Commit Graph

61 Commits

Author SHA1 Message Date
Vit Mojzis
a3c99dc617 udica-0.2.8-2
- Add option to generate custom policy for a confined user
2023-12-21 00:10:00 +01:00
Vit Mojzis
5e0609b1fe udica-0.2.8
New release https://github.com/containers/udica/releases/tag/v0.2.8
2023-11-29 12:36:32 +01:00
Fedora Release Engineering
b6b5088980 Rebuilt for https://fedoraproject.org/wiki/Fedora_39_Mass_Rebuild
Signed-off-by: Fedora Release Engineering <releng@fedoraproject.org>
2023-07-22 16:59:26 +00:00
Python Maint
e5322cdeac Rebuilt for Python 3.12 2023-06-13 21:00:03 +02:00
Vit Mojzis
4a53696b71 udica-0.2.7-5
- Show diff when checking formatting
- Fix several lint findings
- Fix generating policy for Crio mounts

Fixes:
  https://github.com/containers/udica/issues/118
2023-04-20 17:25:50 +02:00
Fedora Release Engineering
9bc541dfba Rebuilt for https://fedoraproject.org/wiki/Fedora_38_Mass_Rebuild
Signed-off-by: Fedora Release Engineering <releng@fedoraproject.org>
2023-01-21 05:40:44 +00:00
Petr Lautrbach
de462f29e0 Migrate License tag to SPDX
https://fedoraproject.org/wiki/Changes/SPDX_Licenses_Phase_1
2022-12-01 12:37:55 +01:00
Vit Mojzis
ad353df40c udica-0.2.7-3
- Add --devices option

Fixes:
  https://github.com/containers/udica/issues/110
2022-10-21 15:23:51 +02:00
Fedora Release Engineering
91cdda68b3 Rebuilt for https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild
Signed-off-by: Fedora Release Engineering <releng@fedoraproject.org>
2022-07-23 11:15:52 +00:00
Vit Mojzis
879af9f4cc udica-0.2.7
New release https://github.com/containers/udica/releases/tag/v0.2.7

- Add support for containerd via "nerdctl inspect"
- Avoid duplicate rules for accessing mounts and devices

Fixes:
  https://github.com/containers/udica/issues/90
  https://github.com/containers/udica/issues/7
Related:
  https://github.com/containers/udica/issues/84
2022-06-22 14:43:27 +02:00
Python Maint
b78fa64042 Rebuilt for Python 3.11 2022-06-13 15:42:40 +02:00
Vit Mojzis
1d04ad9053 udica-0.2.6-4
- Improve label collection for mounts and devices

Fixes:
  https://github.com/containers/udica/issues/98
  https://github.com/containers/udica/issues/109
2022-05-02 15:59:53 +02:00
Vit Mojzis
d433a427be tests/Sanity: Use centos-stream 8 container
CentOS-8 is EOL.

Fixes:
  :: [ 08:38:17 ] :: [  BEGIN   ] :: Running 'podman exec test yum install nmap-ncat -y'
  CentOS Linux 8 - AppStream                       31  B/s |  38  B     00:01
  Error: Failed to download metadata for repo 'appstream': Cannot prepare internal mirrorlist: No URLs in mirrorlist
2022-02-10 13:42:16 +01:00
Fedora Release Engineering
e10e896cd4 - Rebuilt for https://fedoraproject.org/wiki/Fedora_36_Mass_Rebuild
Signed-off-by: Fedora Release Engineering <releng@fedoraproject.org>
2022-01-22 03:24:15 +00:00
Vit Mojzis
f42dfe4da4 udica-0.2.6-2
- Make sure each section of the inspect exists before accessing

Fixes:
        https://github.com/containers/udica/issues/103
        https://github.com/containers/udica/issues/105
2021-11-11 18:15:09 +01:00
Vit Mojzis
4eba9fb544 udica-0.2.6-1
- New release https://github.com/containers/udica/releases/tag/v0.2.6
- Move policy templates to container-selinux repo
2021-09-30 09:41:26 +02:00
Vit Mojzis
7ea190fa1e tests: Require container-selinux
Policy templates where moved to container-selinux package and udica
doesn't work properly without them.

