From b1238c466bf3a3c84af060c8e67573f1c0041d3d Mon Sep 17 00:00:00 2001 From: Daniel J Walsh Date: Sun, 20 Sep 2009 11:43:05 +0000 Subject: [PATCH] - Dont relabel /root with genhomedircon --- libsemanage-rhat.patch | 72 ++++++++++++++++++++++++++++-------------- libsemanage.spec | 5 ++- 2 files changed, 52 insertions(+), 25 deletions(-) diff --git a/libsemanage-rhat.patch b/libsemanage-rhat.patch index 806269b..d13023e 100644 --- a/libsemanage-rhat.patch +++ b/libsemanage-rhat.patch @@ -1,6 +1,6 @@ -diff --exclude-from=exclude -N -u -r nsalibsemanage/include/semanage/modules.h libsemanage-2.0.37/include/semanage/modules.h +diff --exclude-from=exclude -N -u -r nsalibsemanage/include/semanage/modules.h libsemanage-2.0.38/include/semanage/modules.h --- nsalibsemanage/include/semanage/modules.h 2009-01-13 08:45:35.000000000 -0500 -+++ libsemanage-2.0.37/include/semanage/modules.h 2009-09-09 13:55:07.000000000 -0400 ++++ libsemanage-2.0.38/include/semanage/modules.h 2009-09-20 07:35:51.000000000 -0400 @@ -40,10 +40,12 @@ char *module_data, size_t data_len); int semanage_module_install_base_file(semanage_handle_t *, @@ -22,9 +22,9 @@ diff --exclude-from=exclude -N -u -r nsalibsemanage/include/semanage/modules.h l +int semanage_module_get_enabled(semanage_module_info_t *); #endif -diff --exclude-from=exclude -N -u -r nsalibsemanage/src/conf-parse.y libsemanage-2.0.37/src/conf-parse.y +diff --exclude-from=exclude -N -u -r nsalibsemanage/src/conf-parse.y libsemanage-2.0.38/src/conf-parse.y --- nsalibsemanage/src/conf-parse.y 2009-08-05 15:10:56.000000000 -0400 -+++ libsemanage-2.0.37/src/conf-parse.y 2009-09-09 13:55:50.000000000 -0400 ++++ libsemanage-2.0.38/src/conf-parse.y 2009-09-20 07:35:51.000000000 -0400 @@ -263,7 +263,7 @@ calloc(1, sizeof(*(current_conf->load_policy)))) == NULL) { return -1; @@ -34,9 +34,9 @@ diff --exclude-from=exclude -N -u -r nsalibsemanage/src/conf-parse.y libsemanage return -1; } conf->load_policy->args = NULL; -diff --exclude-from=exclude -N -u -r nsalibsemanage/src/direct_api.c libsemanage-2.0.37/src/direct_api.c +diff --exclude-from=exclude -N -u -r nsalibsemanage/src/direct_api.c libsemanage-2.0.38/src/direct_api.c --- nsalibsemanage/src/direct_api.c 2009-09-17 08:59:43.000000000 -0400 -+++ libsemanage-2.0.37/src/direct_api.c 2009-09-10 17:15:32.000000000 -0400 ++++ libsemanage-2.0.38/src/direct_api.c 2009-09-20 07:35:51.000000000 -0400 @@ -66,6 +66,8 @@ static int semanage_direct_install_base(semanage_handle_t * sh, char *base_data, size_t data_len); @@ -208,9 +208,33 @@ diff --exclude-from=exclude -N -u -r nsalibsemanage/src/direct_api.c libsemanage (*num_modules)++; } else { /* file was not a module, so don't report it */ -diff --exclude-from=exclude -N -u -r nsalibsemanage/src/libsemanage.map libsemanage-2.0.37/src/libsemanage.map +diff --exclude-from=exclude -N -u -r nsalibsemanage/src/genhomedircon.c libsemanage-2.0.38/src/genhomedircon.c +--- nsalibsemanage/src/genhomedircon.c 2009-09-17 08:59:43.000000000 -0400 ++++ libsemanage-2.0.38/src/genhomedircon.c 2009-09-20 07:41:58.000000000 -0400 +@@ -310,6 +310,10 @@ + } + if (strcmp(pwbuf->pw_dir, "/") == 0) + continue; ++ if (strcmp(pwbuf->pw_dir, "/root") == 0) { ++ continue; ++ } ++ + if (semanage_str_count(pwbuf->pw_dir, '/') <= 1) + continue; + if (!