rpms/policycoreutils/devel policycoreutils-rhat.patch, 1.340, 1.341 policycoreutils.spec, 1.488, 1.489
Daniel J Walsh (dwalsh)
fedora-extras-commits at redhat.com
Mon Dec 31 16:26:11 UTC 2007
Author: dwalsh
Update of /cvs/extras/rpms/policycoreutils/devel
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv24673
Modified Files:
policycoreutils-rhat.patch policycoreutils.spec
Log Message:
* Mon Dec 31 2007 Dan Walsh <dwalsh at redhat.com> 2.0.34-4
- Handle files with spaces in fixfiles
policycoreutils-rhat.patch:
Index: policycoreutils-rhat.patch
===================================================================
RCS file: /cvs/extras/rpms/policycoreutils/devel/policycoreutils-rhat.patch,v
retrieving revision 1.340
retrieving revision 1.341
diff -u -r1.340 -r1.341
--- policycoreutils-rhat.patch 21 Dec 2007 07:14:11 -0000 1.340
+++ policycoreutils-rhat.patch 31 Dec 2007 16:26:02 -0000 1.341
@@ -72,8 +72,8 @@
Binary files nsapolicycoreutils/audit2why/audit2why and policycoreutils-2.0.34/audit2why/audit2why differ
diff --exclude-from=exclude --exclude=sepolgen-1.0.10 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/audit2why/audit2why.c policycoreutils-2.0.34/audit2why/audit2why.c
--- nsapolicycoreutils/audit2why/audit2why.c 2007-07-16 14:20:41.000000000 -0400
-+++ policycoreutils-2.0.34/audit2why/audit2why.c 2007-12-20 11:04:10.000000000 -0500
-@@ -22,27 +22,151 @@
++++ policycoreutils-2.0.34/audit2why/audit2why.c 2007-12-31 11:12:23.000000000 -0500
+@@ -22,27 +22,146 @@
exit(rc);
}
@@ -116,7 +116,7 @@
+ if (!foundlist) {
+ fprintf(stderr,
+ "Out of memory.\n");
-+ return -1;
++ return fcnt;
+ }
+ for (i=0; i < boolcnt; i++) {
+ char *name = boollist[i]->name;
@@ -128,7 +128,6 @@
+ if (rc < 0) {
+ fprintf(stderr,
+ "Could not create boolean key.\n");
-+ rc = -1;
+ break;
+ }
+ sepol_bool_set_value(boolean, !active);
@@ -140,7 +139,6 @@
+ if (rc < 0) {
+ fprintf(stderr,
+ "Could not set boolean data %s.\n", name);
-+ rc = -1;
+ break;
+ }
+
@@ -149,13 +147,11 @@
+ if (rc < 0) {
+ fprintf(stderr,
+ "Error during access vector computation, skipping...\n");
-+ rc = -1;
+ break;
+ } else {
+ if (!reason) {
+ foundlist[fcnt] = i;
+ fcnt++;
-+ rc = 0;
+ }
+ sepol_bool_set_value((sepol_bool_t*)boolean, active);
+ rc = sepol_bool_set(access->handle,
@@ -165,7 +161,6 @@
+ if (rc < 0) {
+ fprintf(stderr,
+ "Could not set boolean data %s.\n", name);
-+ rc = -1;
+ break;
+ }
+ }
@@ -187,7 +182,7 @@
+ }
+
+ free(foundlist);
-+ return rc;
++ return fcnt;
+}
+
+
@@ -229,7 +224,7 @@
case 'p':
set_path = 1;
strncpy(path, optarg, PATH_MAX);
-@@ -110,7 +234,6 @@
+@@ -110,7 +229,6 @@
}
fclose(fp);
sepol_set_policydb(&policydb);
@@ -237,7 +232,7 @@
if (!set_path) {
/* If they didn't specify a full path of a binary policy file,
then also try loading any boolean settings and user
-@@ -125,6 +248,30 @@
+@@ -125,6 +243,30 @@
(void)sepol_genusers_policydb(&policydb, selinux_users_path());
}
@@ -268,7 +263,7 @@
/* Initialize the sidtab for subsequent use by sepol_context_to_sid
and sepol_compute_av_reason. */
rc = sepol_sidtab_init(&sidtab);
-@@ -135,8 +282,10 @@
+@@ -135,8 +277,10 @@
sepol_set_sidtab(&sidtab);
/* Process the audit messages. */
@@ -280,7 +275,7 @@
if (buffer[len2 - 1] == '\n')
buffer[len2 - 1] = 0;
-@@ -179,6 +328,7 @@
+@@ -179,6 +323,7 @@
}
*p++ = 0;
@@ -288,7 +283,7 @@
/* Get scontext and convert to SID. */
while (*p && strncmp(p, SCONTEXT, sizeof(SCONTEXT) - 1))
p++;
-@@ -188,11 +338,14 @@
+@@ -188,11 +333,14 @@
continue;
}
p += sizeof(SCONTEXT) - 1;
@@ -306,7 +301,7 @@
rc = sepol_context_to_sid(scon, strlen(scon) + 1, &ssid);
if (rc < 0) {
fprintf(stderr,
-@@ -201,6 +354,10 @@
+@@ -201,6 +349,10 @@
continue;
}
@@ -317,7 +312,7 @@
/* Get tcontext and convert to SID. */
while (*p && strncmp(p, TCONTEXT, sizeof(TCONTEXT) - 1))
p++;
-@@ -210,11 +367,15 @@
+@@ -210,11 +362,15 @@
continue;
}
p += sizeof(TCONTEXT) - 1;
@@ -336,7 +331,7 @@
rc = sepol_context_to_sid(tcon, strlen(tcon) + 1, &tsid);
if (rc < 0) {
fprintf(stderr,
-@@ -222,6 +383,9 @@
