1 +1,5 @@
SOURCES/passt-a1e48a02ff3550eb7875a7df6726086e9b3a1213.tar.xz
/passt-4129764ecaebf05a33e22d8d95bb3d8deaa14c14.tar.xz
/passt-4663ccc89a7fcbf9d901a80730ee925fc7f64c59.tar.xz
/passt-4ddbcb9c0c555838b123c018a9ebc9b7e14a87e5.tar.xz
/passt-0af928eaa020c1062fdc91598dfdc533966e2afe.tar.xz
/passt-b86afe3559c0bd3d24bc6fed7c60466cf141224c.tar.xz

1
.passt.metadata
View File

@ -1 +0,0 @@
6561fdc75b29dc6566bc1fb30b88d6846ef5e23b SOURCES/passt-a1e48a02ff3550eb7875a7df6726086e9b3a1213.tar.xz

17
SOURCES/0001-selinux-Drop-user_namespace-create-allow-rules.patch → 0001-selinux-Drop-user_namespace-create-allow-rules.patch
View File

@ -24,28 +24,29 @@ Signed-off-by: Stefano Brivio <sbrivio@redhat.com>
2 files changed, 2 deletions(-)
diff --git a/contrib/selinux/passt.te b/contrib/selinux/passt.te
index c6cea34..131fadc 100644
index facc2d1..de10f45 100644
--- a/contrib/selinux/passt.te
+++ b/contrib/selinux/passt.te
@@ -92,7 +92,6 @@ allow syslogd_t self:cap_userns sys_ptrace;
@@ -93,7 +93,6 @@ allow syslogd_t self:cap_userns sys_ptrace;
allow passt_t self:process setcap;
allow passt_t self:capability { sys_tty_config setpcap net_bind_service setuid setgid};
allow passt_t self:cap_userns { setpcap sys_admin sys_ptrace };
-allow passt_t self:user_namespace create;
auth_read_passwd(passt_t)
allow passt_t passwd_file_t:file read_file_perms;
sssd_search_lib(passt_t)
diff --git a/contrib/selinux/pasta.te b/contrib/selinux/pasta.te
index 69be081..892edae 100644
index ed70c5f..3226e37 100644
--- a/contrib/selinux/pasta.te
+++ b/contrib/selinux/pasta.te
@@ -110,7 +110,6 @@ init_daemon_domain(pasta_t, pasta_exec_t)
@@ -113,7 +113,6 @@ init_daemon_domain(pasta_t, pasta_exec_t)
allow pasta_t self:capability { setpcap net_bind_service sys_tty_config dac_read_search net_admin sys_resource setuid setgid };
allow pasta_t self:cap_userns { setpcap sys_admin sys_ptrace net_admin net_bind_service };
-allow pasta_t self:user_namespace create;
auth_read_passwd(pasta_t)
allow pasta_t passwd_file_t:file read_file_perms;
sssd_search_lib(pasta_t)
--
2.39.2

7
gating.yaml Normal file
View File

@ -0,0 +1,7 @@
--- !Policy
product_versions:
- rhel-9
decision_context: osci_compose_gate
rules:
- !PassingTestCaseRule {test_case_name: osci.brew-build.tier0.functional}
- !PassingTestCaseRule {test_case_name: kvm-ci.passt.x86_64.brew-build.gating.tier1.functional}

