SEARCH
NEW RPMS
DIRECTORIES
ABOUT
FAQ
VARIOUS
BLOG

 
 
Changelog for permissions-debuginfo-20180125-lp150.1.2.x86_64.rpm :

* Thu Jan 25 2018 meissnerAATTsuse.com- Update to version 20180125:
* the eror should be reported for permfiles[i], not argv[i], as these are not the same files. (bsc#1047247)
* make btmp root:utmp (bsc#1050467)
* Mon Jan 15 2018 krahmerAATTsuse.com- Update to version 20180115:
* - polkit-default-privs: usbauth (bsc#1066877)
* Mon Dec 04 2017 kukukAATTsuse.com- fillup is required for post, not pre installation
* Thu Nov 30 2017 mpluskalAATTsuse.com- Cleanup spec file with spec-cleaner- Drop conditions/definitions related to old distros
* Wed Nov 29 2017 astiegerAATTsuse.com- Update to version 20171129:
* permissions: adding gvfs (bsc#1065864)
* Allow setgid incingacmd on directory /run/icinga2/cmd bsc#1069410
* Allow fping cap_net_raw (bsc#1047921)
* Thu Nov 23 2017 rbrownAATTsuse.com- Replace references to /var/adm/fillup-templates with new %_fillupdir macro (boo#1069468)
* Tue Nov 21 2017 krahmerAATTsuse.com- Update to version 20171121:
* - permissions: adding kwayland (bsc#1062182)
* Mon Nov 06 2017 eeichAATTsuse.com- Update to version 20171106:
* Allow setuid root for singularity (group only) bsc#1028304
* Wed Oct 25 2017 jsegitzAATTsuse.com- Update to version 20171025:
* Stricter permissions on cron directories (paranoid) and stricter permissions on sshd_config (secure/paranoid)
* Thu Sep 28 2017 astiegerAATTsuse.com- Update to version 20170928:
* Fix invalid syntax bsc#1048645 bsc#1060738
* Wed Sep 27 2017 pgajdosAATTsuse.com- Update to version 20170927:
* fix typos in manpages
* Fri Sep 22 2017 astiegerAATTsuse.com- Update to version 20170922:
* Allow setuid root for singularity (group only) bsc#1028304
* Wed Sep 13 2017 astiegerAATTsuse.com- Update to version 20170913:
* Allow setuid for shadow newuidmap, newgidmap bsc#979282, bsc#1048645)
* Wed Sep 06 2017 opensuse-packagingAATTopensuse.org- Update to version 20170906:
* permissions - copy dbus-daemon-launch-helper from / to /usr - bsc#1056764
* permissions: Adding suid bit for VBoxNetNAT (bsc#1033425)
* Wed Jun 07 2017 dimstarAATTopensuse.org- BuildIgnore group(trusted): we don\'t really care for this group in the buildroot and do not want to get system-users into the bootstrap cycle as we can avoid it.
* Sat Jun 03 2017 meissnerAATTsuse.com- Require: group(trusted), as we are handing it out to some unsuspecting binaries and it is no longer default. (bsc#1041159 for fuse, also cronie, etc)
* Fri Jun 02 2017 meissnerAATTsuse.com- Update to version 20170602:
* make /etc/ppp owned by root:root. The group dialout usage is no longer used
* Sun Aug 07 2016 meissnerAATTsuse.com- Update to version 20160807:
* suexec2 is a symlink, no need for permissions handling
* Tue Aug 02 2016 meissnerAATTsuse.com- Update to version 20160802:
* list the newuidmap and newgidmap, currently 0755 until review is done (bsc#979282)
* root:shadow 0755 for newuidmap/newgidmap
* Tue Aug 02 2016 krahmerAATTsuse.com- adding qemu-bridge-helper mode 04750 (bsc#988279)
* Mon May 23 2016 dimstarAATTopensuse.org- Introduce _service to easier update the package. For simplicity, change the version from yyyy.mm.dd to yyyymmdd (which is eactly %cd in the _service defintion). Upgrading is no problem.
