policycoreutils/policycoreutils-rhat.patch

--- policycoreutils-1.17.6/scripts/fixfiles.rhat	2004-10-06 09:47:47.000000000 -0400
+++ policycoreutils-1.17.6/scripts/fixfiles	2004-10-12 11:14:29.468471753 -0400
@@ -31,6 +31,8 @@
 outfileFlag=0
 OUTFILES=""
 logfileFlag=0
+LOGFILE=/dev/null
+SYSLOGFLAG="-l"
 SETFILES=/usr/sbin/setfiles
 FILESYSTEMSRW=`mount | grep -v "context=" | egrep -v '\((|.*,)bind(,.*|)\)' | awk '/(ext[23]| xfs | reiserfs ).*\(rw/{print $3}';`
 FILESYSTEMSRO=`mount | grep -v "context=" | egrep -v '\((|.*,)bind(,.*|)\)' | awk '/(ext[23]| xfs | reiserfs ).*\(ro/{print $3}';`
@@ -44,50 +46,54 @@
     FC=/etc/security/selinux/file_contexts
 fi
 
+logit () {
+if [ $logfileFlag = 0 ]; then
+    logger -i $1
+else
+    echo $1 >> $LOGFILE
+fi
+}
 checkLabels () {
-echo "logging to $LOGFILE"
 if [ ! -z "$1" ]; then
     for i in `echo $1 | sed 's/,/ /g'`; do
-	rpm -q -l $i | restorecon ${OUTFILES} -n -v -f - 2>&1 > $LOGFILE
+	rpm -q -l $i | restorecon ${OUTFILES} -n -v -f - 2>&1 >> $LOGFILE
     done
 else
     if [ ! -z "$FILESYSTEMSRO" ]; then
-        echo "Warning: Skipping the following R/O filesystems:"
-        echo "$FILESYSTEMSRO"
+        logit "Warning: Skipping the following R/O filesystems:"
+        logit "$FILESYSTEMSRO"
     fi
-    ${SETFILES} ${OUTFILES} -n -v ${FC} ${FILESYSTEMSRW} 2>&1 > $LOGFILE
+    ${SETFILES} ${OUTFILES} ${SYSLOGFLAG} -n -v ${FC} ${FILESYSTEMSRW} 2>&1 >> $LOGFILE
 fi
 }
 
 restoreLabels () {
-echo "logging to $LOGFILE"
 if [ ! -z "$1" ]; then
     for i in `echo $1 | sed 's/,/ /g'`; do
-	rpm -q -l $i | restorecon ${OUTFILES} -v -f - 2>&1 > $LOGFILE
+	rpm -q -l $i | restorecon ${OUTFILES} -v -f - 2>&1 >> $LOGFILE
     done
 else
     if [ ! -z "$FILESYSTEMSRO" ]; then
-        echo "Warning: Skipping the following R/O filesystems:"
-        echo "$FILESYSTEMSRO"
+        logit "Warning: Skipping the following R/O filesystems:"
+        logit "$FILESYSTEMSRO"
     fi
-    ${SETFILES} ${OUTFILES} -v ${FC} ${FILESYSTEMS} 2>&1 > $LOGFILE
+    ${SETFILES} ${OUTFILES} ${SYSLOGFLAG} -v ${FC} ${FILESYSTEMS} 2>&1 >> $LOGFILE
 fi
 }
 
 relabel() {
-echo "logging to $LOGFILE"
-echo "Cleaning out /tmp"
+logit "Cleaning out /tmp"
 rm -rf /tmp/.??* /tmp/*
 if [ ! -z "$1" ]; then
     for i in `echo $1 | sed 's/,/ /g'`; do
-	rpm -q -l $i | restorecon ${OUTFILES} -v -f - 2>&1 > $LOGFILE
+	rpm -q -l $i | restorecon ${OUTFILES} -v -f - 2>&1 >> $LOGFILE
     done
 else
     if [ ! -z "$FILESYSTEMSRO" ]; then
-        echo "Warning: Skipping the following R/O filesystems:"
-        echo "$FILESYSTEMSRO"
+        logit "Warning: Skipping the following R/O filesystems:"
+        logit "$FILESYSTEMSRO"
     fi
-    ${SETFILES} ${OUTFILES} -v ${FC} ${FILESYSTEMS} 2>&1 > $LOGFILE
+    ${SETFILES} ${OUTFILES} ${SYSLOGFLAG} -v ${FC} ${FILESYSTEMS} 2>&1 >> $LOGFILE
 fi
 }
 relabelCheck() {
@@ -129,6 +135,8 @@
 fi
 if [ $logfileFlag = 2 ]; then
     LOGFILE="$i"
+    echo > $LOGFILE
+    SYSLOGFLAG=""
     logfileFlag=1
     continue
 fi
@@ -165,13 +173,6 @@
     exit 1
 fi
 