40
SPECS/passt.spec → passt.spec
View File

@ -7,14 +7,14 @@
# Copyright (c) 2022 Red Hat GmbH
# Author: Stefano Brivio <sbrivio@redhat.com>
%global git_hash a1e48a02ff3550eb7875a7df6726086e9b3a1213
%global git_hash 4988e2b406313c579836dc31867d793cfe77535c
%global selinuxtype targeted
Name: passt
Version: 0^20250217.ga1e48a0
Version: 0^20240326.g4988e2b
Release: 1%{?dist}
Summary: User-mode networking daemons for virtual machines and namespaces
License: GPL-2.0-or-later AND BSD-3-Clause
License: GPLv2+ and BSD
Group: System Environment/Daemons
URL: https://passt.top/
Source: https://passt.top/passt/snapshot/passt-%{git_hash}.tar.xz
@ -46,7 +46,7 @@ Requires(preun): %{name}
Requires(preun): policycoreutils
%description selinux
This package adds SELinux enforcement to passt(1), pasta(1), passt-repair(1).
This package adds SELinux enforcement to passt(1) and pasta(1).
%prep
%autosetup -S git_am -n passt-%{git_hash}
@ -84,7 +84,6 @@ make -f %{_datadir}/selinux/devel/Makefile
install -p -m 644 -D passt.pp %{buildroot}%{_datadir}/selinux/packages/%{selinuxtype}/passt.pp
install -p -m 644 -D passt.if %{buildroot}%{_datadir}/selinux/devel/include/distributed/passt.if
install -p -m 644 -D pasta.pp %{buildroot}%{_datadir}/selinux/packages/%{selinuxtype}/pasta.pp
install -p -m 644 -D passt-repair.pp %{buildroot}%{_datadir}/selinux/packages/%{selinuxtype}/passt-repair.pp
popd
%pre selinux
@ -93,13 +92,11 @@ popd
%post selinux
%selinux_modules_install -s %{selinuxtype} %{_datadir}/selinux/packages/%{selinuxtype}/passt.pp
%selinux_modules_install -s %{selinuxtype} %{_datadir}/selinux/packages/%{selinuxtype}/pasta.pp
%selinux_modules_install -s %{selinuxtype} %{_datadir}/selinux/packages/%{selinuxtype}/passt-repair.pp
%postun selinux
if [ $1 -eq 0 ]; then
%selinux_modules_uninstall -s %{selinuxtype} passt
%selinux_modules_uninstall -s %{selinuxtype} pasta
%selinux_modules_uninstall -s %{selinuxtype} passt-repair
fi
%posttrans selinux
@ -113,11 +110,9 @@ fi
%{_bindir}/passt
%{_bindir}/pasta
%{_bindir}/qrap
%{_bindir}/passt-repair
%{_mandir}/man1/passt.1*
%{_mandir}/man1/pasta.1*
%{_mandir}/man1/qrap.1*
%{_mandir}/man1/passt-repair.1*
%ifarch x86_64
%{_bindir}/passt.avx2
%{_mandir}/man1/passt.avx2.1*
@ -129,34 +124,9 @@ fi
%{_datadir}/selinux/packages/%{selinuxtype}/passt.pp
%{_datadir}/selinux/devel/include/distributed/passt.if
%{_datadir}/selinux/packages/%{selinuxtype}/pasta.pp
%{_datadir}/selinux/packages/%{selinuxtype}/passt-repair.pp
%changelog
* Mon Feb 17 2025 Stefano Brivio <sbrivio@redhat.com> - 0^20250217.ga1e48a0-1
- Resolves: RHEL-79787
* Wed Jan 22 2025 Stefano Brivio <sbrivio@redhat.com> - 0^20250121.g4f2c8e7-3
- Resolves: RHEL-75654
* Tue Jan 21 2025 Stefano Brivio <sbrivio@redhat.com> - 0^20250121.g4f2c8e7-1
- Resolves: RHEL-75654
* Thu Nov 21 2024 Stefano Brivio <sbrivio@redhat.com> - 0^20241121.g238c69f-1
- Resolves: RHEL-65502
* Wed Aug 14 2024 Stefano Brivio <sbrivio@redhat.com> - 0^20240806-gee36266-2
- Resolves: RHEL-54268
* Wed Aug 7 2024 Stefano Brivio <sbrivio@redhat.com> - 0^20240806.gee36266-1
- Resolves: RHEL-53189
* Fri Aug 2 2024 Stefano Brivio <sbrivio@redhat.com> - 0^20240726.g57a21d2-1
- Resolves: RHEL-52638
* Mon Jun 24 2024 Stefano Brivio <sbrivio@redhat.com> - 0^20240624.g1ee2eca-1
- Resolves: RHEL-44837
* Wed May 22 2024 Stefano Brivio <sbrivio@redhat.com> - 0^20240510.g7288448-1
* Tue May 21 2024 Marcel Haerri <mharri@redhat.com> - 0^20240326.g4988e2b-1
- Resolves: RHEL-37647
* Fri Dec 15 2023 Stefano Brivio <sbrivio@redhat.com> - 0^20231204.gb86afe3-1

1
sources Normal file
View File

@ -0,0 +1 @@
SHA512 (passt-4988e2b406313c579836dc31867d793cfe77535c.tar.xz) = 16ce02c9b9796d0df85364e74fd3bf31715f2345c07140e59be952bfe66abfdff2d0e22939e204c46c671148ce9b22513a200848f26b06854bffdcf6f28c994f