diff options
| author | Nicolas Iooss | 2022-12-17 12:51:33 +0100 |
|---|---|---|
| committer | Nicolas Iooss | 2022-12-17 12:51:33 +0100 |
| commit | 74e452b3b7f8e0bae6f37bcbc8da13aa95ed9285 (patch) | |
| tree | 1eaceeaf6522585f6db3db3505985045a1ae2a67 | |
| parent | ff8b5ca28d1170f6824427faaf793cd9e8b7cceb (diff) | |
| download | aur-74e452b3b7f8e0bae6f37bcbc8da13aa95ed9285.tar.gz | |
systemd-selinux 252.3-1 update
| -rw-r--r-- | .SRCINFO | 31 | ||||
| -rw-r--r-- | 0001-Use-Arch-Linux-device-access-groups.patch | 65 | ||||
| -rw-r--r-- | PKGBUILD | 16 |
3 files changed, 61 insertions, 51 deletions
@@ -1,6 +1,6 @@ pkgbase = systemd-selinux - pkgver = 251.7 - pkgrel = 4 + pkgver = 252.3 + pkgrel = 1 url = https://www.github.com/systemd/systemd arch = x86_64 arch = aarch64 @@ -42,10 +42,14 @@ pkgbase = systemd-selinux makedepends = libfido2 makedepends = tpm2-tss makedepends = rsync + makedepends = bpf + makedepends = libbpf + makedepends = clang + makedepends = llvm makedepends = libselinux options = strip - source = git+https://github.com/systemd/systemd-stable#tag=7442d25a54b6dd494299b3a932b28953f4e67b21?signed - source = git+https://github.com/systemd/systemd#tag=v251?signed + source = git+https://github.com/systemd/systemd-stable#tag=7a49e0d47977f67e44036b0eca12e6028261a1cb?signed + source = git+https://github.com/systemd/systemd#tag=v252?signed source = 0001-Use-Arch-Linux-device-access-groups.patch source = initcpio-hook-udev source = initcpio-install-systemd @@ -70,7 +74,7 @@ pkgbase = systemd-selinux validpgpkeys = 5C251B5FC54EB2F80F407AAAC54CA336CFEB557E sha512sums = SKIP sha512sums = SKIP - sha512sums = cc0c2ffb5f7c3a7176cd68f3dddd85ca000dcc4cdf3044746a20147234adb6811800fd28a4713faa6a59bf8c02be9fd43c2d6aa6695fd1dbf03ae773a91d090c + sha512sums = 3ccf783c28f7a1c857120abac4002ca91ae1f92205dcd5a84aff515d57e706a3f9240d75a0a67cff5085716885e06e62597baa86897f298662ec36a940cf410e sha512sums = f0d933e8c6064ed830dec54049b0a01e27be87203208f6ae982f10fb4eddc7258cb2919d594cbfb9a33e74c3510cfd682f3416ba8e804387ab87d1a217eb4b73 sha512sums = aeefb607471cffb5ed4c3d9f36dc0954a9a08cee4b7b4ff55468b561e089e3d8448398906a7df328049ba51b712e4d50698b96bc152bdb03a35ce39c3f51a7cb sha512sums = a8c7e4a2cc9c9987e3c957a1fc3afe8281f2281fffd2e890913dcf00cf704024fb80d86cb75f9314b99b0e03bac275b22de93307bfc226d8be9435497e95b7e6 @@ -134,12 +138,13 @@ pkgname = systemd-selinux optdepends = systemd-sysvcompat: symlink package to provide sysvinit binaries optdepends = polkit: allow administration as unprivileged user optdepends = curl: machinectl pull-tar and pull-raw + optdepends = libbpf: support BPF programs optdepends = libfido2: unlocking LUKS2 volumes with FIDO2 token optdepends = tpm2-tss: unlocking LUKS2 volumes with TPM2 provides = nss-myhostname - provides = systemd-tools=251.7 - provides = udev=251.7 - provides = systemd=251.7-4 + provides = systemd-tools=252.3 + provides = udev=252.3 + provides = systemd=252.3-1 conflicts = nss-myhostname conflicts = systemd-tools conflicts = udev @@ -177,7 +182,7 @@ pkgname = systemd-libs-selinux provides = libsystemd.so provides = libudev.so provides = libsystemd-selinux - provides = systemd-libs=251.7-4 + provides = systemd-libs=252.3-1 conflicts = libsystemd conflicts = libsystemd-selinux conflicts = systemd-libs @@ -189,16 +194,16 @@ pkgname = systemd-resolvconf-selinux depends = systemd-selinux provides = openresolv provides = resolvconf - provides = systemd-resolvconf=251.7-4 + provides = systemd-resolvconf=252.3-1 conflicts = openresolv - conflicts = systemd-resolvconf=251.7-4 + conflicts = systemd-resolvconf=252.3-1 pkgname = systemd-sysvcompat-selinux pkgdesc = sysvinit compat for systemd with SELinux support license = GPL2 depends = systemd-selinux - provides = systemd-sysvcompat=251.7-4 - provides = selinux-systemd-sysvcompat=251.7-4 + provides = systemd-sysvcompat=252.3-1 + provides = selinux-systemd-sysvcompat=252.3-1 conflicts = sysvinit conflicts = systemd-sysvcompat conflicts = selinux-systemd-sysvcompat diff --git a/0001-Use-Arch-Linux-device-access-groups.patch b/0001-Use-Arch-Linux-device-access-groups.patch index 6f7dd4a18a60..d88486575209 100644 --- a/0001-Use-Arch-Linux-device-access-groups.patch +++ b/0001-Use-Arch-Linux-device-access-groups.patch @@ -1,7 +1,10 @@ -From f7d07e298c819a81eab965efbdbf53a2ce67fc0e Mon Sep 17 00:00:00 2001 +From 0e8c18bc2639da328274d02d9222ee2c1f6bf696 Mon Sep 17 00:00:00 2001 From: "Jan Alexander Steffens (heftig)" <jan.steffens@gmail.com> Date: Tue, 6 Mar 2018 23:39:47 +0100 Subject: [PATCH] Use Arch Linux' device access groups +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit cdrom → optical dialout → uucp @@ -14,10 +17,10 @@ Subject: [PATCH] Use Arch Linux' device access groups 4 files changed, 19 insertions(+), 19 deletions(-) diff --git a/meson.build b/meson.build -index 32e5413a62..f781e06fed 100644 +index 76ad51d3fb..5cf679b088 100644 --- a/meson.build +++ b/meson.build -@@ -796,19 +796,19 @@ conf.set_quoted('NOBODY_GROUP_NAME', nobody_group) +@@ -915,19 +915,19 @@ conf.set_quoted('NOBODY_GROUP_NAME', nobody_group) static_ugids = [] foreach option : ['adm-gid', 'audio-gid', @@ -41,50 +44,50 @@ index 32e5413a62..f781e06fed 100644 'wheel-gid', 'systemd-journal-gid', diff --git a/meson_options.txt b/meson_options.txt -index 5048de755d..676e5e2e0d 100644 +index 814f340840..253a77ecb3 100644 --- a/meson_options.txt +++ b/meson_options.txt -@@ -235,10 +235,6 @@ option('adm-gid', type : 'integer', value : '-1', +@@ -257,10 +257,6 @@ option('adm-gid', type : 'integer', value : 0, description : 'soft-static allocation for the "adm" group') - option('audio-gid', type : 'integer', value : '-1', + option('audio-gid', type : 'integer', value : 0, description : 'soft-static allocation for the "audio" group') --option('cdrom-gid', type : 'integer', value : '-1', +-option('cdrom-gid', type : 'integer', value : 0, - description : 'soft-static allocation for the "cdrom" group') --option('dialout-gid', type : 'integer', value : '-1', +-option('dialout-gid', type : 'integer', value : 0, - description : 'soft-static allocation for the "dialout" group') - option('disk-gid', type : 'integer', value : '-1', + option('disk-gid', type : 'integer', value : 0, description : 'soft-static allocation for the "disk" group') - option('input-gid', type : 'integer', value : '-1', -@@ -249,18 +245,22 @@ option('kvm-gid', type : 'integer', value : '-1', + option('input-gid', type : 'integer', value : 0, +@@ -271,18 +267,22 @@ option('kvm-gid', type : 'integer', value : 0, description : 'soft-static allocation for the "kvm" group') - option('lp-gid', type : 'integer', value : '-1', + option('lp-gid', type : 'integer', value : 0, description : 'soft-static allocation for the "lp" group') -+option('optical-gid', type : 'integer', value : '-1', ++option('optical-gid', type : 'integer', value : '0', + description : 'soft-static