Rebuild against selinux-policy (#2070764 )

container-selinux-2:2.173.1-1
autobuilt v2.173.1 Signed-off-by: RH Container Bot <rhcontainerbot@fedoraproject.org> (cherry picked from commit 258efbfe5e)
2022-04-15 14:47:59 +01:00 · 2022-01-18 16:11:14 +00:00 · 2022-01-11 12:10:43 +00:00 · 2022-01-06 21:09:20 +00:00 · 2021-11-22 23:07:43 +00:00 · 2021-11-10 23:12:11 +00:00
3 changed files with 142 additions and 9 deletions
--- a/.gitignore
+++ b/.gitignore
@ -152,3 +152,27 @@
 /container-selinux-75f193a.tar.gz
 /container-selinux-f330e81.tar.gz
 /container-selinux-6d13bf9.tar.gz
+/container-selinux-eb6dad0.tar.gz
+/container-selinux-aeb85c4.tar.gz
+/container-selinux-e78ac4f.tar.gz
+/container-selinux-d89a599.tar.gz
+/container-selinux-c9f0cb6.tar.gz
+/v2.155.0.tar.gz
+/container-selinux-5a60716.tar.gz
+/container-selinux-e1092cd.tar.gz
+/container-selinux-da28288.tar.gz
+/container-selinux-233e620.tar.gz
+/container-selinux-61b862a.tar.gz
+/container-selinux-99b40c5.tar.gz
+/container-selinux-563ba3f.tar.gz
+/v2.164.2.tar.gz
+/v2.165.1.tar.gz
+/v2.167.0.tar.gz
+/v2.168.0.tar.gz
+/v2.169.0.tar.gz
+/v2.170.0.tar.gz
+/v2.171.0.tar.gz
+/v2.172.0.tar.gz
+/v2.172.1.tar.gz
+/v2.173.0.tar.gz
+/v2.173.1.tar.gz
--- a/container-selinux.spec
+++ b/container-selinux.spec
@ -2,12 +2,11 @@

 # container-selinux
 %global git0 https://github.com/containers/container-selinux
-%global commit0 6d13bf9ff9f45431f064ba63794fa97d565641d9
-%global shortcommit0 %(c=%{commit0}; echo ${c:0:7})

 # Used for comparing with latest upstream tag
-# to decide whether to autobuild (non-rawhide only)
-%define built_tag v2.156.0
+# to decide whether to autobuild
+%global built_tag v2.173.1
+%global built_tag_strip %(b=%{built_tag}; echo ${b:1})

 # container-selinux stuff (prefix with ds_ for version/release etc.)
 # Some bits borrowed from the openstack-selinux package
@ -23,12 +22,12 @@
 # Hooked up to autobuilder, please check with @lsm5 before updating
 Name: container-selinux
 Epoch: 2
-Version: 2.157.0
-Release: 3.dev.git%{shortcommit0}%{?dist}
+Version: 2.173.1
+Release: 2%{?dist}
 License: GPLv2
 URL: %{git0}
 Summary: SELinux policies for container runtimes
-Source0: %{git0}/archive/%{commit0}/%{name}-%{shortcommit0}.tar.gz
+Source0: %{git0}/archive/%{built_tag}.tar.gz
 BuildArch: noarch
 BuildRequires: make
 BuildRequires: git-core
@ -45,12 +44,14 @@ Requires(post): sed
 Obsoletes: %{name} <= 2:1.12.5-13
 Obsoletes: docker-selinux <= 2:1.12.4-28
 Provides: docker-selinux = %{?epoch:%{epoch}:}%{version}-%{release}
+Conflicts: udica < 0.2.6-1
+Conflicts: k3s-selinux <= 0.4-1

 %description
 SELinux policy modules for use with container runtimes.

