Script 'mail_helper' called by obssrc
Hello community,
here is the log from the commit of package skelcd-control-MicroOS for
openSUSE:Factory checked in at 2021-03-24 16:11:13
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/skelcd-control-MicroOS (Old)
and /work/SRC/openSUSE:Factory/.skelcd-control-MicroOS.new.2401 (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "skelcd-control-MicroOS"
Wed Mar 24 16:11:13 2021 rev:16 rq:880745 version:20210323.2
Changes:
--------
---
/work/SRC/openSUSE:Factory/skelcd-control-MicroOS/skelcd-control-MicroOS.changes
2020-12-01 14:21:23.725503017 +0100
+++
/work/SRC/openSUSE:Factory/.skelcd-control-MicroOS.new.2401/skelcd-control-MicroOS.changes
2021-03-24 16:11:13.383830134 +0100
@@ -1,0 +2,41 @@
+Tue Mar 23 11:11:40 EDT 2021 - Neal Gompa <[email protected]>
+
+- Replace installing AppArmor patterns with SELinux ones to
+ work around broken yast-security behavior (boo#1183804)
+- Enable SELinux again (jsc#SMO-20)
+- 20210323.2
+
+-------------------------------------------------------------------
+Tue Mar 23 09:48:31 EDT 2021 - Neal Gompa <[email protected]>
+
+- Install AppArmor patterns again and temporarily revert enabling
+ SELinux by default to unblock other MicroOS stuff (boo#1183804)
+- 20210323.1
+
+-------------------------------------------------------------------
+Tue Mar 23 07:28:11 EDT 2021 - Neal Gompa <[email protected]>
+
+- Stop force-installing AppArmor (boo#1183894)
+- 20210323
+
+-------------------------------------------------------------------
+Mon Mar 22 23:28:11 CEST 2021 - Dario Faggioli <[email protected]>
+
+- Enable COW for /home on GNOME and KDE Desktop
+- 20210322
+
+-------------------------------------------------------------------
+Mon Mar 1 21:13:55 UTC 2021 - David Diaz <[email protected]>
+
+- Set SELinux enforcing mode by default (jsc#SMO-20) .
+- Use the new security proposal client (jsc#SLE-15840,
+ jsc#SLE-17307).
+- 20210303
+
+-------------------------------------------------------------------
+Mon Feb 22 21:45:19 EST 2021 - Neal Gompa <[email protected]>
+
+- Declare package manager patterns for each MicroOS role (boo#1182803)
+- 20210222
+
+-------------------------------------------------------------------
Old:
----
skelcd-control-MicroOS-20201126.tar.bz2
New:
----
skelcd-control-MicroOS-20210323.2.tar.bz2
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ skelcd-control-MicroOS.spec ++++++
--- /var/tmp/diff_new_pack.HKgwuJ/_old 2021-03-24 16:11:14.179830970 +0100
+++ /var/tmp/diff_new_pack.HKgwuJ/_new 2021-03-24 16:11:14.187830978 +0100
@@ -1,7 +1,7 @@
#
# spec file for package skelcd-control-MicroOS
#
-# Copyright (c) 2020 SUSE LLC
+# Copyright (c) 2021 SUSE LLC
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
@@ -118,7 +118,7 @@
URL: https://github.com/yast/skelcd-control-MicroOS
AutoReqProv: off
-Version: 20201126
+Version: 20210323.2
Release: 0
Summary: The MicroOS control file needed for installation
License: MIT
++++++ skelcd-control-MicroOS-20201126.tar.bz2 ->
skelcd-control-MicroOS-20210323.2.tar.bz2 ++++++
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore'
old/skelcd-control-MicroOS-20201126/.github/workflows/ci.yml
new/skelcd-control-MicroOS-20210323.2/.github/workflows/ci.yml
--- old/skelcd-control-MicroOS-20201126/.github/workflows/ci.yml
1970-01-01 01:00:00.000000000 +0100
+++ new/skelcd-control-MicroOS-20210323.2/.github/workflows/ci.yml
2021-03-23 16:18:36.000000000 +0100
@@ -0,0 +1,26 @@
+
+# See
https://docs.github.com/en/actions/reference/workflow-syntax-for-github-actions
+
+name: CI
+
+on: [push, pull_request]
+
+jobs:
+ Package:
+ runs-on: ubuntu-latest
+ container: registry.opensuse.org/yast/head/containers/yast-ruby:latest
+
+ steps:
+
+ - name: Git Checkout
+ uses: actions/checkout@v2
+
+ - name: Install Prerequisites
+ run: rake build_dependencies:install
+
+ # just for easier debugging...
