Script 'mail_helper' called by obssrc
Hello community,

here is the log from the commit of package polkit-default-privs for 
openSUSE:Factory checked in at 2021-10-11 16:48:41
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/polkit-default-privs (Old)
 and      /work/SRC/openSUSE:Factory/.polkit-default-privs.new.2443 (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

Package is "polkit-default-privs"

Mon Oct 11 16:48:41 2021 rev:205 rq:924174 version:1550+20211008.9751669

Changes:
--------
--- 
/work/SRC/openSUSE:Factory/polkit-default-privs/polkit-default-privs.changes    
    2021-08-25 20:55:57.645338224 +0200
+++ 
/work/SRC/openSUSE:Factory/.polkit-default-privs.new.2443/polkit-default-privs.changes
      2021-10-11 16:48:49.978188448 +0200
@@ -1,0 +2,16 @@
+Fri Oct  8 09:28:28 UTC 2021 - Matthias Gerstner <matthias.gerst...@suse.com>
+
+- drop backward compatibility symlink in /etc/polkit-default-privs.standard.
+  rpmlint 2.0 is now in Factory and the check there directly uses the profile
+  in /usr/etc/polkit-default-privs/profiles/standard.
+- drop polkit-whitelisting sub-package. This is now handled in rpmlint 2.0
+  internally.
+
+-------------------------------------------------------------------
+Fri Oct 08 09:22:37 UTC 2021 - matthias.gerst...@suse.com
+
+- Update to version 1550+20211008.9751669:
+  * whitelist power-profiles-daemon actions (bsc#1189900)
+  * cleanup: remove polkit-rules-whitelist.json
+
+-------------------------------------------------------------------

Old:
----
  polkit-default-privs-1550+20210818.b0c41fd.tar.xz

New:
----
  polkit-default-privs-1550+20211008.9751669.tar.xz

++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

Other differences:
------------------
++++++ polkit-default-privs.spec ++++++
--- /var/tmp/diff_new_pack.7eHNgO/_old  2021-10-11 16:48:50.534189332 +0200
+++ /var/tmp/diff_new_pack.7eHNgO/_new  2021-10-11 16:48:50.538189339 +0200
@@ -23,7 +23,7 @@
 %endif
 
 Name:           polkit-default-privs
-Version:        1550+20210818.b0c41fd
+Version:        1550+20211008.9751669
 Release:        0
 Summary:        SUSE PolicyKit default permissions
 License:        GPL-2.0-or-later
@@ -66,11 +66,6 @@
 make install DESTDIR=$RPM_BUILD_ROOT fillupdir="%{_fillupdir}"
 mkdir -p $RPM_BUILD_ROOT/etc/polkit-1/rules.d/
 > $RPM_BUILD_ROOT/etc/polkit-1/rules.d/90-default-privs.rules
-# TODO: this is a backward compatibility entry for the rpmlint-mini check for
-# polkit priv whitelistings. When rpmlint2 is fully in production we shouldn't
-# need this any more (apart from adjusting the rpmlint checker in rpmlint2
-# on the opensuse upstream branch).
-ln -s /usr/etc/polkit-default-privs/profiles/standard 
$RPM_BUILD_ROOT/etc/polkit-default-privs.standard
 
 %post
 %{fillup_only -ns security polkit_default_privs}
@@ -87,14 +82,9 @@
 %{profiledir}/standard
 %{profiledir}/restrictive
 %{basedir}/local.template
-%{_sysconfdir}/polkit-default-privs.standard
 /sbin/chkstat-polkit
 /sbin/set_polkit_default_privs
 %_mandir/man*/*
 %{_fillupdir}/sysconfig.security-polkit_default_privs
 
-%files -n polkit-whitelisting
-%defattr(-,root,root)
-/etc/polkit-rules-whitelist.json
-
 %changelog

++++++ _servicedata ++++++
--- /var/tmp/diff_new_pack.7eHNgO/_old  2021-10-11 16:48:50.570189390 +0200
+++ /var/tmp/diff_new_pack.7eHNgO/_new  2021-10-11 16:48:50.570189390 +0200
@@ -1,4 +1,4 @@
 <servicedata>
 <service name="tar_scm">
                 <param 
name="url">https://github.com/openSUSE/polkit-default-privs.git</param>
-              <param 
name="changesrevision">b0c41fdd805a1d1bfb286cc0fcd78f7e20d109c0</param></service></servicedata>
\ No newline at end of file
+              <param 
name="changesrevision">8f04b5e25b2404ce118f06d681bb4ef8b744251c</param></service></servicedata>
\ No newline at end of file

