fapolicyd-1.3.2-100.el9 | Build Info

Information for build fapolicyd-1.3.2-100.el9

27726

Package Name

fapolicyd

Version

1.3.2

Release

100.el9

Epoch

Source

git+https://git.cclinux.org/stage/rpms/fapolicyd.git#7fee73340fb2e4a6db254e9ea4700edb8b22d956

Summary

Application Whitelisting Daemon

Description

Fapolicyd (File Access Policy Daemon) implements application whitelisting to decide file access rights. Applications that are known via a reputation source are allowed access while unknown applications are not. The daemon makes use of the kernel's fanotify interface to determine file access rights.

Built by

distrobuild

State

complete

Volume

DEFAULT

Started

Tue, 21 Nov 2023 03:32:45 CST

Completed

Tue, 21 Nov 2023 04:13:39 CST

Task

build (dist-circle9, /stage/rpms/fapolicyd.git:7fee73340fb2e4a6db254e9ea4700edb8b22d956)

Extra

{'source': {'original_url': 'git+https://git.cclinux.org/stage/rpms/fapolicyd.git?#7fee73340fb2e4a6db254e9ea4700edb8b22d956'}}

Tags

dist-circle9

dist-circle9-compose

RPMs

src
	fapolicyd-1.3.2-100.el9.src.rpm (info) (download)
aarch64
	fapolicyd-1.3.2-100.el9.aarch64.rpm (info) (download)
	fapolicyd-debuginfo-1.3.2-100.el9.aarch64.rpm (info) (download)
	fapolicyd-debugsource-1.3.2-100.el9.aarch64.rpm (info) (download)
i686
	fapolicyd-1.3.2-100.el9.i686.rpm (info) (download)
	fapolicyd-debuginfo-1.3.2-100.el9.i686.rpm (info) (download)
	fapolicyd-debugsource-1.3.2-100.el9.i686.rpm (info) (download)
noarch
	fapolicyd-selinux-1.3.2-100.el9.noarch.rpm (info) (download)
ppc64le
	fapolicyd-1.3.2-100.el9.ppc64le.rpm (info) (download)
	fapolicyd-debuginfo-1.3.2-100.el9.ppc64le.rpm (info) (download)
	fapolicyd-debugsource-1.3.2-100.el9.ppc64le.rpm (info) (download)
s390x
	fapolicyd-1.3.2-100.el9.s390x.rpm (info) (download)
	fapolicyd-debuginfo-1.3.2-100.el9.s390x.rpm (info) (download)
	fapolicyd-debugsource-1.3.2-100.el9.s390x.rpm (info) (download)
x86_64
	fapolicyd-1.3.2-100.el9.x86_64.rpm (info) (download)
	fapolicyd-debuginfo-1.3.2-100.el9.x86_64.rpm (info) (download)
	fapolicyd-debugsource-1.3.2-100.el9.x86_64.rpm (info) (download)

Logs

aarch64
	build.log
	hw_info.log
	installed_pkgs.log
	mock_output.log
	noarch_rpmdiff.json
	root.log
	state.log
i686
	build.log
	hw_info.log
	installed_pkgs.log
	mock_output.log
	noarch_rpmdiff.json
	root.log
	state.log
ppc64le
	build.log
	hw_info.log
	installed_pkgs.log
	mock_output.log
	noarch_rpmdiff.json
	root.log
	state.log
s390x
	build.log
	hw_info.log
	installed_pkgs.log
	mock_output.log
	noarch_rpmdiff.json
	root.log
	state.log
x86_64
	build.log
	hw_info.log
	installed_pkgs.log
	mock_output.log
	noarch_rpmdiff.json
	root.log
	state.log

