rpms/policycoreutils/devel policycoreutils-rhat.patch, 1.435, 1.436 policycoreutils.spec, 1.633, 1.634
Daniel J Walsh
dwalsh at fedoraproject.org
Wed Aug 26 21:52:31 UTC 2009
Author: dwalsh
Update of /cvs/extras/rpms/policycoreutils/devel
In directory cvs1.fedora.phx.redhat.com:/tmp/cvs-serv14389
Modified Files:
policycoreutils-rhat.patch policycoreutils.spec
Log Message:
* Wed Aug 26 2009 Dan Walsh <dwalsh at redhat.com> 2.0.71-12
- Tighten up controls on seunshare.c
policycoreutils-rhat.patch:
Makefile | 2
audit2allow/audit2allow | 14
restorecond/Makefile | 24
restorecond/org.selinux.Restorecond.service | 3
restorecond/restorecond.c | 422 ++---------------
restorecond/restorecond.conf | 5
restorecond/restorecond.desktop | 7
restorecond/restorecond.h | 18
restorecond/restorecond_user.conf | 2
restorecond/user.c | 237 +++++++++
restorecond/watch.c | 254 ++++++++++
sandbox/Makefile | 31 +
sandbox/sandbox | 193 +++++++
sandbox/sandbox.8 | 26 +
sandbox/sandboxX.sh | 13
sandbox/seunshare |binary
sandbox/seunshare.c | 203 ++++++++
sandbox/seunshare.o |binary
scripts/Makefile | 2
scripts/chcat | 2
semanage/semanage | 34 +
semanage/seobject.py | 66 ++
setfiles/Makefile | 4
setfiles/restore.c | 519 +++++++++++++++++++++
setfiles/restore.h | 49 +
setfiles/setfiles.c | 687 +++-------------------------
26 files changed, 1847 insertions(+), 970 deletions(-)
Index: policycoreutils-rhat.patch
===================================================================
RCS file: /cvs/extras/rpms/policycoreutils/devel/policycoreutils-rhat.patch,v
retrieving revision 1.435
retrieving revision 1.436
diff -u -p -r1.435 -r1.436
--- policycoreutils-rhat.patch 26 Aug 2009 18:05:33 -0000 1.435
+++ policycoreutils-rhat.patch 26 Aug 2009 21:52:30 -0000 1.436
@@ -1,6 +1,6 @@
diff --exclude-from=exclude --exclude=sepolgen-1.0.17 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/audit2allow/audit2allow policycoreutils-2.0.71/audit2allow/audit2allow
--- nsapolicycoreutils/audit2allow/audit2allow 2009-01-13 08:45:35.000000000 -0500
-+++ policycoreutils-2.0.71/audit2allow/audit2allow 2009-08-20 12:53:16.000000000 -0400
++++ policycoreutils-2.0.71/audit2allow/audit2allow 2009-08-26 17:34:50.000000000 -0400
@@ -42,6 +42,8 @@
from optparse import OptionParser
@@ -40,7 +40,7 @@ diff --exclude-from=exclude --exclude=se
f = sys.stdin
diff --exclude-from=exclude --exclude=sepolgen-1.0.17 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/Makefile policycoreutils-2.0.71/Makefile
--- nsapolicycoreutils/Makefile 2008-08-28 09:34:24.000000000 -0400
-+++ policycoreutils-2.0.71/Makefile 2009-08-26 10:04:47.000000000 -0400
++++ policycoreutils-2.0.71/Makefile 2009-08-26 17:34:50.000000000 -0400
@@ -1,4 +1,4 @@
-SUBDIRS = setfiles semanage load_policy newrole run_init secon audit2allow audit2why scripts sestatus semodule_package semodule semodule_link semodule_expand semodule_deps setsebool po
+SUBDIRS = setfiles semanage load_policy newrole run_init sandbox secon audit2allow audit2why scripts sestatus semodule_package semodule semodule_link semodule_expand semodule_deps setsebool po gui
@@ -49,7 +49,7 @@ diff --exclude-from=exclude --exclude=se
diff --exclude-from=exclude --exclude=sepolgen-1.0.17 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/restorecond/Makefile policycoreutils-2.0.71/restorecond/Makefile
--- nsapolicycoreutils/restorecond/Makefile 2009-08-20 15:49:21.000000000 -0400
-+++ policycoreutils-2.0.71/restorecond/Makefile 2009-08-20 15:30:42.000000000 -0400
++++ policycoreutils-2.0.71/restorecond/Makefile 2009-08-26 17:34:50.000000000 -0400
