rpms/policycoreutils/F-8 policycoreutils-rhat.patch, 1.339, 1.340 policycoreutils.spec, 1.485, 1.486 sources, 1.173, 1.174
Daniel J Walsh (dwalsh)
fedora-extras-commits at redhat.com
Thu May 22 18:39:31 UTC 2008
Author: dwalsh
Update of /cvs/extras/rpms/policycoreutils/F-8
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv4973
Modified Files:
policycoreutils-rhat.patch policycoreutils.spec sources
Log Message:
* Thu May 22 2008 Dan Walsh <dwalsh at redhat.com> 2.0.34-8
- Stop verifying prefix, so livecd will work
policycoreutils-rhat.patch:
Index: policycoreutils-rhat.patch
===================================================================
RCS file: /cvs/extras/rpms/policycoreutils/F-8/policycoreutils-rhat.patch,v
retrieving revision 1.339
retrieving revision 1.340
diff -u -r1.339 -r1.340
--- policycoreutils-rhat.patch 8 Jan 2008 20:00:49 -0000 1.339
+++ policycoreutils-rhat.patch 22 May 2008 18:38:47 -0000 1.340
@@ -1,6 +1,15 @@
-diff --exclude-from=exclude --exclude=sepolgen-1.0.10 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/audit2allow/audit2allow policycoreutils-2.0.34/audit2allow/audit2allow
---- nsapolicycoreutils/audit2allow/audit2allow 2007-07-16 14:20:41.000000000 -0400
-+++ policycoreutils-2.0.34/audit2allow/audit2allow 2007-12-31 14:22:40.000000000 -0500
+diff --exclude-from=exclude --exclude=sepolgen-1.0.11 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/Makefile policycoreutils-2.0.34/Makefile
+--- nsapolicycoreutils/Makefile 2007-12-19 06:02:55.000000000 -0500
++++ policycoreutils-2.0.34/Makefile 2008-05-22 14:10:16.690521000 -0400
+@@ -1,4 +1,4 @@
+-SUBDIRS = setfiles semanage load_policy newrole run_init secon audit2allow audit2why scripts sestatus semodule_package semodule semodule_link semodule_expand semodule_deps setsebool po
++SUBDIRS = setfiles semanage load_policy newrole run_init secon audit2allow audit2why scripts sestatus semodule_package semodule semodule_link semodule_expand semodule_deps setsebool po gui
+
+ INOTIFYH = $(shell ls /usr/include/sys/inotify.h 2>/dev/null)
+
+diff --exclude-from=exclude --exclude=sepolgen-1.0.11 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/audit2allow/audit2allow policycoreutils-2.0.34/audit2allow/audit2allow
+--- nsapolicycoreutils/audit2allow/audit2allow 2007-12-19 06:02:55.000000000 -0500
++++ policycoreutils-2.0.34/audit2allow/audit2allow 2008-05-22 14:10:16.634577000 -0400
@@ -60,7 +60,9 @@
parser.add_option("-o", "--output", dest="output",
help="append output to <filename>, conflicts with -M")
@@ -38,9 +47,9 @@
def main(self):
try:
self.__parse_options()
-diff --exclude-from=exclude --exclude=sepolgen-1.0.10 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/audit2allow/audit2allow.1 policycoreutils-2.0.34/audit2allow/audit2allow.1
---- nsapolicycoreutils/audit2allow/audit2allow.1 2007-07-16 14:20:41.000000000 -0400
-+++ policycoreutils-2.0.34/audit2allow/audit2allow.1 2007-12-19 06:05:50.000000000 -0500
+diff --exclude-from=exclude --exclude=sepolgen-1.0.11 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/audit2allow/audit2allow.1 policycoreutils-2.0.34/audit2allow/audit2allow.1
+--- nsapolicycoreutils/audit2allow/audit2allow.1 2007-12-19 06:02:55.000000000 -0500
++++ policycoreutils-2.0.34/audit2allow/audit2allow.1 2008-05-22 14:10:16.639572000 -0400
@@ -65,8 +65,11 @@
.B "\-r" | "\-\-requires"
Generate require output syntax for loadable modules.
@@ -54,9 +63,9 @@
.TP
.B "\-t " | "\-\-tefile"
Indicates input file is a te (type enforcement) file. This can be used to translate old te format to new policy format.
