subject:"Fedora COPR repositories with builds of latest code"

Re: Fedora COPR repositories with builds of latest code

2017-05-25 Thread Dominick Grift

On Thu, May 25, 2017 at 11:40:49AM +0200, Petr Lautrbach wrote:
> On 05/25/2017 07:44 AM, Dominick Grift wrote:
> > On Wed, May 24, 2017 at 04:40:55PM -0400, Stephen Smalley wrote:
> > > On Wed, 2017-05-24 at 16:53 +0200, Dominick Grift wrote:
> > > > On Wed, May 24, 2017 at 04:33:16PM +0200, Dominick Grift wrote:
> > > > > On Wed, May 24, 2017 at 04:22:08PM +0200, Petr Lautrbach wrote:
> > > > > > For the motivation see
> > > > > > https://marc.info/?l=selinux=149435307518336=2
> > > > > 
> > > > > Thanks! I enabled the one with Fedora patches because i need
> > > > > python3 support for setools4
> > > > > 
> > > > > This should allow me to enable extended_socket_class functionality
> > > > > and test it.
> > > > > 
> > > > > I hope this repository will be maintained consistently so that it
> > > > > can be useful
> > > > 
> > > > I just enabled the extended_socket_class capability and in seinfo --
> > > > polcap -x it currently shows up as "redhat1":
> > > > 
> > > > # seinfo --polcap -x
> > > > 
> > > > Polcap: 3
> > > > policycap network_peer_controls;
> > > > policycap open_perms;
> > > > policycap redhat1;
> > > > 
> > > > I know the redhat1 polcap is re-used but not sure if this expected to
> > > > return like that...
> > > 
> > > Maybe setools4 hasn't been rebuilt to use the updated libsepol, or has
> > > its own internal table of the policy capability string names?
> > 
> > thanks , yes thats the case (former)
> 
> I will update scripts to rebuild setools together with selinux sources and
> provide setools builds in copr repos

Thank you
> 
> > 
> > > 
> > > > 
> > > > > 
> > > > > > 
> > > > > > I've restarted building of Fedora packages based on latest
> > > > > > SELinux userspace code in Fedora COPR. Packages are built using
> > > > > > the https://gitlab.com/bachradsusi/selinux-rpm project.
> > > > > > 
> > > > > > There is a new selinux.spec [1] file which allows to build all
> > > > > > Fedora packages from one src.rpm and Makefile which makes the
> > > > > > process simple.
> > > > > > 
> > > > > > Currently there are two COPR projects:
> > > > > > 
> > > > > > * https://copr.fedorainfracloud.org/coprs/plautrba/selinux-fedora
> > > > > > /
> > > > > > 
> > > > > > This is built with Python3 support based on Fedora patches which
> > > > > > are rebased against latest upstream code.
> > > > > > 
> > > > > > 
> > > > > > * https://copr.fedorainfracloud.org/coprs/plautrba/selinux-SELinu
> > > > > > xProject/
> > > > > > 
> > > > > > This is based on pure upstream sources and without Python 3.
> > > > > > 
> > > > > > 
> > > > > > Currently I run copr builds manually but the plan is to make it
> > > > > > fully automated.
> > > > > > 
> > > > > > 
> > > > > > Let me know if you find it useful or if you have ideas, comments
> > > > > > and so on.
> > > > > > 
> > > > > > 
> > > > > > [1] https://gitlab.com/bachradsusi/selinux-rpm/blob/master/selinu
> > > > > > x.spec
> > > > > > 
> > > > > > 
> > > > > > Thanks,
> > > > > > 
> > > > > > Petr
> > > > > 
> > > > > -- 
> > > > > Key fingerprint = 5F4D 3CDB D3F8 3652 FBD8  02D5 3B6C 5F1D 2C7B
> > > > > 6B02
> > > > > https://sks-keyservers.net/pks/lookup?op=get=0x3B6C5F1D2C7B6
> > > > > B02
> > > > > Dominick Grift
> > > > 
> > > > 
> > > > 
> > 
> 

