rpms/system-config-securitylevel/devel system-config-securitylevel-1.7.0-disable.patch, NONE, 1.1 system-config-securitylevel-1.7.0-dirty.patch, 1.3, 1.4 system-config-securitylevel.spec, 1.98, 1.99
Thomas Woerner (twoerner)
fedora-extras-commits at redhat.com
Tue Jul 31 12:55:43 UTC 2007
Author: twoerner
Update of /cvs/pkgs/rpms/system-config-securitylevel/devel
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv28929
Modified Files:
system-config-securitylevel-1.7.0-dirty.patch
system-config-securitylevel.spec
Added Files:
system-config-securitylevel-1.7.0-disable.patch
Log Message:
[tw]
- fixed lokkit to stop iptables and ip6tables if firewall gets disabled
(rhbz#236175)
- more fixes to dirty check for firstboot
system-config-securitylevel-1.7.0-disable.patch:
--- NEW FILE system-config-securitylevel-1.7.0-disable.patch ---
diff -up system-config-securitylevel-1.7.0/src/lokkit.c.disable system-config-securitylevel-1.7.0/src/lokkit.c
--- system-config-securitylevel-1.7.0/src/lokkit.c.disable 2007-07-30 18:25:05.000000000 +0200
+++ system-config-securitylevel-1.7.0/src/lokkit.c 2007-07-30 18:30:45.000000000 +0200
@@ -1430,23 +1430,11 @@ int main(int argc, char **argv) {
if (!enabled && !nostart) {
char path[256];
- snprintf(path, 255,"/sbin/iptables -D INPUT -j %s 2>/dev/null", CHAIN_NAME);
- system(path);
- snprintf(path, 255,"/sbin/iptables -D FORWARD -j %s 2>/dev/null", CHAIN_NAME);
- system(path);
- snprintf(path, 255,"/sbin/iptables -F %s 2>/dev/null", CHAIN_NAME);
- system(path);
- snprintf(path, 255,"/sbin/iptables -X %s 2>/dev/null", CHAIN_NAME);
+ snprintf(path, 255,"service iptables stop 2>/dev/null");
system(path);
unlink(fwscript);
- snprintf(path, 255,"/sbin/ip6tables -D INPUT -j %s 2>/dev/null", CHAIN_NAME);
- system(path);
- snprintf(path, 255,"/sbin/ip6tables -D FORWARD -j %s 2>/dev/null", CHAIN_NAME);
- system(path);
- snprintf(path, 255,"/sbin/ip6tables -F %s 2>/dev/null", CHAIN_NAME);
- system(path);
- snprintf(path, 255,"/sbin/ip6tables -X %s 2>/dev/null", CHAIN_NAME);
+ snprintf(path, 255,"service ip6tables stop 2>/dev/null");
system(path);
unlink(fw6script);
}
system-config-securitylevel-1.7.0-dirty.patch:
Index: system-config-securitylevel-1.7.0-dirty.patch
===================================================================
RCS file: /cvs/pkgs/rpms/system-config-securitylevel/devel/system-config-securitylevel-1.7.0-dirty.patch,v
retrieving revision 1.3
retrieving revision 1.4
diff -u -r1.3 -r1.4
--- system-config-securitylevel-1.7.0-dirty.patch 30 Jul 2007 17:42:25 -0000 1.3
+++ system-config-securitylevel-1.7.0-dirty.patch 31 Jul 2007 12:55:41 -0000 1.4
@@ -1,6 +1,6 @@
diff -up system-config-securitylevel-1.7.0/src/checklist.py.dirty system-config-securitylevel-1.7.0/src/checklist.py
--- system-config-securitylevel-1.7.0/src/checklist.py.dirty 2006-01-27 19:57:20.000000000 +0100
-+++ system-config-securitylevel-1.7.0/src/checklist.py 2007-07-30 18:25:05.000000000 +0200
++++ system-config-securitylevel-1.7.0/src/checklist.py 2007-07-31 14:42:46.000000000 +0200
@@ -22,8 +22,13 @@ class CheckList (gtk.TreeView):
"""A class (derived from gtk.TreeView) that provides a list of
checkbox / text string pairs"""
@@ -25,7 +25,7 @@
def clear (self):
diff -up system-config-securitylevel-1.7.0/src/advancedPage.py.dirty system-config-securitylevel-1.7.0/src/advancedPage.py
--- system-config-securitylevel-1.7.0/src/advancedPage.py.dirty 2007-01-12 16:24:59.000000000 +0100