@@ -1,17 +1,28 @@
# Installation directories.
PREFIX ?= ${DESTDIR}/usr
@@ -98,14 +98,14 @@ diff --exclude-from=exclude --exclude=se
/sbin/restorecon $(SBINDIR)/restorecond
diff --exclude-from=exclude --exclude=sepolgen-1.0.17 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/restorecond/org.selinux.Restorecond.service policycoreutils-2.0.71/restorecond/org.selinux.Restorecond.service
--- nsapolicycoreutils/restorecond/org.selinux.Restorecond.service 1969-12-31 19:00:00.000000000 -0500
-+++ policycoreutils-2.0.71/restorecond/org.selinux.Restorecond.service 2009-08-20 12:53:16.000000000 -0400
++++ policycoreutils-2.0.71/restorecond/org.selinux.Restorecond.service 2009-08-26 17:34:50.000000000 -0400
@@ -0,0 +1,3 @@
+[D-BUS Service]
+Name=org.selinux.Restorecond
+Exec=/usr/sbin/restorecond -u
diff --exclude-from=exclude --exclude=sepolgen-1.0.17 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/restorecond/restorecond.c policycoreutils-2.0.71/restorecond/restorecond.c
--- nsapolicycoreutils/restorecond/restorecond.c 2009-08-20 15:49:21.000000000 -0400
-+++ policycoreutils-2.0.71/restorecond/restorecond.c 2009-08-22 08:03:13.000000000 -0400
++++ policycoreutils-2.0.71/restorecond/restorecond.c 2009-08-26 17:34:50.000000000 -0400
@@ -48,294 +48,38 @@
#include <signal.h>
#include <string.h>
@@ -598,7 +598,7 @@ diff --exclude-from=exclude --exclude=se
+
diff --exclude-from=exclude --exclude=sepolgen-1.0.17 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/restorecond/restorecond.conf policycoreutils-2.0.71/restorecond/restorecond.conf
--- nsapolicycoreutils/restorecond/restorecond.conf 2009-08-20 15:49:21.000000000 -0400
-+++ policycoreutils-2.0.71/restorecond/restorecond.conf 2009-08-20 15:30:45.000000000 -0400
++++ policycoreutils-2.0.71/restorecond/restorecond.conf 2009-08-26 17:34:50.000000000 -0400
@@ -4,8 +4,5 @@
/etc/mtab
/var/run/utmp
@@ -611,7 +611,7 @@ diff --exclude-from=exclude --exclude=se
-
diff --exclude-from=exclude --exclude=sepolgen-1.0.17 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/restorecond/restorecond.desktop policycoreutils-2.0.71/restorecond/restorecond.desktop
--- nsapolicycoreutils/restorecond/restorecond.desktop 1969-12-31 19:00:00.000000000 -0500
-+++ policycoreutils-2.0.71/restorecond/restorecond.desktop 2009-08-20 12:53:16.000000000 -0400
++++ policycoreutils-2.0.71/restorecond/restorecond.desktop 2009-08-26 17:34:50.000000000 -0400
@@ -0,0 +1,7 @@
+[Desktop Entry]
+Name=File Context maintainer
@@ -622,7 +622,7 @@ diff --exclude-from=exclude --exclude=se
+StartupNotify=false
diff --exclude-from=exclude --exclude=sepolgen-1.0.17 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/restorecond/restorecond.h policycoreutils-2.0.71/restorecond/restorecond.h
--- nsapolicycoreutils/restorecond/restorecond.h 2009-08-20 15:49:21.000000000 -0400
-+++ policycoreutils-2.0.71/restorecond/restorecond.h 2009-08-20 15:30:47.000000000 -0400
++++ policycoreutils-2.0.71/restorecond/restorecond.h 2009-08-26 17:34:50.000000000 -0400
@@ -24,7 +24,21 @@
#ifndef RESTORED_CONFIG_H
#define RESTORED_CONFIG_H
@@ -649,13 +649,13 @@ diff --exclude-from=exclude --exclude=se