-- 
Key fingerprint = 5F4D 3CDB D3F8 3652 FBD8  02D5 3B6C 5F1D 2C7B 6B02
https://sks-keyservers.net/pks/lookup?op=get=0x3B6C5F1D2C7B6B02
Dominick Grift


signature.asc
Description: PGP signature

Re: Fedora COPR repositories with builds of latest code

2017-05-25 Thread Petr Lautrbach


On 05/25/2017 07:44 AM, Dominick Grift wrote:

On Wed, May 24, 2017 at 04:40:55PM -0400, Stephen Smalley wrote:

On Wed, 2017-05-24 at 16:53 +0200, Dominick Grift wrote:

On Wed, May 24, 2017 at 04:33:16PM +0200, Dominick Grift wrote:

On Wed, May 24, 2017 at 04:22:08PM +0200, Petr Lautrbach wrote:

For the motivation see
https://marc.info/?l=selinux=149435307518336=2


Thanks! I enabled the one with Fedora patches because i need
python3 support for setools4

This should allow me to enable extended_socket_class functionality
and test it.

I hope this repository will be maintained consistently so that it
can be useful


I just enabled the extended_socket_class capability and in seinfo --
polcap -x it currently shows up as "redhat1":

# seinfo --polcap -x

Polcap: 3
policycap network_peer_controls;
policycap open_perms;
policycap redhat1;

I know the redhat1 polcap is re-used but not sure if this expected to
return like that...


Maybe setools4 hasn't been rebuilt to use the updated libsepol, or has
its own internal table of the policy capability string names?


thanks , yes thats the case (former)


I will update scripts to rebuild setools together with selinux sources 
and provide setools builds in copr repos












I've restarted building of Fedora packages based on latest
SELinux userspace code in Fedora COPR. Packages are built using
the https://gitlab.com/bachradsusi/selinux-rpm project.

There is a new selinux.spec [1] file which allows to build all
Fedora packages from one src.rpm and Makefile which makes the
process simple.

Currently there are two COPR projects:

* https://copr.fedorainfracloud.org/coprs/plautrba/selinux-fedora
/

This is built with Python3 support based on Fedora patches which
are rebased against latest upstream code.


* https://copr.fedorainfracloud.org/coprs/plautrba/selinux-SELinu
xProject/

This is based on pure upstream sources and without Python 3.


Currently I run copr builds manually but the plan is to make it
fully automated.


Let me know if you find it useful or if you have ideas, comments
and so on.


[1] https://gitlab.com/bachradsusi/selinux-rpm/blob/master/selinu
x.spec


Thanks,

Petr


--
Key fingerprint = 5F4D 3CDB D3F8 3652 FBD8  02D5 3B6C 5F1D 2C7B
6B02
https://sks-keyservers.net/pks/lookup?op=get=0x3B6C5F1D2C7B6
B02
Dominick Grift

Re: Fedora COPR repositories with builds of latest code

2017-05-24 Thread Dominick Grift

On Wed, May 24, 2017 at 04:40:55PM -0400, Stephen Smalley wrote:
> On Wed, 2017-05-24 at 16:53 +0200, Dominick Grift wrote:
> > On Wed, May 24, 2017 at 04:33:16PM +0200, Dominick Grift wrote:
> > > On Wed, May 24, 2017 at 04:22:08PM +0200, Petr Lautrbach wrote:
> > > > For the motivation see
> > > > https://marc.info/?l=selinux=149435307518336=2
> > > 
> > > Thanks! I enabled the one with Fedora patches because i need
> > > python3 support for setools4
> > > 
> > > This should allow me to enable extended_socket_class functionality
> > > and test it.
> > > 
> > > I hope this repository will be maintained consistently so that it
> > > can be useful
> > 
> > I just enabled the extended_socket_class capability and in seinfo --
> > polcap -x it currently shows up as "redhat1":
> > 
> > # seinfo --polcap -x
> > 
> > Polcap: 3
> >    policycap network_peer_controls;
> >    policycap open_perms;
> >    policycap redhat1;
> > 
> > I know the redhat1 polcap is re-used but not sure if this expected to
> > return like that...
> 
> Maybe setools4 hasn't been rebuilt to use the updated libsepol, or has
> its own internal table of the policy capability string names?

thanks , yes thats the case (former)

> 
> > 
> > > 
> > > > 
> > > > I've restarted building of Fedora packages based on latest
> > > > SELinux userspace code in Fedora COPR. Packages are built using
> > > > the https://gitlab.com/bachradsusi/selinux-rpm project.
> > > > 
> > > > There is a new selinux.spec [1] file which allows to build all
> > > > Fedora packages from one src.rpm and Makefile which makes the
> > > > process simple.
> > > > 
> > > > Currently there are two COPR projects:
> > > > 
> > > > * https://copr.fedorainfracloud.org/coprs/plautrba/selinux-fedora
> > > > /
> > > > 
> > > > This is built with Python3 support based on Fedora patches which
> > > > are rebased against latest upstream code.
> > > > 
> > > > 
> > > > * https://copr.fedorainfracloud.org/coprs/plautrba/selinux-SELinu
> > > > xProject/
> > > > 
> > > > This is based on pure upstream sources and without Python 3.
> > > > 
> > > > 
> > > > Currently I run copr builds manually but the plan is to make it
> > > > fully automated.
> > > > 
> > > > 
> > > > Let me know if you find it useful or if you have ideas, comments
> > > > and so on.
> > > > 
> > > > 
> > > > [1] https://gitlab.com/bachradsusi/selinux-rpm/blob/master/selinu
> > > > x.spec
> > > > 
> > > > 
> > > > Thanks,
> > > > 
> > > > Petr
> > > 
> > > -- 
> > > Key fingerprint = 5F4D 3CDB D3F8 3652 FBD8  02D5 3B6C 5F1D 2C7B
> > > 6B02
> > > https://sks-keyservers.net/pks/lookup?op=get=0x3B6C5F1D2C7B6
> > > B02
> > > Dominick Grift
> > 
> > 
> > 

-- 
Key fingerprint = 5F4D 3CDB D3F8 3652 FBD8  02D5 3B6C 5F1D 2C7B 6B02
https://sks-keyservers.net/pks/lookup?op=get=0x3B6C5F1D2C7B6B02
Dominick Grift


signature.asc
Description: PGP signature

Re: Fedora COPR repositories with builds of latest code

2017-05-24 Thread Stephen Smalley

On Wed, 2017-05-24 at 16:53 +0200, Dominick Grift wrote:
> On Wed, May 24, 2017 at 04:33:16PM +0200, Dominick Grift wrote:
> > On Wed, May 24, 2017 at 04:22:08PM +0200, Petr Lautrbach wrote:
> > > For the motivation see
> > > https://marc.info/?l=selinux=149435307518336=2
> > 
> > Thanks! I enabled the one with Fedora patches because i need
> > python3 support for setools4
> > 
> > This should allow me to enable extended_socket_class functionality
> > and test it.
> > 
> > I hope this repository will be maintained consistently so that it
> > can be useful
> 
> I just enabled the extended_socket_class capability and in seinfo --
> polcap -x it currently shows up as "redhat1":
> 
> # seinfo --polcap -x
> 
> Polcap: 3
>    policycap network_peer_controls;
>    policycap open_perms;
>    policycap redhat1;
> 
> I know the redhat1 polcap is re-used but not sure if this expected to
> return like that...

Maybe setools4 hasn't been rebuilt to use the updated libsepol, or has
its own internal table of the policy capability string names?