-+++ system-config-securitylevel-1.7.0/src/advancedPage.py 2007-07-30 18:25:05.000000000 +0200
++++ system-config-securitylevel-1.7.0/src/advancedPage.py 2007-07-31 14:42:46.000000000 +0200
@@ -19,8 +19,15 @@
# You should have received a copy of the GNU General Public License
# Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
@@ -102,9 +102,18 @@
- return ""
+ return ""
diff -up system-config-securitylevel-1.7.0/src/securitylevel.py.dirty system-config-securitylevel-1.7.0/src/securitylevel.py
---- system-config-securitylevel-1.7.0/src/securitylevel.py.dirty 2007-07-30 18:25:05.000000000 +0200
-+++ system-config-securitylevel-1.7.0/src/securitylevel.py 2007-07-30 19:39:00.000000000 +0200
-@@ -147,6 +147,7 @@ class childWindow:
+--- system-config-securitylevel-1.7.0/src/securitylevel.py.dirty 2007-07-31 14:42:46.000000000 +0200
++++ system-config-securitylevel-1.7.0/src/securitylevel.py 2007-07-31 14:42:46.000000000 +0200
+@@ -86,6 +86,8 @@ class childWindow:
+ self.selinuxPage = None
+ self.advancedPage = None
+ self.other_changed_firsttime = True
++ self.applyButton = None
++ self.okButton = None
+
+ self.serviceList = [Service(name="ssh", description="SSH",
+ ports=[("ssh", "tcp")]),
+@@ -147,6 +149,7 @@ class childWindow:
# Set up the trusted services checklist.
self.incomingList = checklist.CheckList(columns=1)
@@ -112,7 +121,7 @@
keyList = map(lambda svc: svc.description, self.serviceList)
keyList.sort()
-@@ -201,7 +202,7 @@ class childWindow:
+@@ -201,7 +204,7 @@ class childWindow:
if self.advancedPage:
self.advancedPage.set_sensitive(True)
@@ -121,7 +130,7 @@
def none_activated(self, *args):
self.trustedServicesBox.set_sensitive(False)
-@@ -210,12 +211,15 @@ class childWindow:
+@@ -210,12 +213,15 @@ class childWindow:
if self.advancedPage:
self.advancedPage.set_sensitive(False)
@@ -138,7 +147,7 @@
self.portEntry.set_text("")
self.protoCombo.set_active(0)
-@@ -233,7 +237,7 @@ class childWindow:
+@@ -233,7 +239,7 @@ class childWindow:
else:
if self._findPortInStore(portStr, proto) is None:
self.otherPortsStore.append([portStr, proto])
@@ -147,7 +156,7 @@
break
else:
break
-@@ -254,7 +258,7 @@ class childWindow:
+@@ -254,7 +260,7 @@ class childWindow:
if iter is not None:
# Need to get past the TreeModelSort to whatever's underneath.
model.get_model().remove(iter)
@@ -156,7 +165,7 @@
def security_changed_cb(self, combobox, *args):
if self.security_changed_firsttime:
-@@ -274,7 +278,7 @@ class childWindow:
+@@ -274,7 +280,7 @@ class childWindow:
if self.other_changed_firsttime:
self.other_changed_firsttime = False
return
@@ -165,7 +174,7 @@
def okClicked(self, *args):
rc = self.apply()
-@@ -348,11 +352,11 @@ class childWindow:
+@@ -348,11 +354,11 @@ class childWindow:
if arg in ["--high", "--medium", "--enabled"]:
self.securityOptionMenu.set_active(0)
self.firewall_activated()
@@ -179,7 +188,7 @@
elif arg.startswith("--trust="):
key, device = string.split(arg, "=")
devicesList.append(string.strip(device))
-@@ -376,7 +380,7 @@ class childWindow:
+@@ -376,7 +382,7 @@ class childWindow:
key, file = string.split(arg, "=")
if self.advancedPage:
@@ -188,7 +197,7 @@
self.advancedPage.set_sensitive(True)
self.advancedPage.origFilename = file
self.advancedPage.set_filename(file)
-@@ -466,13 +470,14 @@ class childWindow:
+@@ -466,13 +472,14 @@ class childWindow:
if self.advancedPage:
advancedArgs = self.advancedPage.apply()
@@ -206,7 +215,7 @@
return 0
index = self.securityOptionMenu.get_active()
-@@ -555,10 +560,28 @@ class childWindow:
+@@ -555,10 +562,28 @@ class childWindow:
