* Thu Feb 29 2024 jsrain@suse.com
- add bcond for building without AppArmor support (for ALP code
base)
* Thu Jan 25 2024 psimons@suse.com
- Remove the post-install scriptlet introduced earlier. It turns
out that "chmod" call opened a security vulnerability that
allowed users with write access to /var/lib/mlocate to obtain
read/write access to arbitrary files on the system, possibly
facilitating privilege escalation to root. [bsc#1218896,
CVE-2023-32190]
* Mon Jan 08 2024 fcrozat@suse.com
- Drop url from source, fedorahosted.org is no longer running.
* Wed Dec 13 2023 jdelvare@suse.com
- Add a post-install scriptlet to fix incorrect database
permissions (bsc#1188933). Modified:
* mlocate.spec
* Fri Mar 17 2023 suse+build@de-korte.org
- Set umask 0022 before running /usr/bin/updatedb (boo#1209409)
* Fri Feb 03 2023 jsegitz@suse.com
- Remove ProtectKernelModules from systemd unit as it makes files
inaccessible that are then not visible for locate (bsc#1207884)
* Wed Sep 14 2022 psimons@suse.com
- Pass "--shell=/bin/sh" to "su" when running the "updatedb"
command so that we don't depend on the "${RUN_UPDATEDB_AS}"
user's login shell. Since that user is "nobody" by default, the
login shell will oftentimes be "/bin/false". [jsc#PED-1717]
* Wed Oct 06 2021 jsegitz@suse.com
- Added hardening to systemd service(s) (bsc#1181400). Modified:
* mlocate.service
* Fri Sep 11 2020 hpj@urpla.net
- Require apparmor-abstractions, because apparmor.service fails with
"Could not open 'tunables/global'" error otherwise. [bsc#1195144]
* Tue Dec 04 2018 jengelh@inai.de
- Reduce amount of emitted %service_* boilerplate.