* Wed Nov 22 2006 Dan Walsh <dwalsh@redhat.com> 1.33.4-1

- Upstream accepted my patches * Merged setsebool patch from Karl MacMillan. This fixes a bug reported by Yuichi Nakamura with always setting booleans persistently on an unmanaged system.
2006-11-22 19:52:14 +00:00 · 2006-11-22 19:52:14 +00:00 · 1645ebedf1
parent 9fc2c34117
commit 1645ebedf1
5 changed files with 45239 additions and 47611 deletions
--- a/.cvsignore
+++ b/.cvsignore
@ -117,3 +117,4 @@ policycoreutils-1.30.30.tgz
 policycoreutils-1.32.tgz
 policycoreutils-1.33.1.tgz
 policycoreutils-1.33.2.tgz
+policycoreutils-1.33.4.tgz
--- a/policycoreutils-po.patch
+++ b/policycoreutils-po.patch
--- a/policycoreutils-rhat.patch
+++ b/policycoreutils-rhat.patch
@ -1,7 +1,40 @@
-diff --exclude-from=exclude --exclude='*.po' --exclude='*.pot' -N -u -r nsapolicycoreutils/audit2allow/audit2allow policycoreutils-1.33.2/audit2allow/audit2allow
+diff --exclude-from=exclude --exclude='*.po' --exclude='*.pot' -N -u -r nsapolicycoreutils/audit2allow/audit2allow policycoreutils-1.33.4/audit2allow/audit2allow
 --- nsapolicycoreutils/audit2allow/audit2allow	2006-11-16 17:14:29.000000000 -0500
-+++ policycoreutils-1.33.2/audit2allow/audit2allow	2006-11-20 18:27:22.000000000 -0500
-@@ -184,22 +184,26 @@
+++ policycoreutils-1.33.4/audit2allow/audit2allow	2006-11-22 14:51:29.000000000 -0500
+@@ -25,6 +25,7 @@
+ #
+ #  
+ from avc import *
+import re
+ 
+ if __name__ == '__main__':
+ 	import commands, sys, os, getopt, selinux
+@@ -59,6 +60,11 @@
+ 			print msg
+ 		sys.exit(1)
+ 		
+	def verify_module(module):
+		m = re.findall("[^a-zA-Z]", module)
+		if len(m) != 0:
+			usage(_("Alphabetic Charaters Only"))
+		
+ 	def errorExit(error):
+ 		sys.stderr.write("%s: " % sys.argv[0])
+ 		sys.stderr.write("%s\n" % error)
+@@ -125,10 +131,12 @@
+ 				if module != "" or a[0] == "-":
+ 					usage()
+ 				module = a
+				verify_module(module)
+ 			if o == "-M":
+ 				if module != "" or output_ind  or a[0] == "-":
+ 					usage()
+ 				module = a
+				verify_module(module)
+ 				outfile = a+".te"
+ 				buildPP = 1
+ 				if not os.path.exists("/usr/bin/checkmodule"):
+@@ -184,22 +192,26 @@
 		output.write(serules.out(requires, module))
 		output.flush()
 		if buildPP:
@ -41,9 +74,9 @@ diff --exclude-from=exclude --exclude='*.po' --exclude='*.pot' -N -u -r nsapolic
 			else:
 				errorExit(rc[1])
 
-diff --exclude-from=exclude --exclude='*.po' --exclude='*.pot' -N -u -r nsapolicycoreutils/gui/booleansPage.py policycoreutils-1.33.2/gui/booleansPage.py
+diff --exclude-from=exclude --exclude='*.po' --exclude='*.pot' -N -u -r nsapolicycoreutils/gui/booleansPage.py policycoreutils-1.33.4/gui/booleansPage.py
 --- nsapolicycoreutils/gui/booleansPage.py	1969-12-31 19:00:00.000000000 -0500