#endif
diff --exclude-from=exclude --exclude=sepolgen-1.0.17 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/restorecond/restorecond_user.conf policycoreutils-2.0.71/restorecond/restorecond_user.conf
--- nsapolicycoreutils/restorecond/restorecond_user.conf 1969-12-31 19:00:00.000000000 -0500
-+++ policycoreutils-2.0.71/restorecond/restorecond_user.conf 2009-08-20 12:53:16.000000000 -0400
++++ policycoreutils-2.0.71/restorecond/restorecond_user.conf 2009-08-26 17:34:50.000000000 -0400
@@ -0,0 +1,2 @@
+~/*
+~/public_html/*
diff --exclude-from=exclude --exclude=sepolgen-1.0.17 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/restorecond/user.c policycoreutils-2.0.71/restorecond/user.c
--- nsapolicycoreutils/restorecond/user.c 1969-12-31 19:00:00.000000000 -0500
-+++ policycoreutils-2.0.71/restorecond/user.c 2009-08-20 13:08:42.000000000 -0400
++++ policycoreutils-2.0.71/restorecond/user.c 2009-08-26 17:34:50.000000000 -0400
@@ -0,0 +1,237 @@
+/*
+ * restorecond
@@ -896,7 +896,7 @@ diff --exclude-from=exclude --exclude=se
+
diff --exclude-from=exclude --exclude=sepolgen-1.0.17 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/restorecond/watch.c policycoreutils-2.0.71/restorecond/watch.c
--- nsapolicycoreutils/restorecond/watch.c 1969-12-31 19:00:00.000000000 -0500
-+++ policycoreutils-2.0.71/restorecond/watch.c 2009-08-20 13:08:19.000000000 -0400
++++ policycoreutils-2.0.71/restorecond/watch.c 2009-08-26 17:34:50.000000000 -0400
@@ -0,0 +1,254 @@
+#define _GNU_SOURCE
+#include <sys/inotify.h>
@@ -1154,7 +1154,7 @@ diff --exclude-from=exclude --exclude=se
+
diff --exclude-from=exclude --exclude=sepolgen-1.0.17 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/sandbox/Makefile policycoreutils-2.0.71/sandbox/Makefile
--- nsapolicycoreutils/sandbox/Makefile 1969-12-31 19:00:00.000000000 -0500
-+++ policycoreutils-2.0.71/sandbox/Makefile 2009-08-26 10:50:50.000000000 -0400
++++ policycoreutils-2.0.71/sandbox/Makefile 2009-08-26 17:34:50.000000000 -0400
@@ -0,0 +1,31 @@
+# Installation directories.
+PREFIX ?= ${DESTDIR}/usr
@@ -1189,7 +1189,7 @@ diff --exclude-from=exclude --exclude=se
+relabel:
diff --exclude-from=exclude --exclude=sepolgen-1.0.17 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/sandbox/sandbox policycoreutils-2.0.71/sandbox/sandbox
--- nsapolicycoreutils/sandbox/sandbox 1969-12-31 19:00:00.000000000 -0500
-+++ policycoreutils-2.0.71/sandbox/sandbox 2009-08-26 10:03:24.000000000 -0400
++++ policycoreutils-2.0.71/sandbox/sandbox 2009-08-26 17:34:50.000000000 -0400
@@ -0,0 +1,193 @@
+#!/usr/bin/python -E
+import os, sys, getopt, socket, random, fcntl, shutil
@@ -1386,7 +1386,7 @@ diff --exclude-from=exclude --exclude=se
+
diff --exclude-from=exclude --exclude=sepolgen-1.0.17 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/sandbox/sandbox.8 policycoreutils-2.0.71/sandbox/sandbox.8
--- nsapolicycoreutils/sandbox/sandbox.8 1969-12-31 19:00:00.000000000 -0500
-+++ policycoreutils-2.0.71/sandbox/sandbox.8 2009-08-26 10:03:24.000000000 -0400
++++ policycoreutils-2.0.71/sandbox/sandbox.8 2009-08-26 17:34:50.000000000 -0400
