- Fix to only setdefaultfilecon if not overridden by command line

2004-12-29 17:33:19 +00:00 · 2004-12-29 17:33:19 +00:00 · fee87d7c1b
parent 129baa8d28
commit fee87d7c1b
2 changed files with 84 additions and 74 deletions
--- a/coreutils-selinux.patch
+++ b/coreutils-selinux.patch
@ -1,5 +1,5 @@
--- coreutils-5.2.1/README.selinux	2004-12-27 08:25:32.410132243 -0500
-+++ coreutils-5.2.1/README	2004-12-27 08:25:32.534118281 -0500
+--- coreutils-5.2.1/README.selinux	2004-12-29 12:24:03.260876459 -0500
+++ coreutils-5.2.1/README	2004-12-29 12:24:03.417858780 -0500
@@ -7,11 +7,11 @@
 
 The programs that can be built with this package are:
@ -15,7 +15,7 @@
   uname unexpand uniq unlink uptime users vdir wc who whoami yes
 
 --- coreutils-5.2.1/src/stat.c.selinux	2004-02-05 08:46:12.000000000 -0500
-+++ coreutils-5.2.1/src/stat.c	2004-12-27 08:25:32.536118056 -0500
+++ coreutils-5.2.1/src/stat.c	2004-12-29 12:24:03.419858555 -0500
@@ -42,6 +42,13 @@
 # endif
 #endif
@ -308,8 +308,8 @@
     }
 
   exit (G_fail ? EXIT_FAILURE : EXIT_SUCCESS);
--- /dev/null	2004-12-22 03:32:57.447392592 -0500
-+++ coreutils-5.2.1/src/runcon.c	2004-12-27 08:25:32.537117944 -0500
+--- /dev/null	2004-12-29 02:13:24.827638832 -0500
+++ coreutils-5.2.1/src/runcon.c	2004-12-29 12:24:03.421858330 -0500
@@ -0,0 +1,201 @@
 +/*
 + * runcon [ context |
@ -513,7 +513,7 @@
 +  return 1; /* can't reach this statement.... */
 +}
 --- coreutils-5.2.1/src/mkdir.c.selinux	2004-01-21 17:27:02.000000000 -0500
-+++ coreutils-5.2.1/src/mkdir.c	2004-12-27 08:25:32.539117718 -0500
+++ coreutils-5.2.1/src/mkdir.c	2004-12-29 12:24:03.422858217 -0500
@@ -34,6 +34,10 @@
 
 #define AUTHORS "David MacKenzie"
@ -580,8 +580,8 @@
 	case_GETOPT_HELP_CHAR;
 	case_GETOPT_VERSION_CHAR (PROGRAM_NAME, AUTHORS);
 	default:
--- coreutils-5.2.1/src/mv.c.selinux	2004-12-27 08:25:32.012177057 -0500
-+++ coreutils-5.2.1/src/mv.c	2004-12-27 08:25:32.540117606 -0500
+--- coreutils-5.2.1/src/mv.c.selinux	2004-12-29 12:24:02.845923189 -0500
+++ coreutils-5.2.1/src/mv.c	2004-12-29 12:24:03.424857992 -0500
@@ -34,6 +34,11 @@
 #include "quote.h"
 #include "remove.h"
@ -615,8 +615,8 @@
   /* FIXME: consider not calling getenv for SIMPLE_BACKUP_SUFFIX unless
      we'll actually use backup_suffix_string.  */
   backup_suffix_string = getenv ("SIMPLE_BACKUP_SUFFIX");
--- coreutils-5.2.1/src/ls.c.selinux	2004-12-27 08:25:32.015176719 -0500
-+++ coreutils-5.2.1/src/ls.c	2004-12-27 08:25:32.544117155 -0500
+--- coreutils-5.2.1/src/ls.c.selinux	2004-12-29 12:24:02.848922851 -0500
+++ coreutils-5.2.1/src/ls.c	2004-12-29 12:24:03.429857429 -0500
@@ -121,6 +121,18 @@
 