Changelog

* Wed Jul 19 2023 Radovan Sroka <rsroka@redhat.com> - 1.3.2-100 RHEL 9.3.0 ERRATUM - Rebase fapolicyd to the latest stable version Resolves: RHEL-430 - fapolicyd can leak FDs and never answer request, causing target process to hang forever Resolves: RHEL-621 - RFE: send rule number to fanotify so it gets audited Resolves: RHEL-624 - fapolicyd needs to make sure the FD limit is never reached Resolves: RHEL-623 - fapolicyd still allows execution of a program after "untrusting" it Resolves: RHEL-622 - Default q_size doesn't match manpage's one Resolves: RHEL-627 - fapolicyd-cli --update then mount/umount twice causes fapolicyd daemon to block (state 'D') Resolves: RHEL-817 - Fix broken backwards compatibility backend numbers Resolves: RHEL-730 - SELinux prevents the fapolicyd from reading symlink (cert_t) Resolves: RHEL-816 * Mon Jan 30 2023 Radovan Sroka <rsroka@redhat.com> - 1.1.3-104 RHEL 9.2.0 ERRATUM - statically linked app can execute untrusted app Resolves: rhbz#2097077 - fapolicyd ineffective with systemd DynamicUser=yes Resolves: rhbz#2136802 - Starting manually fapolicyd while the service is already running breaks the system Resolves: rhbz#2160517 - Cannot execute /usr/libexec/grepconf.sh when falcon-sensor is enabled Resolves: rhbz#2160518 - fapolicyd: Introduce filtering of rpmdb Resolves: RHEL-192 * Fri Aug 05 2022 Radovan Sroka <rsroka@redhat.com> - 1.1.3-102 RHEL 9.1.0 ERRATUM - rebase fapolicyd to the latest stable vesion Resolves: rhbz#2100041 - fapolicyd gets way too easily killed by OOM killer Resolves: rhbz#2097385 - fapolicyd does not correctly handle SIGHUP Resolves: rhbz#2070655 - Introduce ppid rule attribute Resolves: rhbz#2102558 - fapolicyd often breaks package updates Resolves: rhbz#2111244 - drop libgcrypt in favour of openssl Resolves: rhbz#2111938 - Remove dnf plugin Resolves: rhbz#2113959 - fapolicyd.rules doesn't advertise that using a username/groupname instead of uid/gid also works Resolves: rhbz#2115849 * Thu Jun 16 2022 Radovan Sroka <rsroka@redhat.com> - 1.1-104 RHEL 9.1.0 ERRATUM - CVE-2022-1117 fapolicyd: fapolicyd wrongly prepares ld.so path Resolves: rhbz#2069123 - Faulty handling of static applications Resolves: rhbz#2096457 * Sun Apr 03 2022 Radovan Sroka <rsroka@redhat.com> - 1.1-101 RHEL 9.1.0 ERRATUM - fapolicyd denies access to /usr/lib64/ld-2.28.so Resolves: rhbz#2067493 * Wed Feb 16 2022 Radovan Sroka <rsroka@redhat.com> - 1.1-100 RHEL 9.0.0 ERRATUM - rebase to 1.1 Resolves: rhbz#2032408 - introduce rules.d Resolves: rhbz#2054740 - remove pretrans scriptlet Resolve: rhbz#2051481 * Tue Dec 14 2021 Zoltan Fridrich <zfridric@redhat.com> - 1.0.4-101 RHEL 9.0.0 ERRATUM - rebase to 1.0.4 - added rpm_sha256_only option - added trust.d directory - allow file names with whitespaces in trust files - use full paths in trust files Resolves: rhbz#2032408 - fix libc.so getting identified as application/x-executable Resolves: rhbz#2015307 - fix selinux DSP module definition in spec file Resolves: rhbz#2014449 * Mon Aug 09 2021 Mohan Boddu <mboddu@redhat.com> - 1.0.3-4 - Rebuilt for IMA sigs, glibc 2.34, aarch64 flags Related: rhbz#1991688 * Tue Jul 20 2021 Radovan Sroka <rsroka@redhat.com> - 1.0.3-3 RHEL 9 BETA - SELinux prevents fapolicyd from watch_mount/watch_with_perm on /dev/shm Resolves: rhbz#1932225 Resolves: rhbz#1977731

Main Site Links:

Information for build fapolicyd-1.3.2-100.el9