@@ -0,0 +1,26 @@
+.TH SANDBOX "8" "May 2009" "chcat" "User Commands"
+.SH NAME
@@ -1416,7 +1416,7 @@ diff --exclude-from=exclude --exclude=se
+.PP
diff --exclude-from=exclude --exclude=sepolgen-1.0.17 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/sandbox/sandboxX.sh policycoreutils-2.0.71/sandbox/sandboxX.sh
--- nsapolicycoreutils/sandbox/sandboxX.sh 1969-12-31 19:00:00.000000000 -0500
-+++ policycoreutils-2.0.71/sandbox/sandboxX.sh 2009-08-26 10:03:24.000000000 -0400
++++ policycoreutils-2.0.71/sandbox/sandboxX.sh 2009-08-26 17:34:50.000000000 -0400
@@ -0,0 +1,13 @@
+#!/bin/bash
+(Xephyr -terminate -screen 1000x700 -displayfd 5 5>&1 2>/dev/null) | while read D; do
@@ -1434,8 +1434,8 @@ diff --exclude-from=exclude --exclude=se
Binary files nsapolicycoreutils/sandbox/seunshare and policycoreutils-2.0.71/sandbox/seunshare differ
diff --exclude-from=exclude --exclude=sepolgen-1.0.17 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/sandbox/seunshare.c policycoreutils-2.0.71/sandbox/seunshare.c
--- nsapolicycoreutils/sandbox/seunshare.c 1969-12-31 19:00:00.000000000 -0500
-+++ policycoreutils-2.0.71/sandbox/seunshare.c 2009-08-26 10:06:05.000000000 -0400
-@@ -0,0 +1,188 @@
++++ policycoreutils-2.0.71/sandbox/seunshare.c 2009-08-26 17:50:31.000000000 -0400
+@@ -0,0 +1,203 @@
+#include <signal.h>
+#include <sys/types.h>
+#include <sys/wait.h>
@@ -1456,8 +1456,7 @@ diff --exclude-from=exclude --exclude=se
+/**
+ * This function will drop the capabilities so that we are left
+ * only with access to the audit system and the ability to raise
-+ * CAP_SYS_ADMIN, CAP_DAC_OVERRIDE, CAP_FOWNER and CAP_CHOWN,
-+ * before invoking unshare and mounting a couple of directories.
++ * CAP_SYS_ADMIN before invoking unshare and mounting a couple of directories.
+ * These capabilities are needed for performing bind mounts/unmounts
+ * and to create potential new instance directories with appropriate
+ * DAC attributes.
@@ -1469,12 +1468,12 @@ diff --exclude-from=exclude --exclude=se
+ capng_clear(CAPNG_SELECT_BOTH);
+
+ if (all) {
-+ if ((getuid() == 0) && (capng_lock() < 0))
++ if (capng_lock() < 0)
+ return -1;
+ } else {
-+ if (capng_updatev(CAPNG_ADD, CAP_DAC_OVERRIDE|CAPNG_EFFECTIVE|CAPNG_PERMITTED, CAP_SYS_ADMIN, -1) < 0)
++ if (capng_updatev(CAPNG_ADD, CAPNG_EFFECTIVE|CAPNG_PERMITTED, CAP_SYS_ADMIN, CAP_SETPCAP, -1) < 0) {
+ return -1;
-+
++ }
+ }
+
+ return capng_apply(CAPNG_SELECT_BOTH);
@@ -1487,7 +1486,7 @@ diff --exclude-from=exclude --exclude=se
+/**
+ * Take care of any signal setup
+ */
-+static int set_signal_handles()
++static int set_signal_handles(void)
+{
+ sigset_t empty;
+
@@ -1513,7 +1512,6 @@ diff --exclude-from=exclude --exclude=se
+ int rc;
+ int status = -1;
+
-+ struct passwd *pwd=getpwuid(getuid());
+ security_context_t scontext;
+
+ int flag_index; /* flag index in argv[] */
@@ -1526,6 +1524,13 @@ diff --exclude-from=exclude --exclude=se
+ {"tmpdir", 1, 0, 't'},
+ {NULL, 0, 0, 0}
+ };
++ capng_print_caps_text(CAPNG_PRINT_STDOUT, CAPNG_EFFECTIVE);
++
++ struct passwd *pwd=getpwuid(getuid());
++ if (!pwd) {
++ perror("getpwduid failed");
