rpms/bind/devel bind-chroot-admin.in, 1.28, 1.29 bind.spec, 1.244, 1.245 named.init, 1.65, 1.66

Fri Feb 8 10:23:35 UTC 2008

Author: atkac

Update of /cvs/pkgs/rpms/bind/devel
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv27035

Modified Files:
	bind-chroot-admin.in bind.spec named.init 
Log Message:
- reverted patch for #400461 (not correct)
- fixed wrong %{chroot}/dev/* labelling during fresh system installation
  (#431202)



Index: bind-chroot-admin.in
===================================================================
RCS file: /cvs/pkgs/rpms/bind/devel/bind-chroot-admin.in,v
retrieving revision 1.28
retrieving revision 1.29
diff -u -r1.28 -r1.29

--- bind-chroot-admin.in	4 Dec 2007 13:44:21 -0000	1.28
+++ bind-chroot-admin.in	8 Feb 2008 10:23:00 -0000	1.29
@@ -97,11 +97,6 @@
     [ ! -e "${BIND_CHROOT_PREFIX}/etc/localtime" ] &&  [ -e /etc/localtime ] && /bin/cp -fp /etc/localtime "${BIND_CHROOT_PREFIX}/etc/localtime";
     /bin/chown --preserve-root root:named "${BIND_CHROOT_PREFIX}"/dev/{random,null,zero};
     /bin/chmod --preserve-root 660 "${BIND_CHROOT_PREFIX}"/dev/{random,null,zero};
-    if selinux_enabled && [ -x /sbin/restorecon ]; then       
-       for dev in random zero null; do
-	   /sbin/restorecon ${BIND_CHROOT_PREFIX}/dev/$dev;
-       done
-    fi;
 }
 
 check_dirs;
@@ -264,7 +259,8 @@
     chmod 770 ${pfx}/var/named/{data/*/.,slaves/*/.,dynamic/*/.} >/dev/null 2>&1;
     if [ -e $changed ]; then
 	if selinux_enabled && [ -x /sbin/restorecon ]; then
-	   /sbin/restorecon -R ${BIND_CHROOT_PREFIX}/{dev,etc,var} >/dev/null 2>&1;
+# XXX Do not restorecon ${chroot}/dev/*, done in initscript (#431202)
+	   /sbin/restorecon -R ${BIND_CHROOT_PREFIX}/{etc,var} >/dev/null 2>&1;
 	   /sbin/restorecon /etc/named.*    >/dev/null 2>&1;
 	   /sbin/restorecon /etc/rndc.key   >/dev/null 2>&1;
 	   /sbin/restorecon /etc/rndc.conf  >/dev/null 2>&1;


Index: bind.spec
===================================================================
RCS file: /cvs/pkgs/rpms/bind/devel/bind.spec,v
retrieving revision 1.244
retrieving revision 1.245
diff -u -r1.244 -r1.245
--- bind.spec	4 Feb 2008 13:10:39 -0000	1.244
+++ bind.spec	8 Feb 2008 10:23:00 -0000	1.245
@@ -20,7 +20,7 @@
 Name: 		bind
 License: 	ISC
 Version: 	9.5.0
-Release: 	25.%{RELEASEVER}%{?dist}
+Release: 	25.1.%{RELEASEVER}%{?dist}
 Epoch:   	32
 Url: 		http://www.isc.org/products/BIND/
 Buildroot:	%{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
@@ -253,7 +253,7 @@
 %patch85 -p1 -b .libidn3
 %patch86 -p0 -b .CVE-2008-0122
 %patch87 -p1 -b .parallel
-%patch88 -p1 -b .transfer-segv
+#%patch88 -p1 -b .transfer-segv
 :;
 
 
@@ -654,6 +654,11 @@
 %{_sbindir}/bind-chroot-admin
 
 %changelog
+* Fri Feb 08 2008 Adam Tkac <atkac redhat com> 32:9.5.0-25.1.b1
+- reverted patch for #400461 (not correct)
+- fixed wrong %{chroot}/dev/* labelling during fresh system installation
+  (#431202)
+
 * Mon Feb 04 2008 Adam Tkac <atkac redhat com> 32:9.5.0-25.b1
 - fixed segfault during sending notifies (#400461)
 - rebuild with gcc 4.3 series


Index: named.init
===================================================================
RCS file: /cvs/pkgs/rpms/bind/devel/named.init,v
retrieving revision 1.65
retrieving revision 1.66
diff -u -r1.65 -r1.66
--- named.init	27 Dec 2007 14:47:47 -0000	1.65
+++ named.init	8 Feb 2008 10:23:01 -0000	1.66
@@ -81,6 +81,13 @@
 
   ckcf_options='-z'; # enable named-checkzone for each zone (9.3.1+) !
   if [ -n "${ROOTDIR}" -a "x${ROOTDIR}" != "x/" ]; then
+# XXX There's no way how label devs correctly during installation because
+#     bind-chroot is installed before selinux-policy-targeted (#431202)
+    if [ -x /usr/sbin/selinuxenabled ] && /usr/sbin/selinuxenabled && [ -x /sbin/restorecon ]; then
+       for dev in random zero null; do
+           /sbin/restorecon ${ROOTDIR}/dev/$dev;
+       done
+    fi;
     OPTIONS="${OPTIONS} -t ${ROOTDIR}"
     ckcf_options="$ckcf_options -t ${ROOTDIR}";
     [ -s /etc/localtime ] && cp -fp /etc/localtime ${ROOTDIR}/etc/localtime;


