public inbox for git-commits@fedoraproject.org
help / color / mirror / Atom feed
* [rpms/haveged] epel8: Revert "Update to 1.9.24 — disable command mode in long-running service"
@ 2026-06-23 22:39 Jirka Hladky
0 siblings, 0 replies; only message in thread
From: Jirka Hladky @ 2026-06-23 22:39 UTC (permalink / raw)
To: git-commits
A new commit has been pushed.
Repo : rpms/haveged
Branch : epel8
Commit : be93fb8755ac1f3543552bc3fedee3fb86caa8d2
Author : Jirka Hladky <jhladky@redhat.com>
Date : 2026-06-24T00:39:00+02:00
Stats : +30/-25 in 4 file(s)
URL : https://src.fedoraproject.org/rpms/haveged/c/be93fb8755ac1f3543552bc3fedee3fb86caa8d2?branch=epel8
Log:
Revert "Update to 1.9.24 — disable command mode in long-running service"
This reverts commit 994172bf4c8e97ca4f5eb945b5082e6e0295aad0.
---
diff --git a/.gitignore b/.gitignore
index 9846512..e768c53 100644
--- a/.gitignore
+++ b/.gitignore
@@ -1,18 +1,11 @@
/haveged-1.2.tar.gz
/haveged-1.3.tar.gz
/haveged-1.4.tar.gz
-/haveged.service
/haveged-1.5.tar.gz
/haveged-1.7.tar.gz
/haveged-1.8.tar.gz
/haveged-1.9.1.tar.gz
-/haveged.spec
/haveged-1.9.6.tar.gz
-/haveged-1.9.7-alpha.tar.gz
-/haveged-1.9.7.tar.gz
-/haveged-1.9.8a.tar.gz
-/haveged-1.9.8b.tar.gz
-/haveged-1.9.8c.tar.gz
/haveged-1.9.8.tar.gz
/haveged-1.9.9.tar.gz
/haveged-v1.9.10.tar.gz
@@ -21,11 +14,4 @@
/haveged-1.9.12.tar.gz
/haveged-1.9.13.tar.gz
/haveged-1.9.14.tar.gz
-/haveged-1.9.15.tar.gz
-/haveged-1.9.16.tar.gz
-/haveged-1.9.17.tar.gz
-/haveged-1.9.18.tar.gz
-/haveged-1.9.21.tar.gz
-/haveged-1.9.22.tar.gz
/haveged-1.9.23.tar.gz
-/haveged-1.9.24.tar.gz
diff --git a/haveged-semaphore.te b/haveged-semaphore.te
new file mode 100644
index 0000000..c4233c3
--- /dev/null
+++ b/haveged-semaphore.te
@@ -0,0 +1,11 @@
+module haveged-semaphore 1.0;
+
+require {
+ type entropyd_t;
+ type tmpfs_t;
+ class file { create open read write getattr setattr unlink link rename lock map };
+ class dir { write add_name remove_name search getattr };
+}
+
+allow entropyd_t tmpfs_t:file { create open read write getattr setattr unlink link rename lock map };
+allow entropyd_t tmpfs_t:dir { write add_name remove_name search getattr };
diff --git a/haveged.spec b/haveged.spec
index 1766e17..c0d7dd3 100644
--- a/haveged.spec
+++ b/haveged.spec
@@ -1,18 +1,20 @@
%define dracutlibdir lib/dracut
Summary: A Linux entropy source using the HAVEGE algorithm
Name: haveged
-Version: 1.9.24
-Release: 1%{?dist}
+Version: 1.9.23
+Release: 3%{?dist}
License: GPLv3+
URL: https://github.com/jirka-h/haveged
Source0: https://github.com/jirka-h/%{name}/archive/v%{version}/%{name}-%{version}.tar.gz
-Requires(post): systemd
+Source1: haveged-semaphore.te
+Requires(post): systemd policycoreutils
Requires(preun): systemd
-Requires(postun): systemd
+Requires(postun): systemd policycoreutils
BuildRequires: gcc
BuildRequires: automake coreutils glibc-common systemd-units
BuildRequires: make
+BuildRequires: checkpolicy selinux-policy-devel
Enhances: apache2 gpg2 openssl openvpn php5 smtp_daemon systemd
%description
@@ -49,6 +51,10 @@ Headers and shared object symbolic links for the HAVEGE algorithm
#make %{?_smp_mflags}
make
+# Build SELinux policy module
+cp %{SOURCE1} .
