v.ims.1 - Bump version

nhrp: configure strongswan vici path
Resolves: #2311119 - Multiple AVCs for accessing lib_t in FRR-10.1
2024-09-13 13:50:41 +02:00 · 2024-09-13 13:50:28 +02:00 · 2024-09-10 14:40:58 +02:00 · 2024-08-25 17:53:51 -04:00 · 2024-08-15 09:04:28 +02:00
3 changed files with 27 additions and 1 deletions
--- a/frr.fc
+++ b/frr.fc
@@ -6,6 +6,7 @@
 /var/log/frr(/.*)?              gen_context(system_u:object_r:frr_log_t,s0)
 /var/tmp/frr(/.*)?              gen_context(system_u:object_r:frr_tmp_t,s0)
 /var/lib/frr(/.*)?              gen_context(system_u:object_r:frr_var_lib_t,s0)
 /run/lock/subsys/bfdd       --  gen_context(system_u:object_r:frr_lock_t,s0)
 /run/lock/subsys/bgpd       --  gen_context(system_u:object_r:frr_lock_t,s0)
--- a/frr.spec
+++ b/frr.spec
@@ -1,3 +1,5 @@
 %global dist .ims.1%{?dist}
 %global frr_libdir %{_libexecdir}/frr
 %global _hardened_build 1
@@ -9,7 +11,7 @@
 Name:           frr
 Version:        10.1
-Release:        1%{?dist}
+Release:        4%{?dist}
 Summary:        Routing daemon
 License:        GPL-2.0-or-later AND ISC AND LGPL-2.0-or-later AND BSD-2-Clause AND BSD-3-Clause AND (GPL-2.0-or-later  OR ISC) AND MIT
 URL:            http://www.frrouting.org
@@ -135,6 +137,7 @@ autoreconf -ivf
    --with-moduledir=%{_libdir}/frr/modules \
    --with-yangmodelsdir=%{_datadir}/frr-yang/ \
    --with-crypto=openssl \
    --with-vici-socket=/run/strongswan/charon.vici \
    --enable-fpm \
    %{?with_grpc:--enable-grpc}
@@ -277,6 +280,16 @@ rm tests/lib/*grpc*
 %endif
 %changelog
 * Tue Sep 10 2024 Michal Ruprich <mruprich@redhat.com> - 10.1-4
 - Resolves: #2311119 - Multiple AVCs for accessing lib_t in FRR-10.1
 - Resolves: #2311120 - AVCs for using a netlink socket in FRR
 * Sun Aug 25 2024 Benjamin A. Beasley <code@musicinmybrain.net> - 10.1-3
 - Rebuilt for abseil-cpp-20240722.0
 * Thu Aug 15 2024 Michal Ruprich <mruprich@redhat.com> - 10.1-2
 - Rebuilding for the libre soname bump
 * Mon Aug 12 2024 Michal Ruprich <mruprich@redhat.com> - 10.1-1
 - New version 10.1
--- a/frr.te
+++ b/frr.te
@@ -27,12 +27,20 @@ systemd_unit_file(frr_unit_file_t)
 type frr_var_run_t;
 files_pid_file(frr_var_run_t)
 type frr_var_lib_t;
 files_type(frr_var_lib_t)
 ########################################
 #
 # frr local policy
 #
 allow frr_t self:capability { chown dac_override dac_read_search kill net_bind_service net_raw setgid setuid net_admin sys_admin };
 allow frr_t self:netlink_route_socket rw_netlink_socket_perms;
 allow frr_t self:netlink_generic_socket create;
 allow frr_t self:netlink_generic_socket setopt;
 allow frr_t self:netlink_generic_socket getopt;
 allow frr_t self:netlink_generic_socket getattr;
 allow frr_t self:netlink_generic_socket bind;
 allow frr_t self:packet_socket create_socket_perms;
 allow frr_t self:process { setcap setpgid };
 allow frr_t self:rawip_socket create_socket_perms;
@@ -49,6 +57,10 @@ manage_files_pattern(frr_t, frr_log_t, frr_log_t)
 manage_lnk_files_pattern(frr_t, frr_log_t, frr_log_t)
 logging_log_filetrans(frr_t, frr_log_t, { dir file lnk_file })
 manage_dirs_pattern(frr_t, frr_var_lib_t, frr_var_lib_t)
 manage_files_pattern(frr_t, frr_var_lib_t, frr_var_lib_t)
 files_var_lib_filetrans(frr_t, frr_var_lib_t, { dir file })
 allow frr_t frr_tmp_t:file map;
 manage_dirs_pattern(frr_t, frr_tmp_t, frr_tmp_t)
 manage_files_pattern(frr_t, frr_tmp_t, frr_tmp_t)
Author	SHA1	Message	Date
Zoran Peričić	0713f57503	v.ims.1 - Bump version	2024-09-13 13:50:41 +02:00
Zoran Peričić	e64abcc29d	nhrp: configure strongswan vici path	2024-09-13 13:50:28 +02:00
Michal Ruprich	200b4b5d79	Resolves: #2311119 - Multiple AVCs for accessing lib_t in FRR-10.1 Resolves: #2311120 - AVCs for using a netlink socket in FRR	2024-09-10 14:40:58 +02:00
Benjamin A. Beasley	c9eb844b76	Rebuilt for abseil-cpp-20240722.0	2024-08-25 17:53:51 -04:00
Michal Ruprich	c34de6afce	libre soname bump	2024-08-15 09:04:28 +02:00