rpms/policycoreutils/devel policycoreutils-rhat.patch, 1.109, 1.110 policycoreutils.spec, 1.172, 1.173
fedora-cvs-commits at redhat.com
fedora-cvs-commits at redhat.com
Fri Nov 11 20:13:47 UTC 2005
- Previous message (by thread): rpms/kernel/FC-4 kernel-2.6.spec, 1.1495.2.9, 1.1495.2.10 1017-Bluetooth-Move-CRC-table-into-RFCOMM-core.txt, 1.1.2.1, NONE 3067-cris-v10-eth-use-ethtool_ops.txt, 1.1.2.3, NONE
- Next message (by thread): rpms/chkconfig/FC-4 .cvsignore, 1.22, 1.23 chkconfig.spec, 1.25, 1.26 sources, 1.23, 1.24
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
Author: dwalsh
Update of /cvs/dist/rpms/policycoreutils/devel
In directory cvs.devel.redhat.com:/tmp/cvs-serv27477
Modified Files:
policycoreutils-rhat.patch policycoreutils.spec
Log Message:
* Fri Nov 11 2005 Dan Walsh <dwalsh at redhat.com> 1.27.27-2
- Patch genhomedircon to use libsemanage.py stuff
policycoreutils-rhat.patch:
genhomedircon | 286 +++++++++++++---------------------------------------------
1 files changed, 68 insertions(+), 218 deletions(-)
Index: policycoreutils-rhat.patch
===================================================================
RCS file: /cvs/dist/rpms/policycoreutils/devel/policycoreutils-rhat.patch,v
retrieving revision 1.109
retrieving revision 1.110
diff -u -r1.109 -r1.110
--- policycoreutils-rhat.patch 9 Nov 2005 22:43:40 -0000 1.109
+++ policycoreutils-rhat.patch 11 Nov 2005 20:13:44 -0000 1.110
@@ -1,7 +1,7 @@
-diff --exclude-from=exclude -N -u -r nsapolicycoreutils/scripts/genhomedircon policycoreutils-1.27.26/scripts/genhomedircon
+diff --exclude-from=exclude -N -u -r nsapolicycoreutils/scripts/genhomedircon policycoreutils-1.27.27/scripts/genhomedircon
--- nsapolicycoreutils/scripts/genhomedircon 2005-09-12 16:33:30.000000000 -0400
-+++ policycoreutils-1.27.26/scripts/genhomedircon 2005-11-09 17:42:11.000000000 -0500
-@@ -15,30 +15,16 @@
++++ policycoreutils-1.27.27/scripts/genhomedircon 2005-11-11 15:11:37.000000000 -0500
+@@ -15,32 +15,19 @@
# The file CONTEXTDIR/files/homedir_template exists. This file is used to
# set up the home directory context for each real user.
#
@@ -34,8 +34,11 @@
-#
import commands, sys, os, pwd, string, getopt, re
++from semanage import *;
-@@ -67,169 +53,6 @@
+ EXCLUDE_LOGINS=["/sbin/nologin", "/bin/false"]
+
+@@ -67,169 +54,6 @@
starting_uid = 500
return starting_uid
@@ -205,12 +208,27 @@
def getDefaultHomeDir():
ret = []
rc=commands.getstatusoutput("grep -h '^HOME' /etc/default/useradd")
-@@ -313,11 +136,8 @@
+@@ -287,6 +111,11 @@
+
+ class selinuxConfig:
+ def __init__(self, selinuxdir="/etc/selinux", type="targeted", usepwd=1):
++ self.semanageHandle=semanage_handle_create()
++ self.semanaged=semanage_is_managed(self.semanageHandle)
++ if self.semanaged:
++ semanage_connect(self.semanageHandle)
++ (status, self.ulist, self.usize) = semanage_user_list(self.semanageHandle)
+ self.type=type
+ self.selinuxdir=selinuxdir +"/"
+ self.contextdir="/contexts"
+@@ -313,47 +142,73 @@
errorExit(string.join("sed error ", rc[1]))
def getUsersFile(self):
- return self.selinuxdir+self.type+"/users/local.users"
-+ return self.selinuxdir+self.type+"/seusers"
++ if self.semanaged:
++ return self.selinuxdir+self.type+"module/active/seusers"
++ else:
++ return self.selinuxdir+self.type+"/seusers"
- def getSystemUsersFile(self):
- return self.selinuxdir+self.type+"/users/system.users"
@@ -218,56 +236,97 @@
def heading(self):
ret = "\n#\n#\n# User-specific file contexts, generated via %s\n" % sys.argv[0]
ret += "# edit %s to change file_context\n#\n#\n" % self.getUsersFile()
-@@ -325,10 +145,7 @@
+ return ret
++
++ def defaultrole(self, name):
++ for idx in range(self.usize):
++ user = semanage_user_by_idx(self.ulist, idx)
++ if semanage_user_get_name(user) == name:
++ role=semanage_user_get_defrole(user)
++ if role=="system_r":
++ # targeted policy
++ return "user_r"
++ else:
++ return role
++ return name
++ def adduser(self, udict, user, seuser, role, range):
++ try:
++ if seuser == "user_u" or user == "__default__":
++ return
++ # !!! chooses first role in the list to use in the file context !!!
