rpms/policycoreutils/devel policycoreutils-gui.patch, 1.44, 1.45 policycoreutils-rhat.patch, 1.329, 1.330 policycoreutils.spec, 1.467, 1.468
Daniel J Walsh (dwalsh)
fedora-extras-commits at redhat.com
Wed Oct 31 10:58:05 UTC 2007
Author: dwalsh
Update of /cvs/extras/rpms/policycoreutils/devel
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv6189
Modified Files:
policycoreutils-gui.patch policycoreutils-rhat.patch
policycoreutils.spec
Log Message:
* Wed Oct 31 2007 Dan Walsh <dwalsh at redhat.com> 2.0.31-8
- Validate semanage fcontext input
- Fix template names for log files in gui
policycoreutils-gui.patch:
Index: policycoreutils-gui.patch
===================================================================
RCS file: /cvs/extras/rpms/policycoreutils/devel/policycoreutils-gui.patch,v
retrieving revision 1.44
retrieving revision 1.45
diff -u -r1.44 -r1.45
--- policycoreutils-gui.patch 18 Oct 2007 21:48:15 -0000 1.44
+++ policycoreutils-gui.patch 31 Oct 2007 10:57:59 -0000 1.45
@@ -11118,8 +11118,8 @@
+"""
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/gui/templates/var_log.py policycoreutils-2.0.31/gui/templates/var_log.py
--- nsapolicycoreutils/gui/templates/var_log.py 1969-12-31 19:00:00.000000000 -0500
-+++ policycoreutils-2.0.31/gui/templates/var_log.py 2007-10-18 17:46:44.000000000 -0400
-@@ -0,0 +1,112 @@
++++ policycoreutils-2.0.31/gui/templates/var_log.py 2007-10-25 16:52:06.000000000 -0400
+@@ -0,0 +1,110 @@
+# Copyright (C) 2007 Red Hat
+# see file 'COPYING' for use and warranty information
+#
@@ -11174,8 +11174,7 @@
+ ')
+
+ logging_search_logs($1)
-+ allow $1 TEMPLATETYPE_log_t:dir r_dir_perms;
-+ allow $1 TEMPLATETYPE_log_t:file { read getattr lock };
++ read_files_pattern($1, TEMPLATETYPE_log_t, TEMPLATETYPE_log_t)
+')
+
+########################################
@@ -11195,8 +11194,7 @@
+ ')
+
+ logging_search_logs($1)
-+ allow $1 TEMPLATETYPE_log_t:dir r_dir_perms;
-+ allow $1 TEMPLATETYPE_log_t:file { getattr append };
++ append_files_pattern($1, TEMPLATETYPE_log_t, TEMPLATETYPE_log_t)
+')
+
+########################################
policycoreutils-rhat.patch:
Index: policycoreutils-rhat.patch
===================================================================
RCS file: /cvs/extras/rpms/policycoreutils/devel/policycoreutils-rhat.patch,v
retrieving revision 1.329
retrieving revision 1.330
diff -u -r1.329 -r1.330
--- policycoreutils-rhat.patch 15 Oct 2007 18:09:35 -0000 1.329
+++ policycoreutils-rhat.patch 31 Oct 2007 10:57:59 -0000 1.330
@@ -1,6 +1,6 @@
-diff --exclude-from=exclude --exclude=sepolgen-1.0.10 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/audit2why/audit2why.c policycoreutils-2.0.29/audit2why/audit2why.c
+diff --exclude-from=exclude --exclude=sepolgen-1.0.10 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/audit2why/audit2why.c policycoreutils-2.0.31/audit2why/audit2why.c
--- nsapolicycoreutils/audit2why/audit2why.c 2007-07-16 14:20:41.000000000 -0400
-+++ policycoreutils-2.0.29/audit2why/audit2why.c 2007-10-08 08:37:08.000000000 -0400
++++ policycoreutils-2.0.31/audit2why/audit2why.c 2007-10-15 16:55:02.000000000 -0400
@@ -137,6 +137,8 @@
/* Process the audit messages. */
while (getline(&buffer, &len, stdin) > 0) {
@@ -97,18 +97,18 @@
if (!tclass) {
fprintf(stderr,
"Invalid %s%s on line %u, skipping...\n",
-diff --exclude-from=exclude --exclude=sepolgen-1.0.10 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/Makefile policycoreutils-2.0.29/Makefile
+diff --exclude-from=exclude --exclude=sepolgen-1.0.10 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/Makefile policycoreutils-2.0.31/Makefile
--- nsapolicycoreutils/Makefile 2007-07-16 14:20:43.000000000 -0400
-+++ policycoreutils-2.0.29/Makefile 2007-10-08 08:36:41.000000000 -0400
++++ policycoreutils-2.0.31/Makefile 2007-10-15 16:55:02.000000000 -0400
@@ -1,4 +1,4 @@