-diff --exclude-from=exclude --exclude=sepolgen-1.0.10 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/audit2allow/sepolgen-ifgen policycoreutils-2.0.34/audit2allow/sepolgen-ifgen
---- nsapolicycoreutils/audit2allow/sepolgen-ifgen 2007-07-16 14:20:41.000000000 -0400
-+++ policycoreutils-2.0.34/audit2allow/sepolgen-ifgen 2007-12-20 14:19:50.000000000 -0500
+diff --exclude-from=exclude --exclude=sepolgen-1.0.11 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/audit2allow/sepolgen-ifgen policycoreutils-2.0.34/audit2allow/sepolgen-ifgen
+--- nsapolicycoreutils/audit2allow/sepolgen-ifgen 2007-12-19 06:02:55.000000000 -0500
++++ policycoreutils-2.0.34/audit2allow/sepolgen-ifgen 2008-05-22 14:10:16.644567000 -0400
@@ -80,7 +80,10 @@
if_set.to_file(f)
f.close()
@@ -69,10 +78,70 @@
if __name__ == "__main__":
sys.exit(main())
-Binary files nsapolicycoreutils/audit2why/audit2why and policycoreutils-2.0.34/audit2why/audit2why differ
-diff --exclude-from=exclude --exclude=sepolgen-1.0.10 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/audit2why/audit2why.c policycoreutils-2.0.34/audit2why/audit2why.c
---- nsapolicycoreutils/audit2why/audit2why.c 2007-07-16 14:20:41.000000000 -0400
-+++ policycoreutils-2.0.34/audit2why/audit2why.c 2008-01-05 08:19:56.000000000 -0500
+diff --exclude-from=exclude --exclude=sepolgen-1.0.11 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/audit2why/Makefile policycoreutils-2.0.34/audit2why/Makefile
+--- nsapolicycoreutils/audit2why/Makefile 2007-12-19 06:02:55.000000000 -0500
++++ policycoreutils-2.0.34/audit2why/Makefile 2008-05-22 14:10:16.677534000 -0400
+@@ -5,7 +5,18 @@
+ MANDIR ?= $(PREFIX)/share/man
+ LOCALEDIR ?= /usr/share/locale
+ INCLUDEDIR ?= ${PREFIX}/include
+-
++PYLIBVER ?= $(shell python -c 'import sys;print "python%d.%d" % sys.version_info[0:2]')
++PYINC ?= /usr/include/$(PYLIBVER)
++PYLIB ?= /usr/lib/$(PYLIBVER)
++PYTHONLIBDIR ?= $(LIBDIR)/$(PYLIBVER)
++
++SWIGIF= audit2whyswig.i
++SWIGCOUT= audit2whyswig_wrap.c
++SWIGLOBJ:= $(patsubst %.c,%.lo,$(SWIGCOUT))
++SWIGSO=_audit2why.so
++SWIGFILES=$(SWIGSO) audit2why.py
++SWIG = swig -Wall -python -o $(SWIGCOUT) -outdir ./
++GENERATED=$(SWIGCOUT)
+
+ CFLAGS ?= -Werror -Wall -W
+ override CFLAGS += -I$(INCLUDEDIR)
+@@ -15,14 +26,36 @@
+
+ all: $(TARGETS)
+
++pywrap: all $(SWIGSO)
++
++#audit2why.o: audit2why.c
++# $(CC) $(CFLAG) -I$(PYINC) -fPIC -DSHARED -c -o $@ $<
++
++$(SWIGLOBJ): $(SWIGCOUT)
++ $(CC) $(CFLAG) -I$(PYINC) -fPIC -DSHARED -c -o $@ $<
++
++$(SWIGSO): $(SWIGLOBJ) audit2why.o
++ $(CC) $(CFLAGS) $(LDFLAGS) -shared -o $@ $< audit2why.o -L. $(LDLIBS) -Wl,-soname,$@
++
++$(SWIGCOUT): $(SWIGIF)
++ $(SWIG) $^
++
++swigify: $(SWIGIF)
++ $(SWIG) $^
++
+ install: all
+ -mkdir -p $(BINDIR)
+ install -m 755 $(TARGETS) $(BINDIR)
+ -mkdir -p $(MANDIR)/man8
+ install -m 644 audit2why.8 $(MANDIR)/man8/
+
++install-pywrap: pywrap
++ test -d $(PYTHONLIBDIR)/site-packages || install -m 755 -d $(PYTHONLIBDIR)/site-packages
++ install -m 755 $(SWIGSO) $(PYTHONLIBDIR)/site-packages
++ install -m 644 audit2why.py $(PYTHONLIBDIR)/site-packages
++
+ clean:
+- -rm -f $(TARGETS) *.o
++ -rm -f $(TARGETS) *.o $(SWIGLOBJ) $(SWIGSO)
+
+ indent:
+ ../../scripts/Lindent $(wildcard *.[ch])
+diff --exclude-from=exclude --exclude=sepolgen-1.0.11 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/audit2why/audit2why.c policycoreutils-2.0.34/audit2why/audit2why.c
+--- nsapolicycoreutils/audit2why/audit2why.c 2007-12-19 06:02:55.000000000 -0500
++++ policycoreutils-2.0.34/audit2why/audit2why.c 2008-05-22 14:10:16.649562000 -0400
@@ -9,71 +9,252 @@