+ - name: Inspect Installed Packages
+ run: rpm -qa | sort
+
+ - name: Package Build
+ run: yast-ci-ruby -o package
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/skelcd-control-MicroOS-20201126/README.md
new/skelcd-control-MicroOS-20210323.2/README.md
--- old/skelcd-control-MicroOS-20201126/README.md 2020-11-26
15:49:12.000000000 +0100
+++ new/skelcd-control-MicroOS-20210323.2/README.md 2021-03-23
16:18:36.000000000 +0100
@@ -1,6 +1,9 @@
skelcd-control-MicroOS
===================
+[](
+https://github.com/yast/skelcd-control-MicroOS/actions?query=branch%3Amaster)
+
Installation control file for openSUSE MicroOS
See also the [documentation for the `control.xml` file][1].
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore'
old/skelcd-control-MicroOS-20201126/control/control.MicroOS.xml
new/skelcd-control-MicroOS-20210323.2/control/control.MicroOS.xml
--- old/skelcd-control-MicroOS-20201126/control/control.MicroOS.xml
2020-11-26 15:49:12.000000000 +0100
+++ new/skelcd-control-MicroOS-20210323.2/control/control.MicroOS.xml
2021-03-23 16:18:36.000000000 +0100
@@ -70,6 +70,15 @@
<!-- bnc #431158: Adjusts /etc/sysconfig/security/POLKIT_DEFAULT_PRIVS
if set -->
<polkit_default_privs>restrictive</polkit_default_privs>
+ <!-- Set SELinux enforcing mode by default -->
+ <selinux>
+ <mode>enforcing</mode>
+ <configurable config:type="boolean">true</configurable>
+ <!-- There are two SELinux patterns available, "selinux" and
"microos_selinux".
+ The latest has been chosen because its similarity with the one
used on
+ SLE Micro, "microos-selinux" -->
+ <patterns>microos_selinux</patterns>
+ </selinux>
</globals>
<software>
@@ -78,7 +87,7 @@
<selection_type config:type="symbol">auto</selection_type>
- <default_patterns>microos_base microos_defaults
microos_hardware</default_patterns>
+ <default_patterns>microos_base microos_base_zypper microos_defaults
microos_hardware</default_patterns>
<!-- bnc#876760: Explicitly selecting these (optional) patterns by
default if they exist -->
<optional_default_patterns>32bit</optional_default_patterns>
@@ -224,7 +233,7 @@
<id>container_host_role</id>
<software>
- <default_patterns>microos_base microos_defaults microos_hardware
microos_apparmor container_runtime</default_patterns>
+ <default_patterns>microos_base microos_base_zypper
microos_defaults microos_hardware microos_selinux
container_runtime</default_patterns>
</software>
<order config:type="integer">200</order>
@@ -242,7 +251,7 @@
<network_manager>always</network_manager>
</network>
<software>
- <default_patterns>microos_base microos_defaults microos_hardware
microos_apparmor microos_gnome_desktop container_runtime</default_patterns>
+ <default_patterns>microos_base microos_base_packagekit
microos_defaults microos_hardware microos_selinux microos_gnome_desktop
container_runtime</default_patterns>
</software>
<partitioning>
<expert_partitioner_warning
config:type="boolean">true</expert_partitioner_warning>
@@ -285,7 +294,6 @@
</subvolume>
<subvolume>
<path>home</path>
- <copy_on_write
config:type="boolean">false</copy_on_write>
</subvolume>
<subvolume>
<path>opt</path>
@@ -349,7 +357,7 @@
<network_manager>always</network_manager>
</network>
<software>
- <default_patterns>microos_base microos_defaults microos_hardware
microos_apparmor microos_kde_desktop container_runtime</default_patterns>
+ <default_patterns>microos_base microos_base_packagekit
microos_defaults microos_hardware microos_selinux microos_kde_desktop
container_runtime</default_patterns>
</software>
<partitioning>
<expert_partitioner_warning
config:type="boolean">true</expert_partitioner_warning>
@@ -392,7 +400,6 @@
</subvolume>
<subvolume>
<path>home</path>
- <copy_on_write
config:type="boolean">false</copy_on_write>
</subvolume>
<subvolume>
<path>opt</path>
@@ -597,6 +604,11 @@
<name>software</name>
<presentation_order>20</presentation_order>