 %prep
-%autosetup -Sgit -n %{name}-%{commit0}
+%autosetup -Sgit -n %{name}-%{built_tag_strip}

 %build
 make
@ -64,6 +65,8 @@ install -p -m 644 container.if %{buildroot}%{_datadir}/selinux/devel/include/ser
 install -m 0644 $MODULES %{buildroot}%{_datadir}/selinux/packages
 install -d %{buildroot}/%{_datadir}/containers/selinux
 install -m 644 container_contexts %{buildroot}/%{_datadir}/containers/selinux/contexts
+install -d %{buildroot}%{_datadir}/udica/templates
+install -m 0644 udica-templates/*.cil %{buildroot}%{_datadir}/udica/templates

 %check

@ -100,11 +103,117 @@ fi
 %{_datadir}/selinux/*
 %dir %{_datadir}/containers/selinux
 %{_datadir}/containers/selinux/contexts
+%dir %{_datadir}/udica/templates/
+%{_datadir}/udica/templates/*
 # Currently shipped in selinux-policy-doc
 #%%{_datadir}/man/man8/container_selinux.8.gz

+%triggerpostun -- container-selinux < 2:2.162.1-3
+if %{_sbindir}/selinuxenabled ; then
+    echo "Fixing Rootless SELinux labels in homedir"
+    %{_sbindir}/restorecon -R /home/*/.local/share/containers/storage/overlay*  2> /dev/null
+fi
+
+
 # Hooked up to autobuilder, please check with @lsm5 before updating
 %changelog
+* Fri Apr 15 2022 David King <amigadave@amigadave.com> - 2:2.173.1-2
+- Rebuild against selinux-policy (#2070764)
+
+* Tue Jan 18 2022 RH Container Bot <rhcontainerbot@fedoraproject.org> - 2:2.173.1-1
+- autobuilt v2.173.1
+
+* Tue Jan 11 2022 RH Container Bot <rhcontainerbot@fedoraproject.org> - 2:2.173.0-1
+- autobuilt v2.173.0
+
+* Thu Jan 06 2022 RH Container Bot <rhcontainerbot@fedoraproject.org> - 2:2.172.1-1
+- autobuilt v2.172.1
+
+* Mon Nov 22 2021 RH Container Bot <rhcontainerbot@fedoraproject.org> - 2:2.172.0-1
+- autobuilt v2.172.0
+
+* Wed Nov 10 2021 RH Container Bot <rhcontainerbot@fedoraproject.org> - 2:2.171.0-1
+- autobuilt v2.171.0
+
+* Fri Oct 15 2021 Dan Walsh <dwalsh@fedoraproject.org> - 2:2.170.0-2
+- Add conflicts  k3s-selinux <= 0.4-1 to force upgrade
+
+* Tue Oct 05 2021 RH Container Bot <rhcontainerbot@fedoraproject.org> - 2:2.170.0-1
+- autobuilt v2.170.0
+
+* Fri Sep 24 2021 RH Container Bot <rhcontainerbot@fedoraproject.org> - 2:2.169.0-1
+- autobuilt v2.169.0
+
+* Tue Sep 14 2021 Vit Mojzis <vmojzis@redhat.com> - 2:2.168.0-2
+- Start shipping udica templates
+
+* Mon Sep 13 2021 RH Container Bot <rhcontainerbot@fedoraproject.org> - 2:2.168.0-1
+- autobuilt v2.168.0
+
+* Fri Sep 10 2021 Lokesh Mandvekar <lsm5@fedoraproject.org> - 2:2.167.0-2
+- use upstream tag instead of commits, fix autobuild macros
+