(path = strdup(pwbuf->pw_dir))) { +@@ -803,6 +807,9 @@ + * /root */ + continue; + } ++ if (strcmp(pwent->pw_dir, "/root") == 0) { ++ continue; ++ } + if (push_user_entry(&head, name, seuname, + prefix, pwent->pw_dir) != STATUS_SUCCESS) { + *errors = STATUS_ERR; +diff --exclude-from=exclude -N -u -r nsalibsemanage/src/libsemanage.map libsemanage-2.0.38/src/libsemanage.map --- nsalibsemanage/src/libsemanage.map 2009-07-07 15:32:32.000000000 -0400 -+++ libsemanage-2.0.37/src/libsemanage.map 2009-09-09 13:55:07.000000000 -0400 ++++ libsemanage-2.0.38/src/libsemanage.map 2009-09-20 07:35:51.000000000 -0400 @@ -6,10 +6,13 @@ semanage_module_install; semanage_module_install_file; semanage_module_upgrade; semanage_module_upgrade_file; @@ -225,9 +249,9 @@ diff --exclude-from=exclude -N -u -r nsalibsemanage/src/libsemanage.map libseman semanage_reload_policy; semanage_set_reload; semanage_set_rebuild; semanage_user_*; semanage_bool_*; semanage_seuser_*; semanage_iface_*; semanage_port_*; semanage_context_*; -diff --exclude-from=exclude -N -u -r nsalibsemanage/src/module_internal.h libsemanage-2.0.37/src/module_internal.h +diff --exclude-from=exclude -N -u -r nsalibsemanage/src/module_internal.h libsemanage-2.0.38/src/module_internal.h --- nsalibsemanage/src/module_internal.h 2008-08-28 09:34:24.000000000 -0400 -+++ libsemanage-2.0.37/src/module_internal.h 2009-09-09 13:55:07.000000000 -0400 ++++ libsemanage-2.0.38/src/module_internal.h 2009-09-20 07:35:51.000000000 -0400 @@ -6,6 +6,7 @@ hidden_proto(semanage_module_get_name) @@ -236,10 +260,10 @@ diff --exclude-from=exclude -N -u -r nsalibsemanage/src/module_internal.h libsem hidden_proto(semanage_module_info_datum_destroy) hidden_proto(semanage_module_list_nth) #endif -diff --exclude-from=exclude -N -u -r nsalibsemanage/src/modules.c libsemanage-2.0.37/src/modules.c +diff --exclude-from=exclude -N -u -r nsalibsemanage/src/modules.c libsemanage-2.0.38/src/modules.c --- nsalibsemanage/src/modules.c 2009-09-17 08:59:43.000000000 -0400 -+++ libsemanage-2.0.37/src/modules.c 2009-09-10 17:15:42.000000000 -0400 -@@ -154,6 +153,40 @@ ++++ libsemanage-2.0.38/src/modules.c 2009-09-20 07:35:51.000000000 -0400 +@@ -154,6 +154,40 @@ return sh->funcs->install_base_file(sh, module_name); } @@ -280,7 +304,7 @@ diff --exclude-from=exclude -N -u -r nsalibsemanage/src/modules.c libsemanage-2. int semanage_module_remove(semanage_handle_t * sh, char *module_name) { if (sh->funcs->remove == NULL) { -@@ -209,6 +242,13 @@ +@@ -209,6 +243,13 @@ hidden_def(semanage_module_get_name) @@ -294,9 +318,9 @@ diff --exclude-from=exclude -N -u -r nsalibsemanage/src/modules.c libsemanage-2. const char *semanage_module_get_version(semanage_module_info_t * modinfo) { return modinfo->version; -diff --exclude-from=exclude -N -u -r nsalibsemanage/src/modules.h libsemanage-2.0.37/src/modules.h +diff --exclude-from=exclude -N -u -r nsalibsemanage/src/modules.h libsemanage-2.0.38/src/modules.h --- nsalibsemanage/src/modules.h 2008-08-28 09:34:24.000000000 -0400 -+++ libsemanage-2.0.37/src/modules.h 2009-09-09 13:55:07.000000000 -0400 ++++ libsemanage-2.0.38/src/modules.h 2009-09-20 07:35:51.000000000 -0400 @@ -26,6 +26,7 @@ struct semanage_module_info { char *name; /* Key */ @@ -305,9 +329,9 @@ diff --exclude-from=exclude -N -u -r nsalibsemanage/src/modules.h libsemanage-2. }; #endif -diff --exclude-from=exclude -N -u -r nsalibsemanage/src/policy.h libsemanage-2.0.37/src/policy.h +diff --exclude-from=exclude -N -u -r nsalibsemanage/src/policy.h libsemanage-2.0.38/src/policy.h --- nsalibsemanage/src/policy.h 2009-01-13 08:45:35.000000000 -0500 -+++ libsemanage-2.0.37/src/policy.h 2009-09-09 13:55:07.000000000 -0400 ++++ libsemanage-2.0.38/src/policy.h 2009-09-20 07:35:51.000000000 -0400 @@ -58,6 +58,12 @@ /* Upgrade a policy module */ int (*upgrade_file) (struct semanage_handle *, const char *); @@ -321,18 +345,18 @@ diff --exclude-from=exclude -N -u -r nsalibsemanage/src/policy.h libsemanage-2.0 /* Remove a policy module */ int (*remove) (struct semanage_handle *, char *); -diff --exclude-from=exclude -N -u -r nsalibsemanage/src/semanage.conf libsemanage-2.0.37/src/semanage.conf +diff --exclude-from=exclude -N -u -r nsalibsemanage/src/semanage.conf libsemanage-2.0.38/src/semanage.conf --- nsalibsemanage/src/semanage.conf 2008-08-28 09:34:24.000000000 -0400 -+++ libsemanage-2.0.37/src/semanage.conf 2009-09-09 13:55:07.000000000 -0400 ++++ libsemanage-2.0.38/src/semanage.conf 2009-09-20 07:35:51.000000000 -0400 @@ -35,4 +35,4 @@ # given in . Change this setting if a different # version is necessary. #policy-version = 19 - +expand-check=0 -diff --exclude-from=exclude -N -u -r nsalibsemanage/src/semanage_store.c libsemanage-2.0.37/src/semanage_store.c +diff --exclude-from=exclude -N -u -r nsalibsemanage/src/semanage_store.c libsemanage-2.0.38/src/semanage_store.c --- nsalibsemanage/src/semanage_store.c 2009-08-05 15:10:56.000000000 -0400 -+++ libsemanage-2.0.37/src/semanage_store.c 2009-09-09 13:55:07.000000000 -0400 ++++ libsemanage-2.0.38/src/semanage_store.c 2009-09-20 07:35:51.000000000 -0400 @@ -57,6 +57,8 @@ #include "debug.h" @@ -435,9 +459,9 @@ diff --exclude-from=exclude -N -u -r nsalibsemanage/src/semanage_store.c libsema -1 || semanage_load_module(sh, base_filename, base) == -1) { goto cleanup; } -diff --exclude-from=exclude -N -u -r nsalibsemanage/src/semanage_store.h libsemanage-2.0.37/src/semanage_store.h +diff --exclude-from=exclude -N -u -r nsalibsemanage/src/semanage_store.h libsemanage-2.0.38/src/semanage_store.h --- nsalibsemanage/src/semanage_store.h 2009-07-07 15:32:32.000000000 -0400 -+++ libsemanage-2.0.37/src/semanage_store.h 2009-09-09 13:55:07.000000000 -0400 ++++ libsemanage-2.0.38/src/semanage_store.h 2009-09-20 07:35:51.000000000 -0400 @@ -128,4 +128,6 @@ size_t buf_len, char **sorted_buf, size_t * sorted_buf_len); diff --git a/libsemanage.spec b/libsemanage.spec index 1389abd..b9459eb 100644 --- a/libsemanage.spec +++ b/libsemanage.spec @@ -3,7 +3,7 @@ Summary: SELinux binary policy manipulation library Name: libsemanage Version: 2.0.38 -Release: 1%{?dist} +Release: 2%{?dist} License: LGPLv2+ Group: System Environment/Libraries Source: http://www.nsa.gov/selinux/archives/libsemanage-%{version}.tgz @@ -91,6 +91,9 @@ rm -rf ${RPM_BUILD_ROOT} %{_libdir}/python*/site-packages/* %changelog +* Sun Sep 20 2009 Dan Walsh - 2.0.38-2 +- Dont relabel /root with genhomedircon + * Thu Sep 17 2009 Dan Walsh - 2.0.38-1 - Update to upstream * Change semodule upgrade behavior to install even if the module