* Mon May 23 2016 meissnerAATTsuse.com- chage only needs read rights to /etc/shadow, so setgid shadow is sufficient (bsc#975352)
* Wed Mar 30 2016 meissnerAATTsuse.com- permissions: adding gstreamer ptp file caps (bsc#960173)
* Fri Jan 15 2016 meissnerAATTsuse.com- the apache folks renamed suexec2 to suexec with symlink. adjust both (bsc#962060)
* Tue Jan 12 2016 meissnerAATTsuse.com- pinger needs to be squid:root, not root:squid (there is no squid group) bsc#961363
* Thu Oct 29 2015 meissnerAATTsuse.com- add suexec with 0755 to all standard profiles. this can and should be overridden in permissions.local if you need it setuid root. bsc#951765 bsc#263789- added missing / to the squid specific directories (bsc#950557)
* Mon Sep 28 2015 meissnerAATTsuse.com- adjusted radosgw to root:www mode 0750 (bsc#943471)
* Mon Sep 28 2015 meissnerAATTsuse.com- radosgw can get capability cap_bind_net_service (bsc#943471)
* Mon Jun 08 2015 meissnerAATTsuse.com- remove /usr/bin/get_printing_ticket; (bnc#906336)
* Wed Dec 03 2014 krahmerAATTsuse.com- Added iouyap capabilities (bnc#904060)
* Wed Nov 05 2014 meissnerAATTsuse.com- %{_bindir}/get_printing_ticket turned to mode 700, setuid root no longer needed (bnc#685093)- permissions: incorporating squid changes from bnc#891268- hint that chkstat --system --set needs to be run after editing bnc#895647
* Tue Aug 26 2014 meissnerAATTsuse.com- Do not applies permissions from backup files (~ / .rpmsave / .rpmnew) (bnc#893370)- do not mention SuSEconfig anymore, long dead (bnc#843083)
* Fri Aug 01 2014 meissnerAATTsuse.com- append a / to /var/log/journal so the framework makes sure it is a directory bnc#888151
* Wed Jul 23 2014 meissnerAATTsuse.com- make innbind mode 4550 (bnc#876287)- permissions: Adding systemd-journal directory (bnc#888151)
* Mon Jul 21 2014 krahmerAATTsuse.com- permissions: Adding new kdesud path for KDE5 (bnc#872276)
* Tue Jul 01 2014 meissnerAATTsuse.com- vlock_main lost its permission checking, so remove from here.
* Mon Jun 16 2014 meissnerAATTsuse.com- opiesu,wodim,vlock-main have no setuid root. (bnc#882035)
* Thu Jun 05 2014 meissnerAATTsuse.com- tighten /etc/crontab to be always mode 600, even in easy (bnc#867799)
* Tue Apr 15 2014 meissnerAATTsuse.com- duplicate /var/run entries to /run (bnc#873708)
* Mon Mar 24 2014 krahmerAATTsuse.com- permissions: incorporating capability for mtr, removing +s from ping (bnc#865351)
* Mon Oct 28 2013 meissnerAATTsuse.com- GIT repo moved to GITHUB.- removed the setuid bit from \"eject\" (bnc#824406)
* Thu Aug 22 2013 meissnerAATTsuse.com- do not use magic constants for strlen (bnc#834790
* Wed Aug 21 2013 meissnerAATTsuse.com- Chrome sandbox also allowed to be setuid root in secure mode now (bnc#718016)
* Fri Aug 16 2013 meissnerAATTsuse.com- use PERMISSION_FSCAPS