> 
> > 
> > > 
> > > I've restarted building of Fedora packages based on latest
> > > SELinux userspace code in Fedora COPR. Packages are built using
> > > the https://gitlab.com/bachradsusi/selinux-rpm project.
> > > 
> > > There is a new selinux.spec [1] file which allows to build all
> > > Fedora packages from one src.rpm and Makefile which makes the
> > > process simple.
> > > 
> > > Currently there are two COPR projects:
> > > 
> > > * https://copr.fedorainfracloud.org/coprs/plautrba/selinux-fedora
> > > /
> > > 
> > > This is built with Python3 support based on Fedora patches which
> > > are rebased against latest upstream code.
> > > 
> > > 
> > > * https://copr.fedorainfracloud.org/coprs/plautrba/selinux-SELinu
> > > xProject/
> > > 
> > > This is based on pure upstream sources and without Python 3.
> > > 
> > > 
> > > Currently I run copr builds manually but the plan is to make it
> > > fully automated.
> > > 
> > > 
> > > Let me know if you find it useful or if you have ideas, comments
> > > and so on.
> > > 
> > > 
> > > [1] https://gitlab.com/bachradsusi/selinux-rpm/blob/master/selinu
> > > x.spec
> > > 
> > > 
> > > Thanks,
> > > 
> > > Petr
> > 
> > -- 
> > Key fingerprint = 5F4D 3CDB D3F8 3652 FBD8  02D5 3B6C 5F1D 2C7B
> > 6B02
> > https://sks-keyservers.net/pks/lookup?op=get=0x3B6C5F1D2C7B6
> > B02
> > Dominick Grift
> 
> 
>

Re: Fedora COPR repositories with builds of latest code

2017-05-24 Thread Dominick Grift

On Wed, May 24, 2017 at 04:33:16PM +0200, Dominick Grift wrote:
> On Wed, May 24, 2017 at 04:22:08PM +0200, Petr Lautrbach wrote:
> > For the motivation see
> > https://marc.info/?l=selinux=149435307518336=2
> 
> Thanks! I enabled the one with Fedora patches because i need python3 support 
> for setools4
> 
> This should allow me to enable extended_socket_class functionality and test 
> it.
> 
> I hope this repository will be maintained consistently so that it can be 
> useful

I just enabled the extended_socket_class capability and in seinfo --polcap -x 
it currently shows up as "redhat1":

# seinfo --polcap -x

Polcap: 3
   policycap network_peer_controls;
   policycap open_perms;
   policycap redhat1;

I know the redhat1 polcap is re-used but not sure if this expected to return 
like that...

> 
> > 
> > I've restarted building of Fedora packages based on latest
> > SELinux userspace code in Fedora COPR. Packages are built using
> > the https://gitlab.com/bachradsusi/selinux-rpm project.
> > 
> > There is a new selinux.spec [1] file which allows to build all
> > Fedora packages from one src.rpm and Makefile which makes the
> > process simple.
> > 
> > Currently there are two COPR projects:
> > 
> > * https://copr.fedorainfracloud.org/coprs/plautrba/selinux-fedora/
> > 
> > This is built with Python3 support based on Fedora patches which
> > are rebased against latest upstream code.
> > 
> > 
> > * https://copr.fedorainfracloud.org/coprs/plautrba/selinux-SELinuxProject/
> > 
> > This is based on pure upstream sources and without Python 3.
> > 
> > 
> > Currently I run copr builds manually but the plan is to make it
> > fully automated.
> > 
> > 
> > Let me know if you find it useful or if you have ideas, comments and so on.
> > 
> > 
> > [1] https://gitlab.com/bachradsusi/selinux-rpm/blob/master/selinux.spec
> > 
> > 
> > Thanks,
> > 
> > Petr
> 
> -- 
> Key fingerprint = 5F4D 3CDB D3F8 3652 FBD8  02D5 3B6C 5F1D 2C7B 6B02
> https://sks-keyservers.net/pks/lookup?op=get=0x3B6C5F1D2C7B6B02
> Dominick Grift



-- 
Key fingerprint = 5F4D 3CDB D3F8 3652 FBD8  02D5 3B6C 5F1D 2C7B 6B02
https://sks-keyservers.net/pks/lookup?op=get=0x3B6C5F1D2C7B6B02
Dominick Grift


signature.asc
Description: PGP signature

Re: Fedora COPR repositories with builds of latest code

2017-05-24 Thread Paul Moore

On Wed, May 24, 2017 at 10:22 AM, Petr Lautrbach  wrote:
> For the motivation see
> https://marc.info/?l=selinux=149435307518336=2
>
> I've restarted building of Fedora packages based on latest SELinux userspace
> code in Fedora COPR. Packages are built using the
> https://gitlab.com/bachradsusi/selinux-rpm project.
>
> There is a new selinux.spec [1] file which allows to build all Fedora
> packages from one src.rpm and Makefile which makes the process simple.
>
> Currently there are two COPR projects:
>
> * https://copr.fedorainfracloud.org/coprs/plautrba/selinux-fedora/
>
> This is built with Python3 support based on Fedora patches which are rebased
> against latest upstream code.