++ return -1;
++ }
+
+ if (drop_capabilities(FALSE)) {
+ perror("Failed to drop capabilities");
@@ -1591,7 +1596,13 @@ diff --exclude-from=exclude --exclude=se
+ int child = fork();
+ if (!child) {
+ /* Construct a new environment */
-+ char *display = strdup(getenv("DISPLAY"));
++ char *d = getenv("DISPLAY");
++ if (!d) {
++ perror("DISPLAY Not set");
++ exit(-1);
++ }
++
++ char *display = strdup(d);
+ if (!display) {
+ perror("Out of memory");
+ exit(-1);
@@ -1614,7 +1625,11 @@ diff --exclude-from=exclude --exclude=se
+ rc |= setenv("LOGNAME", pwd->pw_name, 1);
+ rc |= setenv("PATH", DEFAULT_PATH, 1);
+
-+ chdir(pwd->pw_dir);
++ if (chdir(pwd->pw_dir)) {
++ perror("Failed to change dir to homedir");
++ exit(-1);
++ }
++
+ execv(argv[optind], argv + optind);
+ perror("execv");
+ exit(-1);
@@ -1627,7 +1642,7 @@ diff --exclude-from=exclude --exclude=se
Binary files nsapolicycoreutils/sandbox/seunshare.o and policycoreutils-2.0.71/sandbox/seunshare.o differ
diff --exclude-from=exclude --exclude=sepolgen-1.0.17 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/scripts/chcat policycoreutils-2.0.71/scripts/chcat
--- nsapolicycoreutils/scripts/chcat 2009-06-23 15:36:07.000000000 -0400
-+++ policycoreutils-2.0.71/scripts/chcat 2009-08-20 12:53:16.000000000 -0400
++++ policycoreutils-2.0.71/scripts/chcat 2009-08-26 17:34:50.000000000 -0400
@@ -435,6 +435,8 @@
continue
except ValueError, e:
@@ -1639,7 +1654,7 @@ diff --exclude-from=exclude --exclude=se
diff --exclude-from=exclude --exclude=sepolgen-1.0.17 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/scripts/Makefile policycoreutils-2.0.71/scripts/Makefile
--- nsapolicycoreutils/scripts/Makefile 2008-08-28 09:34:24.000000000 -0400
-+++ policycoreutils-2.0.71/scripts/Makefile 2009-08-26 10:04:11.000000000 -0400
++++ policycoreutils-2.0.71/scripts/Makefile 2009-08-26 17:34:50.000000000 -0400
@@ -5,7 +5,7 @@
MANDIR ?= $(PREFIX)/share/man
LOCALEDIR ?= /usr/share/locale
@@ -1651,7 +1666,7 @@ diff --exclude-from=exclude --exclude=se
-mkdir -p $(BINDIR)
diff --exclude-from=exclude --exclude=sepolgen-1.0.17 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/semanage/semanage policycoreutils-2.0.71/semanage/semanage
--- nsapolicycoreutils/semanage/semanage 2009-08-19 16:35:03.000000000 -0400
-+++ policycoreutils-2.0.71/semanage/semanage 2009-08-20 12:53:16.000000000 -0400
++++ policycoreutils-2.0.71/semanage/semanage 2009-08-26 17:34:50.000000000 -0400
@@ -68,6 +68,7 @@
-h, --help Display this message
-n, --noheading Do not print heading when listing OBJECTS
@@ -1761,7 +1776,7 @@ diff --exclude-from=exclude --exclude=se
diff --exclude-from=exclude --exclude=sepolgen-1.0.17 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/semanage/seobject.py policycoreutils-2.0.71/semanage/seobject.py
--- nsapolicycoreutils/semanage/seobject.py 2009-08-19 16:35:03.000000000 -0400
-+++ policycoreutils-2.0.71/semanage/seobject.py 2009-08-20 12:53:16.000000000 -0400
++++ policycoreutils-2.0.71/semanage/seobject.py 2009-08-26 17:34:50.000000000 -0400
@@ -1,5 +1,5 @@
#! /usr/bin/python -E
-# Copyright (C) 2005, 2006, 2007, 2008 Red Hat
