obsolete

nextcloud-client-3.5.4-1.el9

FEDORA-EPEL-2022-a1a026d024 created by nonamedotc 2 years ago for Fedora EPEL 9

Initial build for epel9

This update has been submitted for testing by nonamedotc.

2 years ago

This update's test gating status has been changed to 'ignored'.

2 years ago

This update has been pushed to testing.

2 years ago
User Icon marcovr commented & provided feedback 2 years ago
karma

selinux deny: mprotect failed in ExecutableAllocator::makeExecutable: Permission denied

BZ#2106870 Add nextcloud-client package to EPEL 9

Bodhi is disabling automatic push to stable due to negative karma. The maintainer may push manually if they determine that the issue is not severe.

2 years ago
User Icon nonamedotc commented & provided feedback 2 years ago

@marcovr - this may be due to differences in SELinux rules between epel and fedora. Not sure what nextcloud-client can do.

User Icon marcovr commented & provided feedback 2 years ago

@nonamedotc : with setsebool selinuxuser_execmod=on -P it works. I have checked RHEL/Rocky 8 and selinuxuser_execmod is on by default.

User Icon marcovr commented & provided feedback 2 years ago

I don't know the implications by setting the boolean to on when installing the nextcloud client but if Fedora 36, RHEL 8 have this boolan to on...

For the .spec file (not tested):

%global selinuxbooleans selinuxuser_execmod=on

%post %selinux_set_booleans -s %{selinuxtype} %{selinuxbooleans}

%postun %selinux_unset_booleans -s %{selinuxtype} %{selinuxbooleans}

User Icon nonamedotc commented & provided feedback 2 years ago

I am not sure if I want to go about changing selinux booleans ...

I am not sure if this is even allowed in packaging guidelines

In Fedora, this value is on.

 $ getsebool selinuxuser_execmod
 selinuxuser_execmod --> on

This may upto selinux policy maintainers to address and not nextcloud-client.

User Icon marcovr commented & provided feedback 2 years ago

I agree, we should fix this on a more granular selinux way. I will see what is needed for nextcloud-client without setting the global boolean.

User Icon marcovr commented & provided feedback 2 years ago

This seems to allow it but I cannot really check if it is the same as just allow it with the boolean.

============= unconfined_t ==============

!!!! This avc can be allowed using the boolean 'selinuxuser_execmod'

allow unconfined_t user_tmp_t:file execmod;

This update can be pushed to stable now if the maintainer wishes

2 years ago
User Icon nonamedotc commented & provided feedback 2 years ago

Alright, I am going to push this to stable.

SELInux rules are beyond the scope of this specific package, IMO. What do you think?

User Icon marcovr commented & provided feedback 2 years ago

I personally think it's essential to fix this in this package. If we don't then people install this package, start the client and it will fail without telling why (unless you start it from the console to see what's wrong). That's not why I as a user would expect from a package in EPEL.

I have very little experience with selinux in building rpm's, but it should be trivial to fix. If I have some spare time in the coming days I will try and make a suggestion.

User Icon sumomo commented & provided feedback 2 years ago

I am eagerly awaiting a working version of nextcloud-client, any update? Cheers.

User Icon nonamedotc commented & provided feedback 2 years ago

I am checking. i emailed the EPEL mailing list.

User Icon nonamedotc commented & provided feedback 2 years ago

I am getting this built and will submit an update in the next day or two. It will be direct update to v3.6.0.

Sorry for the delay.

This update has been obsoleted by nextcloud-client-3.6.0-2.el9.

2 years ago

Please login to add feedback.

Metadata
Type
newpackage
Karma
-1
Signed
Content Type
RPM
Test Gating
Settings
Unstable by Karma
-3
Stable by Karma
disabled
Stable by Time
disabled
Dates
submitted
2 years ago
in testing
2 years ago
BZ#2106870 Add nextcloud-client package to EPEL 9
0
0

Automated Test Results