rpms/policycoreutils/devel policycoreutils-rhat.patch, 1.403, 1.404 policycoreutils.spec, 1.574, 1.575
Daniel J Walsh
dwalsh at fedoraproject.org
Tue Dec 2 13:38:15 UTC 2008
Author: dwalsh
Update of /cvs/extras/rpms/policycoreutils/devel
In directory cvs1.fedora.phx.redhat.com:/tmp/cvs-serv16617
Modified Files:
policycoreutils-rhat.patch policycoreutils.spec
Log Message:
* Tue Dec 2 2008 Dan Walsh <dwalsh at redhat.com> 2.0.60-2
- Fix error checking in restorecond, for inotify_add_watch
policycoreutils-rhat.patch:
Index: policycoreutils-rhat.patch
===================================================================
RCS file: /cvs/extras/rpms/policycoreutils/devel/policycoreutils-rhat.patch,v
retrieving revision 1.403
retrieving revision 1.404
diff -u -r1.403 -r1.404
--- policycoreutils-rhat.patch 1 Dec 2008 16:49:49 -0000 1.403
+++ policycoreutils-rhat.patch 2 Dec 2008 13:37:45 -0000 1.404
@@ -1,15 +1,114 @@
-diff --exclude-from=exclude --exclude=sepolgen-1.0.13 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/Makefile policycoreutils-2.0.58/Makefile
+diff --exclude-from=exclude --exclude=sepolgen-1.0.14 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/Makefile policycoreutils-2.0.60/Makefile
--- nsapolicycoreutils/Makefile 2008-08-28 09:34:24.000000000 -0400
-+++ policycoreutils-2.0.58/Makefile 2008-11-10 08:57:34.000000000 -0500
++++ policycoreutils-2.0.60/Makefile 2008-12-01 11:47:09.000000000 -0500
@@ -1,4 +1,4 @@
-SUBDIRS = setfiles semanage load_policy newrole run_init secon audit2allow audit2why scripts sestatus semodule_package semodule semodule_link semodule_expand semodule_deps setsebool po
+SUBDIRS = setfiles semanage load_policy newrole run_init secon audit2allow audit2why scripts sestatus semodule_package semodule semodule_link semodule_expand semodule_deps setsebool po gui
INOTIFYH = $(shell ls /usr/include/sys/inotify.h 2>/dev/null)
-diff --exclude-from=exclude --exclude=sepolgen-1.0.13 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/scripts/chcat policycoreutils-2.0.58/scripts/chcat
+diff --exclude-from=exclude --exclude=sepolgen-1.0.14 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/audit2allow/audit2allow policycoreutils-2.0.60/audit2allow/audit2allow
+--- nsapolicycoreutils/audit2allow/audit2allow 2008-11-10 08:53:49.000000000 -0500
++++ policycoreutils-2.0.60/audit2allow/audit2allow 2008-12-01 15:16:31.000000000 -0500
+@@ -42,10 +42,10 @@
+ from optparse import OptionParser
+
+ parser = OptionParser(version=self.VERSION)
+- parser.add_option("-a", "--audit", action="store_true", dest="audit", default=False,
++ parser.add_option("-a", "--all", action="store_true", dest="audit", default=False,
+ help="read input from audit log - conflicts with -i")
+ parser.add_option("-d", "--dmesg", action="store_true", dest="dmesg", default=False,
+- help="read input from dmesg - conflicts with --audit and --input")
++ help="read input from dmesg - conflicts with --all and --input")
+ parser.add_option("-i", "--input", dest="input",
+ help="read input from <input> - conflicts with -a")
+ parser.add_option("-l", "--lastreload", action="store_true", dest="lastreload", default=False,
+@@ -82,9 +82,9 @@
+ # Make -d, -a, and -i conflict
+ if options.audit is True:
+ if options.input is not None:
+- sys.stderr.write("error: --audit conflicts with --input\n")
++ sys.stderr.write("error: --all conflicts with --input\n")
+ if options.dmesg is True:
+- sys.stderr.write("error: --audit conflicts with --dmesg\n")
++ sys.stderr.write("error: --all conflicts with --dmesg\n")
+ if options.input is not None and options.dmesg is True:
+ sys.stderr.write("error: --input conflicts with --dmesg\n")
+
+@@ -200,7 +200,7 @@
+ try:
+ fd = open(filename, "w")
+ except IOError, e:
+- sys.stderr.write("could not write output file: %s\n", str(e))
++ sys.stderr.write("could not write output file: %s\n" % str(e))
+ sys.exit(1)
+
+ writer.write(generator.get_module(), fd)
+diff --exclude-from=exclude --exclude=sepolgen-1.0.14 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/audit2allow/audit2allow.1 policycoreutils-2.0.60/audit2allow/audit2allow.1
+--- nsapolicycoreutils/audit2allow/audit2allow.1 2008-11-10 08:53:49.000000000 -0500
++++ policycoreutils-2.0.60/audit2allow/audit2allow.1 2008-12-01 15:10:13.000000000 -0500
+@@ -44,9 +44,6 @@
+ Note that all audit messages are not available via dmesg when
+ auditd is running; use "ausearch -m avc | audit2allow" or "-a" instead.
+ .TP
+-.B "\-f" | "\-\-fcfile" <File Context File>
+-Add File Context File to generated Module Package. Requires -M option.