-+++ policycoreutils-1.33.2/gui/booleansPage.py	2006-11-20 18:27:22.000000000 -0500
+++ policycoreutils-1.33.4/gui/booleansPage.py	2006-11-22 14:11:25.000000000 -0500
@@ -0,0 +1,200 @@
 +#
 +# booleansPage.py - GUI for Booleans page in system-config-securitylevel
@ -245,9 +278,9 @@ diff --exclude-from=exclude --exclude='*.po' --exclude='*.pot' -N -u -r nsapolic
 +
 +        setsebool="/usr/sbin/setsebool -P %s=%d" % (key, not val)
 +        commands.getstatusoutput(setsebool)
-diff --exclude-from=exclude --exclude='*.po' --exclude='*.pot' -N -u -r nsapolicycoreutils/gui/fcontextPage.py policycoreutils-1.33.2/gui/fcontextPage.py
+diff --exclude-from=exclude --exclude='*.po' --exclude='*.pot' -N -u -r nsapolicycoreutils/gui/fcontextPage.py policycoreutils-1.33.4/gui/fcontextPage.py
 --- nsapolicycoreutils/gui/fcontextPage.py	1969-12-31 19:00:00.000000000 -0500
-+++ policycoreutils-1.33.2/gui/fcontextPage.py	2006-11-20 18:27:22.000000000 -0500
+++ policycoreutils-1.33.4/gui/fcontextPage.py	2006-11-22 14:11:25.000000000 -0500
@@ -0,0 +1,158 @@
 +## fcontextPage.py - show selinux mappings
 +## Copyright (C) 2006 Red Hat, Inc.
@ -407,9 +440,9 @@ diff --exclude-from=exclude --exclude='*.po' --exclude='*.pot' -N -u -r nsapolic
 +        self.store.set_value(iter, 0, fspec)
 +        self.store.set_value(iter, 2, ftype)
 +        self.store.set_value(iter, 1, "system_u:object_r:%s:%s" % (type, mls))
-diff --exclude-from=exclude --exclude='*.po' --exclude='*.pot' -N -u -r nsapolicycoreutils/gui/loginsPage.py policycoreutils-1.33.2/gui/loginsPage.py
+diff --exclude-from=exclude --exclude='*.po' --exclude='*.pot' -N -u -r nsapolicycoreutils/gui/loginsPage.py policycoreutils-1.33.4/gui/loginsPage.py
 --- nsapolicycoreutils/gui/loginsPage.py	1969-12-31 19:00:00.000000000 -0500
-+++ policycoreutils-1.33.2/gui/loginsPage.py	2006-11-20 18:27:22.000000000 -0500
+++ policycoreutils-1.33.4/gui/loginsPage.py	2006-11-22 14:11:25.000000000 -0500
@@ -0,0 +1,161 @@
 +## loginsPage.py - show selinux mappings
 +## Copyright (C) 2006 Red Hat, Inc.
@ -572,9 +605,9 @@ diff --exclude-from=exclude --exclude='*.po' --exclude='*.pot' -N -u -r nsapolic
 +        self.store.set_value(iter, 1, seuser)
 +        self.store.set_value(iter, 2, seobject.translate(serange))
 +
-diff --exclude-from=exclude --exclude='*.po' --exclude='*.pot' -N -u -r nsapolicycoreutils/gui/Makefile policycoreutils-1.33.2/gui/Makefile
+diff --exclude-from=exclude --exclude='*.po' --exclude='*.pot' -N -u -r nsapolicycoreutils/gui/Makefile policycoreutils-1.33.4/gui/Makefile
 --- nsapolicycoreutils/gui/Makefile	1969-12-31 19:00:00.000000000 -0500
-+++ policycoreutils-1.33.2/gui/Makefile	2006-11-20 18:27:22.000000000 -0500
+++ policycoreutils-1.33.4/gui/Makefile	2006-11-22 14:11:25.000000000 -0500
@@ -0,0 +1,29 @@
 +# Installation directories.