</proposal_module>
+ <!-- Security proposal including firewall, CPU mitigation,
SELinux and PolicyKit -->
+ <proposal_module>
+ <name>security</name>
+ <presentation_order>50</presentation_order>
+ </proposal_module>
</proposal_modules>
</proposal>
@@ -640,8 +652,9 @@
<name>default_target</name>
<presentation_order>75</presentation_order>
</proposal_module>
+ <!-- Security proposal including firewall, CPU mitigation,
SELinux and PolicyKit -->
<proposal_module>
- <name>firewall</name>
+ <name>security</name>
<presentation_order>50</presentation_order>
</proposal_module>
</proposal_modules>
@@ -690,9 +703,9 @@
<name>default_target</name>
<presentation_order>70</presentation_order>
</proposal_module>
- <!-- FaTE #303859 - simple network (in fact firewall) cfg in
1st stage -->
+ <!-- Security proposal including firewall, CPU mitigation,
SELinux and PolicyKit -->
<proposal_module>
- <name>firewall</name>
+ <name>security</name>
<presentation_order>99</presentation_order>
</proposal_module>
<!-- Fate #319624 - proposal and dialog for existing SSH host
keys -->
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore'
old/skelcd-control-MicroOS-20201126/package/skelcd-control-MicroOS.changes
new/skelcd-control-MicroOS-20210323.2/package/skelcd-control-MicroOS.changes
--- old/skelcd-control-MicroOS-20201126/package/skelcd-control-MicroOS.changes
2020-11-26 15:49:12.000000000 +0100
+++
new/skelcd-control-MicroOS-20210323.2/package/skelcd-control-MicroOS.changes
2021-03-23 16:18:36.000000000 +0100
@@ -1,4 +1,45 @@
-------------------------------------------------------------------
+Tue Mar 23 11:11:40 EDT 2021 - Neal Gompa <[email protected]>
+
+- Replace installing AppArmor patterns with SELinux ones to
+ work around broken yast-security behavior (boo#1183804)
+- Enable SELinux again (jsc#SMO-20)
+- 20210323.2
+
+-------------------------------------------------------------------
+Tue Mar 23 09:48:31 EDT 2021 - Neal Gompa <[email protected]>
+
+- Install AppArmor patterns again and temporarily revert enabling
+ SELinux by default to unblock other MicroOS stuff (boo#1183804)
+- 20210323.1
+
+-------------------------------------------------------------------
+Tue Mar 23 07:28:11 EDT 2021 - Neal Gompa <[email protected]>
+
+- Stop force-installing AppArmor (boo#1183894)
+- 20210323
+
+-------------------------------------------------------------------
+Mon Mar 22 23:28:11 CEST 2021 - Dario Faggioli <[email protected]>
+
+- Enable COW for /home on GNOME and KDE Desktop
+- 20210322
+
+-------------------------------------------------------------------
+Mon Mar 1 21:13:55 UTC 2021 - David Diaz <[email protected]>
+
+- Set SELinux enforcing mode by default (jsc#SMO-20) .
+- Use the new security proposal client (jsc#SLE-15840,
+ jsc#SLE-17307).
+- 20210303
+
+-------------------------------------------------------------------
+Mon Feb 22 21:45:19 EST 2021 - Neal Gompa <[email protected]>
+
+- Declare package manager patterns for each MicroOS role (boo#1182803)
+- 20210222
+
+-------------------------------------------------------------------
Thu Nov 26 13:21:56 CEST 2020 - Richard Brown <[email protected]>
- Correct MicroOS Desktop Polkit rules (boo#1163453)
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore'
old/skelcd-control-MicroOS-20201126/package/skelcd-control-MicroOS.spec
new/skelcd-control-MicroOS-20210323.2/package/skelcd-control-MicroOS.spec
--- old/skelcd-control-MicroOS-20201126/package/skelcd-control-MicroOS.spec
2020-11-26 15:49:12.000000000 +0100
+++ new/skelcd-control-MicroOS-20210323.2/package/skelcd-control-MicroOS.spec
2021-03-23 16:18:36.000000000 +0100
@@ -118,7 +118,7 @@
Url: https://github.com/yast/skelcd-control-MicroOS
AutoReqProv: off
-Version: 20201126
+Version: 20210323.2
Release: 0
Summary: The MicroOS control file needed for installation
License: MIT