+make -f /usr/share/selinux/devel/Makefile haveged-semaphore.pp
+
%check
make check
@@ -73,11 +79,15 @@ install -Dpm 0644 contrib/Fedora/90-haveged.rules %{buildroot}%{_udevrulesdir}/9
# We don't ship .la files.
rm -rf %{buildroot}%{_libdir}/libhavege.*a
+# Install SELinux policy module
+install -Dpm 0644 haveged-semaphore.pp %{buildroot}%{_datadir}/selinux/packages/haveged-semaphore.pp
+
mkdir -p %{buildroot}%{_defaultdocdir}/%{name}
cp -p COPYING README ChangeLog AUTHORS contrib/build/havege_sample.c %{buildroot}%{_defaultdocdir}/%{name}
%post
/sbin/ldconfig
+semodule -i %{_datadir}/selinux/packages/haveged-semaphore.pp 2>/dev/null || :
%systemd_post %{name}.service %{name}-switch-root.service
%preun
@@ -86,6 +96,9 @@ cp -p COPYING README ChangeLog AUTHORS contrib/build/havege_sample.c %{buildroot
%postun
%systemd_postun_with_restart %{name}.service %{name}-switch-root.service
/sbin/ldconfig
+if [ $1 -eq 0 ]; then
+ semodule -r haveged-semaphore 2>/dev/null || :
+fi
%files
%{_mandir}/man8/haveged.8*
@@ -96,6 +109,7 @@ cp -p COPYING README ChangeLog AUTHORS contrib/build/havege_sample.c %{buildroot
%{_udevrulesdir}/*-%{name}.rules
%dir %{_prefix}/%{dracutlibdir}/modules.d/98%{name}
%{_prefix}/%{dracutlibdir}/modules.d/98%{name}/*
+%{_datadir}/selinux/packages/haveged-semaphore.pp
%files devel
%{_mandir}/man3/libhavege.3*
@@ -106,12 +120,6 @@ cp -p COPYING README ChangeLog AUTHORS contrib/build/havege_sample.c %{buildroot
%changelog
-* Fri Jun 19 2026 Jirka Hladky <hladky.jiri@gmail.com> - 1.9.24-1
-- Update to 1.9.24
-- Disable command mode in long-running service (--no-command flag)
-- Enable PrivateNetwork=true in systemd service
-- Remove SELinux policy module (no longer needed without command mode)
-
* Fri Jun 19 2026 Jirka Hladky <hladky.jiri@gmail.com> - 1.9.23-3
- Fix rpminspect.yaml: use annocheck failure_severity instead of inspections toggle
(annocheck is a security inspection and cannot be disabled via inspections section)
diff --git a/sources b/sources
index 1f74352..8d59ebd 100644
--- a/sources
+++ b/sources
@@ -1 +1 @@
-SHA512 (haveged-1.9.24.tar.gz) = d79b361658b726aa8c78ed3d82fe95758d96b19edd1970dd0f7b18ead264d84a42dcbefb94c40d00358a05b1194d7e19b41ad910a5b66e1be29656bb17910a1b
+SHA512 (haveged-1.9.23.tar.gz) = 69fe3e024ac213d2cbbbc36e716cc0822929e0a18aabb0802e2cc9818381073fef034b247c3e2b458b6ca3d9bc4c01b86b1954dff2767752ea2b0551958efb61
^ permalink raw reply related [flat|nested] only message in thread
only message in thread, other threads:[~2026-06-23 22:39 UTC | newest]
Thread overview: (only message) (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2026-06-23 22:39 [rpms/haveged] epel8: Revert "Update to 1.9.24 — disable command mode in long-running service" Jirka Hladky
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox