rpms/policycoreutils/devel .cvsignore, 1.171, 1.172 policycoreutils-rhat.patch, 1.353, 1.354 policycoreutils.spec, 1.502, 1.503 sources, 1.176, 1.177
Daniel J Walsh (dwalsh)
fedora-extras-commits at redhat.com
Thu Jan 24 19:45:41 UTC 2008
Author: dwalsh
Update of /cvs/extras/rpms/policycoreutils/devel
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv9998
Modified Files:
.cvsignore policycoreutils-rhat.patch policycoreutils.spec
sources
Log Message:
* Thu Jan 24 2008 Dan Walsh <dwalsh at redhat.com> 2.0.38-1
- Update to upstream
* Merged audit2allow cleanups and boolean descriptions from Dan Walsh.
* Merged setfiles -0 support by Benny Amorsen via Dan Walsh.
* Merged fixfiles fixes and support for ext4 and gfs2 from Dan Walsh.
Index: .cvsignore
===================================================================
RCS file: /cvs/extras/rpms/policycoreutils/devel/.cvsignore,v
retrieving revision 1.171
retrieving revision 1.172
diff -u -r1.171 -r1.172
--- .cvsignore 23 Jan 2008 22:11:23 -0000 1.171
+++ .cvsignore 24 Jan 2008 19:45:03 -0000 1.172
@@ -170,3 +170,4 @@
policycoreutils-2.0.36.tgz
policycoreutils-2.0.37.tgz
sepolgen-1.0.11.tgz
+policycoreutils-2.0.38.tgz
policycoreutils-rhat.patch:
Index: policycoreutils-rhat.patch
===================================================================
RCS file: /cvs/extras/rpms/policycoreutils/devel/policycoreutils-rhat.patch,v
retrieving revision 1.353
retrieving revision 1.354
diff -u -r1.353 -r1.354
--- policycoreutils-rhat.patch 23 Jan 2008 22:18:29 -0000 1.353
+++ policycoreutils-rhat.patch 24 Jan 2008 19:45:03 -0000 1.354
@@ -1,72 +1,3 @@
-diff --exclude-from=exclude --exclude=sepolgen-1.0.11 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/audit2allow/audit2allow policycoreutils-2.0.37/audit2allow/audit2allow
---- nsapolicycoreutils/audit2allow/audit2allow 2008-01-23 16:47:07.000000000 -0500
-+++ policycoreutils-2.0.37/audit2allow/audit2allow 2008-01-23 17:15:21.000000000 -0500
-@@ -19,7 +19,6 @@
- #
-
- import sys
--import tempfile
-
- import sepolgen.audit as audit
- import sepolgen.policygen as policygen
-@@ -153,9 +152,9 @@
-
- def __process_input(self):
- if self.__options.type:
-- filter = audit.TypeFilter(self.__options.type)
-- self.__avs = self.__parser.to_access(filter)
-- self.__selinux_errs = self.__parser.to_role(filter)
-+ avcfilter = audit.TypeFilter(self.__options.type)
-+ self.__avs = self.__parser.to_access(avcfilter)
-+ self.__selinux_errs = self.__parser.to_role(avcfilter)
- else:
- self.__avs = self.__parser.to_access()
- self.__selinux_errs = self.__parser.to_role()
-@@ -221,13 +220,14 @@
- def __output_audit2why(self):
- import selinux
- import selinux.audit2why as audit2why
-+ import seobject
- audit2why.init("%s.%s" % (selinux.selinux_binary_policy_path(), selinux.security_policyvers()))
- for i in self.__parser.avc_msgs:
- rc, bools = audit2why.analyze(i.scontext.to_string(), i.tcontext.to_string(), i.tclass, i.accesses)
- if rc >= 0:
- print "%s\n\tWas caused by:" % i.message
- if rc == audit2why.NOPOLICY:
-- raise "Must call policy_init first"
-+ raise RuntimeError("Must call policy_init first")
- if rc == audit2why.BADTCON:
- print "Invalid Target Context %s\n" % i.tcontext
- continue
-@@ -241,7 +241,7 @@
- print "Invalid permission %s\n" % i.accesses
- continue
- if rc == audit2why. BADCOMPUTE:
-- raise "Error during access vector computation"
-+ raise RuntimeError("Error during access vector computation")
- if rc == audit2why.ALLOW:
- print "\t\tUnknown - would be allowed by active policy\n",
- print "\t\tPossible mismatch between this policy and the one under which the audit message was generated.\n"
-@@ -251,12 +251,14 @@
- if len(bools) > 1:
- print "\tOne of the following booleans was set incorrectly."
- for b in bools:
-- print "\n\tBoolean %s is %d. Allow access by executing:" % (b[0], not b[1])
-- print "\t# setsebool -P %s %d" % (b[0], b[1])
-+ print "\n\tBoolean %s is %d." % (b[0], not b[1])
-+ print "\tDescription:\n\t%s\n" % seobject.boolean_desc(b[0])
-+ print "\tAllow access by executing:\n\t# setsebool -P %s %d" % (b[0], b[1])
- else:
-- print "\tThe boolean %s was set incorrectly. Allow access by executing:" % bools[0][0]
-- print "\t# setsebool -P %s %d\n" % (bools[0][0], bools[0][1])
--
-+ print "\tThe boolean %s set incorrectly. " % (bools[0][0])
-+ print "\n\tBoolean %s is %d." % (bools[0][0], bools[0][1])
-+ print "\tDescription:\n\t%s\n" % seobject.boolean_desc(bools[0][0])
-+ print "\tAllow access by executing:\n\t# setsebool -P %s %d" % (bools[0][0], bools[0][1])
- continue
-
- if rc == audit2why.TERULE:
diff --exclude-from=exclude --exclude=sepolgen-1.0.11 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/Makefile policycoreutils-2.0.37/Makefile
--- nsapolicycoreutils/Makefile 2007-12-19 06:02:52.000000000 -0500
+++ policycoreutils-2.0.37/Makefile 2008-01-23 17:13:45.000000000 -0500
@@ -105,59 +36,6 @@
}
free(scontext);
close(fd);
-diff --exclude-from=exclude --exclude=sepolgen-1.0.11 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/scripts/fixfiles policycoreutils-2.0.37/scripts/fixfiles
---- nsapolicycoreutils/scripts/fixfiles 2008-01-23 14:36:28.000000000 -0500
-+++ policycoreutils-2.0.37/scripts/fixfiles 2008-01-23 17:13:45.000000000 -0500
-@@ -36,8 +36,8 @@
- LOGGER=/usr/sbin/logger
- SETFILES=/sbin/setfiles
- RESTORECON=/sbin/restorecon
--FILESYSTEMSRW=`mount | grep -v "context=" | egrep -v '\((|.*,)bind(,.*|)\)' | awk '/(ext[23]| xfs | jfs ).*\(rw/{print $3}';`
--FILESYSTEMSRO=`mount | grep -v "context=" | egrep -v '\((|.*,)bind(,.*|)\)' | awk '/(ext[23]| xfs | jfs ).*\(ro/{print $3}';`
-+FILESYSTEMSRW=`mount | grep -v "context=" | egrep -v '\((|.*,)bind(,.*|)\)' | awk '/(ext[234]| ext4dev | gfs2 | xfs | jfs ).*\(rw/{print $3}';`
-+FILESYSTEMSRO=`mount | grep -v "context=" | egrep -v '\((|.*,)bind(,.*|)\)' | awk '/(ext[234]| ext4dev | gfs2 | xfs | jfs ).*\(ro/{print $3}';`
- FILESYSTEMS="$FILESYSTEMSRW $FILESYSTEMSRO"
- SELINUXTYPE="targeted"
- if [ -e /etc/selinux/config ]; then
-@@ -88,11 +88,11 @@
- esac; \
- fi; \
- done | \
-- while read pattern ; do sh -c "find $pattern" \
-- ! \( -fstype ext2 -o -fstype ext3 -o -fstype jfs -o -fstype xfs \) -prune -o \
-- \( -wholename /home -o -wholename /root -o -wholename /tmp -wholename /dev \) -prune -o -print; \
-+ while read pattern ; do sh -c "find $pattern \
-+ ! \( -fstype ext2 -o -fstype ext3 -o -fstype ext4 -o -fstype ext4dev -o -fstype gfs2 -o -fstype jfs -o -fstype xfs \) -prune -o \
-+ \( -wholename /home -o -wholename /root -o -wholename /tmp -wholename /dev \) -prune -o -print0"; \
- done 2> /dev/null | \
-- ${RESTORECON} $2 -f -
-+ ${RESTORECON} $2 -0 -f -
- rm -f ${TEMPFILE} ${PREFCTEMPFILE}
- fi
- }
-@@ -129,8 +129,8 @@
- if [ ! -z "$FILEPATH" ]; then
- if [ -x /usr/bin/find ]; then
- /usr/bin/find "$FILEPATH" \
-- ! \( -fstype ext2 -o -fstype ext3 -o -fstype jfs -o -fstype xfs \) -prune -o -print | \
-- ${RESTORECON} ${OUTFILES} ${FORCEFLAG} $* -f - 2>&1 >> $LOGFILE
-+ ! \( -fstype ext2 -o -fstype ext3 -o -fstype ext4 -o -fstype ext4dev -o -fstype gfs2 -o -fstype jfs -o -fstype xfs \) -prune -o -print0 | \
-+ ${RESTORECON} ${OUTFILES} ${FORCEFLAG} $* -0 -f - 2>&1 >> $LOGFILE
- else
- ${RESTORECON} ${OUTFILES} ${FORCEFLAG} -R $* $FILEPATH 2>&1 >> $LOGFILE
- fi
-diff --exclude-from=exclude --exclude=sepolgen-1.0.11 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/scripts/fixfiles.8 policycoreutils-2.0.37/scripts/fixfiles.8
---- nsapolicycoreutils/scripts/fixfiles.8 2007-07-16 14:20:41.000000000 -0400
-+++ policycoreutils-2.0.37/scripts/fixfiles.8 2008-01-23 17:13:45.000000000 -0500
-@@ -35,7 +35,7 @@
-
- .TP
- .B -f
--Don't prompt for removal of /tmp directory.
-+Clear /tmp directory with out prompt for removal.
-
- .TP
- .B -R rpmpackagename[,rpmpackagename...]
diff --exclude-from=exclude --exclude=sepolgen-1.0.11 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/semanage/semanage policycoreutils-2.0.37/semanage/semanage
--- nsapolicycoreutils/semanage/semanage 2008-01-23 14:36:28.000000000 -0500
+++ policycoreutils-2.0.37/semanage/semanage 2008-01-23 17:13:45.000000000 -0500
@@ -209,102 +87,3 @@
if object == "login":
OBJECT = seobject.loginRecords(store)
-diff --exclude-from=exclude --exclude=sepolgen-1.0.11 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/semanage/seobject.py policycoreutils-2.0.37/semanage/seobject.py
---- nsapolicycoreutils/semanage/seobject.py 2007-12-10 21:42:27.000000000 -0500
-+++ policycoreutils-2.0.37/semanage/seobject.py 2008-01-23 17:13:45.000000000 -0500
-@@ -117,6 +117,12 @@
- #print _("Failed to translate booleans.\n%s") % e
- pass
-
-+def boolean_desc(boolean):
-+ if boolean in booleans_dict:
-+ return _(booleans_dict[boolean][2])
-+ else:
-+ return boolean
-+
- def validate_level(raw):
- sensitivity = "s[0-9]*"
- category = "c[0-9]*"
-@@ -1456,10 +1462,7 @@
- return ddict
-
- def get_desc(self, boolean):
-- if boolean in booleans_dict:
-- return _(booleans_dict[boolean][2])
-- else:
-- return boolean
-+ return boolean_desc(boolean)
-
- def get_category(self, boolean):
- if boolean in booleans_dict:
-diff --exclude-from=exclude --exclude=sepolgen-1.0.11 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/setfiles/setfiles.8 policycoreutils-2.0.37/setfiles/setfiles.8
---- nsapolicycoreutils/setfiles/setfiles.8 2007-07-16 14:20:43.000000000 -0400
-+++ policycoreutils-2.0.37/setfiles/setfiles.8 2008-01-23 17:13:45.000000000 -0500
-@@ -59,6 +59,9 @@
- .TP
- .B \-W
- display warnings about entries that had no matching files.
-+.TP
-+.B \-0
-+Input items are terminated by a null character instead of by whitespace, and the quotes and backslash are not special (every character is taken literally). Disables the end of file string, which is treated like any other argument. Useful when input items might contain white space, quote marks, or backslashes.The GNU find -print0 option produces input suitable for this mode.
