diff --git a/.fapolicyd.metadata b/.fapolicyd.metadata index c01d975..6f3e985 100644 --- a/.fapolicyd.metadata +++ b/.fapolicyd.metadata @@ -1 +1 @@ -f447f4a915c007d376d719a071b5fd2ae47480dd SOURCES/fapolicyd-0.8.9.tar.gz +1b52ecddcc248f1981d8ceb5cf3bc4c3e839be3c SOURCES/fapolicyd-0.9.1.tar.gz diff --git a/.gitignore b/.gitignore index f399b16..c89a875 100644 --- a/.gitignore +++ b/.gitignore @@ -1 +1 @@ -SOURCES/fapolicyd-0.8.9.tar.gz +SOURCES/fapolicyd-0.9.1.tar.gz diff --git a/SPECS/fapolicyd.spec b/SPECS/fapolicyd.spec index 6ebfb52..9304d24 100644 --- a/SPECS/fapolicyd.spec +++ b/SPECS/fapolicyd.spec @@ -1,7 +1,7 @@ Summary: Application Whitelisting Daemon Name: fapolicyd -Version: 0.8.9 -Release: 1%{?dist} +Version: 0.9.1 +Release: 2%{?dist} License: GPLv3+ URL: http://people.redhat.com/sgrubb/fapolicyd Source0: https://people.redhat.com/sgrubb/fapolicyd/%{name}-%{version}.tar.gz @@ -25,6 +25,11 @@ makes use of the kernel's fanotify interface to determine file access rights. %prep %setup -q +# generate rules for python +sed -i "s/%python2_path%/`readlink -f %{__python2} | sed 's/\//\\\\\//g'`/g" init/%{name}.rules +sed -i "s/%python3_path%/`readlink -f %{__python3} | sed 's/\//\\\\\//g'`/g" init/%{name}.rules +sed -i "s/%ld_so_path%/`find /usr/lib64/ -type f -name 'ld-2\.*.so' | sed 's/\//\\\\\//g'`/g" init/%{name}.rules + %build ./autogen.sh %configure --with-audit @@ -56,7 +61,6 @@ getent passwd %{name} >/dev/null || useradd -r -M -d %{_localstatedir}/lib/%{nam %license COPYING %attr(750,root,%{name}) %dir %{_sysconfdir}/%{name} %config(noreplace) %attr(644,root,%{name}) %{_sysconfdir}/%{name}/%{name}.rules -%config(noreplace) %attr(644,root,%{name}) %{_sysconfdir}/%{name}/%{name}.mounts %config(noreplace) %attr(644,root,%{name}) %{_sysconfdir}/%{name}/%{name}.conf %attr(644,root,root) %{_unitdir}/%{name}.service %attr(644,root,root) %{_tmpfilesdir}/%{name}.conf @@ -64,6 +68,7 @@ getent passwd %{name} >/dev/null || useradd -r -M -d %{_localstatedir}/lib/%{nam %attr(755,root,root) %{_sbindir}/%{name}-cli %attr(644,root,root) %{_mandir}/man8/* %attr(644,root,root) %{_mandir}/man5/* +%attr(644,root,root) %{_mandir}/man1/* %ghost %{_localstatedir}/log/%{name}-access.log %attr(770,root,%{name}) %dir %{_localstatedir}/lib/%{name} %attr(770,root,%{name}) %dir /run/%{name} @@ -74,6 +79,36 @@ getent passwd %{name} >/dev/null || useradd -r -M -d %{_localstatedir}/lib/%{nam %{python3_sitelib}/dnf-plugins/__pycache__/%{name}-dnf-plugin.*.pyc %changelog +* Wed Nov 20 2019 Radovan Sroka - 0.9.1-2 +RHEL 8.2 ERRATUM +- rebase to v0.9.1 +- updated default configuration with new syntax +- removed daemon mounts configuration +Resolves: rhbz#1759895 +- default fapolicyd policy prevents Ansible from running +- added ansible rule to default ruleset +Resolves: rhbz#1746464 +- suspicious logs on service start +Resolves: rhbz#1747494 +- fapolicyd blocks dracut from generating initramfs +- added dracut rule to default configuration +Resolves: rhbz#1757736 +- fapolicyd fails to identify perl interpreter +Resolves: rhbz#1765039 + +* Wed Jul 24 2019 Radovan Sroka - 0.8.10-3 +- added missing manpage for fapolicyd-cli +Resolves: rhbz#1708015 + +* Mon Jul 22 2019 Radovan Sroka - 0.8.10-2 +- Convert hashes to lowercase like sha256sum outputs +- Stop littering STDOUT output for dnf plugin in fapolicyd +Resolves: rhbz#1721496 + +* Tue Jun 18 2019 Radovan Sroka - 0.8.10-1 +- new upstream release +Resolves: rhbz#1673323 + * Mon May 06 2019 Radovan Sroka - 0.8.9-1 - New upstream release - imported from fedora30