Thanks Petr!

FWIW, I've been using the plautrba/selinux-fedora COPR on my test
system for the past ~week and it has been working well.

-- 
paul moore
www.paul-moore.com

Re: Fedora COPR repositories with builds of latest code

2017-05-24 Thread Dominick Grift

On Wed, May 24, 2017 at 04:22:08PM +0200, Petr Lautrbach wrote:
> For the motivation see
> https://marc.info/?l=selinux=149435307518336=2

Thanks! I enabled the one with Fedora patches because i need python3 support 
for setools4

This should allow me to enable extended_socket_class functionality and test it.

I hope this repository will be maintained consistently so that it can be useful

> 
> I've restarted building of Fedora packages based on latest
> SELinux userspace code in Fedora COPR. Packages are built using
> the https://gitlab.com/bachradsusi/selinux-rpm project.
> 
> There is a new selinux.spec [1] file which allows to build all
> Fedora packages from one src.rpm and Makefile which makes the
> process simple.
> 
> Currently there are two COPR projects:
> 
> * https://copr.fedorainfracloud.org/coprs/plautrba/selinux-fedora/
> 
> This is built with Python3 support based on Fedora patches which
> are rebased against latest upstream code.
> 
> 
> * https://copr.fedorainfracloud.org/coprs/plautrba/selinux-SELinuxProject/
> 
> This is based on pure upstream sources and without Python 3.
> 
> 
> Currently I run copr builds manually but the plan is to make it
> fully automated.
> 
> 
> Let me know if you find it useful or if you have ideas, comments and so on.
> 
> 
> [1] https://gitlab.com/bachradsusi/selinux-rpm/blob/master/selinux.spec
> 
> 
> Thanks,
> 
> Petr

-- 
Key fingerprint = 5F4D 3CDB D3F8 3652 FBD8  02D5 3B6C 5F1D 2C7B 6B02
https://sks-keyservers.net/pks/lookup?op=get=0x3B6C5F1D2C7B6B02
Dominick Grift


signature.asc
Description: PGP signature

Fedora COPR repositories with builds of latest code

2017-05-24 Thread Petr Lautrbach


For the motivation see
https://marc.info/?l=selinux=149435307518336=2

I've restarted building of Fedora packages based on latest SELinux 
userspace code in Fedora COPR. Packages are built using the 
https://gitlab.com/bachradsusi/selinux-rpm project.


There is a new selinux.spec [1] file which allows to build all Fedora 
packages from one src.rpm and Makefile which makes the process simple.


Currently there are two COPR projects:

* https://copr.fedorainfracloud.org/coprs/plautrba/selinux-fedora/

This is built with Python3 support based on Fedora patches which are 
rebased against latest upstream code.



* https://copr.fedorainfracloud.org/coprs/plautrba/selinux-SELinuxProject/

This is based on pure upstream sources and without Python 3.


Currently I run copr builds manually but the plan is to make it fully 
automated.



Let me know if you find it useful or if you have ideas, comments and so on.


[1] https://gitlab.com/bachradsusi/selinux-rpm/blob/master/selinux.spec


Thanks,

Petr

Re: Fedora COPR repositories with builds of latest code

Re: Fedora COPR repositories with builds of latest code

Re: Fedora COPR repositories with builds of latest code

Re: Fedora COPR repositories with builds of latest code

Re: Fedora COPR repositories with builds of latest code

Re: Fedora COPR repositories with builds of latest code

Re: Fedora COPR repositories with builds of latest code

Fedora COPR repositories with builds of latest code

8 matches

Site Navigation

Mail list logo

Footer information