 +PREFIX ?= ${DESTDIR}/usr
@ -605,9 +638,9 @@ diff --exclude-from=exclude --exclude='*.po' --exclude='*.pot' -N -u -r nsapolic
 +indent:
 +
 +relabel:
-diff --exclude-from=exclude --exclude='*.po' --exclude='*.pot' -N -u -r nsapolicycoreutils/gui/mappingsPage.py policycoreutils-1.33.2/gui/mappingsPage.py
+diff --exclude-from=exclude --exclude='*.po' --exclude='*.pot' -N -u -r nsapolicycoreutils/gui/mappingsPage.py policycoreutils-1.33.4/gui/mappingsPage.py
 --- nsapolicycoreutils/gui/mappingsPage.py	1969-12-31 19:00:00.000000000 -0500
-+++ policycoreutils-1.33.2/gui/mappingsPage.py	2006-11-20 18:27:22.000000000 -0500
+++ policycoreutils-1.33.4/gui/mappingsPage.py	2006-11-22 14:11:25.000000000 -0500
@@ -0,0 +1,54 @@
 +## mappingsPage.py - show selinux mappings
 +## Copyright (C) 2006 Red Hat, Inc.
@ -663,9 +696,9 @@ diff --exclude-from=exclude --exclude='*.po' --exclude='*.pot' -N -u -r nsapolic
 +        for k in keys:
 +            print "%-25s %-25s %-25s" % (k, dict[k][0], translate(dict[k][1]))
 +
-diff --exclude-from=exclude --exclude='*.po' --exclude='*.pot' -N -u -r nsapolicycoreutils/gui/modulesPage.py policycoreutils-1.33.2/gui/modulesPage.py
+diff --exclude-from=exclude --exclude='*.po' --exclude='*.pot' -N -u -r nsapolicycoreutils/gui/modulesPage.py policycoreutils-1.33.4/gui/modulesPage.py
 --- nsapolicycoreutils/gui/modulesPage.py	1969-12-31 19:00:00.000000000 -0500
-+++ policycoreutils-1.33.2/gui/modulesPage.py	2006-11-20 18:29:29.000000000 -0500
+++ policycoreutils-1.33.4/gui/modulesPage.py	2006-11-22 14:11:25.000000000 -0500
@@ -0,0 +1,161 @@
 +## modulesPage.py - show selinux mappings
 +## Copyright (C) 2006 Red Hat, Inc.
@ -828,9 +861,9 @@ diff --exclude-from=exclude --exclude='*.po' --exclude='*.pot' -N -u -r nsapolic
 +        
 +
 +
-diff --exclude-from=exclude --exclude='*.po' --exclude='*.pot' -N -u -r nsapolicycoreutils/gui/portsPage.py policycoreutils-1.33.2/gui/portsPage.py
+diff --exclude-from=exclude --exclude='*.po' --exclude='*.pot' -N -u -r nsapolicycoreutils/gui/portsPage.py policycoreutils-1.33.4/gui/portsPage.py
 --- nsapolicycoreutils/gui/portsPage.py	1969-12-31 19:00:00.000000000 -0500
-+++ policycoreutils-1.33.2/gui/portsPage.py	2006-11-20 18:40:49.000000000 -0500
+++ policycoreutils-1.33.4/gui/portsPage.py	2006-11-22 14:11:25.000000000 -0500
@@ -0,0 +1,214 @@
 +## portsPage.py - show selinux mappings
 +## Copyright (C) 2006 Red Hat, Inc.
@ -1046,9 +1079,9 @@ diff --exclude-from=exclude --exclude='*.po' --exclude='*.pot' -N -u -r nsapolic
 +        self.store.set_value(iter, MLS_COL, mls)
 +
 +
-diff --exclude-from=exclude --exclude='*.po' --exclude='*.pot' -N -u -r nsapolicycoreutils/gui/semanagePage.py policycoreutils-1.33.2/gui/semanagePage.py
+diff --exclude-from=exclude --exclude='*.po' --exclude='*.pot' -N -u -r nsapolicycoreutils/gui/semanagePage.py policycoreutils-1.33.4/gui/semanagePage.py
 --- nsapolicycoreutils/gui/semanagePage.py	1969-12-31 19:00:00.000000000 -0500
-+++ policycoreutils-1.33.2/gui/semanagePage.py	2006-11-20 18:32:20.000000000 -0500
+++ policycoreutils-1.33.4/gui/semanagePage.py	2006-11-22 14:11:25.000000000 -0500
@@ -0,0 +1,109 @@
 +## semanagePage.py - show selinux mappings
 +## Copyright (C) 2006 Red Hat, Inc.