#include <sepol/sepol.h>
#include <sepol/policydb/services.h>
@@ -757,9 +826,9 @@
+
exit(0);
}
-diff --exclude-from=exclude --exclude=sepolgen-1.0.10 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/audit2why/audit2why.h policycoreutils-2.0.34/audit2why/audit2why.h
+diff --exclude-from=exclude --exclude=sepolgen-1.0.11 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/audit2why/audit2why.h policycoreutils-2.0.34/audit2why/audit2why.h
--- nsapolicycoreutils/audit2why/audit2why.h 1969-12-31 19:00:00.000000000 -0500
-+++ policycoreutils-2.0.34/audit2why/audit2why.h 2008-01-05 08:19:32.000000000 -0500
++++ policycoreutils-2.0.34/audit2why/audit2why.h 2008-05-22 14:10:16.655556000 -0400
@@ -0,0 +1,21 @@
+#include <selinux/selinux.h>
+#define BADSCON -1
@@ -782,10 +851,9 @@
+extern void policy_finish(void);
+extern int policy_init(const char *init_path);
+extern int audit2why(const security_context_t scon, const security_context_t tcon, char *tclassstr, char *permstr, struct boolean_t **bools);
-Binary files nsapolicycoreutils/audit2why/audit2why.o and policycoreutils-2.0.34/audit2why/audit2why.o differ
-diff --exclude-from=exclude --exclude=sepolgen-1.0.10 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/audit2why/audit2why.py policycoreutils-2.0.34/audit2why/audit2why.py
+diff --exclude-from=exclude --exclude=sepolgen-1.0.11 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/audit2why/audit2why.py policycoreutils-2.0.34/audit2why/audit2why.py
--- nsapolicycoreutils/audit2why/audit2why.py 1969-12-31 19:00:00.000000000 -0500
-+++ policycoreutils-2.0.34/audit2why/audit2why.py 2008-01-05 08:15:10.000000000 -0500
++++ policycoreutils-2.0.34/audit2why/audit2why.py 2008-05-22 14:10:16.659552000 -0400
@@ -0,0 +1,87 @@
+# This file was automatically generated by SWIG (http://www.swig.org).
+# Version 1.3.33
@@ -874,10 +942,9 @@
+audit2why = _audit2why.audit2why
+
+
-Binary files nsapolicycoreutils/audit2why/_audit2why.so and policycoreutils-2.0.34/audit2why/_audit2why.so differ
-diff --exclude-from=exclude --exclude=sepolgen-1.0.10 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/audit2why/audit2whyswig.i policycoreutils-2.0.34/audit2why/audit2whyswig.i
+diff --exclude-from=exclude --exclude=sepolgen-1.0.11 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/audit2why/audit2whyswig.i policycoreutils-2.0.34/audit2why/audit2whyswig.i
--- nsapolicycoreutils/audit2why/audit2whyswig.i 1969-12-31 19:00:00.000000000 -0500
-+++ policycoreutils-2.0.34/audit2why/audit2whyswig.i 2008-01-08 05:24:42.000000000 -0500
++++ policycoreutils-2.0.34/audit2why/audit2whyswig.i 2008-05-22 14:10:16.663548000 -0400
@@ -0,0 +1,86 @@
+/* Author: James Athey
+ */
@@ -965,9 +1032,9 @@
+}
+%include "audit2why.h"
+
-diff --exclude-from=exclude --exclude=sepolgen-1.0.10 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/audit2why/audit2whyswig_wrap.c policycoreutils-2.0.34/audit2why/audit2whyswig_wrap.c
+diff --exclude-from=exclude --exclude=sepolgen-1.0.11 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/audit2why/audit2whyswig_wrap.c policycoreutils-2.0.34/audit2why/audit2whyswig_wrap.c
--- nsapolicycoreutils/audit2why/audit2whyswig_wrap.c 1969-12-31 19:00:00.000000000 -0500
-+++ policycoreutils-2.0.34/audit2why/audit2whyswig_wrap.c 2008-01-05 08:15:11.000000000 -0500
++++ policycoreutils-2.0.34/audit2why/audit2whyswig_wrap.c 2008-05-22 14:10:16.673539000 -0400
@@ -0,0 +1,3583 @@
+/* ----------------------------------------------------------------------------
+ * This file was automatically generated by SWIG (http://www.swig.org).