-if [ $logfileFlag = 0 ]; then
-    LOGFILE=`mktemp /var/tmp/fixfiles.log.XXXXXXXXXX`
-    if [ ! -w $LOGFILE ] ; then
-	exit 1
-    fi
-fi
-
 if [ $checkFlag = 1 ]; then
     checkLabels $rpmFiles
 fi
--- policycoreutils-1.17.6/scripts/Makefile.rhat	2004-10-06 09:47:47.000000000 -0400
+++ policycoreutils-1.17.6/scripts/Makefile	2004-10-06 09:56:23.000000000 -0400
@@ -12,7 +12,7 @@
 	-mkdir -p $(BINDIR)
 	install -m 755 $(TARGETS) $(BINDIR)
 	install -m 755 fixfiles $(DESTDIR)/sbin
-	install -D -m 755 fixfiles.cron $(DESTDIR)/etc/cron.daily/fixfiles.cron
+	install -D -m 755 fixfiles.cron $(DESTDIR)/etc/cron.weekly/fixfiles.cron
 	-mkdir -p $(MANDIR)/man8
 	install -m 644 fixfiles.8.gz $(MANDIR)/man8/
 
--- policycoreutils-1.17.6/scripts/fixfiles.cron.rhat	2004-10-06 09:47:47.000000000 -0400
+++ policycoreutils-1.17.6/scripts/fixfiles.cron	2004-10-12 10:50:35.247751062 -0400
@@ -21,7 +21,8 @@
 	    mail ${CRONMAILTO} -s "Invalid File Contexts" < $OUTFILE
 	    rm -f $OUTFILE
 	else
-	    mail ${CRONMAILTO} -s "Invalid File Contexts listed in $OUTFILE" < /dev/null
+	    MESSAGE="Invalid File Contexts listed in $OUTFILE"
+	    mail ${CRONMAILTO} -s "Invalid File Contexts" <<< $MESSAGE
 	fi
     else
 	rm -f $OUTFILE
cleanup fixfiles so setfiles -l if no log file specified 2004-10-12 15:41:25 +00:00			`--- policycoreutils-1.17.6/scripts/fixfiles.rhat 2004-10-06 09:47:47.000000000 -0400`
			`+++ policycoreutils-1.17.6/scripts/fixfiles 2004-10-12 11:14:29.468471753 -0400`
			`@@ -31,6 +31,8 @@`
			`outfileFlag=0`
			`OUTFILES=""`
			`logfileFlag=0`
			`+LOGFILE=/dev/null`
			`+SYSLOGFLAG="-l"`
			`SETFILES=/usr/sbin/setfiles`
			FILESYSTEMSRW=`mount \| grep -v "context=" \| egrep -v '\((\|.,)bind(,.\|)\)' \| awk '/(ext[23]\| xfs \| reiserfs ).*\(rw/{print $3}';`
			FILESYSTEMSRO=`mount \| grep -v "context=" \| egrep -v '\((\|.,)bind(,.\|)\)' \| awk '/(ext[23]\| xfs \| reiserfs ).*\(ro/{print $3}';`
			`@@ -44,50 +46,54 @@`
			`FC=/etc/security/selinux/file_contexts`
			`fi`
update to match NSA 2004-10-06 13:53:23 +00:00
cleanup fixfiles so setfiles -l if no log file specified 2004-10-12 15:41:25 +00:00			`+logit () {`
			`+if [ $logfileFlag = 0 ]; then`
			`+ logger -i $1`
			`+else`
			`+ echo $1 >> $LOGFILE`
			`+fi`
			`+}`
			`checkLabels () {`
			`-echo "logging to $LOGFILE"`
			`if [ ! -z "$1" ]; then`
			for i in `echo $1 \| sed 's/,/ /g'`; do
			`- rpm -q -l $i \| restorecon ${OUTFILES} -n -v -f - 2>&1 > $LOGFILE`
			`+ rpm -q -l $i \| restorecon ${OUTFILES} -n -v -f - 2>&1 >> $LOGFILE`
			`done`
			`else`
			`if [ ! -z "$FILESYSTEMSRO" ]; then`
			`- echo "Warning: Skipping the following R/O filesystems:"`
			`- echo "$FILESYSTEMSRO"`
			`+ logit "Warning: Skipping the following R/O filesystems:"`
			`+ logit "$FILESYSTEMSRO"`
			`fi`
			`- ${SETFILES} ${OUTFILES} -n -v ${FC} ${FILESYSTEMSRW} 2>&1 > $LOGFILE`
			`+ ${SETFILES} ${OUTFILES} ${SYSLOGFLAG} -n -v ${FC} ${FILESYSTEMSRW} 2>&1 >> $LOGFILE`
			`fi`
			`}`