@ -1159,9 +1192,9 @@ diff --exclude-from=exclude --exclude='*.po' --exclude='*.pot' -N -u -r nsapolic
 +        self.dialog.hide()
 +
 +    
-diff --exclude-from=exclude --exclude='*.po' --exclude='*.pot' -N -u -r nsapolicycoreutils/gui/statusPage.py policycoreutils-1.33.2/gui/statusPage.py
+diff --exclude-from=exclude --exclude='*.po' --exclude='*.pot' -N -u -r nsapolicycoreutils/gui/statusPage.py policycoreutils-1.33.4/gui/statusPage.py
 --- nsapolicycoreutils/gui/statusPage.py	1969-12-31 19:00:00.000000000 -0500
-+++ policycoreutils-1.33.2/gui/statusPage.py	2006-11-20 18:27:22.000000000 -0500
+++ policycoreutils-1.33.4/gui/statusPage.py	2006-11-22 14:11:25.000000000 -0500
@@ -0,0 +1,213 @@
 +## statusPage.py - show selinux status
 +## Copyright (C) 2006 Red Hat, Inc.
@ -1376,9 +1409,9 @@ diff --exclude-from=exclude --exclude='*.po' --exclude='*.pot' -N -u -r nsapolic
 +        return self.types[self.selinuxTypeOptionMenu.get_active()]
 +
 +
-diff --exclude-from=exclude --exclude='*.po' --exclude='*.pot' -N -u -r nsapolicycoreutils/gui/system-config-selinux.glade policycoreutils-1.33.2/gui/system-config-selinux.glade
+diff --exclude-from=exclude --exclude='*.po' --exclude='*.pot' -N -u -r nsapolicycoreutils/gui/system-config-selinux.glade policycoreutils-1.33.4/gui/system-config-selinux.glade
 --- nsapolicycoreutils/gui/system-config-selinux.glade	1969-12-31 19:00:00.000000000 -0500
-+++ policycoreutils-1.33.2/gui/system-config-selinux.glade	2006-11-20 18:27:22.000000000 -0500
+++ policycoreutils-1.33.4/gui/system-config-selinux.glade	2006-11-22 14:11:25.000000000 -0500
@@ -0,0 +1,2792 @@
 +<?xml version="1.0" standalone="no"?> <!--*- mode: xml -*-->
 +<!DOCTYPE glade-interface SYSTEM "http://glade.gnome.org/glade-2.0.dtd">
@ -4172,9 +4205,9 @@ diff --exclude-from=exclude --exclude='*.po' --exclude='*.pot' -N -u -r nsapolic
 +</widget>
 +
 +</glade-interface>
-diff --exclude-from=exclude --exclude='*.po' --exclude='*.pot' -N -u -r nsapolicycoreutils/gui/system-config-selinux.py policycoreutils-1.33.2/gui/system-config-selinux.py
+diff --exclude-from=exclude --exclude='*.po' --exclude='*.pot' -N -u -r nsapolicycoreutils/gui/system-config-selinux.py policycoreutils-1.33.4/gui/system-config-selinux.py
 --- nsapolicycoreutils/gui/system-config-selinux.py	1969-12-31 19:00:00.000000000 -0500
-+++ policycoreutils-1.33.2/gui/system-config-selinux.py	2006-11-20 18:27:22.000000000 -0500
+++ policycoreutils-1.33.4/gui/system-config-selinux.py	2006-11-22 14:11:25.000000000 -0500
@@ -0,0 +1,156 @@
 +#!/usr/bin/python
 +#
@ -4332,9 +4365,9 @@ diff --exclude-from=exclude --exclude='*.po' --exclude='*.pot' -N -u -r nsapolic
 +
 +    app = childWindow()
 +    app.stand_alone()
-diff --exclude-from=exclude --exclude='*.po' --exclude='*.pot' -N -u -r nsapolicycoreutils/gui/translationsPage.py policycoreutils-1.33.2/gui/translationsPage.py
+diff --exclude-from=exclude --exclude='*.po' --exclude='*.pot' -N -u -r nsapolicycoreutils/gui/translationsPage.py policycoreutils-1.33.4/gui/translationsPage.py
 --- nsapolicycoreutils/gui/translationsPage.py	1969-12-31 19:00:00.000000000 -0500
-+++ policycoreutils-1.33.2/gui/translationsPage.py	2006-11-20 18:27:22.000000000 -0500
+++ policycoreutils-1.33.4/gui/translationsPage.py	2006-11-22 14:11:25.000000000 -0500
@@ -0,0 +1,109 @@
 +## translationsPage.py - show selinux translations
 +## Copyright (C) 2006 Red Hat, Inc.