@@ -4552,80 +4619,9 @@
+ SWIG_Python_SetConstant(d, "RBAC",SWIG_From_int((int)(4)));
+}
+
-Binary files nsapolicycoreutils/audit2why/audit2whyswig_wrap.lo and policycoreutils-2.0.34/audit2why/audit2whyswig_wrap.lo differ
-diff --exclude-from=exclude --exclude=sepolgen-1.0.10 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/audit2why/Makefile policycoreutils-2.0.34/audit2why/Makefile
---- nsapolicycoreutils/audit2why/Makefile 2007-07-16 14:20:41.000000000 -0400
-+++ policycoreutils-2.0.34/audit2why/Makefile 2008-01-05 07:59:15.000000000 -0500
-@@ -5,7 +5,18 @@
- MANDIR ?= $(PREFIX)/share/man
- LOCALEDIR ?= /usr/share/locale
- INCLUDEDIR ?= ${PREFIX}/include
--
-+PYLIBVER ?= $(shell python -c 'import sys;print "python%d.%d" % sys.version_info[0:2]')
-+PYINC ?= /usr/include/$(PYLIBVER)
-+PYLIB ?= /usr/lib/$(PYLIBVER)
-+PYTHONLIBDIR ?= $(LIBDIR)/$(PYLIBVER)
-+
-+SWIGIF= audit2whyswig.i
-+SWIGCOUT= audit2whyswig_wrap.c
-+SWIGLOBJ:= $(patsubst %.c,%.lo,$(SWIGCOUT))
-+SWIGSO=_audit2why.so
-+SWIGFILES=$(SWIGSO) audit2why.py
-+SWIG = swig -Wall -python -o $(SWIGCOUT) -outdir ./
-+GENERATED=$(SWIGCOUT)
-
- CFLAGS ?= -Werror -Wall -W
- override CFLAGS += -I$(INCLUDEDIR)
-@@ -15,14 +26,36 @@
-
- all: $(TARGETS)
-
-+pywrap: all $(SWIGSO)
-+
-+#audit2why.o: audit2why.c
-+# $(CC) $(CFLAG) -I$(PYINC) -fPIC -DSHARED -c -o $@ $<
-+
-+$(SWIGLOBJ): $(SWIGCOUT)
-+ $(CC) $(CFLAG) -I$(PYINC) -fPIC -DSHARED -c -o $@ $<
-+
-+$(SWIGSO): $(SWIGLOBJ) audit2why.o
-+ $(CC) $(CFLAGS) $(LDFLAGS) -shared -o $@ $< audit2why.o -L. $(LDLIBS) -Wl,-soname,$@
-+
-+$(SWIGCOUT): $(SWIGIF)
-+ $(SWIG) $^
-+
-+swigify: $(SWIGIF)
-+ $(SWIG) $^
-+
- install: all
- -mkdir -p $(BINDIR)
- install -m 755 $(TARGETS) $(BINDIR)
- -mkdir -p $(MANDIR)/man8
- install -m 644 audit2why.8 $(MANDIR)/man8/
-
-+install-pywrap: pywrap
-+ test -d $(PYTHONLIBDIR)/site-packages || install -m 755 -d $(PYTHONLIBDIR)/site-packages
-+ install -m 755 $(SWIGSO) $(PYTHONLIBDIR)/site-packages
-+ install -m 644 audit2why.py $(PYTHONLIBDIR)/site-packages
-+
- clean:
-- -rm -f $(TARGETS) *.o
-+ -rm -f $(TARGETS) *.o $(SWIGLOBJ) $(SWIGSO)
-
- indent:
- ../../scripts/Lindent $(wildcard *.[ch])
-diff --exclude-from=exclude --exclude=sepolgen-1.0.10 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/Makefile policycoreutils-2.0.34/Makefile
---- nsapolicycoreutils/Makefile 2007-12-19 06:02:52.000000000 -0500
-+++ policycoreutils-2.0.34/Makefile 2007-12-19 06:06:04.000000000 -0500
-@@ -1,4 +1,4 @@
--SUBDIRS = setfiles semanage load_policy newrole run_init secon audit2allow audit2why scripts sestatus semodule_package semodule semodule_link semodule_expand semodule_deps setsebool po
-+SUBDIRS = setfiles semanage load_policy newrole run_init secon audit2allow audit2why scripts sestatus semodule_package semodule semodule_link semodule_expand semodule_deps setsebool po gui
