rpms/dbus/devel dbus-1.1.2-audit-user.patch, NONE, 1.1 dbus.spec, 1.127, 1.128
Daniel J Walsh (dwalsh)
fedora-extras-commits at redhat.com
Fri Sep 14 13:12:12 UTC 2007
Author: dwalsh
Update of /cvs/extras/rpms/dbus/devel
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv974
Modified Files:
dbus.spec
Added Files:
dbus-1.1.2-audit-user.patch
Log Message:
* Fri Sep 14 2007 Dan Walsh <dwalsh at redhat.com> - 1.1.2-5%{?dist}
- Reverse we_were_root check to setpcap if we were root. Also only init
audit if we were root. So error dbus message will not show up when policy
reload happens. dbus -session will no longer try to send audit message,
only system will.
dbus-1.1.2-audit-user.patch:
--- NEW FILE dbus-1.1.2-audit-user.patch ---
diff -up dbus-1.1.2/dbus/dbus-sysdeps-util-unix.c.audit-user dbus-1.1.2/dbus/dbus-sysdeps-util-unix.c
--- dbus-1.1.2/dbus/dbus-sysdeps-util-unix.c.audit-user 2007-07-24 11:39:09.000000000 -0400
+++ dbus-1.1.2/dbus/dbus-sysdeps-util-unix.c 2007-09-14 09:00:24.000000000 -0400
@@ -300,7 +300,7 @@ _dbus_change_to_daemon_user (const char
* run as ... doesn't really help. But keeps people happy.
*/
- if (!we_were_root)
+ if (we_were_root)
{
cap_value_t new_cap_list[] = { CAP_AUDIT_WRITE };
cap_value_t tmp_cap_list[] = { CAP_AUDIT_WRITE, CAP_SETUID, CAP_SETGID };
@@ -376,7 +376,7 @@ _dbus_change_to_daemon_user (const char
}
#ifdef HAVE_LIBAUDIT
- if (!we_were_root)
+ if (we_were_root)
{
if (cap_set_proc (new_caps))
{
@@ -395,6 +395,7 @@ _dbus_change_to_daemon_user (const char
_dbus_strerror (errno));
return FALSE;
}
+ audit_init();
}
#endif
diff -up dbus-1.1.2/bus/selinux.c.audit-user dbus-1.1.2/bus/selinux.c
--- dbus-1.1.2/bus/selinux.c.audit-user 2007-07-24 11:39:08.000000000 -0400
+++ dbus-1.1.2/bus/selinux.c 2007-09-14 08:31:14.000000000 -0400
@@ -113,7 +113,7 @@ static const struct avc_lock_callback lo
static int audit_fd = -1;
#endif
-static void
+void
audit_init(void)
{
#ifdef HAVE_LIBAUDIT
@@ -350,12 +350,8 @@ bus_selinux_full_init (void)
freecon (bus_context);
- audit_init ();
-
- return TRUE;
-#else
- return TRUE;
#endif /* HAVE_SELINUX */
+ return TRUE;
}
/**
Index: dbus.spec
===================================================================
RCS file: /cvs/extras/rpms/dbus/devel/dbus.spec,v
retrieving revision 1.127
retrieving revision 1.128
diff -u -r1.127 -r1.128
--- dbus.spec 28 Aug 2007 21:57:03 -0000 1.127
+++ dbus.spec 14 Sep 2007 13:11:38 -0000 1.128
@@ -8,7 +8,7 @@
Summary: D-BUS message bus
Name: dbus
Version: 1.1.2
-Release: 4%{?dist}
+Release: 5%{?dist}
URL: http://www.freedesktop.org/software/dbus/
Source0: http://dbus.freedesktop.org/releases/dbus/%{name}-%{version}.tar.gz
Source1: doxygen_to_devhelp.xsl
@@ -37,6 +37,7 @@
Patch1: dbus-1.0.1-generate-xml-docs.patch
# https://bugs.freedesktop.org/show_bug.cgi?id=11491
Patch2: dbus-1.0.2-lsb.patch
+Patch3: dbus-1.1.2-audit-user.patch
%description
@@ -79,6 +80,7 @@
%patch0 -p1 -b .start-early
%patch1 -p1 -b .generate-xml-docs
%patch2 -p1 -b .lsb
+%patch3 -p1 -b .audit-user
autoreconf -f -i
@@ -198,6 +200,12 @@
%{_datadir}/devhelp/books/dbus
%changelog
+* Fri Sep 14 2007 Dan Walsh <dwalsh at redhat.com> - 1.1.2-5%{?dist}
+- Reverse we_were_root check to setpcap if we were root. Also only init
+audit if we were root. So error dbus message will not show up when policy
+reload happens. dbus -session will no longer try to send audit message,
+only system will.
+
* Tue Aug 28 2007 David Zeuthen <davidz at redhat.com> - 1.1.2-4%{?dist}
- Make dbus require dbus-libs (#261721)
More information about the fedora-extras-commits
mailing list