Script 'mail_helper' called by obssrc
Hello community,
here is the log from the commit of package container-selinux for
openSUSE:Factory checked in at 2025-01-12 11:09:53
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/container-selinux (Old)
and /work/SRC/openSUSE:Factory/.container-selinux.new.1881 (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "container-selinux"
Sun Jan 12 11:09:53 2025 rev:23 rq:1236910 version:2.234.2
Changes:
--------
--- /work/SRC/openSUSE:Factory/container-selinux/container-selinux.changes
2024-11-30 13:27:17.328313342 +0100
+++
/work/SRC/openSUSE:Factory/.container-selinux.new.1881/container-selinux.changes
2025-01-12 11:10:10.660611205 +0100
@@ -1,0 +2,19 @@
+Fri Jan 10 10:08:37 UTC 2025 - [email protected]
+
+- Update to version 2.234.2:
+ * TMT: enable epel idomatically
+ * Packit: switch back to fedora-all
+ * RPM: Bump Epoch to 4
+ * rpm: ship manpage
+ * Add proper labeling for RamaLama
+ * Packit: remove rhel / epel jobs
+ * packit: remove unused file
+
+-------------------------------------------------------------------
+Thu Jan 9 14:16:15 UTC 2025 - Cathy Hu <[email protected]>
+
+- Add BuildRequires selinux-policy-%{selinuxtype} to enable building
+ for SLFO. Might be removed in the future again when 1231252
+ is fixed.
+
+-------------------------------------------------------------------
Old:
----
container-selinux-2.233.0.tar.xz
New:
----
container-selinux-2.234.2.tar.xz
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ container-selinux.spec ++++++
--- /var/tmp/diff_new_pack.N0WQxT/_old 2025-01-12 11:10:11.260635896 +0100
+++ /var/tmp/diff_new_pack.N0WQxT/_new 2025-01-12 11:10:11.264636061 +0100
@@ -26,7 +26,7 @@
# Version of SELinux we were using
%define selinux_policyver %(rpm -q selinux-policy --qf '%%{version}')
Name: container-selinux
-Version: 2.233.0
+Version: 2.234.2
Release: 0
Summary: SELinux policies for container runtimes
License: GPL-2.0-only
@@ -34,6 +34,7 @@
Source0: container-selinux-%{version}.tar.xz
BuildRequires: selinux-policy
BuildRequires: selinux-policy-devel
+BuildRequires: selinux-policy-%{selinuxtype}
Requires: selinux-policy >= %(rpm -q selinux-policy --qf
'%%{version}-%%{release}')
Requires(posttrans): policycoreutils
Requires(posttrans): /usr/bin/sed
@@ -62,6 +63,8 @@
install -m 644 container_contexts
%{buildroot}/%{_datadir}/containers/selinux/contexts
install -d %{buildroot}%{_datadir}/udica/templates
install -m 0644 udica-templates/*.cil %{buildroot}%{_datadir}/udica/templates
+install -d %{buildroot}%{_mandir}/man8/
+install -pm 0644 container_selinux.8 %{buildroot}%{_mandir}/man8/
%check
@@ -98,4 +101,5 @@
%dir %{_datadir}/udica
%dir %{_datadir}/udica/templates
%{_datadir}/udica/templates/*
+%{_mandir}/man8/container_selinux.8*
++++++ _servicedata ++++++
--- /var/tmp/diff_new_pack.N0WQxT/_old 2025-01-12 11:10:11.312638036 +0100
+++ /var/tmp/diff_new_pack.N0WQxT/_new 2025-01-12 11:10:11.316638200 +0100
@@ -1,6 +1,6 @@
<servicedata>
<service name="tar_scm">
<param
name="url">https://github.com/containers/container-selinux.git</param>
- <param
name="changesrevision">3f06c141bebc00a07eec4c0ded038aac4f2ae3f0</param></service></servicedata>
+ <param
name="changesrevision">7fdbd0e8c428c335406969878f28e14f335f2e7e</param></service></servicedata>
(No newline at EOF)
++++++ container-selinux-2.233.0.tar.xz -> container-selinux-2.234.2.tar.xz
++++++
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/container-selinux-2.233.0/.packit.yaml
new/container-selinux-2.234.2/.packit.yaml
--- old/container-selinux-2.233.0/.packit.yaml 2024-11-04 16:37:32.000000000
+0100
+++ new/container-selinux-2.234.2/.packit.yaml 2024-12-10 09:18:11.000000000
+0100
@@ -13,9 +13,11 @@
- src: plans/
dest: plans/
delete: true
+ mkpath: true
- src: test/
dest: test/
delete: true
+ mkpath: true
- src: .fmf/
dest: .fmf/
delete: true
@@ -28,8 +30,6 @@
container-selinux-centos:
pkg_tool: centpkg
specfile_path: rpm/container-selinux.spec
- container-selinux-rhel:
- specfile_path: rpm/container-selinux.spec
container-selinux-eln:
specfile_path: rpm/container-selinux.spec
@@ -46,10 +46,7 @@
enable_net: true
# container-selinux is noarch so we only need to test on one arch
targets: &fedora_copr_targets