 #define AUTHORS "Richard Stallman", "David MacKenzie"
@ -1245,8 +1245,8 @@
 +  }
 +}
 +#endif
--- /dev/null	2004-12-22 03:32:57.447392592 -0500
-+++ coreutils-5.2.1/src/chcon.c	2004-12-27 08:25:32.546116930 -0500
+--- /dev/null	2004-12-29 02:13:24.827638832 -0500
+++ coreutils-5.2.1/src/chcon.c	2004-12-29 12:24:03.430857317 -0500
@@ -0,0 +1,421 @@
 +/* chcontext -- change security context of a pathname */
 +
@ -1669,8 +1669,8 @@
 +    freecon(ref_context);
 +  exit (errors);
 +}
--- coreutils-5.2.1/src/id.c.selinux	2004-12-27 08:25:32.422130892 -0500
-+++ coreutils-5.2.1/src/id.c	2004-12-27 08:25:32.548116705 -0500
+--- coreutils-5.2.1/src/id.c.selinux	2004-12-29 12:24:03.287873419 -0500
+++ coreutils-5.2.1/src/id.c	2004-12-29 12:24:03.432857091 -0500
@@ -45,6 +45,20 @@
 
 int getugroups ();
@ -1802,49 +1802,53 @@
 +  }
 +#endif
 }
--- coreutils-5.2.1/src/install.c.selinux	2004-12-27 08:25:32.017176494 -0500
-+++ coreutils-5.2.1/src/install.c	2004-12-27 08:26:49.247479564 -0500
-@@ -47,6 +47,39 @@
+--- coreutils-5.2.1/src/install.c.selinux	2004-12-29 12:24:02.850922625 -0500
+++ coreutils-5.2.1/src/install.c	2004-12-29 12:24:47.138935019 -0500
+@@ -47,6 +47,43 @@
 # include <sys/wait.h>
 #endif
 
 +#ifdef WITH_SELINUX
 +#include <selinux/selinux.h>          /* for is_selinux_enabled() */
 +int selinux_enabled=0;
+static int use_default_selinux_context = 1;
 +/* Modify file context to match the specified policy,  
 +   If an error occurs the file will remain with the default directory 
 +   context.*/
-+int setdefaultfilecon(char *path) {
+static void setdefaultfilecon(const char *path) {
 +	struct stat st;
 +	security_context_t scontext=NULL;
 +	if (selinux_enabled != 1) {
 +		/* Indicate no context found. */
-+		return 0;
+		return;
 +	}
 +	if (lstat(path, &st) != 0)
-+		return 0;
+		return;
 +
 +	/* If there's an error determining the context, or it has none, 
-+	   return 0 to allow default context */
+	   return to allow default context */
 +	if ((matchpathcon(path, st.st_mode, &scontext) != 0) ||
-+	    (scontext == NULL) ||
-+	    ((scontext != NULL) &&
-+	     (strcmp(scontext, "<<none>>") == 0))) {
+	    (strcmp(scontext, "<<none>>") == 0)) {
 +		if (scontext != NULL) {
 +			freecon(scontext);
 +		}
-+		return 0;
+		return;
+	}
+	if (lsetfilecon(path, scontext) < 0) {
+		if (errno != ENOTSUP) {
+			error (0, errno,
+			       _("warning: failed to change context of %s to %s"), path, scontext);
+		}
 +	}
-+	lsetfilecon(path, scontext);
 +	freecon(scontext);
-+	return 1;
+	return;
 +}
 +#endif
 +
 struct passwd *getpwnam ();
 struct group *getgrnam ();
 