-
- INOTIFYH = $(shell ls /usr/include/sys/inotify.h 2>/dev/null)
-
-diff --exclude-from=exclude --exclude=sepolgen-1.0.10 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/restorecond/restorecond.c policycoreutils-2.0.34/restorecond/restorecond.c
---- nsapolicycoreutils/restorecond/restorecond.c 2007-07-16 14:20:41.000000000 -0400
-+++ policycoreutils-2.0.34/restorecond/restorecond.c 2007-12-19 06:05:50.000000000 -0500
+diff --exclude-from=exclude --exclude=sepolgen-1.0.11 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/restorecond/restorecond.c policycoreutils-2.0.34/restorecond/restorecond.c
+--- nsapolicycoreutils/restorecond/restorecond.c 2007-12-19 06:02:54.000000000 -0500
++++ policycoreutils-2.0.34/restorecond/restorecond.c 2008-05-22 14:10:16.701516000 -0400
@@ -210,9 +210,10 @@
}
@@ -4652,9 +4648,9 @@
}
free(scontext);
close(fd);
-diff --exclude-from=exclude --exclude=sepolgen-1.0.10 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/scripts/chcat policycoreutils-2.0.34/scripts/chcat
---- nsapolicycoreutils/scripts/chcat 2007-08-23 16:52:26.000000000 -0400
-+++ policycoreutils-2.0.34/scripts/chcat 2007-12-19 06:05:50.000000000 -0500
+diff --exclude-from=exclude --exclude=sepolgen-1.0.11 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/scripts/chcat policycoreutils-2.0.34/scripts/chcat
+--- nsapolicycoreutils/scripts/chcat 2007-12-19 06:02:55.000000000 -0500
++++ policycoreutils-2.0.34/scripts/chcat 2008-05-22 14:10:16.705509000 -0400
@@ -25,10 +25,6 @@
import commands, sys, os, pwd, string, getopt, selinux
import seobject
@@ -4666,10 +4662,57 @@
try:
gettext.install('policycoreutils')
-diff --exclude-from=exclude --exclude=sepolgen-1.0.10 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/scripts/fixfiles policycoreutils-2.0.34/scripts/fixfiles
---- nsapolicycoreutils/scripts/fixfiles 2007-12-10 21:42:28.000000000 -0500
-+++ policycoreutils-2.0.34/scripts/fixfiles 2008-01-08 09:56:34.000000000 -0500
-@@ -126,17 +126,15 @@
+diff --exclude-from=exclude --exclude=sepolgen-1.0.11 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/scripts/fixfiles policycoreutils-2.0.34/scripts/fixfiles
+--- nsapolicycoreutils/scripts/fixfiles 2007-12-19 06:02:55.000000000 -0500
++++ policycoreutils-2.0.34/scripts/fixfiles 2008-05-22 14:11:09.343432000 -0400
+@@ -1,4 +1,4 @@
+-#!/bin/sh
++#!/bin/bash
+ # fixfiles
+ #
+ # Script to restore labels on a SELinux box
+@@ -36,8 +36,8 @@
+ LOGGER=/usr/sbin/logger
+ SETFILES=/sbin/setfiles
+ RESTORECON=/sbin/restorecon
+-FILESYSTEMSRW=`mount | grep -v "context=" | egrep -v '\((|.*,)bind(,.*|)\)' | awk '/(ext[23]| xfs | jfs ).*\(rw/{print $3}';`
+-FILESYSTEMSRO=`mount | grep -v "context=" | egrep -v '\((|.*,)bind(,.*|)\)' | awk '/(ext[23]| xfs | jfs ).*\(ro/{print $3}';`
