change setenforce to accept Enforcing. permissive
This commit is contained in:
parent
72ef06e71f
commit
828726ceed
@ -1,5 +1,20 @@
|
|||||||
|
--- libselinux-1.17.13/man/man8/setenforce.8.rhat 2004-09-20 15:47:27.000000000 -0400
|
||||||
|
+++ libselinux-1.17.13/man/man8/setenforce.8 2004-10-01 14:53:51.508185621 -0400
|
||||||
|
@@ -6,9 +6,9 @@
|
||||||
|
|
||||||
|
.SH "DESCRIPTION"
|
||||||
|
.B setenforce [1|0]
|
||||||
|
-Execute setenforce 1 to put SELinux is enforcing mode.
|
||||||
|
-Execute setenforce 0 to put SELinux in permissive mode.
|
||||||
|
-You need to modify /etc/grub.conf or /etc/sysconfig/selinux
|
||||||
|
+Execute setenforce [ Enforcing | 1 ] to put SELinux is enforcing mode.
|
||||||
|
+Execute setenforce [ Permissive | 0 ] to put SELinux in permissive mode.
|
||||||
|
+You need to modify /etc/grub.conf or /etc/selinux/config
|
||||||
|
to disable SELinux.
|
||||||
|
|
||||||
|
.SH AUTHOR
|
||||||
--- libselinux-1.17.13/include/selinux/selinux.h.rhat 2004-09-20 15:47:27.000000000 -0400
|
--- libselinux-1.17.13/include/selinux/selinux.h.rhat 2004-09-20 15:47:27.000000000 -0400
|
||||||
+++ libselinux-1.17.13/include/selinux/selinux.h 2004-09-22 08:04:05.071173016 -0400
|
+++ libselinux-1.17.13/include/selinux/selinux.h 2004-10-01 14:35:29.873277912 -0400
|
||||||
@@ -197,6 +197,7 @@
|
@@ -197,6 +197,7 @@
|
||||||
policy root directory. */
|
policy root directory. */
|
||||||
extern const char *selinux_binary_policy_path(void);
|
extern const char *selinux_binary_policy_path(void);
|
||||||
@ -8,8 +23,18 @@
|
|||||||
extern const char *selinux_default_context_path(void);
|
extern const char *selinux_default_context_path(void);
|
||||||
extern const char *selinux_user_contexts_path(void);
|
extern const char *selinux_user_contexts_path(void);
|
||||||
extern const char *selinux_file_context_path(void);
|
extern const char *selinux_file_context_path(void);
|
||||||
|
--- libselinux-1.17.13/src/selinux_internal.h.rhat 2004-09-20 15:47:27.000000000 -0400
|
||||||
|
+++ libselinux-1.17.13/src/selinux_internal.h 2004-10-01 14:35:29.876277582 -0400
|
||||||
|
@@ -16,6 +16,7 @@
|
||||||
|
hidden_proto(security_getenforce)
|
||||||
|
hidden_proto(selinux_default_context_path)
|
||||||
|
hidden_proto(selinux_failsafe_context_path)
|
||||||
|
+hidden_proto(selinux_removable_context_path)
|
||||||
|
hidden_proto(selinux_file_context_path)
|
||||||
|
hidden_proto(selinux_user_contexts_path)
|
||||||
|
hidden_proto(selinux_booleans_path)
|
||||||
--- libselinux-1.17.13/src/selinux_config.c.rhat 2004-09-20 15:47:27.000000000 -0400
|
--- libselinux-1.17.13/src/selinux_config.c.rhat 2004-09-20 15:47:27.000000000 -0400
|
||||||
+++ libselinux-1.17.13/src/selinux_config.c 2004-09-22 08:04:05.074172687 -0400
|
+++ libselinux-1.17.13/src/selinux_config.c 2004-10-01 14:35:29.874277802 -0400
|
||||||
@@ -25,7 +25,8 @@
|
@@ -25,7 +25,8 @@
|
||||||
#define DEFAULT_TYPE 6
