[opensuse-factory] Tumbleweed - Review of the week 2020/41
Dear Tumbleweed users and hackers, After a lengthy integration period, we have finally merged glibc 2.32 during week 41. Of course, this is not all that happened in the 4 published snapshots (1002, 1004, 1005, and 1007). The most noteworthy changes were: * systemd 246.6 * virt-manager 3.1.0 * Mozilla Thunderbird 78.3.1 * Linux kernel 5.8.12 * glibc 2.32 * SELinux 3.1 * bison 3.7.2 * gettext 0.21 With these changes merged, a bit of the backlog has been worked off and the staging projects are a bit relaxed – but not for long: new changes are already in the pipeline. Currently, these things are being worked on: * Mozilla Firefox 81.0.1 * GNOME 3.36.7 (short-term) * GNOME 3.38.1 (we still lack mozjs78) * Mesa 20.2 (Some transparency loss needs to be investigated on Plasma) * openssl 1.1.1h (1 build fail left, neon (gh#notroj/neon#38) * KDE Plasma 5.20 (currently beta being tested) * openssl 3.0 (long-term; no progress in the last few weeks) * RPM 4.16: quite a bit of build failures detected in the first run. A typical error seen is `%if %_lib == lib64` no longer being valid. Bareword comparison is being blocked and the values need to be quoted. Cheers, Dominique
Am Freitag, 9. Oktober 2020, 15:10:43 CEST schrieb Dominique Leuenberger / DimStar:
Dear Tumbleweed users and hackers,
[...]
With these changes merged, a bit of the backlog has been worked off and the staging projects are a bit relaxed – but not for long: new changes are already in the pipeline. Currently, these things are being worked on:
Dominique, what happened to the already announced binutils 2.35? Cheers, Pete -- To unsubscribe, e-mail: opensuse-factory+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-factory+owner@opensuse.org
On Fri, 2020-10-09 at 15:57 +0200, Hans-Peter Jansen wrote:
Am Freitag, 9. Oktober 2020, 15:10:43 CEST schrieb Dominique Leuenberger / DimStar:
Dear Tumbleweed users and hackers,
[...]
With these changes merged, a bit of the backlog has been worked off and the staging projects are a bit relaxed – but not for long: new changes are already in the pipeline. Currently, these things are being worked on:
Dominique, what happened to the already announced binutils 2.35?
That is currently on the backlog, not even in a staging project. There are some issues with how qtwebengine (IIRC) interacted with it and this lead to quite some fun errors. Fabian and Martin have been investigating this. Cheers, Dominique
Hi, On Fri, Oct 09, Dominique Leuenberger / DimStar wrote:
* SELinux 3.1
While this sounds like a minor (3.0 -> 3.1) update of SELinux, Dominique forgot to write something really important: the selinux-policy is back! If somebody is interested in continuing/helping to cleanup the SELinux packages, write testcases for SELinux in openQA, that no update breaks this, etc. You are welcome! Thorsten -- Thorsten Kukuk, Distinguished Engineer, Senior Architect SLES & MicroOS SUSE Software Solutions Germany GmbH, Maxfeldstr. 5, 90409 Nuernberg, Germany Managing Director: Felix Imendoerffer (HRB 36809, AG Nürnberg) -- To unsubscribe, e-mail: opensuse-factory+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-factory+owner@opensuse.org
Hi Thorsten, Thorsten Kukuk <kukuk@suse.de> writes:
Hi,
On Fri, Oct 09, Dominique Leuenberger / DimStar wrote:
* SELinux 3.1
While this sounds like a minor (3.0 -> 3.1) update of SELinux, Dominique forgot to write something really important: the selinux-policy is back!
If somebody is interested in continuing/helping to cleanup the SELinux packages, write testcases for SELinux in openQA, that no update breaks this, etc.
Do you know a good intro to SELinux? I have some experience with openQA and would like to contribute test cases, but lack any relevant SELinux knowledge. Or do you have some ideas for test cases? Cheers, Dan -- Dan Čermák <dcermak@suse.com> Software Engineer Development tools SUSE Software Solutions Germany GmbH Maxfeldstr. 5 90409 Nuremberg Germany (HRB 36809, AG Nürnberg) Managing Director: Felix Imendörffer
On Fri, Oct 9, 2020 at 10:07 AM Dan Čermák <dcermak@suse.com> wrote:
Hi Thorsten,
Thorsten Kukuk <kukuk@suse.de> writes:
Hi,
On Fri, Oct 09, Dominique Leuenberger / DimStar wrote:
* SELinux 3.1
While this sounds like a minor (3.0 -> 3.1) update of SELinux, Dominique forgot to write something really important: the selinux-policy is back!
If somebody is interested in continuing/helping to cleanup the SELinux packages, write testcases for SELinux in openQA, that no update breaks this, etc.
Do you know a good intro to SELinux? I have some experience with openQA and would like to contribute test cases, but lack any relevant SELinux knowledge.
There's some good intro videos here: * SUSECON 2014 SELinux talk: https://www.youtube.com/watch?v=pJGBZJscAms * RH Summit 2018 SELinux for mere mortals talk: https://www.youtube.com/watch?v=_WOKRaM-HI4 * RH Summit 2018 SELinux production deployment talk: https://www.youtube.com/watch?v=nv3b6eZskeA Here's some text tutorials: * DigitalOcean tutorial on SELinux concepts: https://www.digitalocean.com/community/tutorial_series/an-introduction-to-se... * SELinux in easy language tutorial: https://www.computernetworkingnotes.com/rhce-study-guide/selinux-explained-w... Red Hat also has a decent doc on it: https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/htm... -- 真実はいつも一つ!/ Always, there's only one truth! -- To unsubscribe, e-mail: opensuse-factory+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-factory+owner@opensuse.org
Hi Dan, On Fri, Oct 09, Dan Čermák wrote:
Hi Thorsten,
Thorsten Kukuk <kukuk@suse.de> writes:
Hi,
On Fri, Oct 09, Dominique Leuenberger / DimStar wrote:
* SELinux 3.1
While this sounds like a minor (3.0 -> 3.1) update of SELinux, Dominique forgot to write something really important: the selinux-policy is back!
If somebody is interested in continuing/helping to cleanup the SELinux packages, write testcases for SELinux in openQA, that no update breaks this, etc.
Do you know a good intro to SELinux? I have some experience with openQA and would like to contribute test cases, but lack any relevant SELinux knowledge.
Or do you have some ideas for test cases?
If I remember correct there should be some openQA tests already coming from SLE, a good start would be to rework this so that only the packages from the distribution and not some devel projects are used. Else the most important steps to test on Tumbleweed are: - Install selinux-policy-targed - Boot with SELinux enabled in enforced mode - You should be able to login and there should be no denied actions If we have SELinux support in transactional-update/MicroOS installer, the next level would be: - Start a busybox container with two volumes mounted: - one the container is allowed to access - one the container is not allowed to access In the first case, you should be able to read a file from inside the container, in the second case you should get a permission denied. Thorsten -- Thorsten Kukuk, Distinguished Engineer, Senior Architect SLES & MicroOS SUSE Software Solutions Germany GmbH, Maxfeldstr. 5, 90409 Nuernberg, Germany Managing Director: Felix Imendoerffer (HRB 36809, AG Nürnberg) -- To unsubscribe, e-mail: opensuse-factory+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-factory+owner@opensuse.org
participants (5)
-
Dan Čermák -
Dominique Leuenberger / DimStar -
Hans-Peter Jansen -
Neal Gompa -
Thorsten Kukuk