Install usbguard-tmpfles.conf
Resolves: RHEL-78188
This commit is contained in:
Cropi
parent
1bfaef43b4
commit
aa8545eeff
58
tmpfiles.patch
Normal file
58
tmpfiles.patch
Normal file
@ -0,0 +1,58 @@
|
||||
From 306cad81aee91d6adb61acdb9f1a9900fe2a13cd Mon Sep 17 00:00:00 2001
|
||||
From: Cropi <alakatos@redhat.com>
|
||||
Date: Thu, 6 Feb 2025 08:00:59 +0100
|
||||
Subject: [PATCH] =?UTF-8?q?At=20boot=20time,=20systemd=E2=80=91tmpfiles=20?=
|
||||
=?UTF-8?q?processes=20this=20file=20and=20creates=20/var/log/usbguard=20s?=
|
||||
=?UTF-8?q?o=20that=20the=20usbguard=20service=20can=20start=20successfull?=
|
||||
=?UTF-8?q?y.?=
|
||||
MIME-Version: 1.0
|
||||
Content-Type: text/plain; charset=UTF-8
|
||||
Content-Transfer-Encoding: 8bit
|
||||
|
||||
---
|
||||
Makefile.am | 13 +++++++++++--
|
||||
usbguard-tmpfiles.conf | 1 +
|
||||
2 files changed, 12 insertions(+), 2 deletions(-)
|
||||
create mode 100644 usbguard-tmpfiles.conf
|
||||
|
||||
diff --git a/Makefile.am b/Makefile.am
|
||||
index 7dc6849..2a8bfeb 100644
|
||||
--- a/Makefile.am
|
||||
+++ b/Makefile.am
|
||||
@@ -90,8 +90,8 @@ $(top_builddir)/%.roff: %.adoc
|
||||
$(INSTALL) -m 644 $(top_builddir)/$(@:.roff=) $(top_builddir)/$@
|
||||
endif
|
||||
|
||||
-install-data-hook: install-daemon-conf install-systemd-service install-data-dbus
|
||||
-uninstall-hook: uninstall-daemon-conf uninstall-systemd-service uninstall-data-dbus
|
||||
+install-data-hook: install-daemon-conf install-systemd-service install-data-dbus install-tmpfiles
|
||||
+uninstall-hook: uninstall-daemon-conf uninstall-systemd-service uninstall-data-dbus uninstall-tmpfiles
|
||||
|
||||
CLEANFILES+=\
|
||||
$(top_builddir)/usbguard-daemon.conf
|
||||
@@ -106,6 +106,15 @@ usbguard_confdir= $(sysconfdir)/usbguard
|
||||
|
||||
distuninstallcheck_listfiles= find . -type f ! -name rules.conf -print
|
||||
|
||||
+EXTRA_DIST+=usbguard-tmpfiles.conf
|
||||
+
|
||||
+install-tmpfiles:
|
||||
+ mkdir -p ${DESTDIR}$(prefix)/lib/tmpfiles.d/
|
||||
+ $(INSTALL_DATA) -m 640 ${srcdir}/usbguard-tmpfiles.conf ${DESTDIR}$(prefix)/lib/tmpfiles.d/usbguard.conf
|
||||
+
|
||||
+uninstall-tmpfiles:
|
||||
+ rm ${DESTDIR}$(prefix)/lib/tmpfiles.d/usbguard.conf
|
||||
+
|
||||
install-daemon-conf: $(top_builddir)/usbguard-daemon.conf
|
||||
$(MKDIR_P) $(DESTDIR)/$(usbguard_confdir)
|
||||
$(MKDIR_P) $(DESTDIR)/$(usbguard_confdir)/IPCAccessControl.d
|
||||
diff --git a/usbguard-tmpfiles.conf b/usbguard-tmpfiles.conf
|
||||
new file mode 100644
|
||||
index 0000000..e90908f
|
||||
--- /dev/null
|
||||
+++ b/usbguard-tmpfiles.conf
|
||||
@@ -0,0 +1 @@
|
||||
+d /var/log/usbguard 0700 root root - -
|
||||
--
|
||||
2.48.1
|
||||
|
||||
@ -8,7 +8,7 @@
|
||||
|
||||
Name: usbguard
|
||||
Version: 1.0.0
|
||||
Release: 15%{?dist}
|
||||
Release: 16%{?dist}
|
||||
Summary: A tool for implementing USB device usage policy
|
||||
Group: System Environment/Daemons
|
||||
License: GPLv2+
|
||||
@ -66,6 +66,7 @@ Patch13: usbguard-consistent-rules.patch
|
||||
Patch14: usbguard-missing-doc.patch
|
||||
Patch15: usbguard-permanent-rules.patch
|
||||
Patch16: usbguard-disable-console-log.patch
|
||||
Patch17: tmpfiles.patch
|
||||
|
||||
%description
|
||||
The USBGuard software framework helps to protect your computer against rogue USB
|
||||
@ -142,22 +143,23 @@ device presence changes and displays them as pop-up notifications.
