Script 'mail_helper' called by obssrc
Hello community,
here is the log from the commit of package drbd-utils for openSUSE:Factory
checked in at 2025-03-19 22:33:41
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/drbd-utils (Old)
and /work/SRC/openSUSE:Factory/.drbd-utils.new.4956 (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "drbd-utils"
Wed Mar 19 22:33:41 2025 rev:64 rq:1254272 version:9.29.0
Changes:
--------
--- /work/SRC/openSUSE:Factory/drbd-utils/drbd-utils.changes 2025-03-16
18:59:53.895761544 +0100
+++ /work/SRC/openSUSE:Factory/.drbd-utils.new.4956/drbd-utils.changes
2025-03-19 22:33:57.390713840 +0100
@@ -1,0 +2,8 @@
+Mon Mar 17 13:32:00 UTC 2025 - Heming Zhao <heming.z...@suse.com>
+
+- Default SELinux Profile prevents configuration of drbd_passive resources in
cluster (bsc#1239436)
+ * update spec file to create a new package drbd-selinux
+ * update patch bsc-1233273_drbd.ocf-update-for-OCF-1.1.patch
+ - fix the commit log mistake and typo, no code change
+
+-------------------------------------------------------------------
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ drbd-utils.spec ++++++
--- /var/tmp/diff_new_pack.jXGLzR/_old 2025-03-19 22:34:00.794857147 +0100
+++ /var/tmp/diff_new_pack.jXGLzR/_new 2025-03-19 22:34:00.810857821 +0100
@@ -31,6 +31,10 @@
# Man pages are included in the released tarball.
# Only need po4a to build man from git source code
%bcond_without prebuiltman
+
+%global selinuxtype targeted
+%global selinuxmodulename drbd
+
Name: drbd-utils
Version: 9.29.0
Release: 0
@@ -103,6 +107,7 @@
Provides: drbd-control
Provides: drbdsetup
BuildRoot: %{_tmppath}/%{name}-%{version}-build
+Requires: (drbd-selinux if selinux-policy-%{selinuxtype})
%description
Drbd is a distributed replicated block device. It mirrors a block
@@ -143,9 +148,12 @@
--without-84support
%make_build OPTFLAGS="%{optflags}"
+%make_build selinux
%install
%make_install
+install -d %{buildroot}%{_datadir}/selinux/packages
+install -m 0644 selinux/drbd.pp.bz2 %{buildroot}%{_datadir}/selinux/packages
%ifnarch %{ix86} x86_64
rm -rf %{buildroot}%{_sysconfdir}/xen
@@ -153,6 +161,48 @@
rm -rf %{buildroot}%{libdir}/drbd/crm-*fence-peer.sh # bsc#1204276
+# following for drbd-selinux
+
+%package -n drbd-selinux
+Summary: SElinux policy for DRBD
+BuildRequires: checkpolicy
+BuildRequires: selinux-policy
+BuildRequires: selinux-policy-%{selinuxtype}
+BuildRequires: selinux-policy-devel
+Requires: policycoreutils
+Requires: policycoreutils-python-utils
+Requires: selinux-policy >= %{_selinux_policy_version}
+
+%description -n drbd-selinux
+drbd-selinux contains the SELinux policy meant to be used with this version of
DRBD and related tools.
+
+%files -n drbd-selinux
+%attr(0644,root,root) %{_datadir}/selinux/packages/%{selinuxmodulename}.pp.bz2
+%ghost
%{_sharedstatedir}/selinux/%{selinuxtype}/active/modules/200/%{selinuxmodulename}
+
+%pre -n drbd-selinux
+%selinux_relabel_pre -s %{selinuxtype}
+
+%post -n drbd-selinux
+# install selinux policy module with priority 200 to override the default
policy
+# maybe we want/need the next line to &> /dev/null
+%selinux_modules_install -s %{selinuxtype} -p 200
%{_datadir}/selinux/packages/%{selinuxmodulename}.pp.bz2
+
+%postun -n drbd-selinux
+if [ $1 -eq 0 ]; then
+ %selinux_modules_uninstall -s %{selinuxtype} -p 200 %{selinuxmodulename}
+fi
+
+# We we want a "rich forward dependency" of drbd-utils to drbd-selinux,
+# we above use
+# Requires: (drbd-selinux if selinux-policy-targeted)
+# We need to relabel in posttrans, because in post the files to
+# relabel may not be installed yet.
+%posttrans -n drbd-selinux
+# maybe &> /dev/null
+%selinux_relabel_post -s %{selinuxtype}
+
+# below for package drbd-utils
%pre
%service_add_pre %{services}
++++++ bsc-1233273_drbd.ocf-update-for-OCF-1.1.patch ++++++
--- /var/tmp/diff_new_pack.jXGLzR/_old 2025-03-19 22:34:01.690894869 +0100
+++ /var/tmp/diff_new_pack.jXGLzR/_new 2025-03-19 22:34:01.742897058 +0100
@@ -7,13 +7,13 @@
1. bumps drbd ocf version to 1.5
2. updates the <version> element to 1.1 for declare support OCF 1.1.
3. uses unique-group attribute but keeps deprecated unique attribute.
-4. advertises new role names 'Unpromoted' and 'Unpromoted' instead of
+4. advertises new role names 'promoted' and 'Unpromoted' instead of
'Master' and 'Slave'.
-Because of change[4], the drbd ocf RA won't be able to support old
+Because of change <4>, the drbd ocf RA won't be able to support old
names so we need to bump version of the RA.
-Links:
https://projects.clusterlabs.org/w/development/update_resource_agent_for_ocf_1.1/
+[1] Links:
https://projects.clusterlabs.org/w/development/update_resource_agent_for_ocf_1.1/
Signed-off-by: Su Yue <glass...@suse.com>
---
scripts/drbd.ocf | 16 ++++++++--------