-@@ -123,11 +156,17 @@
+@@ -123,11 +160,17 @@
 static struct option const long_options[] =
 {
   {"backup", optional_argument, NULL, 'b'},
@ -1862,7 +1866,7 @@
   {"strip", no_argument, NULL, 's'},
   {"suffix", required_argument, NULL, 'S'},
   {"version-control", required_argument, NULL, 'V'}, /* Deprecated. FIXME. */
-@@ -244,6 +283,9 @@
+@@ -244,6 +287,9 @@
 
   x->update = 0;
   x->verbose = 0;
@ -1872,7 +1876,7 @@
   x->dest_info = NULL;
   x->src_info = NULL;
 }
-@@ -261,6 +303,11 @@
+@@ -261,6 +307,11 @@
   struct cp_options x;
   int n_files;
   char **file;
@ -1884,7 +1888,7 @@
 
   initialize_main (&argc, &argv);
   program_name = argv[0];
-@@ -282,7 +329,11 @@
+@@ -282,7 +333,11 @@
      we'll actually use backup_suffix_string.  */
   backup_suffix_string = getenv ("SIMPLE_BACKUP_SUFFIX");
 
@ -1896,7 +1900,7 @@
 			      NULL)) != -1)
     {
       switch (optc)
-@@ -335,6 +386,39 @@
+@@ -335,6 +390,41 @@
 	  make_backups = 1;
 	  backup_suffix_string = optarg;
 	  break;
@ -1913,6 +1917,7 @@
 + 	    exit( 1 );
 + 	  }
 + 	  x.preserve_security_context = 1;
+ 	  use_default_selinux_context = 0;
 + 	  break ;
 + 	case 'Z':
 + 	  /* politely decline if we're not on a selinux-enabled kernel. */
@ -1927,6 +1932,7 @@
 + 	    exit( 1 );
 + 	  }
 + 	  scontext = optarg;
+ 	  use_default_selinux_context = 0;
 +	  if (setfscreatecon(scontext)) {
 + 	    (void) fprintf(stderr, "%s: cannot setup default context == '%s'\n", argv[0], scontext);
 +	    exit(1);
@ -1936,17 +1942,18 @@
 	case_GETOPT_HELP_CHAR;
 	case_GETOPT_VERSION_CHAR (PROGRAM_NAME, AUTHORS);
 	default:
-@@ -564,6 +648,9 @@
+@@ -564,6 +654,10 @@
       err = 1;
     }
 
 +#ifdef WITH_SELINUX
-+  setdefaultfilecon(path);
+  if (use_default_selinux_context)
+	  setdefaultfilecon(path);
 +#endif
   return err;
 }
 
-@@ -716,6 +803,11 @@
+@@ -716,6 +810,11 @@
   -S, --suffix=SUFFIX override the usual backup suffix\n\
   -v, --verbose       print the name of each directory as it is created\n\
 "), stdout);
@ -1958,8 +1965,8 @@
       fputs (HELP_OPTION_DESCRIPTION, stdout);
       fputs (VERSION_OPTION_DESCRIPTION, stdout);
       fputs (_("\
--- coreutils-5.2.1/src/copy.h.selinux	2004-12-27 08:25:32.019176269 -0500
-+++ coreutils-5.2.1/src/copy.h	2004-12-27 08:25:32.551116367 -0500
+--- coreutils-5.2.1/src/copy.h.selinux	2004-12-29 12:24:02.853922288 -0500
+++ coreutils-5.2.1/src/copy.h	2004-12-29 12:24:03.435856754 -0500
@@ -105,6 +105,9 @@
   int preserve_ownership;
   int preserve_mode;
@ -1970,8 +1977,8 @@
 
   /* Enabled for mv, and for cp by the --preserve=links option.
      If nonzero, attempt to preserve in the destination files any
--- coreutils-5.2.1/src/Makefile.am.selinux	2004-12-27 08:25:32.413131906 -0500
-+++ coreutils-5.2.1/src/Makefile.am	2004-12-27 08:25:32.552116255 -0500
+--- coreutils-5.2.1/src/Makefile.am.selinux	2004-12-29 12:24:03.264876008 -0500
+++ coreutils-5.2.1/src/Makefile.am	2004-12-29 12:24:03.436856641 -0500
@@ -3,13 +3,13 @@
 EXTRA_PROGRAMS = chroot df hostid nice pinky stty su runuser uname uptime users who
 