Sanity test temporarily needs git for downloading policy templates.
Those will soon be available via container-selinux.

Signed-off-by: Vit Mojzis <vmojzis@redhat.com>
2021-09-30 09:41:20 +02:00
Vit Mojzis
c1190761ae udica-0.2.5-1
- New rebase https://github.com/containers/udica/releases/tag/v0.2.5
- Replace capability dictionary with str.lower()
- Enable udica to generate policies with fifo class
- Sort container inspect data before processing
- Update templates to work properly with new cil parser
2021-08-26 18:54:12 +02:00
Lukas Vrabec
41b007ecf3 Update 'tests/sanity' to include more containers
Sanity testcase generates SELinux policy just for one container
"fedora:latest". Testcase should test generating SELinux policy also for
Fedora Rawhide container, RHEL universal base image {7,8} and centos containers
2021-08-20 11:48:36 +02:00
Fedora Release Engineering
aa4e7af453 - Rebuilt for https://fedoraproject.org/wiki/Fedora_35_Mass_Rebuild
Signed-off-by: Fedora Release Engineering <releng@fedoraproject.org>
2021-07-23 19:55:18 +00:00
Python Maint
cdec489222 Rebuilt for Python 3.10 2021-06-04 21:18:38 +02:00
Vit Mojzis
d4f16fdce9 Revert "Add %check section to run basic tests during rpm build process"
The check is not necessary since it's part of the CI and brings needless
dependencies.

