commit libteam for openSUSE:Factory

Tue, 19 Oct 2021 14:03:46 -0700 

Script 'mail_helper' called by obssrc
Hello community,

here is the log from the commit of package libteam for openSUSE:Factory checked 
in at 2021-10-19 23:03:32
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/libteam (Old)
 and      /work/SRC/openSUSE:Factory/.libteam.new.1890 (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

Package is "libteam"

Tue Oct 19 23:03:32 2021 rev:21 rq:925662 version:1.31

Changes:
--------
--- /work/SRC/openSUSE:Factory/libteam/libteam.changes  2020-09-03 
01:07:39.088336935 +0200
+++ /work/SRC/openSUSE:Factory/.libteam.new.1890/libteam.changes        
2021-10-19 23:03:35.421266491 +0200
@@ -1,0 +2,6 @@
+Fri Oct 15 07:32:26 UTC 2021 - Johannes Segitz <[email protected]>
+
+- Added hardening to systemd service(s) (bsc#1181400). Added patch(es):
+  * [email protected]
+
+-------------------------------------------------------------------

New:
----
  [email protected]

++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

Other differences:
------------------
++++++ libteam.spec ++++++
--- /var/tmp/diff_new_pack.aBiH9W/_old  2021-10-19 23:03:35.841266682 +0200
+++ /var/tmp/diff_new_pack.aBiH9W/_new  2021-10-19 23:03:35.841266682 +0200
@@ -31,6 +31,7 @@
 Patch2:         start_teamd_from_usr_sbin.patch
 Patch3:         ignore_ebusy_for_team_hwaddr_set.patch
 Patch4:         0001-allow-send_interface-dbus.patch
+Patch5:        [email protected]
 BuildRequires:  doxygen
 BuildRequires:  libcap-devel
 BuildRequires:  libtool

++++++ [email protected] ++++++
Index: libteam-1.31/teamd/redhat/systemd/[email protected]
===================================================================
--- libteam-1.31.orig/teamd/redhat/systemd/[email protected]
+++ libteam-1.31/teamd/redhat/systemd/[email protected]
@@ -4,6 +4,17 @@ Before=network-pre.target
 Wants=network-pre.target
 
 [Service]
+# added automatically, for details please see
+# https://en.opensuse.org/openSUSE:Security_Features#Systemd_hardening_effort
+ProtectSystem=full
+ProtectHome=true
+ProtectHostname=true
+ProtectKernelTunables=true
+ProtectKernelModules=true
+ProtectKernelLogs=true
+ProtectControlGroups=true
+RestrictRealtime=true
+# end of automatic additions 
 BusName=org.libteam.teamd.%i
 ExecStart=/usr/sbin/teamd -U -D -o -t %i -f /run/teamd/%i.conf
 Restart=on-failure

Reply via email to