++++++ polkit-default-privs-1550+20210818.b0c41fd.tar.xz -> 
polkit-default-privs-1550+20211008.9751669.tar.xz ++++++
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' old/polkit-default-privs-1550+20210818.b0c41fd/Makefile 
new/polkit-default-privs-1550+20211008.9751669/Makefile
--- old/polkit-default-privs-1550+20210818.b0c41fd/Makefile     2021-08-18 
14:57:31.000000000 +0200
+++ new/polkit-default-privs-1550+20211008.9751669/Makefile     2021-10-08 
11:05:53.000000000 +0200
@@ -28,8 +28,6 @@
        install -m 644 etc/sysconfig.security-polkit_default_privs 
$(DESTDIR)$(fillupdir)
        # create a safe directory for potential custom profiles
        install -d $(DESTDIR)/etc/polkit-default-privs
-       # TODO: remove whitelist.json once rpmlint2 is in place
-       install -m 644 etc/polkit-rules-whitelist.json $(DESTDIR)/etc
        install -m 644 README.md $(DESTDIR)$(docdir)/polkit-default-privs
        @for src in $(manpages); do \
                page=`basename $$src` \
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' old/polkit-default-privs-1550+20210818.b0c41fd/README.md 
new/polkit-default-privs-1550+20211008.9751669/README.md
--- old/polkit-default-privs-1550+20210818.b0c41fd/README.md    2021-08-18 
14:57:31.000000000 +0200
+++ new/polkit-default-privs-1550+20211008.9751669/README.md    2021-10-08 
11:05:53.000000000 +0200
@@ -43,17 +43,6 @@
 broken software in extreme cases. We are trying to catch theses cases and
 patch our packages or improve upstream code.
 
-rules.d whitelisting
---------------------
-
-Polkit uses Java Script snippets to allow customization of the authentication
-process. Additional rule files can be installed in `/etc/polkit-1/rules.d` and
-`/usr/share/polkit-1/rules.d`. These files are independent of the polkit
-profiles implemented by polkit-default-privs. Therefore a separate
-whitelisting for them is managed in this repository found in
-`etc/polkit-rules-whitelist.json`. This whitelist is used by SUSE
-rpmlint-checks to determine valid additions to those directories.
-
 Maintainer
 ----------
 
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' 
old/polkit-default-privs-1550+20210818.b0c41fd/etc/polkit-rules-whitelist.json 
new/polkit-default-privs-1550+20211008.9751669/etc/polkit-rules-whitelist.json
--- 
old/polkit-default-privs-1550+20210818.b0c41fd/etc/polkit-rules-whitelist.json  
    2021-08-18 14:57:31.000000000 +0200
+++ 
new/polkit-default-privs-1550+20211008.9751669/etc/polkit-rules-whitelist.json  
    1970-01-01 01:00:00.000000000 +0100
@@ -1,114 +0,0 @@
-{
-       "polkit-default-privs": {
-               "audits": {
-                       "bsc#1125314": {
-                               "comment": "rules dynamically generated by our 
own polkit profile tooling",
-                               "digests": {
-                                       
"/etc/polkit-1/rules.d/90-default-privs.rules": "skip:<none>"
-                               }
-                       }
-               }
-       },
-       "polkit": {
-               "audits": {
-                       "bsc#1125314": {
-                               "comment": "default rule shipped by polkit, 
allows uid 0 to do everything",
-                               "digests": {
-                                       
"/usr/share/polkit-1/rules.d/50-default.rules": 
"sha256:aea3041de2c15db8683620de8533206e50241c309eb27893605d5ead17e5e75f"
-                               }
-                       }
-               }
-       },
-       "systemd": {
-               "audits": {
-                       "bsc#1125438": {
-                               "comment": "allows systemd-networkd to set 
hostname and timezone from DHCP information",
-                               "digests": {
-                                       
"/usr/share/polkit-1/rules.d/60-systemd-networkd.rules": 
"sha256:bf10f0b71878f90516b89d205a7fb2f8363cec6614ec717da88c2acf49c276a5"
-                               }
-                       }
-               }
-       },
-       "systemd-network": {
-               "audits": {
-                       "bsc#1125438": {
-                               "comment": "allows systemd-networkd to set 
hostname and timezone from DHCP information",
-                               "digests": {
-                                       
"/usr/share/polkit-1/rules.d/60-systemd-networkd.rules": 
"sha256:bf10f0b71878f90516b89d205a7fb2f8363cec6614ec717da88c2acf49c276a5"
-                               }
-                       },
-                       "bsc#1185469": {
-                               "comment": "minor non-functional incremental 
change",
-                               "digests": {
-                                       
"/usr/share/polkit-1/rules.d/60-systemd-networkd.rules": 
"sha256:f199e386a9297858331b00df07ed0b0ee5fcf4bea67f6c0bccc8a92b7e310bbd"
-                               }
-                       }
-               }
-       },
-       "flatpak": {
-               "audits": {
-                       "bsc#984817": {
-                               "comment": "allows the wheel group to operate 
in a passwordless fashion. this is an exception at the moment since normally we 
don't follow the special meaning of 'wheel'",
-                               "digests": {
-                                       
"/usr/share/polkit-1/rules.d/60-org.freedesktop.Flatpak.rules": 
"sha256:a439399ec33c8909e935e68d2daf3a76dff411d94ade3a8e15243a7da68a7005"
-                               }
-                       },
-                       "bsc#1161091": {
-                               "comment": "flatpak 1.6 changes the rule file 
to add override-parental-controls. Requires AUTH_ADMIN",
-                               "digests": {
-                                       
"/usr/share/polkit-1/rules.d/60-org.freedesktop.Flatpak.rules": 
"sha256:89e33e299ddf829a6302e855c005931a1f703c64696b86c423fb2851e225fbaf"
-                               }
-                       }
-               }
-       },
-       "libvirt-daemon": {
-               "audits": {
-                               "bsc#1125314": {
-                                       "comment": "allows members of the group 
libvirt to manage libvirt without password",
-                                       "digests": {
-                                               
"/usr/share/polkit-1/rules.d/50-libvirt.rules": 
"sha256:18ecc523dec42f91c679143043c9b28ef82eac68d1729a21d371c18eb93f2a18"
-                                       }
-                       }
-               }
-       },
-       "gnome-initial-setup": {
-               "audits": {
-                       "bsc#1125432": {
-                               "comment": "Allows gnome-initial-session to 
configure the system after input is collected from the user",
-                               "digests": {
-                                       
"/usr/share/polkit-1/rules.d/20-gnome-initial-setup.rules": 
"sha256:6daefe0a835dc1b34513302f393e98089c137602823f41fd0c3dd984c40902d8"
-                               }
-                       }
-               }
-       },
-       "libvirt-dbus": {
-               "audits": {
-                       "bsc#1173093": {
-                               "comment": "Allows the libvirt-dbus daemon to 
run unprivileged but still control libvirt",
-                               "digests": {
-                                       
"/usr/share/polkit-1/rules.d/libvirt-dbus.rules": 
"sha256:1ae3b094d372d0108f34b58f577d133fdf0c9527bd5b72edf1d22a13daa74f6e"
-                               }
-                       }
-               }
-       },
-       "malcontent": {
-               "audits": {
-                       "bsc#1177974": {
-                               "comment": "Allows wheel members to bypass 
parental controls. We allow this as an exception (granting implicit 
authorization to wheel) since this is not security relevant per se.",
-                               "digests": {
-                                       
"/usr/share/polkit-1/rules.d/com.endlessm.ParentalControls.rules": 
"sha256:4dca105e78ff95c2317386d4df4f959f0c055eec13e12c34c48084b9bbb385b4"
-                               }
-                       }
-               }
-       },
-       "brltty": {
-               "audits": {
-                       "bsc#1180593": {
-                               "comment": "Allows members of 'brltty' to 
implicitly get polkit authorization",
-                               "digests": {
-                                       
"/usr/share/polkit-1/rules.d/org.a11y.brlapi.rules": 
"sha256:f8f1dc555dfc72fd95263e107cd87f44b3d1ce899dbdc0f11b7dfbccaa92a434"
-                               }
-                       }
-               }
-       }
-}
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' 
old/polkit-default-privs-1550+20210818.b0c41fd/profiles/easy 
new/polkit-default-privs-1550+20211008.9751669/profiles/easy
--- old/polkit-default-privs-1550+20210818.b0c41fd/profiles/easy        
2021-08-18 14:57:31.000000000 +0200
+++ new/polkit-default-privs-1550+20211008.9751669/profiles/easy        
2021-10-08 11:05:53.000000000 +0200
@@ -723,3 +723,7 @@
 