++ if role[-2:] == "_r" or role[-2:] == "_u":
++ role = role[:-2]
++ home = pwd.getpwnam(user)[5]
++ if home == "/":
++ return
++ prefs = {}
++ prefs["role"] = role
++ prefs["home"] = home
++ udict[seuser] = prefs
++ except KeyError:
++ sys.stderr.write("The user \"%s\" is not present in the passwd file, skipping...\n" % user)
++
def getUsers(self):
- users=""
+- users=""
- rc = commands.getstatusoutput('grep "^user" %s' % self.getSystemUsersFile())
- if rc[0] == 0:
- users+=rc[1]+"\n"
- rc = commands.getstatusoutput("grep ^user %s" % self.getUsersFile())
-+ rc = commands.getstatusoutput("grep -v '^ *#' %s" % self.getUsersFile())
- if rc[0] == 0:
- users+=rc[1]
+- if rc[0] == 0:
+- users+=rc[1]
udict = {}
-@@ -336,24 +153,27 @@
- if users != "":
- ulist = users.split("\n")
+- prefs = {}
+- if users != "":
+- ulist = users.split("\n")
++ if self.semanaged:
++ (status, list, lsize) = semanage_seuser_list(self.semanageHandle)
++ for idx in range(lsize):
++ user=[]
++ seuser = semanage_seuser_by_idx(list, idx)
++ seusername=semanage_seuser_get_sename(seuser)
++ self.adduser(udict, semanage_seuser_get_name(seuser), seusername, self.defaultrole(seusername), semanage_seuser_get_mlsrange(seuser))
++
++ else:
++ users=""
++ rc = commands.getstatusoutput("grep -v '^ *#' %s" % self.getUsersFile())
++ if rc[0] == 0 and rc[1] != "":
++ ulist = rc[1].split("\n")
++
for u in ulist:
- user = u.split()
-+ if len(u)==0:
-+ continue
-+ user = u.split(":")
- try:
+- try:
- if len(user)==0 or user[1] == "user_u" or user[1] == "system_u":
-+ if len(user)==0 or user[1] == "user_u":
- continue
- # !!! chooses first role in the list to use in the file context !!!
+- continue
+- # !!! chooses first role in the list to use in the file context !!!
- role = user[3]
- if role == "{":
- role = user[4]
- role = role.split("_r")[0]
- home = pwd.getpwnam(user[1])[5]
-+ if user[0] == "root":
-+ role="user_u"
-+ else:
-+ role = user[1]
-+ role = role.split("_u")[0]
-+ home = pwd.getpwnam(user[0])[5]
- if home == "/":
- continue
- prefs = {}
- prefs["role"] = role
- prefs["home"] = home
+- if home == "/":
+- continue
+- prefs = {}
+- prefs["role"] = role
+- prefs["home"] = home
- udict[user[1]] = prefs
-+ udict[user[0]] = prefs
- except KeyError:
+- except KeyError:
- sys.stderr.write("The user \"%s\" is not present in the passwd file, skipping...\n" % user[1])
-+ sys.stderr.write("The user \"%s\" is not present in the passwd file, skipping...\n" % user[0])
++ if len(u)==0:
++ continue
++ user = u.split(":")
++ if len(user) < 3:
++ continue
++ if u[0] == "root":
++ role="user"
++ else:
++ role=u[0]
++ self.adduser(udict, u[0], u[1], role, u[2])
++
return udict
def getHomeDirContext(self, user, home, role):
-@@ -362,9 +182,8 @@
+@@ -362,9 +217,8 @@
return ret + rc[1] + "\n"
def getUserContext(self, user, sel_user, role):
@@ -278,7 +337,7 @@
def genHomeDirContext(self):
users = self.getUsers()
-@@ -478,10 +297,6 @@
+@@ -478,10 +332,6 @@
if type==None:
type=getSELinuxType(directory)
Index: policycoreutils.spec
===================================================================
RCS file: /cvs/dist/rpms/policycoreutils/devel/policycoreutils.spec,v
retrieving revision 1.172
retrieving revision 1.173
diff -u -r1.172 -r1.173
--- policycoreutils.spec 10 Nov 2005 02:59:06 -0000 1.172
+++ policycoreutils.spec 11 Nov 2005 20:13:44 -0000 1.173
@@ -1,9 +1,9 @@
%define libsepolver 1.9.39-1
-%define libsemanagever 1.3.52-1
+%define libsemanagever 1.3.53-2
Summary: SELinux policy core utilities.
Name: policycoreutils
Version: 1.27.27
-Release: 1
+Release: 2
License: GPL
Group: System Environment/Base
Source: http://www.nsa.gov/selinux/archives/policycoreutils-%{version}.tgz
@@ -88,6 +88,9 @@
%config(noreplace) %{_sysconfdir}/sestatus.conf
%changelog
+* Fri Nov 11 2005 Dan Walsh <dwalsh at redhat.com> 1.27.27-2
+- Patch genhomedircon to use libsemanage.py stuff
+
* Wed Nov 9 2005 Dan Walsh <dwalsh at redhat.com> 1.27.27-1
- Update to match NSA
* Merged setsebool cleanup patch from Ivan Gyurdiev.
- Previous message (by thread): rpms/kernel/FC-4 kernel-2.6.spec, 1.1495.2.9, 1.1495.2.10 1017-Bluetooth-Move-CRC-table-into-RFCOMM-core.txt, 1.1.2.1, NONE 3067-cris-v10-eth-use-ethtool_ops.txt, 1.1.2.3, NONE
- Next message (by thread): rpms/chkconfig/FC-4 .cvsignore, 1.22, 1.23 chkconfig.spec, 1.25, 1.26 sources, 1.23, 1.24
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
More information about the fedora-cvs-commits
mailing list