			`restoreLabels () {`
			`-echo "logging to $LOGFILE"`
			`if [ ! -z "$1" ]; then`
			for i in `echo $1 \| sed 's/,/ /g'`; do
			`- rpm -q -l $i \| restorecon ${OUTFILES} -v -f - 2>&1 > $LOGFILE`
			`+ rpm -q -l $i \| restorecon ${OUTFILES} -v -f - 2>&1 >> $LOGFILE`
			`done`
			`else`
			`if [ ! -z "$FILESYSTEMSRO" ]; then`
			`- echo "Warning: Skipping the following R/O filesystems:"`
			`- echo "$FILESYSTEMSRO"`
			`+ logit "Warning: Skipping the following R/O filesystems:"`
			`+ logit "$FILESYSTEMSRO"`
			`fi`
			`- ${SETFILES} ${OUTFILES} -v ${FC} ${FILESYSTEMS} 2>&1 > $LOGFILE`
			`+ ${SETFILES} ${OUTFILES} ${SYSLOGFLAG} -v ${FC} ${FILESYSTEMS} 2>&1 >> $LOGFILE`
			`fi`
			`}`

			`relabel() {`
			`-echo "logging to $LOGFILE"`
			`-echo "Cleaning out /tmp"`
			`+logit "Cleaning out /tmp"`
			`rm -rf /tmp/.??* /tmp/*`
			`if [ ! -z "$1" ]; then`
			for i in `echo $1 \| sed 's/,/ /g'`; do
			`- rpm -q -l $i \| restorecon ${OUTFILES} -v -f - 2>&1 > $LOGFILE`
			`+ rpm -q -l $i \| restorecon ${OUTFILES} -v -f - 2>&1 >> $LOGFILE`
			`done`
			`else`
			`if [ ! -z "$FILESYSTEMSRO" ]; then`
			`- echo "Warning: Skipping the following R/O filesystems:"`
			`- echo "$FILESYSTEMSRO"`
			`+ logit "Warning: Skipping the following R/O filesystems:"`
			`+ logit "$FILESYSTEMSRO"`
			`fi`
			`- ${SETFILES} ${OUTFILES} -v ${FC} ${FILESYSTEMS} 2>&1 > $LOGFILE`
			`+ ${SETFILES} ${OUTFILES} ${SYSLOGFLAG} -v ${FC} ${FILESYSTEMS} 2>&1 >> $LOGFILE`
			`fi`
			`}`
			`relabelCheck() {`
			`@@ -129,6 +135,8 @@`
			`fi`
			`if [ $logfileFlag = 2 ]; then`
			`LOGFILE="$i"`
			`+ echo > $LOGFILE`
			`+ SYSLOGFLAG=""`
			`logfileFlag=1`
			`continue`
			`fi`
			`@@ -165,13 +173,6 @@`
			`exit 1`
			`fi`

			`-if [ $logfileFlag = 0 ]; then`
			- LOGFILE=`mktemp /var/tmp/fixfiles.log.XXXXXXXXXX`
			`- if [ ! -w $LOGFILE ] ; then`
			`- exit 1`
			`- fi`
			`-fi`
			`-`
			`if [ $checkFlag = 1 ]; then`
			`checkLabels $rpmFiles`
			`fi`
Elminate null message 2004-10-12 14:55:07 +00:00			`--- policycoreutils-1.17.6/scripts/Makefile.rhat 2004-10-06 09:47:47.000000000 -0400`
			`+++ policycoreutils-1.17.6/scripts/Makefile 2004-10-06 09:56:23.000000000 -0400`
			`@@ -12,7 +12,7 @@`
			`-mkdir -p $(BINDIR)`
			`install -m 755 $(TARGETS) $(BINDIR)`
			`install -m 755 fixfiles $(DESTDIR)/sbin`
			`- install -D -m 755 fixfiles.cron $(DESTDIR)/etc/cron.daily/fixfiles.cron`
			`+ install -D -m 755 fixfiles.cron $(DESTDIR)/etc/cron.weekly/fixfiles.cron`
			`-mkdir -p $(MANDIR)/man8`
			`install -m 644 fixfiles.8.gz $(MANDIR)/man8/`

			`--- policycoreutils-1.17.6/scripts/fixfiles.cron.rhat 2004-10-06 09:47:47.000000000 -0400`
			`+++ policycoreutils-1.17.6/scripts/fixfiles.cron 2004-10-12 10:50:35.247751062 -0400`
			`@@ -21,7 +21,8 @@`
			`mail ${CRONMAILTO} -s "Invalid File Contexts" < $OUTFILE`
			`rm -f $OUTFILE`
			`else`
			`- mail ${CRONMAILTO} -s "Invalid File Contexts listed in $OUTFILE" < /dev/null`
			`+ MESSAGE="Invalid File Contexts listed in $OUTFILE"`
			`+ mail ${CRONMAILTO} -s "Invalid File Contexts" <<< $MESSAGE`
			`fi`
			`else`
			`rm -f $OUTFILE`