Hello community, here is the log from the commit of package transactional-update for openSUSE:Factory checked in at 2020-11-02 09:40:51 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/transactional-update (Old) and /work/SRC/openSUSE:Factory/.transactional-update.new.3463 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Package is "transactional-update" Mon Nov 2 09:40:51 2020 rev:64 rq:844985 version:2.28.2 Changes: -------- --- /work/SRC/openSUSE:Factory/transactional-update/transactional-update.changes 2020-10-26 16:12:55.950750426 +0100 +++ /work/SRC/openSUSE:Factory/.transactional-update.new.3463/transactional-update.changes 2020-11-02 09:40:57.469642423 +0100 @@ -1,0 +2,13 @@ +Fri Oct 30 08:45:46 UTC 2020 - Ignaz Forster <iforster@suse.com> + +- Version 2.28.2 + - SELinux: Exclude security.selinux attribute from rsyncing (again) + +------------------------------------------------------------------- +Thu Oct 29 15:05:24 UTC 2020 - Ignaz Forster <iforster@suse.com> + +- Version 2.28.1 + - SELinux: Fixed changing the wrong grub configuration file + - SELinux: Move /.autorelabel file to writeable location + +------------------------------------------------------------------- Old: ---- transactional-update-2.28.tar.gz New: ---- transactional-update-2.28.2.tar.gz ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ transactional-update.spec ++++++ --- /var/tmp/diff_new_pack.Pimwt9/_old 2020-11-02 09:40:58.085643013 +0100 +++ /var/tmp/diff_new_pack.Pimwt9/_new 2020-11-02 09:40:58.089643017 +0100 @@ -17,7 +17,7 @@ Name: transactional-update -Version: 2.28 +Version: 2.28.2 Release: 0 Summary: Transactional Updates with btrfs and snapshots License: GPL-2.0-or-later ++++++ transactional-update-2.28.tar.gz -> transactional-update-2.28.2.tar.gz ++++++ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/transactional-update-2.28/NEWS new/transactional-update-2.28.2/NEWS --- old/transactional-update-2.28/NEWS 2020-10-22 14:18:21.000000000 +0200 +++ new/transactional-update-2.28.2/NEWS 2020-10-30 09:44:34.000000000 +0100 @@ -2,6 +2,13 @@ Copyright (C) 2016-2020 Thorsten Kukuk, Ignaz Forster et al. +Version 2.28.2 +* SELinux: Exclude security.selinux attribute from rsyncing (again) + +Version 2.28.1 +* SELinux: Fixed changing the wrong grub configuration file +* SELinux: Move /.autorelabel file to writeable location + Version 2.28 * Add 'setup-selinux' command for easy setup of a SELinux system * Allow complex commands for the 'run' command diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/transactional-update-2.28/configure.ac new/transactional-update-2.28.2/configure.ac --- old/transactional-update-2.28/configure.ac 2020-10-22 14:18:21.000000000 +0200 +++ new/transactional-update-2.28.2/configure.ac 2020-10-30 09:44:34.000000000 +0100 @@ -1,5 +1,5 @@ dnl Process this file with autoconf to produce a configure script. -AC_INIT(transactional-update, 2.28) +AC_INIT(transactional-update, 2.28.2) AM_INIT_AUTOMAKE AC_PREFIX_DEFAULT(/usr) diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/transactional-update-2.28/sbin/transactional-update.in new/transactional-update-2.28.2/sbin/transactional-update.in --- old/transactional-update-2.28/sbin/transactional-update.in 2020-10-22 14:18:21.000000000 +0200 +++ new/transactional-update-2.28.2/sbin/transactional-update.in 2020-10-30 09:44:34.000000000 +0100 @@ -301,7 +301,7 @@ # /etc may do so. Changes in /etc may be applied immediately, # so merge them back into the running system. log_info "Merging overlay directory ${SNAPSHOT_DIR}/etc into /etc..." - rsync --archive --inplace --xattrs --acls --exclude 'fstab' --delete --quiet "${SNAPSHOT_DIR}/etc/" /etc + rsync --archive --inplace --xattrs --filter='-x security.selinux' --acls --exclude 'fstab' --delete --quiet "${SNAPSHOT_DIR}/etc/" /etc quit 0 fi @@ -511,7 +511,7 @@ quit 1 fi - rsync --archive --inplace --xattrs --acls --delete --quiet "${ETC_OVERLAY_DIR}" "$2" + rsync --archive --inplace --xattrs --filter='-x security.selinux' --acls --delete --quiet "${ETC_OVERLAY_DIR}" "$2" if [ $? -ne 0 ]; then log_error "ERROR: syncing $1 into snapshot $2 failed!" quit 1 @@ -1350,7 +1350,7 @@ # Check if we don't have selinux already enabled. grep ^GRUB_CMDLINE_LINUX_DEFAULT /etc/default/grub | grep -q security=selinux || \ - sed -i -e 's|\(^GRUB_CMDLINE_LINUX_DEFAULT=.*\)"|\1 security=selinux selinux=1"|g' /etc/default/grub + sed -i -e 's|\(^GRUB_CMDLINE_LINUX_DEFAULT=.*\)"|\1 security=selinux selinux=1"|g' "${MOUNT_DIR}/etc/default/grub" REWRITE_GRUB_CFG=1 if [ ! -e "${MOUNT_DIR}/etc/selinux/config" ]; then @@ -1361,6 +1361,9 @@ sed -i -e 's|^SELINUX=.*|SELINUX=enforcing|g' \ -e 's|^SELINUXTYPE=.*|SELINUXTYPE=targeted|g' \ "${MOUNT_DIR}/etc/selinux/config" + + # Move an /.autorelabel file from initial installation to writeable location + test -f ${MOUNT_DIR}/.autorelabel && mv ${MOUNT_DIR}/.autorelabel ${MOUNT_DIR}/etc/selinux/.autorelabel fi if [ ${REWRITE_INITRD} -eq 1 ]; then