allocation for the "optical" group') - option('render-gid', type : 'integer', value : '-1', + option('render-gid', type : 'integer', value : 0, description : 'soft-static allocation for the "render" group') - option('sgx-gid', type : 'integer', value : '-1', + option('sgx-gid', type : 'integer', value : 0, description : 'soft-static allocation for the "sgx" group') --option('tape-gid', type : 'integer', value : '-1', +-option('tape-gid', type : 'integer', value : 0, - description : 'soft-static allocation for the "tape" group') -+option('storage-gid', type : 'integer', value : '-1', ++option('storage-gid', type : 'integer', value : '0', + description : 'soft-static allocation for the "storage" group') option('tty-gid', type : 'integer', value : 5, description : 'the numeric GID of the "tty" group') - option('users-gid', type : 'integer', value : '-1', + option('users-gid', type : 'integer', value : 0, description : 'soft-static allocation for the "users" group') - option('utmp-gid', type : 'integer', value : '-1', + option('utmp-gid', type : 'integer', value : 0, description : 'soft-static allocation for the "utmp" group') -+option('uucp-gid', type : 'integer', value : '-1', ++option('uucp-gid', type : 'integer', value : '0', + description : 'soft-static allocation for the "uucp" group') - option('video-gid', type : 'integer', value : '-1', + option('video-gid', type : 'integer', value : 0, description : 'soft-static allocation for the "video" group') - option('wheel-gid', type : 'integer', value : '-1', + option('wheel-gid', type : 'integer', value : 0, diff --git a/rules.d/50-udev-default.rules.in b/rules.d/50-udev-default.rules.in -index 18a3cf46bf..f3c440fd89 100644 +index 843bdaf9ce..a192f091df 100644 --- a/rules.d/50-udev-default.rules.in +++ b/rules.d/50-udev-default.rules.in -@@ -22,7 +22,7 @@ SUBSYSTEM=="tty", KERNEL=="sclp_line[0-9]*", GROUP="tty", MODE="0620" +@@ -26,7 +26,7 @@ SUBSYSTEM=="tty", KERNEL=="sclp_line[0-9]*", GROUP="tty", MODE="0620" SUBSYSTEM=="tty", KERNEL=="ttysclp[0-9]*", GROUP="tty", MODE="0620" SUBSYSTEM=="tty", KERNEL=="3270/tty[0-9]*", GROUP="tty", MODE="0620" SUBSYSTEM=="vc", KERNEL=="vcs*|vcsa*", GROUP="tty" @@ -93,7 +96,7 @@ index 18a3cf46bf..f3c440fd89 100644 SUBSYSTEM=="mem", KERNEL=="mem|kmem|port", GROUP="kmem", MODE="0640" -@@ -67,13 +67,13 @@ KERNEL=="irlpt[0-9]*", GROUP="lp" +@@ -72,13 +72,13 @@ KERNEL=="irlpt[0-9]*", GROUP="lp" SUBSYSTEM=="usb", ENV{DEVTYPE}=="usb_device", ENV{ID_USB_INTERFACES}=="*:0701??:*", GROUP="lp" SUBSYSTEM=="block", GROUP="disk" @@ -114,10 +117,10 @@ index 18a3cf46bf..f3c440fd89 100644 KERNEL=="qft[0-9]*|nqft[0-9]*|zqft[0-9]*|nzqft[0-9]*|rawqft[0-9]*|nrawqft[0-9]*", GROUP="disk" KERNEL=="loop-control", GROUP="disk", OPTIONS+="static_node=loop-control" diff --git a/sysusers.d/basic.conf.in b/sysusers.d/basic.conf.in -index 8cc1a7cad2..21bb6d8948 100644 +index a602b872e4..8d38febb6a 100644 --- a/sysusers.d/basic.conf.in +++ b/sysusers.d/basic.conf.in -@@ -22,17 +22,17 @@ g utmp {{UTMP_GID }} - - +@@ -23,17 +23,17 @@ g utmp {{UTMP_GID }} - - # Physical and virtual hardware access groups g audio {{AUDIO_GID }} - - @@ -138,10 +141,12 @@ index 8cc1a7cad2..21bb6d8948 100644 g video {{VIDEO_GID }} - - # Default group for normal users -From 14de5ced41edc9fa8e380330c03adc89ef257fbc Mon Sep 17 00:00:00 2001 + +From 9e2987a7b4d09d7b554141e9ef2c911cb3fda570 Mon Sep 17 00:00:00 2001 From: Christian Hesse <mail@eworm.de> Date: Mon, 27 Dec 