packages/openvswitch
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

!10 Remove unsupported permission names

Browse Source 
From: @jpzhang187
Reviewed-by: @lilijun606,@lilijun606
Signed-off-by: @lilijun606,@lilijun606
This commit is contained in:
openeuler-ci-bot 2020-09-11 09:14:47 +08:00 committed by Gitee
commit 45f3d1eac4
2 changed files with 20 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

15
0002-Remove-unsupported-permission-names.patch Normal file
View File

@ -0,0 +1,15 @@
diff --git a/selinux/openvswitch-custom.te.in b/selinux/openvswitch-custom.te.in
index 2adaf23..b2c63ab 100644
--- a/selinux/openvswitch-custom.te.in
+++ b/selinux/openvswitch-custom.te.in
@@ -78,8 +78,8 @@ domtrans_pattern(openvswitch_t, openvswitch_load_module_exec_t, openvswitch_load
#============= openvswitch_t ==============
allow openvswitch_t self:capability { dac_override audit_write net_broadcast net_raw };
-allow openvswitch_t self:netlink_audit_socket { create nlmsg_relay audit_write read write };
-allow openvswitch_t self:netlink_netfilter_socket { create nlmsg_relay audit_write read write };
+allow openvswitch_t self:netlink_audit_socket { create nlmsg_relay read write };
+allow openvswitch_t self:netlink_netfilter_socket { create read write };
@begin_dpdk@
allow openvswitch_t self:netlink_rdma_socket { setopt bind create };
@end_dpdk@

6
openvswitch.spec
View File

@ -3,11 +3,12 @@ Summary: Production Quality, Multilayer Open Virtual Switch
URL: http://www.openvswitch.org/ URL: http://www.openvswitch.org/
Version: 2.12.0 Version: 2.12.0
License: ASL 2.0 License: ASL 2.0
Release: 7 Release: 8
Source: https://www.openvswitch.org/releases/openvswitch-%{version}.tar.gz Source: https://www.openvswitch.org/releases/openvswitch-%{version}.tar.gz
Buildroot: /tmp/openvswitch-rpm Buildroot: /tmp/openvswitch-rpm
Patch0000: 0000-openvswitch-add-stack-protector-strong.patch Patch0000: 0000-openvswitch-add-stack-protector-strong.patch
Patch0001: 0001-fix-dict-change-during-iteration.patch Patch0001: 0001-fix-dict-change-during-iteration.patch
Patch0002: 0002-Remove-unsupported-permission-names.patch
Requires: logrotate hostname python >= 3.8 python3-six selinux-policy-targeted Requires: logrotate hostname python >= 3.8 python3-six selinux-policy-targeted
BuildRequires: python3-six, openssl-devel checkpolicy selinux-policy-devel autoconf automake libtool python-sphinx unbound-devel BuildRequires: python3-six, openssl-devel checkpolicy selinux-policy-devel autoconf automake libtool python-sphinx unbound-devel
Provides: openvswitch-selinux-policy = %{version}-%{release} Provides: openvswitch-selinux-policy = %{version}-%{release}
@ -195,6 +196,9 @@ exit 0
%doc README.rst NEWS rhel/README.RHEL.rst %doc README.rst NEWS rhel/README.RHEL.rst
%changelog %changelog
* Wed Sep 09 2020 zhangjiapeng <zhangjiapeng9@huawei.com> - 2.12.0-8
- Remove unsupported permission names
* Tue Sep 01 2020 zhangjiapeng <zhangjiapeng9@huawei.com> - 2.12.0-7 * Tue Sep 01 2020 zhangjiapeng <zhangjiapeng9@huawei.com> - 2.12.0-7
- Add openvswitch-kmod package - Add openvswitch-kmod package