|
#define DEFAULT_TYPE 6
|
||||||
#define BOOLEANS 7
|
#define BOOLEANS 7
|
||||||
@ -32,8 +57,15 @@
|
|||||||
const char *selinux_binary_policy_path() {
|
const char *selinux_binary_policy_path() {
|
||||||
return get_path(BINPOLICY);
|
return get_path(BINPOLICY);
|
||||||
}
|
}
|
||||||
|
--- libselinux-1.17.13/src/file_path_suffixes.h.rhat 2004-09-20 15:47:27.000000000 -0400
|
||||||
|
+++ libselinux-1.17.13/src/file_path_suffixes.h 2004-10-01 14:35:29.877277472 -0400
|
||||||
|
@@ -8,3 +8,4 @@
|
||||||
|
S_(DEFAULT_TYPE, "/contexts/default_type")
|
||||||
|
S_(BOOLEANS, "/booleans")
|
||||||
|
S_(MEDIA_CONTEXTS, "/contexts/files/media")
|
||||||
|
+S_(REMOVABLE_CONTEXT, "/contexts/removable_context")
|
||||||
--- libselinux-1.17.13/src/dso.h.rhat 2004-09-20 15:47:27.000000000 -0400
|
--- libselinux-1.17.13/src/dso.h.rhat 2004-09-20 15:47:27.000000000 -0400
|
||||||
+++ libselinux-1.17.13/src/dso.h 2004-09-22 08:04:21.655368887 -0400
|
+++ libselinux-1.17.13/src/dso.h 2004-10-01 14:35:29.875277692 -0400
|
||||||
@@ -7,8 +7,13 @@
|
@@ -7,8 +7,13 @@
|
||||||
# define __hidden_proto(fct, internal) \
|
# define __hidden_proto(fct, internal) \
|
||||||
extern __typeof (fct) internal; \
|
extern __typeof (fct) internal; \
|
||||||
@ -49,28 +81,55 @@
|
|||||||
#else
|
#else
|
||||||
# define hidden
|
# define hidden
|
||||||
# define hidden_proto(fct)
|
# define hidden_proto(fct)
|
||||||
--- libselinux-1.17.13/src/selinux_internal.h.rhat 2004-09-20 15:47:27.000000000 -0400
|
|
||||||
+++ libselinux-1.17.13/src/selinux_internal.h 2004-09-22 08:04:05.076172467 -0400
|
|
||||||
@@ -16,6 +16,7 @@
|
|
||||||
hidden_proto(security_getenforce)
|
|
||||||
hidden_proto(selinux_default_context_path)
|
|
||||||
hidden_proto(selinux_failsafe_context_path)
|
|
||||||
+hidden_proto(selinux_removable_context_path)
|
|
||||||
hidden_proto(selinux_file_context_path)
|
|
||||||
hidden_proto(selinux_user_contexts_path)
|
|
||||||
hidden_proto(selinux_booleans_path)
|
|
||||||
--- libselinux-1.17.13/src/compat_file_path.h.rhat 2004-09-20 15:47:27.000000000 -0400
|
--- libselinux-1.17.13/src/compat_file_path.h.rhat 2004-09-20 15:47:27.000000000 -0400
|
||||||
+++ libselinux-1.17.13/src/compat_file_path.h 2004-09-22 08:04:05.072172906 -0400
|
+++ libselinux-1.17.13/src/compat_file_path.h 2004-10-01 14:35:29.876277582 -0400
|
||||||
@@ -8,3 +8,5 @@
|
@@ -8,3 +8,5 @@
|
||||||
S_(DEFAULT_TYPE, SECURITYDIR "/default_type")
|
S_(DEFAULT_TYPE, SECURITYDIR "/default_type")
|
||||||
S_(BOOLEANS, SECURITYDIR "/booleans")
|
S_(BOOLEANS, SECURITYDIR "/booleans")
|
||||||
S_(MEDIA_CONTEXTS, SECURITYDIR "/default_media")
|
S_(MEDIA_CONTEXTS, SECURITYDIR "/default_media")
|
||||||
+S_(REMOVABLE_CONTEXT, SECURITYDIR "/removable_context")
|
+S_(REMOVABLE_CONTEXT, SECURITYDIR "/removable_context")
|
||||||
+
|
+
|
||||||
--- libselinux-1.17.13/src/file_path_suffixes.h.rhat 2004-09-20 15:47:27.000000000 -0400