@@ -1890,7 +1905,7 @@ diff --exclude-from=exclude --exclude=se
def __init__(self, store = ""):
diff --exclude-from=exclude --exclude=sepolgen-1.0.17 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/setfiles/Makefile policycoreutils-2.0.71/setfiles/Makefile
--- nsapolicycoreutils/setfiles/Makefile 2009-07-07 15:32:32.000000000 -0400
-+++ policycoreutils-2.0.71/setfiles/Makefile 2009-08-20 12:53:16.000000000 -0400
++++ policycoreutils-2.0.71/setfiles/Makefile 2009-08-26 17:34:50.000000000 -0400
@@ -5,7 +5,7 @@
LIBDIR ?= $(PREFIX)/lib
AUDITH = $(shell ls /usr/include/libaudit.h 2>/dev/null)
@@ -1911,7 +1926,7 @@ diff --exclude-from=exclude --exclude=se
ln -sf setfiles restorecon
diff --exclude-from=exclude --exclude=sepolgen-1.0.17 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/setfiles/restore.c policycoreutils-2.0.71/setfiles/restore.c
--- nsapolicycoreutils/setfiles/restore.c 1969-12-31 19:00:00.000000000 -0500
-+++ policycoreutils-2.0.71/setfiles/restore.c 2009-08-22 07:59:20.000000000 -0400
++++ policycoreutils-2.0.71/setfiles/restore.c 2009-08-26 17:34:50.000000000 -0400
@@ -0,0 +1,519 @@
+#include "restore.h"
+
@@ -2434,7 +2449,7 @@ diff --exclude-from=exclude --exclude=se
+
diff --exclude-from=exclude --exclude=sepolgen-1.0.17 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/setfiles/restore.h policycoreutils-2.0.71/setfiles/restore.h
--- nsapolicycoreutils/setfiles/restore.h 1969-12-31 19:00:00.000000000 -0500
-+++ policycoreutils-2.0.71/setfiles/restore.h 2009-08-22 08:02:45.000000000 -0400
++++ policycoreutils-2.0.71/setfiles/restore.h 2009-08-26 17:34:50.000000000 -0400
@@ -0,0 +1,49 @@
+#ifndef RESTORE_H
+#define RESTORE_H
@@ -2487,7 +2502,7 @@ diff --exclude-from=exclude --exclude=se
+#endif
diff --exclude-from=exclude --exclude=sepolgen-1.0.17 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/setfiles/setfiles.c policycoreutils-2.0.71/setfiles/setfiles.c
--- nsapolicycoreutils/setfiles/setfiles.c 2009-08-12 12:08:15.000000000 -0400
-+++ policycoreutils-2.0.71/setfiles/setfiles.c 2009-08-22 08:06:25.000000000 -0400
++++ policycoreutils-2.0.71/setfiles/setfiles.c 2009-08-26 17:34:50.000000000 -0400
@@ -1,26 +1,12 @@
-#ifndef _GNU_SOURCE
-#define _GNU_SOURCE
Index: policycoreutils.spec
===================================================================
RCS file: /cvs/extras/rpms/policycoreutils/devel/policycoreutils.spec,v
retrieving revision 1.633
retrieving revision 1.634
diff -u -p -r1.633 -r1.634
--- policycoreutils.spec 26 Aug 2009 20:45:29 -0000 1.633
+++ policycoreutils.spec 26 Aug 2009 21:52:31 -0000 1.634
@@ -6,7 +6,7 @@
Summary: SELinux policy core utilities
Name: policycoreutils
Version: 2.0.71
-Release: 11%{?dist}
+Release: 12%{?dist}
License: GPLv2+
Group: System Environment/Base
Source: http://www.nsa.gov/selinux/archives/policycoreutils-%{version}.tgz
@@ -295,6 +295,9 @@ fi
exit 0
%changelog
+* Wed Aug 26 2009 Dan Walsh <dwalsh at redhat.com> 2.0.71-12
+- Tighten up controls on seunshare.c
+
* Wed Aug 26 2009 Dan Walsh <dwalsh at redhat.com> 2.0.71-11
- Add sandboxX
More information about the fedora-extras-commits
mailing list