@ -2015,8 +2022,8 @@
 
 ## If necessary, add -lm to resolve use of pow in lib/strtod.c.
 sort_LDADD = $(LDADD) $(POW_LIB)
--- coreutils-5.2.1/src/copy.c.selinux	2004-12-27 08:25:32.517120195 -0500
-+++ coreutils-5.2.1/src/copy.c	2004-12-27 08:25:32.554116029 -0500
+--- coreutils-5.2.1/src/copy.c.selinux	2004-12-29 12:24:03.382862721 -0500
+++ coreutils-5.2.1/src/copy.c	2004-12-29 12:24:03.439856303 -0500
@@ -42,6 +42,11 @@
 #include "utimens.h"
 #include "xreadlink.h"
@ -2113,7 +2120,7 @@
      If we've just added a dev/ino entry via the remember_copied
      call above (i.e., unless we've just failed to create a hard link),
 --- coreutils-5.2.1/src/mknod.c.selinux	2004-01-21 17:27:02.000000000 -0500
-+++ coreutils-5.2.1/src/mknod.c	2004-12-27 08:25:32.556115804 -0500
+++ coreutils-5.2.1/src/mknod.c	2004-12-29 12:24:03.440856191 -0500
@@ -36,8 +36,15 @@
 /* The name this program was run with. */
 char *program_name;
@ -2175,8 +2182,8 @@
 	case_GETOPT_HELP_CHAR;
 	case_GETOPT_VERSION_CHAR (PROGRAM_NAME, AUTHORS);
 	default:
--- coreutils-5.2.1/src/cp.c.selinux	2004-12-27 08:25:32.018176382 -0500
-+++ coreutils-5.2.1/src/cp.c	2004-12-27 08:25:32.558115579 -0500
+--- coreutils-5.2.1/src/cp.c.selinux	2004-12-29 12:24:02.852922400 -0500
+++ coreutils-5.2.1/src/cp.c	2004-12-29 12:24:03.443855853 -0500
@@ -49,6 +49,11 @@
 
 #define AUTHORS "Torbjorn Granlund", "David MacKenzie", "Jim Meyering"
@ -2340,7 +2347,7 @@
 	case PARENTS_OPTION:
 	  flag_path = 1;
 --- coreutils-5.2.1/src/mkfifo.c.selinux	2004-01-21 17:27:02.000000000 -0500
-+++ coreutils-5.2.1/src/mkfifo.c	2004-12-27 08:25:32.559115466 -0500
+++ coreutils-5.2.1/src/mkfifo.c	2004-12-29 12:24:03.444855740 -0500
@@ -32,11 +32,18 @@
 