|
||||
# Remove bundled library sources before build
|
||||
rm -rf src/ThirdParty/{Catch,PEGTL}
|
||||
|
||||
%patch1 -p1 -b .notifier
|
||||
%patch2 -p1 -b .audit-write
|
||||
%patch3 -p1 -b .selinux-audit-write
|
||||
%patch4 -p1 -b .pidfile
|
||||
%patch5 -p1 -b .ipc-override-fix
|
||||
%patch6 -p1 -b .validate-acl
|
||||
%patch7 -p1 -b .notifier-decrease-spam
|
||||
%patch8 -p1 -b .dbus-CVE
|
||||
%patch9 -p1 -b .selinux-dbus-CVE
|
||||
%patch10 -p1 -b .dbus-CVE-leak
|
||||
%patch11 -p1 -b .oomscore-adjust
|
||||
%patch12 -p1 -b .race-condition
|
||||
%patch13 -p1 -b .consistent-rules
|
||||
%patch14 -p1 -b .missing-doc
|
||||
%patch15 -p1 -b .permanent-rules
|
||||
%patch16 -p1 -b .disable-syslog
|
||||
%patch -P 1 -p1 -b .notifier
|
||||
%patch -P 2 -p1 -b .audit-write
|
||||
%patch -P 3 -p1 -b .selinux-audit-write
|
||||
%patch -P 4 -p1 -b .pidfile
|
||||
%patch -P 5 -p1 -b .ipc-override-fix
|
||||
%patch -P 6 -p1 -b .validate-acl
|
||||
%patch -P 7 -p1 -b .notifier-decrease-spam
|
||||
%patch -P 8 -p1 -b .dbus-CVE
|
||||
%patch -P 9 -p1 -b .selinux-dbus-CVE
|
||||
%patch -P 10 -p1 -b .dbus-CVE-leak
|
||||
%patch -P 11 -p1 -b .oomscore-adjust
|
||||
%patch -P 12 -p1 -b .race-condition
|
||||
%patch -P 13 -p1 -b .consistent-rules
|
||||
%patch -P 14 -p1 -b .missing-doc
|
||||
%patch -P 15 -p1 -b .permanent-rules
|
||||
%patch -P 16 -p1 -b .disable-syslog
|
||||
%patch -P 17 -p1 -b .tmpfiles
|
||||
|
||||
%build
|
||||
mkdir -p ./m4
|
||||
@ -257,6 +259,7 @@ find %{buildroot} \( -name '*.la' -o -name '*.a' \) -exec rm -f {} ';'
|
||||
%{_datadir}/man/man5/usbguard-rules.conf.5.gz
|
||||
%{_datadir}/man/man1/usbguard.1.gz
|
||||
%{_datadir}/bash-completion/completions/usbguard
|
||||
%attr(640,root,root) %{_tmpfilesdir}/usbguard.conf
|
||||
|
||||
%files devel
|
||||
%defattr(-,root,root,-)
|
||||
@ -322,6 +325,10 @@ fi
|
||||
|
||||
|
||||
%changelog
|
||||
* Thu Feb 06 2025 Attila Lakatos <alakatos@redhat.com> - 1.0.0-16
|
||||
- Install usbguard-tmpfles.conf
|
||||
Resolves: RHEL-78188
|
||||
|
||||
* Thu Jan 12 2023 Attila Lakatos <alakatos@redhat.com> - 1.0.0-15
|
||||
- Disable logging to console, logging to syslog is still enabled
|
||||
Resolves: rhbz#2122109
|
||||
|
||||
Loading…
Reference in New Issue
Block a user