@ -4445,9 +4478,9 @@ diff --exclude-from=exclude --exclude='*.po' --exclude='*.pot' -N -u -r nsapolic
 +        store, iter = self.view.get_selection().get_selected()
 +        self.store.set_value(iter, 0, level)
 +        self.store.set_value(iter, 1, translation)
-diff --exclude-from=exclude --exclude='*.po' --exclude='*.pot' -N -u -r nsapolicycoreutils/gui/usersPage.py policycoreutils-1.33.2/gui/usersPage.py
+diff --exclude-from=exclude --exclude='*.po' --exclude='*.pot' -N -u -r nsapolicycoreutils/gui/usersPage.py policycoreutils-1.33.4/gui/usersPage.py
 --- nsapolicycoreutils/gui/usersPage.py	1969-12-31 19:00:00.000000000 -0500
-+++ policycoreutils-1.33.2/gui/usersPage.py	2006-11-20 18:27:22.000000000 -0500
+++ policycoreutils-1.33.4/gui/usersPage.py	2006-11-22 14:11:25.000000000 -0500
@@ -0,0 +1,155 @@
 +## usersPage.py - show selinux mappings
 +## Copyright (C) 2006 Red Hat, Inc.
@ -4604,18 +4637,18 @@ diff --exclude-from=exclude --exclude='*.po' --exclude='*.pot' -N -u -r nsapolic
 +        except ValueError, e:
 +            self.error(e.args[0])
 +
-diff --exclude-from=exclude --exclude='*.po' --exclude='*.pot' -N -u -r nsapolicycoreutils/Makefile policycoreutils-1.33.2/Makefile
+diff --exclude-from=exclude --exclude='*.po' --exclude='*.pot' -N -u -r nsapolicycoreutils/Makefile policycoreutils-1.33.4/Makefile
 --- nsapolicycoreutils/Makefile	2006-11-16 17:15:00.000000000 -0500
-+++ policycoreutils-1.33.2/Makefile	2006-11-20 18:27:22.000000000 -0500
+++ policycoreutils-1.33.4/Makefile	2006-11-22 14:11:25.000000000 -0500
@@ -1,4 +1,4 @@
 -SUBDIRS=setfiles semanage load_policy newrole run_init restorecon restorecond secon audit2allow audit2why scripts sestatus semodule_package semodule semodule_link semodule_expand semodule_deps setsebool po
 +SUBDIRS=setfiles semanage load_policy newrole run_init restorecon restorecond secon audit2allow audit2why scripts sestatus semodule_package semodule semodule_link semodule_expand semodule_deps setsebool po gui
 
 all install relabel clean indent:
 	@for subdir in $(SUBDIRS); do \
-diff --exclude-from=exclude --exclude='*.po' --exclude='*.pot' -N -u -r nsapolicycoreutils/newrole/newrole.c policycoreutils-1.33.2/newrole/newrole.c
+diff --exclude-from=exclude --exclude='*.po' --exclude='*.pot' -N -u -r nsapolicycoreutils/newrole/newrole.c policycoreutils-1.33.4/newrole/newrole.c
 --- nsapolicycoreutils/newrole/newrole.c	2006-11-20 12:19:55.000000000 -0500
-+++ policycoreutils-1.33.2/newrole/newrole.c	2006-11-20 18:27:22.000000000 -0500