# Set these to False so if you click Apply followed by OK, you're not
# prompted twice.
@@ -236,7 +245,7 @@
def launch(self, doDebug = None):
self.doDebug = doDebug
self.setupScreen()
-@@ -585,7 +608,9 @@ class childWindow:
+@@ -585,7 +610,9 @@ class childWindow:
self.cancelButton = self.xml.get_widget("cancelButton")
self.applyButton = self.xml.get_widget("applyButton")
self.advancedPage = advancedPage.AdvancedPage(xml)
@@ -248,7 +257,7 @@
self.okButton.connect("clicked", self.okClicked)
diff -up system-config-securitylevel-1.7.0/src/selinuxPage.py.dirty system-config-securitylevel-1.7.0/src/selinuxPage.py
--- system-config-securitylevel-1.7.0/src/selinuxPage.py.dirty 2007-01-04 20:17:09.000000000 +0100
-+++ system-config-securitylevel-1.7.0/src/selinuxPage.py 2007-07-30 18:25:05.000000000 +0200
++++ system-config-securitylevel-1.7.0/src/selinuxPage.py 2007-07-31 14:42:46.000000000 +0200
@@ -59,8 +59,12 @@ def waitCmd (msg, cmd):
dialog.destroy()
return (status, output)
Index: system-config-securitylevel.spec
===================================================================
RCS file: /cvs/pkgs/rpms/system-config-securitylevel/devel/system-config-securitylevel.spec,v
retrieving revision 1.98
retrieving revision 1.99
diff -u -r1.98 -r1.99
--- system-config-securitylevel.spec 30 Jul 2007 17:42:25 -0000 1.98
+++ system-config-securitylevel.spec 31 Jul 2007 12:55:41 -0000 1.99
@@ -1,7 +1,7 @@
Summary: A graphical interface for modifying the system security level
Name: system-config-securitylevel
Version: 1.7.0
-Release: 4%{?dist}
+Release: 5%{?dist}
URL: http://fedoraproject.org/wiki/SystemConfig/securitylevel
License: GPL
ExclusiveOS: Linux
@@ -14,6 +14,7 @@
Patch2: system-config-securitylevel-1.7.0-expand.patch
Patch3: system-config-securitylevel-1.7.0-dirty.patch
Patch4: system-config-securitylevel-1.7.0-desktopfile.patch
+Patch5: system-config-securitylevel-1.7.0-disable.patch
BuildRequires: desktop-file-utils newt-devel slang-devel popt
BuildRequires: gettext
BuildRequires: intltool
@@ -51,6 +52,7 @@
%patch2 -p1 -b .expand
%patch3 -p1 -b .dirty
%patch4 -p1 -b .desktopfile
+%patch5 -p1 -b .disable
%build
make
@@ -103,6 +105,11 @@
/usr/bin/system-config-securitylevel-tui
%changelog
+* Tue Jul 31 2007 Thomas Woerner <twoerner at redhat.com> 1.7.0-5
+- fixed lokkit to stop iptables and ip6tables if firewall gets disabled
+ (rhbz#236175)
+- more fixes to dirty check for firstboot
+
* Mon Jul 30 2007 Thomas Woerner <twoerner at redhat.com> 1.7.0-4
- fixed checkDirty function for use in s-c-ks and firstboot (rhbz#247863)
More information about the fedora-extras-commits
mailing list