+@@ -222,6 +378,9 @@
TCONTEXT, tcon, lineno);
continue;
}
@@ -346,7 +341,7 @@
/* Get tclass= and convert to value. */
while (*p && strncmp(p, TCLASS, sizeof(TCLASS) - 1))
-@@ -232,12 +396,17 @@
+@@ -232,12 +391,17 @@
continue;
}
p += sizeof(TCLASS) - 1;
@@ -367,7 +362,7 @@
if (!tclass) {
fprintf(stderr,
"Invalid %s%s on line %u, skipping...\n",
-@@ -286,11 +455,16 @@
+@@ -286,11 +450,16 @@
}
if (reason & SEPOL_COMPUTEAV_TE) {
@@ -381,7 +376,7 @@
+ access.tclass = tclass;
+ access.av = av;
+
-+ if (check_booleans(&access) < 0) {
++ if (check_booleans(&access) == 0) {
+ printf("\t\tMissing or disabled TE allow rule.\n");
+ printf
+ ("\t\tYou can see the necessary allow rules by running audit2allow with this audit message as input.\n");
@@ -389,7 +384,7 @@
}
if (reason & SEPOL_COMPUTEAV_CONS) {
-@@ -309,5 +483,8 @@
+@@ -309,5 +478,8 @@
}
free(buffer);
free(bufcopy);
@@ -450,6 +445,82 @@
try:
gettext.install('policycoreutils')
+diff --exclude-from=exclude --exclude=sepolgen-1.0.10 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/scripts/fixfiles policycoreutils-2.0.34/scripts/fixfiles
+--- nsapolicycoreutils/scripts/fixfiles 2007-12-10 21:42:28.000000000 -0500
++++ policycoreutils-2.0.34/scripts/fixfiles 2007-12-31 10:54:13.000000000 -0500
+@@ -126,17 +126,15 @@
+ done
+ exit $?
+ fi
+-if [ ! -z "$DIRS" ]; then
++if [ ! -z "$PATH" ]; then
+ if [ -x /usr/bin/find ]; then
+- for d in ${DIRS} ; do find $d \
++ /usr/bin/find "$PATH" \
+ ! \( -fstype ext2 -o -fstype ext3 -o -fstype jfs -o -fstype xfs \) -prune -o -print | \
+ ${RESTORECON} ${OUTFILES} ${FORCEFLAG} $* -f - 2>&1 >> $LOGFILE
+- done
+ else
+- ${RESTORECON} ${OUTFILES} ${FORCEFLAG} -R $* $DIRS 2>&1 >> $LOGFILE
++ ${RESTORECON} ${OUTFILES} ${FORCEFLAG} -R $* $PATH 2>&1 >> $LOGFILE
+ fi
+-
+- exit $?
++ return
+ fi
+ LogReadOnly
+ ${SETFILES} -q ${OUTFILES} ${SYSLOGFLAG} ${FORCEFLAG} $* ${FC} ${FILESYSTEMSRW} 2>&1 >> $LOGFILE
+@@ -173,6 +171,20 @@
+ fi
+ }
+
++process() {
++#
++# Make sure they specified one of the three valid commands
++#
++case "$1" in
++ restore) restore -p ;;
++ check) restore -n -v;;
++ verify) restore -n -o -;;
++ relabel) relabel;;
++ *)
++ usage
++ exit 1
++esac
++}
+ usage() {
+ echo $"Usage: $0 [-l logfile ] [-o outputfile ] { check | restore|[-F] relabel } [[dir] ... ] "
+ echo or
+@@ -229,22 +241,15 @@
+
+ shift 1
+ if [ ! -z "$RPMFILES" ]; then
++ process $command
+ if [ $# -gt 0 ]; then
+ usage
+ fi
+ else
+- DIRS=$*
++ while [ -n "$1" ]; do
++ PATH=$1
++ process $command
++ shift
++ done
+ fi
+-
+-#
+-# Make sure they specified one of the three valid commands
+-#
+-case "$command" in
+- restore) restore -p ;;
+- check) restore -n -v ;;
+- verify) restore -n -o -;;
+- relabel) relabel;;
+- *)
+- usage
+- exit 1
+-esac
++exit $?
diff --exclude-from=exclude --exclude=sepolgen-1.0.10 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/semanage/semanage policycoreutils-2.0.34/semanage/semanage
--- nsapolicycoreutils/semanage/semanage 2007-10-05 13:09:53.000000000 -0400
+++ policycoreutils-2.0.34/semanage/semanage 2007-12-19 06:05:50.000000000 -0500
Index: policycoreutils.spec
===================================================================
RCS file: /cvs/extras/rpms/policycoreutils/devel/policycoreutils.spec,v
retrieving revision 1.488
retrieving revision 1.489
diff -u -r1.488 -r1.489
--- policycoreutils.spec 21 Dec 2007 07:14:11 -0000 1.488
+++ policycoreutils.spec 31 Dec 2007 16:26:02 -0000 1.489
@@ -6,7 +6,7 @@
Summary: SELinux policy core utilities
Name: policycoreutils
Version: 2.0.34
-Release: 3%{?dist}
+Release: 4%{?dist}
License: GPLv2+
Group: System Environment/Base
Source: http://www.nsa.gov/selinux/archives/policycoreutils-%{version}.tgz
@@ -193,6 +193,9 @@
fi
%changelog
+* Mon Dec 31 2007 Dan Walsh <dwalsh at redhat.com> 2.0.34-4
+- Handle files with spaces in fixfiles
+
* Fri Dec 21 2007 Dan Walsh <dwalsh at redhat.com> 2.0.34-3
- Catch SELINUX_ERR with audit2allow and generate policy
More information about the fedora-extras-commits
mailing list