 #define AUTHORS "David MacKenzie"
@ -2404,8 +2411,8 @@
 	case_GETOPT_HELP_CHAR;
 	case_GETOPT_VERSION_CHAR (PROGRAM_NAME, AUTHORS);
 	default:
--- coreutils-5.2.1/configure.ac.selinux	2004-12-27 08:25:32.107166361 -0500
-+++ coreutils-5.2.1/configure.ac	2004-12-27 08:25:32.560115354 -0500
+--- coreutils-5.2.1/configure.ac.selinux	2004-12-29 12:24:02.947911703 -0500
+++ coreutils-5.2.1/configure.ac	2004-12-29 12:24:03.446855515 -0500
@@ -14,6 +14,13 @@
 LIB_PAM="-ldl -lpam -lpam_misc"
 AC_SUBST(LIB_PAM)])
@ -2421,7 +2428,7 @@
 gl_USE_SYSTEM_EXTENSIONS
 jm_PERL
 --- coreutils-5.2.1/man/mkfifo.1.selinux	2004-03-02 17:52:28.000000000 -0500
-+++ coreutils-5.2.1/man/mkfifo.1	2004-12-27 08:25:32.560115354 -0500
+++ coreutils-5.2.1/man/mkfifo.1	2004-12-29 12:24:03.446855515 -0500
@@ -12,6 +12,9 @@
 .PP
 Mandatory arguments to long options are mandatory for short options too.
@ -2433,7 +2440,7 @@
 set permission mode (as in chmod), not a=rw - umask
 .TP
 --- coreutils-5.2.1/man/ls.1.selinux	2004-03-02 17:52:28.000000000 -0500
-+++ coreutils-5.2.1/man/ls.1	2004-12-27 08:25:32.562115129 -0500
+++ coreutils-5.2.1/man/ls.1	2004-12-29 12:24:03.448855290 -0500
@@ -195,6 +195,20 @@
 .TP
 \fB\-1\fR
@ -2456,7 +2463,7 @@
 \fB\-\-help\fR
 display this help and exit
 --- coreutils-5.2.1/man/dir.1.selinux	2004-03-02 17:51:06.000000000 -0500
-+++ coreutils-5.2.1/man/dir.1	2004-12-27 08:25:32.563115016 -0500
+++ coreutils-5.2.1/man/dir.1	2004-12-29 12:24:03.452854839 -0500
@@ -195,6 +195,20 @@
 .TP
 \fB\-1\fR
@ -2479,7 +2486,7 @@
 \fB\-\-help\fR
 display this help and exit
 --- coreutils-5.2.1/man/mkdir.1.selinux	2004-03-02 17:52:28.000000000 -0500
-+++ coreutils-5.2.1/man/mkdir.1	2004-12-27 08:25:32.564114903 -0500
+++ coreutils-5.2.1/man/mkdir.1	2004-12-29 12:24:03.453854727 -0500
@@ -12,6 +12,8 @@
 .PP
 Mandatory arguments to long options are mandatory for short options too.
@ -2489,8 +2496,8 @@
 \fB\-m\fR, \fB\-\-mode\fR=\fIMODE\fR
 set permission mode (as in chmod), not rwxrwxrwx - umask
 .TP
--- /dev/null	2004-12-22 03:32:57.447392592 -0500
-+++ coreutils-5.2.1/man/runcon.1	2004-12-27 08:25:32.565114791 -0500
+--- /dev/null	2004-12-29 02:13:24.827638832 -0500
+++ coreutils-5.2.1/man/runcon.1	2004-12-29 12:24:03.454854614 -0500
@@ -0,0 +1,39 @@
 +.TH RUNCON "1" "July 2003" "runcon (coreutils) 5.0" "selinux"
 +.SH NAME
@ -2532,7 +2539,7 @@
 +Note that only carefully-chosen contexts are likely to successfully
 +run.
 --- coreutils-5.2.1/man/Makefile.in.selinux	2004-03-11 03:58:00.000000000 -0500
-+++ coreutils-5.2.1/man/Makefile.in	2004-12-27 08:25:32.566114678 -0500
+++ coreutils-5.2.1/man/Makefile.in	2004-12-29 12:24:03.456854389 -0500
@@ -185,6 +185,7 @@
 INTLLIBS = @INTLLIBS@
 KMEM_GROUP = @KMEM_GROUP@
@ -2568,8 +2575,8 @@
 