* Fri Aug 16 2013 meissnerAATTsuse.com- it is PERMISSIONS_FSCAPS (bnc#834790)- qemu-bridge-helper has no special privileges currently (bnc#765948)
* Wed Jun 12 2013 meissnerAATTsuse.com- utempter helper binary moved in new version to /usr/lib/utempter/utempter (bnc#823302)
* Mon Jun 10 2013 meissnerAATTsuse.com- cdrtools: allow some filesystem capabilities for more stable CD/DVD burning in \"easy\" mode. (bnc#550021) (cap_sys_nice, cap_sys_rawio, cap_sys_resource, cap_ipc_lock)
* Wed May 08 2013 meissnerAATTsuse.com- leave out readcd,cdda2wav,cdrecord until it is ready for the distro (bnc#550021)
* Sat May 04 2013 meissnerAATTsuse.com- cdrecord currently has no special permissions approved (bnc#550021)- append a /
* Tue Jan 29 2013 meissnerAATTsuse.com- Allow pcp to have stickybit worldwriteable directories
* Tue Nov 27 2012 meissnerAATTsuse.com- add /usr/bin/dumpcap to watchlist- make fscaps=1 the default on \"\"- added PERMISSION_FSCAPS to the sysconfig/security fillup template.- /bin/ping(6) was moved to /usr/bin/ping(6) /bin/eject was moved to /usr/bin/eject
* Wed Nov 21 2012 lnusselAATTsuse.de- apply permissions settings in %post. During initial installation some packages might be installed before the permissions package due to dependency loops so we need to make sure their settings are applied too. Also, on update of the permissions package changed permission settings may need to be applied.
* Mon Oct 15 2012 lnusselAATTsuse.de- temporarily add su.core. workaround for the migration of su from coreutils to util-linux needs to be reverted as soon as util-linux is also in
* Tue Sep 25 2012 meissnerAATTsuse.com- no longer install SuSEconfig.permissions, SuSEconfig is gone.
* Fri Jul 06 2012 meissnerAATTsuse.com- enable ecryptfs-utils setuid root mount wrapper (bnc#740110) in .easy
* Mon Jun 04 2012 lnusselAATTsuse.de- remove /var/run/vi.recover (bnc#765288)
* Fri Jun 01 2012 lnusselAATTsuse.de- remove /var/cache/fonts (bnc#764885)- remove /var/lib/xemacs/lock/ (bnc#764887)
* Thu May 31 2012 lnusselAATTsuse.de- Revert \"Use credentials from within the root file system\" breaks use of --root option in brp-05-permissions
* Tue May 15 2012 lnusselAATTsuse.de- print warning when requested to check not listed files- Use credentials from within the root file system
* Wed Feb 08 2012 lnusselAATTsuse.de- add duplicate entries for / and /usr (bnc#745622)
* Tue Feb 07 2012 lnusselAATTsuse.de- add scripts for automatic package sumission- drop zypp-refresh-wrapper (bnc#738677)
* Mon Nov 07 2011 lnusselAATTsuse.de- disable run time fscaps detection (bnc#728312)
* Fri Sep 23 2011 lnusselAATTsuse.de- set permission by default in SuSEconfig mode as permissions are only set when called explicitly anyways (bnc#720010).