++FILESYSTEMSRW=`mount | grep -v "context=" | egrep -v '\((|.*,)bind(,.*|)\)' | awk '/(ext[234]| ext4dev | gfs2 | xfs | jfs ).*\(rw/{print $3}';`
++FILESYSTEMSRO=`mount | grep -v "context=" | egrep -v '\((|.*,)bind(,.*|)\)' | awk '/(ext[234]| ext4dev | gfs2 | xfs | jfs ).*\(ro/{print $3}';`
+ FILESYSTEMS="$FILESYSTEMSRW $FILESYSTEMSRO"
+ SELINUXTYPE="targeted"
+ if [ -e /etc/selinux/config ]; then
+@@ -84,15 +84,15 @@
+ do if ! echo "$pattern" | grep -q -f ${TEMPFILE} 2>/dev/null; then \
+ echo "$pattern"; \
+ case "$pattern" in *"*") \
+- echo "$pattern" | sed 's,\*$,,g' >> ${TEMPFILE};;
++ echo "$pattern" | sed -e 's,^,^,' -e 's,\*$,,g' >> ${TEMPFILE};;
+ esac; \
+ fi; \
+ done | \
+- while read pattern ; do sh -c "find $pattern" \
+- ! \( -fstype ext2 -o -fstype ext3 -o -fstype jfs -o -fstype xfs \) -prune -o \
+- \( -wholename /home -o -wholename /root -o -wholename /tmp -wholename /dev \) -prune -o -print; \
++ while read pattern ; do sh -c "find $pattern \
++ ! \( -fstype ext2 -o -fstype ext3 -o -fstype ext4 -o -fstype ext4dev -o -fstype gfs2 -o -fstype jfs -o -fstype xfs \) -prune -o \
++ \( -wholename /home -o -wholename /root -o -wholename /tmp -wholename /dev \) -prune -o -print0"; \
+ done 2> /dev/null | \
+- ${RESTORECON} $2 -f -
++ ${RESTORECON} $* -0 -f -
+ rm -f ${TEMPFILE} ${PREFCTEMPFILE}
+ fi
+ }
+@@ -117,7 +117,7 @@
+ #
+ restore () {
+ if [ ! -z "$PREFC" ]; then
+- diff_filecontext $1
++ diff_filecontext $*
+ exit $?
+ fi
+ if [ ! -z "$RPMFILES" ]; then
+@@ -126,20 +126,21 @@
done
exit $?
fi
@@ -4677,10 +4720,12 @@
+if [ ! -z "$FILEPATH" ]; then
if [ -x /usr/bin/find ]; then
- for d in ${DIRS} ; do find $d \
-+ /usr/bin/find "$FILEPATH" \
- ! \( -fstype ext2 -o -fstype ext3 -o -fstype jfs -o -fstype xfs \) -prune -o -print | \
- ${RESTORECON} ${OUTFILES} ${FORCEFLAG} $* -f - 2>&1 >> $LOGFILE
+- ! \( -fstype ext2 -o -fstype ext3 -o -fstype jfs -o -fstype xfs \) -prune -o -print | \
+- ${RESTORECON} ${OUTFILES} ${FORCEFLAG} $* -f - 2>&1 >> $LOGFILE
- done
++ /usr/bin/find "$FILEPATH" \
++ ! \( -fstype ext2 -o -fstype ext3 -o -fstype ext4 -o -fstype ext4dev -o -fstype gfs2 -o -fstype jfs -o -fstype xfs \) -prune -o -print0 | \
++ ${RESTORECON} ${OUTFILES} ${FORCEFLAG} $* -0 -f - 2>&1 >> $LOGFILE
else
- ${RESTORECON} ${OUTFILES} ${FORCEFLAG} -R $* $DIRS 2>&1 >> $LOGFILE
+ ${RESTORECON} ${OUTFILES} ${FORCEFLAG} -R $* $FILEPATH 2>&1 >> $LOGFILE
@@ -4691,7 +4736,13 @@
fi
LogReadOnly
${SETFILES} -q ${OUTFILES} ${SYSLOGFLAG} ${FORCEFLAG} $* ${FC} ${FILESYSTEMSRW} 2>&1 >> $LOGFILE
-@@ -173,6 +171,20 @@
++rm -rf /tmp/gconfd-* /tmp/pulse-* /tmp/orbit-*
++find /tmp -context "*:file_t*" -exec chcon -t tmp_t {} \;
++find /var/tmp -context "*:file_t*" -exec chcon -t tmp_t {} \;
+ exit $?