+* Thu Aug 26 2021 RH Container Bot <rhcontainerbot@fedoraproject.org> - 2:2.167.0-1
+- autobuilt v2.167.0
+
+* Wed Aug 25 2021 RH Container Bot <rhcontainerbot@fedoraproject.org> - 2:2.165.1-1
+- autobuilt v2.165.1
+
+* Wed Aug 04 2021 RH Container Bot <rhcontainerbot@fedoraproject.org> - 2:2.164.2-1
+- autobuilt v2.164.2
+
+* Wed Jul 21 2021 Fedora Release Engineering <releng@fedoraproject.org> - 2:2.164.1-0.dev.git563ba3f.1
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_35_Mass_Rebuild
+
+* Mon Jul 19 2021 Dan Walsh <dwalsh@fedoraproject.org> - 2:2.164.1-0.dev
+- Allow spc_t domains to set bpf rules on any domain
+
+* Sat Jun 12 2021 RH Container Bot <rhcontainerbot@fedoraproject.org> - 2:2.163.0-2.dev.git99b40c5
+- bump to 2.163.0
+- autobuilt 99b40c5
+
+* Tue May 25 2021 RH Container Bot <rhcontainerbot@fedoraproject.org> - 2:2.162.2-2.dev.git61b862a
+- bump to 2.162.2
+- autobuilt 61b862a
+
+* Mon May 17 2021 Dan Walsh <dwalsh@fedoraproject.org> - 2:2.162.1-3.dev.git233e620
+- Fix labels in users homedirs, before overlayfs is supported by default for non root users
+
+* Sun May 16 2021 RH Container Bot <rhcontainerbot@fedoraproject.org> - 2:2.162.1-2.dev.git233e620
+- bump to 2.162.1
+- autobuilt 233e620
+
+* Wed May 12 2021 RH Container Bot <rhcontainerbot@fedoraproject.org> - 2:2.162.0-2.dev.gitda28288
+- bump to 2.162.0
+- autobuilt da28288
+
+* Fri May 07 2021 RH Container Bot <rhcontainerbot@fedoraproject.org> - 2:2.161.1-2.dev.gite1092cd
+- bump to 2.161.1
+- autobuilt e1092cd
+
+* Tue Apr 20 2021 RH Container Bot <rhcontainerbot@fedoraproject.org> - 2:2.160.0-3.dev.git5a60716
+- autobuilt 5a60716
+
+* Wed Mar 31 2021 Lokesh Mandvekar <lsm5@fedoraproject.org> - 2:2.160.0-2.dev.gitc9f0cb6
+- bump to v2.160.0
+
+* Mon Mar 29 2021 RH Container Bot <rhcontainerbot@fedoraproject.org> - 2:2.159.0-2.dev.gitd89a599
+- bump to 2.159.0
+- autobuilt d89a599
+
+* Wed Feb 17 2021 Dan Walsh <dwalsh@fedoraproject.org> - 2:2.158.0-5.dev.gite78ac4f
+- Rebuilt to use latest selinux-policy interfaces
+
+* Tue Feb 16 2021 RH Container Bot <rhcontainerbot@fedoraproject.org> - 2:2.158.0-4.dev.gite78ac4f
+- autobuilt e78ac4f
+
+* Fri Feb 12 2021 RH Container Bot <rhcontainerbot@fedoraproject.org> - 2:2.158.0-3.dev.gitaeb85c4
+- autobuilt aeb85c4
+
+* Thu Feb 11 2021 RH Container Bot <rhcontainerbot@fedoraproject.org> - 2:2.158.0-2.dev.giteb6dad0
+- bump to 2.158.0
+- autobuilt eb6dad0
+
 * Mon Feb 08 2021 RH Container Bot <rhcontainerbot@fedoraproject.org> - 2:2.157.0-3.dev.git6d13bf9
 - autobuilt 6d13bf9