- - fedora-development
- - fedora-latest
- - fedora-ltest-stable
- - fedora-40
+ - fedora-all
- job: copr_build
trigger: pull_request
@@ -68,14 +65,6 @@
- centos-stream-9
- centos-stream-10
- - job: copr_build
- trigger: pull_request
- packages: [container-selinux-rhel]
- notifications: *copr_build_failure_notification
- enable_net: true
- targets:
- - epel-9
-
# Run on commit to main branch
# Build targets managed in copr settings
- job: copr_build
@@ -116,24 +105,6 @@
- type: repository-file
id:
https://copr.fedorainfracloud.org/coprs/rhcontainerbot/podman-next/repo/centos-stream-$releasever/rhcontainerbot-podman-next-centos-stream-$releasever.repo
- # FIXME: Re-enable once podman packit copr builds are re-enabled for el9
- # Tests for RHEL
- #- job: tests
- # trigger: pull_request
- # packages: [container-selinux-rhel]
- # use_internal_tf: true
- # notifications: *test_failure_notification
- # targets:
- # epel-9-x86_64:
- # distros: [RHEL-9.4.0-Nightly,RHEL-9-Nightly]
- # tf_extra_params:
- # environments:
- # - artifacts:
- # - type: repository-file
- # id:
https://copr.fedorainfracloud.org/coprs/rhcontainerbot/podman-next/repo/epel-$releasever/rhcontainerbot-podman-next-epel-$releasever.repo
- # - type: repository-file
- # id:
https://src.fedoraproject.org/rpms/epel-release/raw/epel9/f/epel.repo
-
- job: propose_downstream
trigger: release
packages: [container-selinux-fedora]
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/container-selinux-2.233.0/container.fc
new/container-selinux-2.234.2/container.fc
--- old/container-selinux-2.233.0/container.fc 2024-11-04 16:37:32.000000000
+0100
+++ new/container-selinux-2.234.2/container.fc 2024-12-10 09:18:11.000000000
+0100
@@ -92,6 +92,7 @@
# Unlike the runc-<SNAPSHOTTER> directory, this directory does not contain the
"executor" directory inside it.
/var/lib/buildkit/containerd-.*(/.*?)
gen_context(system_u:object_r:container_ro_file_t,s0)
+HOME_DIR/\.local/share/ramalama(/.*)?
gen_context(system_u:object_r:container_ro_file_t,s0)
HOME_DIR/\.local/share/containers/storage/overlay(/.*)?
gen_context(system_u:object_r:container_ro_file_t,s0)
HOME_DIR/\.local/share/containers/storage/overlay2(/.*)?
gen_context(system_u:object_r:container_ro_file_t,s0)
HOME_DIR/\.local/share/containers/storage/overlay-layers(/.*)?
gen_context(system_u:object_r:container_ro_file_t,s0)
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/container-selinux-2.233.0/container.if
new/container-selinux-2.234.2/container.if
--- old/container-selinux-2.233.0/container.if 2024-11-04 16:37:32.000000000
+0100
+++ new/container-selinux-2.234.2/container.if 2024-12-10 09:18:11.000000000
+0100
@@ -562,6 +562,7 @@
# Third-party snapshotters
filetrans_pattern($1, container_var_lib_t, container_ro_file_t, dir,
"containerd-soci")
+ filetrans_pattern($1, data_home_t, container_ro_file_t, dir, "ramalama")
filetrans_pattern($1, data_home_t, container_ro_file_t, dir, "overlay")
filetrans_pattern($1, data_home_t, container_ro_file_t, dir,
"overlay-images")
filetrans_pattern($1, data_home_t, container_ro_file_t, dir,
"overlay-layers")
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/container-selinux-2.233.0/container.te
new/container-selinux-2.234.2/container.te
--- old/container-selinux-2.233.0/container.te 2024-11-04 16:37:32.000000000
+0100
+++ new/container-selinux-2.234.2/container.te 2024-12-10 09:18:11.000000000
+0100
@@ -1,4 +1,4 @@
-policy_module(container, 2.234.0)
+policy_module(container, 2.234.2)
gen_require(`
class passwd rootok;
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/container-selinux-2.233.0/plans/all.fmf
new/container-selinux-2.234.2/plans/all.fmf
--- old/container-selinux-2.233.0/plans/all.fmf 2024-11-04 16:37:32.000000000
+0100
+++ new/container-selinux-2.234.2/plans/all.fmf 1970-01-01 01:00:00.000000000
+0100
@@ -1,20 +0,0 @@
-discover:
- how: fmf
-execute:
- how: tmt
-
-/upstream:
- summary: Run SELinux specific Podman tests on upstream PRs
- discover+:
- filter: tag:upstream
- adjust+:
- enabled: false
- when: initiator is not defined or initiator != packit
-
-/downstream:
- summary: Run SELinux specific Podman tests on bodhi / errata and dist-git
PRs