+ }
+
+@@ -173,10 +174,29 @@
fi
}
@@ -4704,6 +4755,10 @@
+ check) restore -n -v;;
+ verify) restore -n -o -;;
+ relabel) relabel;;
++ onboot)
++ touch /.autorelabel
++ echo "System will relabel on next boot"
++ ;;
+ *)
+ usage
+ exit 1
@@ -4712,9 +4767,60 @@
usage() {
echo $"Usage: $0 [-l logfile ] [-o outputfile ] { check | restore|[-F] relabel } [[dir] ... ] "
echo or
-@@ -229,22 +241,19 @@
+ echo $"Usage: $0 -R rpmpackage[,rpmpackage...] -C PREVIOUS_FILECONTEXT [-l logfile ] [-o outputfile ] { check | restore }"
++ echo $"Usage: $0 onboot"
+ }
+
+ if [ $# = 0 ]; then
+@@ -189,27 +209,21 @@
+ case "$i" in
+ f)
+ fullFlag=1
+- shift 1
+ ;;
+ R)
+ RPMFILES=$OPTARG
+- shift 2
+ ;;
+ o)
+ OUTFILES=$OPTARG
+- shift 2
+ ;;
+ l)
+ LOGFILE=$OPTARG
+- shift 2
+ ;;
+ C)
+ PREFC=$OPTARG
+- shift 2
+ ;;
+ F)
+ FORCEFLAG="-F"
+- shift 1
+ ;;
+ *)
+ usage
+@@ -217,34 +231,36 @@
+ esac
+ done
+
++# Move out processed options from arguments
++shift $(( OPTIND - 1 ))
++
+ # Check for the command
+ command=$1
+ if [ -z $command ]; then
+ usage
+ fi
- shift 1
++# Move out command from arguments
++shift
++
+ #
+ # check if they specified both DIRS and RPMFILES
+ #
+
+-shift 1
if [ ! -z "$RPMFILES" ]; then
+ process $command
if [ $# -gt 0 ]; then
@@ -4746,9 +4852,40 @@
- exit 1
-esac
+exit $?
-diff --exclude-from=exclude --exclude=sepolgen-1.0.10 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/semanage/semanage policycoreutils-2.0.34/semanage/semanage
---- nsapolicycoreutils/semanage/semanage 2007-10-05 13:09:53.000000000 -0400
-+++ policycoreutils-2.0.34/semanage/semanage 2007-12-19 06:05:50.000000000 -0500
+diff --exclude-from=exclude --exclude=sepolgen-1.0.11 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/scripts/fixfiles.8 policycoreutils-2.0.34/scripts/fixfiles.8
+--- nsapolicycoreutils/scripts/fixfiles.8 2007-12-19 06:02:55.000000000 -0500
++++ policycoreutils-2.0.34/scripts/fixfiles.8 2008-05-22 14:12:22.522797000 -0400
+@@ -7,6 +7,8 @@
+
+ .B fixfiles [-F] [-l logfile ] [-o outputfile ] { check | restore|[-f] relabel | verify } [[dir/file] ... ]
+
++.B fixfiles onboot
++
+ .SH "DESCRIPTION"
+ This manual page describes the
+ .BR fixfiles
+@@ -20,6 +22,9 @@
+ as you expect. By default it will relabel all mounted ext2, ext3, xfs and
+ jfs file systems as long as they do not have a security context mount
+ option. You can use the -R flag to use rpmpackages as an alternative.
++.P
++.B fixfiles onboot
++will setup the machine to relabel on the next reboot.