|
--- libselinux-1.17.13/utils/setenforce.c.rhat 2004-09-20 15:47:27.000000000 -0400
|
||||||
+++ libselinux-1.17.13/src/file_path_suffixes.h 2004-09-22 08:04:05.073172796 -0400
|
+++ libselinux-1.17.13/utils/setenforce.c 2004-10-01 14:52:15.730713531 -0400
|
||||||
@@ -8,3 +8,4 @@
|
@@ -1,18 +1,37 @@
|
||||||
S_(DEFAULT_TYPE, "/contexts/default_type")
|
#include <unistd.h>
|
||||||
S_(BOOLEANS, "/booleans")
|
#include <stdio.h>
|
||||||
S_(MEDIA_CONTEXTS, "/contexts/files/media")
|
#include <stdlib.h>
|
||||||
+S_(REMOVABLE_CONTEXT, "/contexts/removable_context")
|
+#include <ctype.h>
|
||||||
|
+#include <string.h>
|
||||||
|
+#include <strings.h>
|
||||||
|
#include <selinux/selinux.h>
|
||||||
|
|
||||||
|
+void usage(const char *progname) {
|
||||||
|
+ fprintf(stderr, "usage: %s [ Enforcing | Permissive | 1 | 0 ]\n", progname);
|
||||||
|
+ exit(1);
|
||||||
|
+}
|
||||||
|
+
|
||||||
|
int main(int argc, char **argv)
|
||||||
|
{
|
||||||
|
int rc;
|
||||||
|
-
|
||||||
|
if (argc != 2) {
|
||||||
|
- fprintf(stderr, "usage: %s value\n", argv[0]);
|
||||||
|
- exit(1);
|
||||||
|
+ usage(argv[0]);
|
||||||
|
}
|
||||||
|
|
||||||
|
- rc = security_setenforce(atoi(argv[1]));
|
||||||
|
+
|
||||||
|
+ if (strlen(argv[1]) == 1 && (argv[1][0] == '0' || argv[1][0]=='1')) {
|
||||||
|
+ rc = security_setenforce(atoi(argv[1]));
|
||||||
|
+ } else {
|
||||||
|
+ if (strcasecmp(argv[1], "enforcing")==0) {
|
||||||
|
+ rc = security_setenforce(1);
|
||||||
|
+ }
|
||||||
|
+ else
|
||||||
|
+ if (strcasecmp(argv[1], "permissive")==0) {
|
||||||
|
+ rc = security_setenforce(0);
|
||||||
|
+ }
|
||||||
|
+ else
|
||||||
|
+ usage(argv[0]);
|
||||||
|
+ }
|
||||||
|
if (rc < 0) {
|
||||||
|
fprintf(stderr, "%s: setenforce() failed\n", argv[0]);
|
||||||
|
exit(2);
|
||||||
|
@ -1,7 +1,7 @@
|
|||||||
Summary: SELinux library and simple utilities
|
Summary: SELinux library and simple utilities
|
||||||
Name: libselinux
|
Name: libselinux
|
||||||
Version: 1.17.13
|
Version: 1.17.13
|
||||||
Release: 2
|
Release: 3
|
||||||
License: Public domain (uncopyrighted)
|
License: Public domain (uncopyrighted)
|
||||||
Group: System Environment/Libraries
|
Group: System Environment/Libraries
|
||||||
Source: http://www.nsa.gov/selinux/archives/libselinux-%{version}.tgz
|
Source: http://www.nsa.gov/selinux/archives/libselinux-%{version}.tgz
|
||||||
@ -69,6 +69,9 @@ rm -rf ${RPM_BUILD_ROOT}
|
|||||||
%{_mandir}/man8/*
|
%{_mandir}/man8/*
|
||||||
|
|
||||||
%changelog
|
%changelog
|
||||||
|
* Fri Oct 1 2004 Dan Walsh <dwalsh@redhat.com> 1.17.13-3
|
||||||
|
- Change setenforce to accept Enforcing and Permissive
|
||||||
|
|
||||||
* Wed Sep 22 2004 Dan Walsh <dwalsh@redhat.com> 1.17.13-2
|
* Wed Sep 22 2004 Dan Walsh <dwalsh@redhat.com> 1.17.13-2
|
||||||
- Add alpha patch
|
- Add alpha patch
|
||||||
|
|
||||||
|
Loading…
Reference in New Issue
Block a user