-
- .SH "ARGUMENTS"
- .B spec_file
-diff --exclude-from=exclude --exclude=sepolgen-1.0.11 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/setfiles/setfiles.c policycoreutils-2.0.37/setfiles/setfiles.c
---- nsapolicycoreutils/setfiles/setfiles.c 2008-01-11 10:52:37.000000000 -0500
-+++ policycoreutils-2.0.37/setfiles/setfiles.c 2008-01-23 17:13:45.000000000 -0500
-@@ -55,6 +55,7 @@
- static int verbose = 0;
- static int logging = 0;
- static int warn_no_match = 0;
-+static int null_terminated = 0;
- static char *rootpath = NULL;
- static int rootpathlen = 0;
- static int recurse; /* Recursive descent. */
-@@ -384,7 +385,7 @@
- {
- if (iamrestorecon) {
- fprintf(stderr,
-- "usage: %s [-iFnrRv] [-e excludedir ] [-o filename ] [-f filename | pathname... ]\n",
-+ "usage: %s [-iFnrRv0] [-e excludedir ] [-o filename ] [-f filename | pathname... ]\n",
- name);
- } else {
- fprintf(stderr,
-@@ -805,7 +806,7 @@
- }
-
- /* Process any options. */
-- while ((opt = getopt(argc, argv, "c:de:f:ilnpqrsvo:FRW")) > 0) {
-+ while ((opt = getopt(argc, argv, "c:de:f:ilnpqrsvo:FRW0")) > 0) {
- switch (opt) {
- case 'c':
- {
-@@ -927,6 +928,9 @@
- case 'W':
- warn_no_match = 1;
- break;
-+ case '0':
-+ null_terminated = 1;
-+ break;
- case '?':
- usage(argv[0]);
- }
-@@ -983,6 +987,7 @@
- if (use_input_file) {
- FILE *f = stdin;
- ssize_t len;
-+ int delim;
- if (strcmp(input_filename, "-") != 0)
- f = fopen(input_filename, "r");
- if (f == NULL) {
-@@ -991,7 +996,9 @@
- usage(argv[0]);
- }
- __fsetlocking(f, FSETLOCKING_BYCALLER);
-- while ((len = getline(&buf, &buf_len, f)) > 0) {
-+
-+ delim = (null_terminated != 0) ? '\0' : '\n';
-+ while ((len = getdelim(&buf, &buf_len, delim, f)) > 0) {
- buf[len - 1] = 0;
- errors |= process_one(buf);
- }
Index: policycoreutils.spec
===================================================================
RCS file: /cvs/extras/rpms/policycoreutils/devel/policycoreutils.spec,v
retrieving revision 1.502
retrieving revision 1.503
diff -u -r1.502 -r1.503
--- policycoreutils.spec 23 Jan 2008 22:11:23 -0000 1.502
+++ policycoreutils.spec 24 Jan 2008 19:45:03 -0000 1.503
@@ -5,7 +5,7 @@
%define sepolgenver 1.0.11
Summary: SELinux policy core utilities
Name: policycoreutils
-Version: 2.0.37
+Version: 2.0.38
Release: 1%{?dist}
License: GPLv2+
Group: System Environment/Base
@@ -193,6 +193,12 @@
fi
%changelog
+* Thu Jan 24 2008 Dan Walsh <dwalsh at redhat.com> 2.0.38-1
+- Update to upstream
+ * Merged audit2allow cleanups and boolean descriptions from Dan Walsh.
+ * Merged setfiles -0 support by Benny Amorsen via Dan Walsh.
+ * Merged fixfiles fixes and support for ext4 and gfs2 from Dan Walsh.
+
* Wed Jan 23 2008 Dan Walsh <dwalsh at redhat.com> 2.0.37-1
- Update to upstream
* Merged replacement for audit2why from Dan Walsh.
Index: sources
===================================================================
RCS file: /cvs/extras/rpms/policycoreutils/devel/sources,v
retrieving revision 1.176
retrieving revision 1.177
diff -u -r1.176 -r1.177
--- sources 23 Jan 2008 22:11:23 -0000 1.176
+++ sources 24 Jan 2008 19:45:03 -0000 1.177
@@ -1,2 +1,2 @@
-f450ab5a14db31051869cc22a4e532a3 policycoreutils-2.0.37.tgz
3fed5cd04ee67c0f86e3cc6825261819 sepolgen-1.0.11.tgz
+221516276ea4930b6c88689c00210e10 policycoreutils-2.0.38.tgz
More information about the fedora-extras-commits
mailing list