+-.TP
+ .B "\-h" | "\-\-help"
+ Print a short usage message
+ .TP
+diff --exclude-from=exclude --exclude=sepolgen-1.0.14 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/restorecond/restorecond.c policycoreutils-2.0.60/restorecond/restorecond.c
+--- nsapolicycoreutils/restorecond/restorecond.c 2008-08-28 09:34:24.000000000 -0400
++++ policycoreutils-2.0.60/restorecond/restorecond.c 2008-12-02 08:36:38.000000000 -0500
+@@ -283,6 +283,8 @@
+ inotify_rm_watch(fd, master_wd);
+ master_wd =
+ inotify_add_watch(fd, watch_file_path, IN_MOVED_FROM | IN_MODIFY);
++ if (master_wd == -1)
++ exitApp("Error watching config file.");
+ }
+
+ /*
+@@ -411,7 +413,14 @@
+
+ if (!ptr)
+ exitApp("Out of Memory");
++
+ ptr->wd = inotify_add_watch(fd, dir, IN_CREATE | IN_MOVED_TO);
++ if (ptr->wd == -1) {
++ free(ptr);
++ syslog(LOG_ERR, "Unable to watch (%s) %s\n",
++ path, strerror(errno));
++ return;
++ }
+
+ ptr->dir = strdup(dir);
+ if (!ptr->dir)
+diff --exclude-from=exclude --exclude=sepolgen-1.0.14 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/restorecond/utmpwatcher.c policycoreutils-2.0.60/restorecond/utmpwatcher.c
+--- nsapolicycoreutils/restorecond/utmpwatcher.c 2008-08-28 09:34:24.000000000 -0400
++++ policycoreutils-2.0.60/restorecond/utmpwatcher.c 2008-12-02 08:35:18.000000000 -0500
+@@ -57,7 +57,7 @@
+ utmp_ptr = NULL;
+ FILE *cfg = fopen(utmp_path, "r");
+ if (!cfg)
+- exitApp("Error reading config file.");
++ exitApp("Error reading utmp file.");
+
+ while (fread(&u, sizeof(struct utmp), 1, cfg) > 0) {
+ if (u.ut_type == USER_PROCESS)
+@@ -69,6 +69,9 @@
+
+ utmp_wd =
+ inotify_add_watch(inotify_fd, utmp_path, IN_MOVED_FROM | IN_MODIFY);
++ if (utmp_wd == -1)
++ exitApp("Error watching utmp file.");
++
+ if (prev_utmp_ptr) {
+ changed = strings_list_diff(prev_utmp_ptr, utmp_ptr);
+ strings_list_free(prev_utmp_ptr);
+diff --exclude-from=exclude --exclude=sepolgen-1.0.14 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/scripts/chcat policycoreutils-2.0.60/scripts/chcat
--- nsapolicycoreutils/scripts/chcat 2008-08-28 09:34:24.000000000 -0400
-+++ policycoreutils-2.0.58/scripts/chcat 2008-11-10 08:57:34.000000000 -0500
++++ policycoreutils-2.0.60/scripts/chcat 2008-12-01 11:47:09.000000000 -0500
@@ -291,6 +291,8 @@
for i in c.split(","):
if i not in newcats:
@@ -19,9 +118,9 @@
return newcats
def translate(cats):
-diff --exclude-from=exclude --exclude=sepolgen-1.0.13 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/semodule/semodule.c policycoreutils-2.0.58/semodule/semodule.c
+diff --exclude-from=exclude --exclude=sepolgen-1.0.14 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/semodule/semodule.c policycoreutils-2.0.60/semodule/semodule.c
--- nsapolicycoreutils/semodule/semodule.c 2008-08-28 09:34:24.000000000 -0400
-+++ policycoreutils-2.0.58/semodule/semodule.c 2008-11-10 08:57:34.000000000 -0500
++++ policycoreutils-2.0.60/semodule/semodule.c 2008-12-01 11:47:09.000000000 -0500
@@ -60,24 +60,6 @@
free(commands);
}
Index: policycoreutils.spec
===================================================================
RCS file: /cvs/extras/rpms/policycoreutils/devel/policycoreutils.spec,v
retrieving revision 1.574
retrieving revision 1.575
diff -u -r1.574 -r1.575
--- policycoreutils.spec 1 Dec 2008 16:49:50 -0000 1.574
+++ policycoreutils.spec 2 Dec 2008 13:37:45 -0000 1.575
@@ -6,7 +6,7 @@
Summary: SELinux policy core utilities
Name: policycoreutils
Version: 2.0.60
-Release: 1%{?dist}
+Release: 2%{?dist}
License: GPLv2+
Group: System Environment/Base
Source: http://www.nsa.gov/selinux/archives/policycoreutils-%{version}.tgz
@@ -192,6 +192,9 @@
fi
%changelog
+* Tue Dec 2 2008 Dan Walsh <dwalsh at redhat.com> 2.0.60-2
+- Fix error checking in restorecond, for inotify_add_watch
+
* Mon Dec 1 2008 Dan Walsh <dwalsh at redhat.com> 2.0.60-1
- Update to upstream
* semanage: use semanage_mls_enabled() from Stephen Smalley.
More information about the fedora-extras-commits
mailing list