+
+ .SH "OPTIONS"
+ .TP
+@@ -35,7 +40,7 @@
+
+ .TP
+ .B -f
+-Don't prompt for removal of /tmp directory.
++Clear /tmp directory with out prompt for removal.
+
+ .TP
+ .B -R rpmpackagename[,rpmpackagename...]
+diff --exclude-from=exclude --exclude=sepolgen-1.0.11 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/semanage/semanage policycoreutils-2.0.34/semanage/semanage
+--- nsapolicycoreutils/semanage/semanage 2007-12-19 06:02:55.000000000 -0500
++++ policycoreutils-2.0.34/semanage/semanage 2008-05-22 14:10:16.717494000 -0400
@@ -1,5 +1,5 @@
#! /usr/bin/python -E
-# Copyright (C) 2005 Red Hat
@@ -4815,3 +4952,24 @@
if object == "login":
OBJECT = seobject.loginRecords(store)
+diff --exclude-from=exclude --exclude=sepolgen-1.0.11 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/semanage/seobject.py policycoreutils-2.0.34/semanage/seobject.py
+--- nsapolicycoreutils/semanage/seobject.py 2007-12-19 06:02:55.000000000 -0500
++++ policycoreutils-2.0.34/semanage/seobject.py 2008-05-22 14:14:17.995516000 -0400
+@@ -503,8 +503,6 @@
+ rc = semanage_user_set_mlslevel(self.sh, u, selevel)
+ if rc < 0:
+ raise ValueError(_("Could not set MLS level for %s") % name)
+- if selinux.security_check_context("system_u:object_r:%s_home_t:s0" % prefix) != 0:
+- raise ValueError(_("Invalid prefix %s") % prefix)
+ rc = semanage_user_set_prefix(self.sh, u, prefix)
+ if rc < 0:
+ raise ValueError(_("Could not add prefix %s for %s") % (r, prefix))
+@@ -570,8 +568,6 @@
+ semanage_user_set_mlslevel(self.sh, u, untranslate(selevel))
+
+ if prefix != "":
+- if selinux.security_check_context("system_u:object_r:%s_home_t" % prefix) != 0:
+- raise ValueError(_("Invalid prefix %s") % prefix)
+ semanage_user_set_prefix(self.sh, u, prefix)
+
+ if len(roles) != 0:
Index: policycoreutils.spec
===================================================================
RCS file: /cvs/extras/rpms/policycoreutils/F-8/policycoreutils.spec,v
retrieving revision 1.485
retrieving revision 1.486
diff -u -r1.485 -r1.486
--- policycoreutils.spec 8 Jan 2008 20:00:49 -0000 1.485
+++ policycoreutils.spec 22 May 2008 18:38:47 -0000 1.486
@@ -2,11 +2,11 @@
%define libsepolver 2.0.10-1
%define libsemanagever 2.0.5-1
%define libselinuxver 2.0.34-1
-%define sepolgenver 1.0.10
+%define sepolgenver 1.0.11
Summary: SELinux policy core utilities
Name: policycoreutils
Version: 2.0.34
-Release: 7%{?dist}
+Release: 8%{?dist}
License: GPLv2+
Group: System Environment/Base
Source: http://www.nsa.gov/selinux/archives/policycoreutils-%{version}.tgz
@@ -193,6 +193,9 @@
fi
%changelog
+* Thu May 22 2008 Dan Walsh <dwalsh at redhat.com> 2.0.34-8
+- Stop verifying prefix, so livecd will work
+
* Tue Jan 8 2008 Dan Walsh <dwalsh at redhat.com> 2.0.34-7
- Fix fixfiles to handle no args
Index: sources
===================================================================
RCS file: /cvs/extras/rpms/policycoreutils/F-8/sources,v
retrieving revision 1.173
retrieving revision 1.174
diff -u -r1.173 -r1.174
--- sources 19 Dec 2007 18:43:14 -0000 1.173
+++ sources 22 May 2008 18:38:47 -0000 1.174
@@ -1,2 +1,2 @@
-eddb3e34fb982d752aa8cbed7b98f3d2 sepolgen-1.0.10.tgz
+3fed5cd04ee67c0f86e3cc6825261819 sepolgen-1.0.11.tgz
ca550750667febd8441a8eb498863602 policycoreutils-2.0.34.tgz
More information about the fedora-extras-commits
mailing list