--- a/2
+++ b/2
@ -1 +1 @@
-SHA512 (container-selinux-6d13bf9.tar.gz) = c48b94bb8ec965b8b1222d87d335840649b7b62a8a8e626283f0b2c439da75dcd2119e9f39fdfcf72f36f3fbfe9609bea094e43d901be81b4302791dff454526
+SHA512 (v2.173.1.tar.gz) = 0dce3af485b404ba4d29b3c5e23c1fe9d230722c1f3e3317cf1b8de21c0663deae3863852b61e6e08d3b62764dde93d5dfc99d3a86c73038ab6e0297b057261d
Author	SHA1	Message	Date
David King	3675c65687	Rebuild against selinux-policy (#2070764 )	2022-04-15 14:47:59 +01:00
RH Container Bot	7778dcc70b	container-selinux-2:2.173.1-1 autobuilt v2.173.1 Signed-off-by: RH Container Bot <rhcontainerbot@fedoraproject.org> (cherry picked from commit `258efbfe5e`)	2022-01-18 16:11:14 +00:00
RH Container Bot	eed4ceda37	container-selinux-2:2.173.0-1 autobuilt v2.173.0 Signed-off-by: RH Container Bot <rhcontainerbot@fedoraproject.org> (cherry picked from commit `237d59707c`)	2022-01-11 12:10:43 +00:00
RH Container Bot	1c0955c77f	container-selinux-2:2.172.1-1 autobuilt v2.172.1 Signed-off-by: RH Container Bot <rhcontainerbot@fedoraproject.org> (cherry picked from commit `a57b6ae995`)	2022-01-06 21:09:20 +00:00
RH Container Bot	073d730ce3	container-selinux-2:2.172.0-1 autobuilt v2.172.0 Signed-off-by: RH Container Bot <rhcontainerbot@fedoraproject.org> (cherry picked from commit `8bae2f2e51`)	2021-11-22 23:07:43 +00:00
RH Container Bot	102ba4a29a	container-selinux-2:2.171.0-1 autobuilt v2.171.0 Signed-off-by: RH Container Bot <rhcontainerbot@fedoraproject.org> (cherry picked from commit `fd5c0b5da2`)	2021-11-10 23:12:11 +00:00
Daniel J Walsh	d08739a79c	Add conflicts k3s-selinux <= 0.4-1 to force upgrade	2021-10-15 14:56:48 -04:00
Daniel J Walsh	f03d4f5dc4	Merge branch 'f34' of ssh://pkgs.fedoraproject.org/rpms/container-selinux into f34	2021-10-15 14:56:19 -04:00
Daniel J Walsh	9afda8c40b	Add conflicts k3s-selinux <= 0.4-1 to force upgrade	2021-10-15 14:55:57 -04:00
RH Container Bot	e51b7725b6	container-selinux-2:2.170.0-1 autobuilt v2.170.0 Signed-off-by: RH Container Bot <rhcontainerbot@fedoraproject.org> (cherry picked from commit `156b58ad36`)	2021-10-05 19:55:11 +00:00
RH Container Bot	60e0fbe4ac	container-selinux-2:2.169.0-1 autobuilt v2.169.0 Signed-off-by: RH Container Bot <rhcontainerbot@fedoraproject.org> (cherry picked from commit `04f47a764a`)	2021-09-27 10:46:56 -04:00
RH Container Bot	013ace4f60	container-selinux-2:2.168.0-1 autobuilt v2.168.0 Signed-off-by: RH Container Bot <rhcontainerbot@fedoraproject.org> (cherry picked from commit `f9aa97e6da`)	2021-09-13 14:36:21 -04:00
Lokesh Mandvekar	bd0e9a8aea	container-selinux-2:2.167.0-2 - use upstream tag instead of commits, fix autobuild macros Signed-off-by: Lokesh Mandvekar <lsm5@fedoraproject.org> (cherry picked from commit `c287dbae6f`)	2021-09-13 14:36:12 -04:00
Lokesh Mandvekar	15139724ca	remove unused commit macros Signed-off-by: Lokesh Mandvekar <lsm5@fedoraproject.org>	2021-09-10 09:35:18 -04:00
RH Container Bot	ac1501c06b	container-selinux-2:2.167.0-1 autobuilt v2.167.0 Signed-off-by: RH Container Bot <rhcontainerbot@fedoraproject.org>	2021-08-26 20:03:37 +00:00