 # Note the use of $t/$*, rather than just `$*' as in other packages.
 # That is necessary to avoid failures for programs that are also shell built-in
--- coreutils-5.2.1/man/install.1.selinux	2004-12-27 08:25:31.912188317 -0500
-+++ coreutils-5.2.1/man/install.1	2004-12-27 08:25:32.567114566 -0500
+--- coreutils-5.2.1/man/install.1.selinux	2004-12-29 12:24:02.671942781 -0500
+++ coreutils-5.2.1/man/install.1	2004-12-29 12:24:03.458854164 -0500
@@ -60,6 +60,11 @@
 .TP
 \fB\-v\fR, \fB\-\-verbose\fR
@ -2583,7 +2590,7 @@
 \fB\-\-help\fR
 display this help and exit
 --- coreutils-5.2.1/man/stat.1.selinux	2004-03-02 17:52:31.000000000 -0500
-+++ coreutils-5.2.1/man/stat.1	2004-12-27 08:25:32.568114453 -0500
+++ coreutils-5.2.1/man/stat.1	2004-12-29 12:24:03.459854051 -0500
@@ -22,6 +22,9 @@
 \fB\-t\fR, \fB\-\-terse\fR
 print the information in terse form
@ -2604,8 +2611,8 @@
 %D
 Device number in hex
 .TP
--- /dev/null	2004-12-22 03:32:57.447392592 -0500
-+++ coreutils-5.2.1/man/chcon.1	2004-12-27 08:25:32.569114340 -0500
+--- /dev/null	2004-12-29 02:13:24.827638832 -0500
+++ coreutils-5.2.1/man/chcon.1	2004-12-29 12:24:03.461853826 -0500
@@ -0,0 +1,64 @@
 +.TH CHCON 1 "July 2003" "chcon (coreutils) 5.0" "User Commands"
 +.SH NAME
@ -2672,7 +2679,7 @@
 +.PP
 +should give you access to the complete manual.
 --- coreutils-5.2.1/man/mknod.1.selinux	2004-03-02 17:52:28.000000000 -0500
-+++ coreutils-5.2.1/man/mknod.1	2004-12-27 08:25:32.570114228 -0500
+++ coreutils-5.2.1/man/mknod.1	2004-12-29 12:24:03.463853601 -0500
@@ -12,6 +12,9 @@
 .PP
 Mandatory arguments to long options are mandatory for short options too.
@ -2683,15 +2690,15 @@
 \fB\-m\fR, \fB\-\-mode\fR=\fIMODE\fR
 set permission mode (as in chmod), not a=rw - umask
 .TP
--- /dev/null	2004-12-22 03:32:57.447392592 -0500
-+++ coreutils-5.2.1/man/chcon.x	2004-12-27 08:25:32.571114115 -0500
+--- /dev/null	2004-12-29 02:13:24.827638832 -0500
+++ coreutils-5.2.1/man/chcon.x	2004-12-29 12:24:03.464853488 -0500
@@ -0,0 +1,4 @@
 +[NAME]
 +chcon \- change file security context
 +[DESCRIPTION]
 +.\" Add any additional description here
--- coreutils-5.2.1/man/Makefile.am.selinux	2004-12-27 08:25:32.408132469 -0500
-+++ coreutils-5.2.1/man/Makefile.am	2004-12-27 08:25:32.573113890 -0500
+--- coreutils-5.2.1/man/Makefile.am.selinux	2004-12-29 12:24:03.258876684 -0500
+++ coreutils-5.2.1/man/Makefile.am	2004-12-29 12:24:03.466853263 -0500
@@ -10,7 +10,7 @@
   rm.1 rmdir.1 runuser.1 seq.1 sha1sum.1 shred.1 sleep.1 sort.1 split.1 stat.1 stty.1 \
   su.1 sum.1 sync.1 tac.1 tail.1 tee.1 test.1 touch.1 tr.1 true.1 tsort.1 \
@ -2710,13 +2717,13 @@
 