 #  zypp-gui repository manager (bsc#1188364)
 zypp.gui.pkexec.run auth_admin:auth_admin:auth_admin_keep
+
+# a daemon that deals with system power settings (bsc#1189900)
+net.hadess.PowerProfiles.switch-profile auth_admin:yes:yes
+net.hadess.PowerProfiles.hold-profile auth_admin:yes:yes
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' 
old/polkit-default-privs-1550+20210818.b0c41fd/profiles/restrictive 
new/polkit-default-privs-1550+20211008.9751669/profiles/restrictive
--- old/polkit-default-privs-1550+20210818.b0c41fd/profiles/restrictive 
2021-08-18 14:57:31.000000000 +0200
+++ new/polkit-default-privs-1550+20211008.9751669/profiles/restrictive 
2021-10-08 11:05:53.000000000 +0200
@@ -724,3 +724,7 @@
 
 #  zypp-gui repository manager (bsc#1188364)
 zypp.gui.pkexec.run no:no:auth_admin_keep
+
+# a daemon that deals with system power settings (bsc#1189900)
+net.hadess.PowerProfiles.switch-profile no:no:yes
+net.hadess.PowerProfiles.hold-profile no:no:yes
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' 
old/polkit-default-privs-1550+20210818.b0c41fd/profiles/standard 
new/polkit-default-privs-1550+20211008.9751669/profiles/standard
--- old/polkit-default-privs-1550+20210818.b0c41fd/profiles/standard    
2021-08-18 14:57:31.000000000 +0200
+++ new/polkit-default-privs-1550+20211008.9751669/profiles/standard    
2021-10-08 11:05:53.000000000 +0200
@@ -725,3 +725,7 @@
 
 #  zypp-gui repository manager (bsc#1188364)
 zypp.gui.pkexec.run auth_admin:auth_admin:auth_admin_keep
+
+# a daemon that deals with system power settings (bsc#1189900)
+net.hadess.PowerProfiles.switch-profile no:no:yes
+net.hadess.PowerProfiles.hold-profile no:no:yes

Reply via email to