RH Container Bot	060fe2cd73	container-selinux-2:2.165.1-1 autobuilt v2.165.1 Signed-off-by: RH Container Bot <rhcontainerbot@fedoraproject.org>	2021-08-25 17:19:44 +00:00
RH Container Bot	cee7ef9099	container-selinux-2:2.164.2-1 autobuilt v2.164.2 Signed-off-by: RH Container Bot <rhcontainerbot@fedoraproject.org>	2021-08-03 20:00:00 +00:00
Lokesh Mandvekar	1711df7970	update build macros Signed-off-by: Lokesh Mandvekar <lsm5@fedoraproject.org>	2021-07-27 11:05:36 -04:00
Daniel J Walsh	3c4d9aaee3	Allow spc_t domains to set bpf rules on any domain	2021-07-19 11:42:21 -04:00
Daniel J Walsh	73e77aa4c3	Allow spc_t domains to set bpf rules on any domain	2021-07-19 11:33:27 -04:00
RH Container Bot	9f04c29297	container-selinux-2:2.163.0-1 autobuilt v2.163.0 Signed-off-by: RH Container Bot <rhcontainerbot@fedoraproject.org>	2021-06-11 19:08:50 +00:00
RH Container Bot	ade32b38d4	container-selinux-2:2.162.2-1 autobuilt v2.162.2 Signed-off-by: RH Container Bot <rhcontainerbot@fedoraproject.org>	2021-05-26 13:58:29 +00:00
RH Container Bot	c887b528d1	container-selinux-2:2.162.1-1 autobuilt v2.162.1 Signed-off-by: RH Container Bot <rhcontainerbot@fedoraproject.org>	2021-05-21 01:56:05 +00:00
Lokesh Mandvekar	bde8f7fc1f	container-selinux-2:2.162.1-3 - bump release tag for rootless label fixing to actually take effect Signed-off-by: Lokesh Mandvekar <lsm5@fedoraproject.org>	2021-05-17 10:02:22 -04:00
Lokesh Mandvekar	6b12c38072	container-selinux-2:2.162.1-2 - bump release tag Signed-off-by: Lokesh Mandvekar <lsm5@fedoraproject.org>	2021-05-17 09:36:01 -04:00
Lokesh Mandvekar	38266c8034	correct changelog entry Signed-off-by: Lokesh Mandvekar <lsm5@fedoraproject.org>	2021-05-17 09:28:46 -04:00
Daniel J Walsh	8c46b201cf	Fix labels in users homedirs, before overlayfs is supported by default for non root users	2021-05-17 06:04:19 -04:00
RH Container Bot	8c0428dabb	container-selinux-2:2.162.0-1 autobuilt v2.162.0 Signed-off-by: RH Container Bot <rhcontainerbot@fedoraproject.org>	2021-05-11 14:50:02 +00:00
RH Container Bot	ea68836e19	container-selinux-2:2.161.1-1 autobuilt v2.161.1 Signed-off-by: RH Container Bot <rhcontainerbot@fedoraproject.org>	2021-05-07 17:47:51 +00:00
RH Container Bot	d386f6eca1	container-selinux-2:2.160.2-1 autobuilt v2.160.2 Signed-off-by: RH Container Bot <rhcontainerbot@fedoraproject.org>	2021-05-03 14:54:10 +00:00
Lokesh Mandvekar	180685a334	container-selinux-2:2.160.0-2 - rebuild for podman, buildah gating tests Signed-off-by: Lokesh Mandvekar <lsm5@fedoraproject.org>	2021-04-21 10:48:39 -04:00
RH Container Bot	a442f91693	container-selinux-2:2.160.0-1 autobuilt v2.160.0 Signed-off-by: RH Container Bot <rhcontainerbot@fedoraproject.org>	2021-03-31 18:52:13 +00:00
RH Container Bot	1433d1f5af	container-selinux-2:2.159.0-1 autobuilt v2.159.0 Signed-off-by: RH Container Bot <rhcontainerbot@fedoraproject.org>	2021-03-23 22:27:42 +00:00
RH Container Bot	d8ebc1c344	container-selinux-2:2.158.0-1 autobuilt v2.158.0 Signed-off-by: RH Container Bot <rhcontainerbot@fedoraproject.org>	2021-03-04 19:15:10 +00:00
Daniel J Walsh	efdc52c030	Rebuilt to use latest selinux-policy interfaces	2021-02-17 15:04:11 -05:00