- discover+:
- filter: tag:downstream
- adjust+:
- enabled: false
- when: initiator == packit
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/container-selinux-2.233.0/plans/main.fmf
new/container-selinux-2.234.2/plans/main.fmf
--- old/container-selinux-2.233.0/plans/main.fmf 1970-01-01
01:00:00.000000000 +0100
+++ new/container-selinux-2.234.2/plans/main.fmf 2024-12-10
09:18:11.000000000 +0100
@@ -0,0 +1,23 @@
+discover:
+ how: fmf
+execute:
+ how: tmt
+prepare:
+ how: feature
+ epel: enabled
+
+/upstream:
+ summary: Run SELinux specific Podman tests on upstream PRs
+ discover+:
+ filter: tag:upstream
+ adjust+:
+ enabled: false
+ when: initiator is not defined or initiator != packit
+
+/downstream:
+ summary: Run SELinux specific Podman tests on bodhi / errata and dist-git
PRs
+ discover+:
+ filter: tag:downstream
+ adjust+:
+ enabled: false
+ when: initiator == packit
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/container-selinux-2.233.0/rpm/container-selinux.spec
new/container-selinux-2.234.2/rpm/container-selinux.spec
--- old/container-selinux-2.233.0/rpm/container-selinux.spec 2024-11-04
16:37:32.000000000 +0100
+++ new/container-selinux-2.234.2/rpm/container-selinux.spec 2024-12-10
09:18:11.000000000 +0100
@@ -30,7 +30,7 @@
%if %{defined copr_build}
Epoch: 102
%else
-Epoch: 2
+Epoch: 4
%endif
# Keep Version in upstream specfile at 0. It will be automatically set
# to the correct value by Packit for copr and koji builds.
@@ -86,9 +86,6 @@
%_format MODULES $x.pp.bz2
%{__make} DATADIR=%{buildroot}%{_datadir}
SYSCONFDIR=%{buildroot}%{_sysconfdir} install install.udica-templates
install.selinux-user
-# Ref: https://bugzilla.redhat.com/show_bug.cgi?id=2209120
-rm %{buildroot}%{_mandir}/man8/container_selinux.8
-
%pre
%selinux_relabel_pre
@@ -126,7 +123,7 @@
%dir %{_datadir}/udica/templates/
%{_datadir}/udica/templates/*
# Ref: https://bugzilla.redhat.com/show_bug.cgi?id=2209120
-#%%{_mandir}/man8/container_selinux.8.gz
+%{_mandir}/man8/container_selinux.8.gz
%{_sysconfdir}/selinux/targeted/contexts/users/container_u
%ghost %verify(not mode)
%{_selinux_store_path}/targeted/active/modules/200/%{modulenames}
%ghost %verify(not mode)
%{_selinux_store_path}/mls/active/modules/200/%{modulenames}
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/container-selinux-2.233.0/rpm/update-spec-version.sh
new/container-selinux-2.234.2/rpm/update-spec-version.sh
--- old/container-selinux-2.233.0/rpm/update-spec-version.sh 2024-11-04
16:37:32.000000000 +0100
+++ new/container-selinux-2.234.2/rpm/update-spec-version.sh 1970-01-01
01:00:00.000000000 +0100
@@ -1,11 +0,0 @@
-#!/usr/bin/env bash
-
-# This script will update the Version field in the spec which is set to 0 by
-# default. Useful for local manual rpm builds where the Version needs to be set
-# correctly.
-
-SPEC_FILE=$(pwd)/container-selinux.spec
-LATEST_TAG=$(git tag --sort=creatordate | tail -1)
-LATEST_VERSION=$(echo $LATEST_TAG | sed -e 's/^v//')
-
-sed -i "s/^Version:.*/Version: $LATEST_VERSION/" $SPEC_FILE
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/container-selinux-2.233.0/test/main.fmf
new/container-selinux-2.234.2/test/main.fmf
--- old/container-selinux-2.233.0/test/main.fmf 2024-11-04 16:37:32.000000000
+0100
+++ new/container-selinux-2.234.2/test/main.fmf 2024-12-10 09:18:11.000000000
+0100
@@ -1,7 +1,9 @@
# Only common dependencies that are NOT required to run podman-tests.sh are
# specified here. Everything else is in podman-tests.sh.
require:
+ - bats
- cpio
+ - golang
- make
- policycoreutils
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/container-selinux-2.233.0/test/podman-tests.sh
new/container-selinux-2.234.2/test/podman-tests.sh
--- old/container-selinux-2.233.0/test/podman-tests.sh 2024-11-04
16:37:32.000000000 +0100
+++ new/container-selinux-2.234.2/test/podman-tests.sh 2024-12-10
09:18:11.000000000 +0100
@@ -51,10 +51,6 @@
popd
-# Install dependencies for running tests
-# NOTE: bats will be fetched from Fedora repos on public testing-farm envs if
EPEL repo is absent or disabled.
-dnf -y install bats golang
-
# Print versions of distro and installed packages
rpm -q bats container-selinux golang podman podman-tests selinux-policy