2021 23:32:42 +0100 Subject: [PATCH] generate tmpfiles.d/legacy.conf + --- tmpfiles.d/legacy.conf.in | 3 --- tmpfiles.d/meson.build | 2 +- @@ -162,10 +167,10 @@ index 4f2c0d7c43..62e2ae0986 100644 # /run/lock/subsys is used for serializing SysV service execution, and # hence without use on SysV-less systems. diff --git a/tmpfiles.d/meson.build b/tmpfiles.d/meson.build -index b8d3919025..000bd0bd22 100644 +index ca1abbf3fe..25e2b53402 100644 --- a/tmpfiles.d/meson.build +++ b/tmpfiles.d/meson.build -@@ -27,7 +27,7 @@ foreach pair : files +@@ -29,7 +29,7 @@ foreach pair : files endforeach in_files = [['etc.conf', ''], @@ -8,10 +8,10 @@ pkgbase=systemd-selinux pkgname=('systemd-selinux' 'systemd-libs-selinux' 'systemd-resolvconf-selinux' 'systemd-sysvcompat-selinux') -_tag='7442d25a54b6dd494299b3a932b28953f4e67b21' # git rev-parse v${_tag_name} -_tag_name=251.7 +_tag='7a49e0d47977f67e44036b0eca12e6028261a1cb' # git rev-parse v${_tag_name} +_tag_name=252.3 pkgver="${_tag_name/-/}" -pkgrel=4 +pkgrel=1 arch=('x86_64' 'aarch64') url='https://www.github.com/systemd/systemd' groups=('selinux') @@ -20,7 +20,8 @@ makedepends=('acl' 'cryptsetup' 'docbook-xsl' 'gperf' 'lz4' 'xz' 'pam-selinux' ' 'libmicrohttpd' 'libxcrypt' 'libxslt' 'util-linux' 'linux-api-headers' 'python-jinja' 'python-lxml' 'quota-tools' 'shadow-selinux' 'gnu-efi-libs' 'git' 'meson' 'libseccomp' 'pcre2' 'audit' 'kexec-tools' 'libxkbcommon' - 'bash-completion' 'p11-kit' 'systemd' 'libfido2' 'tpm2-tss' 'rsync' 'libselinux') + 'bash-completion' 'p11-kit' 'systemd' 'libfido2' 'tpm2-tss' 'rsync' + 'bpf' 'libbpf' 'clang' 'llvm' 'libselinux') options=('strip') validpgpkeys=('63CDA1E5D3FC22B998D20DD6327F26951A015CC4' # Lennart Poettering <lennart@poettering.net> 'A9EA9081724FFAE0484C35A1A81CEA22BC8C7E2E' # Luca Boccassi <luca.boccassi@gmail.com> @@ -48,7 +49,7 @@ source=("git+https://github.com/systemd/systemd-stable#tag=${_tag}?signed" '30-systemd-update.hook') sha512sums=('SKIP' 'SKIP' - 'cc0c2ffb5f7c3a7176cd68f3dddd85ca000dcc4cdf3044746a20147234adb6811800fd28a4713faa6a59bf8c02be9fd43c2d6aa6695fd1dbf03ae773a91d090c' + '3ccf783c28f7a1c857120abac4002ca91ae1f92205dcd5a84aff515d57e706a3f9240d75a0a67cff5085716885e06e62597baa86897f298662ec36a940cf410e' 'f0d933e8c6064ed830dec54049b0a01e27be87203208f6ae982f10fb4eddc7258cb2919d594cbfb9a33e74c3510cfd682f3416ba8e804387ab87d1a217eb4b73' 'aeefb607471cffb5ed4c3d9f36dc0954a9a08cee4b7b4ff55468b561e089e3d8448398906a7df328049ba51b712e4d50698b96bc152bdb03a35ce39c3f51a7cb' 'a8c7e4a2cc9c9987e3c957a1fc3afe8281f2281fffd2e890913dcf00cf704024fb80d86cb75f9314b99b0e03bac275b22de93307bfc226d8be9435497e95b7e6' @@ -68,8 +69,6 @@ sha512sums=('SKIP' '825b9dd0167c072ba62cabe0677e7cd20f2b4b850328022540f122689d8b25315005fa98ce867cf6e7460b2b26df16b88bb3b5c9ebf721746dce4e2271af7b97') _backports=( - # meson: Fix build with --optimization=plain - '7aa4762ce274a1c9a59902b972fa4fdee1b22715' ) _reverts=( @@ -121,7 +120,7 @@ build() { -Dshared-lib-tag="${pkgver}-${pkgrel}" -Dmode=release - -Daudit=true + -Dbpf-framework=true -Dgnu-efi=true -Dima=false -Dlibidn2=true @@ -181,6 +180,7 @@ package_systemd-selinux() { 'systemd-sysvcompat: symlink package to provide sysvinit binaries' 'polkit: allow administration as unprivileged user' 'curl: machinectl pull-tar and pull-raw' + 'libbpf: support BPF programs' 'libfido2: unlocking LUKS2 volumes with FIDO2 token' 'tpm2-tss: unlocking LUKS2 volumes with TPM2') backup=(etc/pam.d/systemd-user |