 SUFFIXES = .x .1
 
--- /dev/null	2004-12-22 03:32:57.447392592 -0500
-+++ coreutils-5.2.1/man/runcon.x	2004-12-27 08:25:32.574113777 -0500
+--- /dev/null	2004-12-29 02:13:24.827638832 -0500
+++ coreutils-5.2.1/man/runcon.x	2004-12-29 12:24:03.467853150 -0500
@@ -0,0 +1,2 @@
 +[DESCRIPTION]
 +.\" Add any additional description here
 --- coreutils-5.2.1/man/id.1.selinux	2004-03-02 17:52:27.000000000 -0500
-+++ coreutils-5.2.1/man/id.1	2004-12-27 08:25:32.575113665 -0500
+++ coreutils-5.2.1/man/id.1	2004-12-29 12:24:03.469852925 -0500
@@ -13,6 +13,9 @@
 \fB\-a\fR
 ignore, for compatibility with other versions
@ -2728,7 +2735,7 @@
 print only the effective group ID
 .TP
 --- coreutils-5.2.1/man/cp.1.selinux	2004-03-02 17:51:05.000000000 -0500
-+++ coreutils-5.2.1/man/cp.1	2004-12-27 08:25:32.576113552 -0500
+++ coreutils-5.2.1/man/cp.1	2004-12-29 12:24:03.470852813 -0500
@@ -57,7 +57,7 @@
 .TP
 \fB\-\-preserve\fR[=\fIATTR_LIST\fR]
@ -2749,7 +2756,7 @@
 output version information and exit
 .PP
 --- coreutils-5.2.1/man/vdir.1.selinux	2004-03-02 17:52:33.000000000 -0500
-+++ coreutils-5.2.1/man/vdir.1	2004-12-27 08:25:32.577113440 -0500
+++ coreutils-5.2.1/man/vdir.1	2004-12-29 12:24:03.471852700 -0500
@@ -195,6 +195,20 @@
 .TP
 \fB\-1\fR
@ -2771,8 +2778,8 @@
 .TP
 \fB\-\-help\fR
 display this help and exit
--- coreutils-5.2.1/tests/help-version.selinux	2004-12-27 08:25:32.410132243 -0500
-+++ coreutils-5.2.1/tests/help-version	2004-12-27 08:25:32.578113327 -0500
+--- coreutils-5.2.1/tests/help-version.selinux	2004-12-29 12:24:03.261876346 -0500
+++ coreutils-5.2.1/tests/help-version	2004-12-29 12:24:03.473852475 -0500
@@ -42,6 +42,8 @@
 
     # Skip `test'; it doesn't accept --help or --version.
@ -2791,8 +2798,8 @@
 
   rm -rf $tmp_in $tmp_in2 $tmp_dir $tmp_out
   echo > $tmp_in
--- coreutils-5.2.1/config.hin.selinux	2004-12-27 08:25:32.110166023 -0500
-+++ coreutils-5.2.1/config.hin	2004-12-27 08:25:32.579113214 -0500
+--- coreutils-5.2.1/config.hin.selinux	2004-12-29 12:24:02.949911478 -0500
+++ coreutils-5.2.1/config.hin	2004-12-29 12:24:03.475852250 -0500
@@ -1374,6 +1374,9 @@
 /* Define if sys/ptem.h is required for struct winsize. */
 #undef WINSIZE_IN_PTEM
--- a/coreutils.spec
+++ b/coreutils.spec
@ -4,7 +4,7 @@
 Summary: The GNU core utilities: a set of tools commonly used in shell scripts
 Name:    coreutils
 Version: 5.2.1
-Release: 35
+Release: 36
 License: GPL
 Group:   System Environment/Base
 Url:     http://www.gnu.org/software/coreutils/
@ -247,6 +247,9 @@ fi
 /sbin/runuser

 %changelog
+* Mon Dec 28 2004 Dan Walsh <dwalsh@redhat.com> 5.2.1-36
+- Fix to only setdefaultfilecon if not overridden by command line
+
 * Mon Dec 27 2004 Dan Walsh <dwalsh@redhat.com> 5.2.1-35
 - Change install to restorecon if it can