Update fapolicyd pipe commands #966
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
jw3
added a commit
to jw3/fapolicy-analyzer
that referenced
this pull request
Dec 27, 2023
Expands the fapolicyd fifo pipe signaling machinery to include cache flush and rule reload. This also fixes a bug from ctc-oss#672 where the trust reload was not including a new line character. This supports work that will take place for ctc-oss#877 to integrate the rule reload with the profiler execution. Closes ctc-oss#964
Merged
jw3
added a commit
that referenced
this pull request
Dec 29, 2023
First release of forked el8 This commit rolls up changes from master which are listed below. There are also some additional changes to support the el8 build. - Release v1.2.2 (#969) - Try harder to create rules backup (#967) Add a fallback for when a rename does not succeed. In the case where tempdir is on a different filesystem the `std::fs::rename` call will fail. ``` This function will return an error in the following situations, but is not limited to just these cases: - from does not exist. - The user lacks permissions to view contents. - from and to are on separate filesystems. ``` https://doc.rust-lang.org/std/fs/fn.rename.html This commit updates the logic to fallback to a copy and delete. Closes #965 - Update fapolicyd pipe commands (#966) Expands the fapolicyd fifo pipe signaling machinery to include cache flush and rule reload. This also fixes a bug from #672 where the trust reload was not including a new line character. This supports work that will take place for #877 to integrate the rule reload with the profiler execution. Closes #964 - Handle escapes in syslog entries (#959) Adds tests to ensure escapes in syslog entries are being parsed properly Closes #781 - Vendor updates (#957) Updates crate vendoring to be sourced only from Fedora packages Closes #958 - Build with Mock (#955) Uses Fedora Mock to build RPMs in a clean chroot environment. This commit modifies the GitHub CI RPM build by replacing the direct use of rpmbuild with Fedora Mock through a Podman container. This approach aligns our CI with the same approach used in Copr and Koji. Mock is also recommended as an upstream best practice, and is required for consistent behavior after the move to use `%cargo_generate_buildrequires`. Closes #952 - All arch support (#953) Fixes an issue building auparse bindings for i686 and removes all excluded arches from spec An updated Rust ring crate made it possible to build on s390 and power64 arches. That update was present in #905 but was not enabled in the spec until now. Closes #947 Closes #948 - Update packaging for latest Rust and Legal guidelines (#951) A couple of updates brought over from the rpm repo. Update Rust build dependencies to use `%cargo_generate_buildrequires` to generate, rather than explicitly listing dependencies. Projects with subcrates were not originally supported but have been now for a while. Update the license listing to include Rust statically linked licenses. See https://src.fedoraproject.org/rpms/fapolicy-analyzer/pull-request/16 Closes #949
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Expands the fapolicyd fifo pipe signaling machinery to include cache flush and rule reload.
This also fixes a bug from #672 where the trust reload was not including a new line character.
This supports work that will take place for #877 to integrate the rule reload with the profiler execution.
Closes #964