* Wed Sep 21 2011 lnusselAATTsuse.de- fix typo in path
* Tue Sep 20 2011 lnusselAATTsuse.de- remove world writable /var/crash again (bnc#438041)- remove world writable permissions from /usr/src/packages (bnc#719217)
* Tue Sep 20 2011 lnusselAATTsuse.de- add chromium browser sandbox helper (bnc#718016)- don\'t offer PERMISSION_SECURITY in config anymore- remove setgid games bits (bnc#429882)
* Tue Jun 28 2011 lnusselAATTsuse.de- remove setuid bit from opiesu (bnc#698772)
* Fri Jun 17 2011 lnusselAATTsuse.de- disable fscaps by default as factory kernel still doesn\'t have the required patch for auto detection
* Thu May 26 2011 lnusselAATTsuse.de- read /sys/kernel/fscaps for fscaps settings
* Thu May 12 2011 lnusselAATTsuse.de- change path to gnome-pty-helper (bnc#690202)
* Mon Mar 07 2011 lnusselAATTsuse.de- setuid bit on VBoxNetDHCP (bnc#669055)
* Mon Feb 14 2011 lnusselAATTsuse.de- fix hawk permissions (bnc#665045)
* Wed Feb 09 2011 lnusselAATTsuse.de- add hawk (bnc#665045)
* Thu Dec 02 2010 lnusselAATTsuse.de- remove Xorg setuid bit (bnc#632737)
* Thu Nov 18 2010 lnusselAATTsuse.de- update permissions of lastlog, faillog, wtmp, utmp and btmp
* Wed Nov 17 2010 lnusselAATTsuse.de- remove permissions handling for /etc/inittab, /etc/inetd.conf and /etc/mtab- revert previous commit, done in coreutils instead
* Tue Nov 16 2010 lnusselAATTsuse.de- change fillup deps to requires to avoid coreutils loop
* Tue Nov 16 2010 lnusselAATTsuse.de- change utempter from group tty to group utmp (bnc#652877)
* Tue Nov 09 2010 lnusselAATTsuse.de- add permissions man page- update docu- add --level option- set perms for setuid files always if owner changes- strip root dir when printing file names
* Tue Nov 09 2010 lnusselAATTsuse.de- add option to explicitly warn only
* Fri Nov 05 2010 lnusselAATTsuse.de- reimplement the core features in chkstat itself instead of SuSEconfig.permissions
* Thu Nov 04 2010 lnusselAATTsuse.de- don\'t make changes if not called explicitly
* Wed Nov 03 2010 lnusselAATTsuse.de- add support for file system capabilities
* Mon Oct 18 2010 lnusselAATTsuse.de- remove vlock (bnc#629236#c13)
* Tue Oct 05 2010 lnusselAATTsuse.de- update path to gnome-pty-helper (bnc#634199)
* Wed Sep 22 2010 lnusselAATTsuse.de- vlock -> vlock-main (bnc#629236)
* Mon Jun 28 2010 jengelhAATTmedozas.de- use %_smp_mflags
* Fri Apr 23 2010 lnusselAATTsuse.de- add lockdev (bnc#588325)
* Wed Apr 07 2010 lnusselAATTsuse.de- update for innd update (bnc#594393)- remove lppasswd (bnc#574336)
* Tue Dec 08 2009 jengelhAATTmedozas.de- enable parallel building
* Wed Oct 07 2009 lnusselAATTsuse.de- add /usr/lib/virtualbox/VBoxNetAdpCtl (bnc#533550)
* Thu Aug 27 2009 lnusselAATTsuse.de- add /usr/src/packages/BUILDROOT/ for rpm 4.7
* Wed Aug 26 2009 lnusselAATTsuse.de- add more arm directories to /usr/src/packages/RPMS/
* Mon Aug 24 2009 lnusselAATTsuse.de- remove permissions handling for traceroute6 and cdrecord which are symlinks nowadays
* Thu Aug 20 2009 lnusselAATTsuse.de- fix weird sendfax permissions (bnc#525954)
* Wed Aug 19 2009 lnusselAATTsuse.de- permissions now maintained at gitorious so use tarball instead of individual files
* Wed Aug 12 2009 meissnerAATTsuse.de- added polkit setuid root helpers after review (bnc#523377)
* Fri Aug 07 2009 meissnerAATTsuse.de- also added KDE4 start_kdeinit (same source as kde3 start_kdeinit), bnc#523833
* Thu Aug 06 2009 meissnerAATTsuse.de- open-vm-tools gets setuid root:root in mode easy (bnc#474285)
* Tue Jul 28 2009 lnusselAATTsuse.de- hylafax directory permissions are handled by the package - change group of amanda binaries (bnc#523006)
* Mon Mar 02 2009 lnusselAATTsuse.de- add some missing slashes to directories and remove entries for at and cron (bnc#480855)
  
ICM