-SUBDIRS=setfiles semanage load_policy newrole run_init restorecond secon audit2allow audit2why scripts sestatus semodule_package semodule semodule_link semodule_expand semodule_deps setsebool po
+SUBDIRS=setfiles semanage load_policy newrole run_init restorecond secon audit2allow audit2why scripts sestatus semodule_package semodule semodule_link semodule_expand semodule_deps setsebool po gui
all install relabel clean indent:
@for subdir in $(SUBDIRS); do \
-diff --exclude-from=exclude --exclude=sepolgen-1.0.10 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/restorecond/restorecond.c policycoreutils-2.0.29/restorecond/restorecond.c
+diff --exclude-from=exclude --exclude=sepolgen-1.0.10 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/restorecond/restorecond.c policycoreutils-2.0.31/restorecond/restorecond.c
--- nsapolicycoreutils/restorecond/restorecond.c 2007-07-16 14:20:41.000000000 -0400
-+++ policycoreutils-2.0.29/restorecond/restorecond.c 2007-10-08 08:36:41.000000000 -0400
++++ policycoreutils-2.0.31/restorecond/restorecond.c 2007-10-15 16:55:02.000000000 -0400
@@ -210,9 +210,10 @@
}
@@ -135,25 +135,28 @@
}
free(scontext);
close(fd);
-diff --exclude-from=exclude --exclude=sepolgen-1.0.10 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/semanage/seobject.py policycoreutils-2.0.29/semanage/seobject.py
+diff --exclude-from=exclude --exclude=sepolgen-1.0.10 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/semanage/seobject.py policycoreutils-2.0.31/semanage/seobject.py
--- nsapolicycoreutils/semanage/seobject.py 2007-10-07 21:46:43.000000000 -0400
-+++ policycoreutils-2.0.29/semanage/seobject.py 2007-10-08 08:36:41.000000000 -0400
-@@ -139,7 +139,7 @@
- translations = fd.readlines()
- fd.close()
- except IOError, e:
-- raise ValueError(_("Unable to open %s: translations not supported on non-MLS machines: %s") % (self.filename, e) )
-+ raise ValueError(_("Unable to open %s: translations not supported on non-MLS machines") % (self.filename) )
++++ policycoreutils-2.0.31/semanage/seobject.py 2007-10-31 06:52:51.000000000 -0400
+@@ -1095,7 +1092,13 @@
+
+ return con
+
++ def validate(self, target):
++ if target == "" or target.find("\n") >= 0:
++ raise ValueError(_("Invalid file specification"))
++
+ def add(self, target, type, ftype = "", serange = "", seuser = "system_u"):
++ self.validate(target)
++
+ if is_mls_enabled == 1:
+ serange = untranslate(serange)
- self.ddict = {}
- self.comments = []
-@@ -236,9 +236,6 @@
- if rc < 0:
- semanage_handle_destroy(self.sh)
- raise ValueError(_("Could not establish semanage connection"))
-- def deleteall(self):
-- raise ValueError(_("Not yet implemented"))
--
+@@ -1154,6 +1157,7 @@
+ def modify(self, target, setype, ftype, serange, seuser):
+ if serange == "" and setype == "" and seuser == "":
+ raise ValueError(_("Requires setype, serange or seuser"))
++ self.validate(target)
- class loginRecords(semanageRecords):
- def __init__(self, store = ""):
+ (rc,k) = semanage_fcontext_key_create(self.sh, target, file_types[ftype])
+ if rc < 0:
Index: policycoreutils.spec
===================================================================
RCS file: /cvs/extras/rpms/policycoreutils/devel/policycoreutils.spec,v
retrieving revision 1.467
retrieving revision 1.468
diff -u -r1.467 -r1.468
--- policycoreutils.spec 19 Oct 2007 16:35:27 -0000 1.467
+++ policycoreutils.spec 31 Oct 2007 10:57:59 -0000 1.468
@@ -6,7 +6,7 @@
Summary: SELinux policy core utilities
Name: policycoreutils
Version: 2.0.31
-Release: 7%{?dist}
+Release: 8%{?dist}
License: GPLv2+
Group: System Environment/Base
Source: http://www.nsa.gov/selinux/archives/policycoreutils-%{version}.tgz
@@ -207,6 +207,10 @@
fi
%changelog
+* Wed Oct 31 2007 Dan Walsh <dwalsh at redhat.com> 2.0.31-8
+- Validate semanage fcontext input
+- Fix template names for log files in gui
+
* Fri Oct 19 2007 Dan Walsh <dwalsh at redhat.com> 2.0.31-7
- Fix consolekit link to selinux-polgengui
More information about the fedora-extras-commits
mailing list