This reverts commits fa6f003ec4 and
4dc4b32e96.
2021-03-09 20:51:07 +01:00
Fedora Release Engineering
1adfa9bfe1 - Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild
Signed-off-by: Fedora Release Engineering <releng@fedoraproject.org>
2021-01-27 22:33:53 +00:00
Tom Stellard
4dc4b32e96 Add BuildRequires: make
https://fedoraproject.org/wiki/Changes/Remove_make_from_BuildRoot
2021-01-12 01:32:30 +00:00
Lukas Vrabec
fa6f003ec4
* Sun Dec 13 2020 Lukas Vrabec <lvrabec@redhat.com> - 0.2.4-2
- Add %check section to run basic tests during rpm build process
2020-12-13 15:23:31 +01:00
Lukas Vrabec
651491f476
* Wed Nov 25 2020 Lukas Vrabec <lvrabec@redhat.com> - 0.2.4-1
- New rebase https://github.com/containers/udica/releases/tag/v0.2.4
2020-11-25 18:12:12 +01:00
Lukas Vrabec
e23d97dbf9
* Thu Aug 13 2020 Lukas Vrabec <lvrabec@redhat.com> - 0.2.3-1
- New rebase https://github.com/containers/udica/releases/tag/v0.2.3
2020-08-13 17:35:37 +02:00
Lukas Vrabec
fe5d494410
* Mon Aug 03 2020 Lukas Vrabec <lvrabec@redhat.com> - 0.2.2-1
- New rebase https://github.com/containers/udica/releases/tag/v0.2.2
2020-08-03 19:06:03 +02:00
Fedora Release Engineering
40b7e49704 - Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild
Signed-off-by: Fedora Release Engineering <releng@fedoraproject.org>
2020-07-29 13:10:13 +00:00
Miro Hrončok
9f4d139c0d Rebuilt for Python 3.9 2020-05-26 03:53:49 +02:00
Fedora Release Engineering
6f387b8fff - Rebuilt for https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild
Signed-off-by: Fedora Release Engineering <releng@fedoraproject.org>
2020-01-31 02:26:26 +00:00
Lukas Vrabec
0bfe40deeb
* Fri Oct 25 2019 Lukas Vrabec <lvrabec@redhat.com> - 0.2.1-1
- New rebase https://github.com/containers/udica/releases/tag/v0.2.1
2019-10-25 22:15:32 +02:00
Lukas Vrabec
10b8af4057
Fix CI tests on udica
In version v0.2.0 there is new makefile also for testing part, therefore
we changed how to execute tests. This commit fixes the Fedora CI.
2019-10-02 16:59:23 +02:00
Lukas Vrabec
c6e6561646
Remove patch which is already part of new rebase 2019-09-25 10:25:50 +02:00
Lukas Vrabec
889004a547
* Wed Sep 25 2019 Lukas Vrabec <lvrabec@redhat.com> - 0.2.0-1
- New rebase https://github.com/containers/udica/releases/tag/v0.2.0
2019-09-25 10:20:25 +02:00
Lukas Vrabec
10b87117f0
Fix sanity test suite
Fix sanity test to pass on Fedora Rawhide and Fedora 30. Changes are
related to missing 'nc' command in container for which SELinux policy is
generated.
2019-08-28 13:28:59 +02:00
Lukas Vrabec
c78730bf59
* Wed Aug 28 2019 Lukas Vrabec <lvrabec@redhat.com> - 0.1.9-1
- Update tests test_basic.podman.cil, test_basic.docker.cil. Round 2
- New rebase https://github.com/containers/udica/releases/tag/v0.1.9
2019-08-28 13:19:42 +02:00
Miro Hrončok
169e204028 Rebuilt for Python 3.8 2019-08-19 11:08:38 +02:00
Fedora Release Engineering
fa1600ac43 - Rebuilt for https://fedoraproject.org/wiki/Fedora_31_Mass_Rebuild
Signed-off-by: Fedora Release Engineering <releng@fedoraproject.org>
2019-07-27 02:19:45 +00:00
Lukas Vrabec
808f498283
* Thu Jul 11 2019 Lukas Vrabec <lvrabec@redhat.com> - 0.1.8-1
- New rebase https://github.com/containers/udica/releases/tag/v0.1.8
2019-07-11 13:08:38 +02:00
Lukas Vrabec
4312e208b7
Update spec file to include /usr/share/udica/ansible directory with all files. 2019-06-12 14:10:23 +02:00
Lukas Vrabec
5e1c32f75c
* Wed Jun 12 2019 Lukas Vrabec <lvrabec@redhat.com> - 0.1.7-1
- New rebase with upstream adding new param --ansible, to generate ansible playbook for deploying policies. https://github.com/containers/udica/releases/tag/v0.1.7
2019-06-12 13:54:49 +02:00
Lukas Vrabec
0ed8760d59
Update tests suite with downstream test
Following commit adds new donwstream beakerlib sanity test
2019-06-11 11:07:59 +02:00
Lukas Vrabec
d41c9dc7d9
* Thu May 16 2019 Lukas Vrabec <lvrabec@redhat.com> - 0.1.6-1
- New rebase with upstream adding new tests
2019-05-16 19:36:00 +02:00
Jan Zarsky
5a7674a653 Remove patches 2019-05-16 15:41:17 +02:00
Lukas Vrabec
5ac5425819 Merge #4 Run tests also with real selinux and semanage modules 2019-05-15 12:44:15 +00:00
Lukas Vrabec
7206c3348a Merge #3 [WIP] Add basic sanity integration tests 2019-05-15 12:43:18 +00:00
Jan Zarsky
05d2672bde Run tests with real selinux and semanage modules
The tests are by default using mock selinux and semanage modules. Rerun
the tests with real modules.
2019-05-07 11:52:54 +02:00
Jan Zarsky
f8f4c7531f Add an option for running tests with real modules
To simplify udica testing on Fedora, add an option that allows running
the tests with real system packages (selinux and semanage).
2019-05-07 11:52:54 +02:00
Lukas Vrabec
cc9c2dc124
* Tue Apr 30 2019 Lukas Vrabec <lvrabec@redhat.com> - 0.1.5-2
- Add allow rules for container_runtime_t to base_container.cil, Podman version 1.2.0 requires new allow rules.
2019-04-30 14:12:42 +02:00