+++ policycoreutils-1.33.4/newrole/newrole.c	2006-11-22 14:11:25.000000000 -0500
@@ -1068,11 +1068,16 @@
 		 */
 		int rc;
@ -4634,9 +4667,9 @@ diff --exclude-from=exclude --exclude='*.po' --exclude='*.pot' -N -u -r nsapolic
 		if (restore_tty_label(fd, ttyn, tty_context, new_tty_context)) {
 			fprintf(stderr, _("Unable to restore tty label...\n"));
 			exit_code = -1;
-diff --exclude-from=exclude --exclude='*.po' --exclude='*.pot' -N -u -r nsapolicycoreutils/run_init/run_init.c policycoreutils-1.33.2/run_init/run_init.c
+diff --exclude-from=exclude --exclude='*.po' --exclude='*.pot' -N -u -r nsapolicycoreutils/run_init/run_init.c policycoreutils-1.33.4/run_init/run_init.c
 --- nsapolicycoreutils/run_init/run_init.c	2006-11-16 17:14:27.000000000 -0500
-+++ policycoreutils-1.33.2/run_init/run_init.c	2006-11-20 18:27:22.000000000 -0500
+++ policycoreutils-1.33.4/run_init/run_init.c	2006-11-22 14:11:25.000000000 -0500
@@ -132,6 +132,14 @@
 		result = 1;	/* user authenticated OK! */
 	}
@ -4652,9 +4685,9 @@ diff --exclude-from=exclude --exclude='*.po' --exclude='*.pot' -N -u -r nsapolic
 	/* We're done with PAM.  Free `pam_handle'. */
 	pam_end(pam_handle, PAM_SUCCESS);
 
-diff --exclude-from=exclude --exclude='*.po' --exclude='*.pot' -N -u -r nsapolicycoreutils/semanage/semanage.8 policycoreutils-1.33.2/semanage/semanage.8
+diff --exclude-from=exclude --exclude='*.po' --exclude='*.pot' -N -u -r nsapolicycoreutils/semanage/semanage.8 policycoreutils-1.33.4/semanage/semanage.8
 --- nsapolicycoreutils/semanage/semanage.8	2006-11-20 12:19:55.000000000 -0500
-+++ policycoreutils-1.33.2/semanage/semanage.8	2006-11-20 18:27:22.000000000 -0500
+++ policycoreutils-1.33.4/semanage/semanage.8	2006-11-22 14:11:25.000000000 -0500
@@ -82,9 +82,6 @@
 .TP
 .I                \-T, \-\-trans
@ -4665,9 +4698,9 @@ diff --exclude-from=exclude --exclude='*.po' --exclude='*.pot' -N -u -r nsapolic
 
 .SH EXAMPLE
 .nf
-diff --exclude-from=exclude --exclude='*.po' --exclude='*.pot' -N -u -r nsapolicycoreutils/semanage/seobject.py policycoreutils-1.33.2/semanage/seobject.py
+diff --exclude-from=exclude --exclude='*.po' --exclude='*.pot' -N -u -r nsapolicycoreutils/semanage/seobject.py policycoreutils-1.33.4/semanage/seobject.py
 --- nsapolicycoreutils/semanage/seobject.py	2006-11-16 17:14:26.000000000 -0500
-+++ policycoreutils-1.33.2/semanage/seobject.py	2006-11-20 18:27:22.000000000 -0500
+++ policycoreutils-1.33.4/semanage/seobject.py	2006-11-22 14:11:25.000000000 -0500
@@ -94,23 +94,25 @@
 	return re.search("^" + reg +"$",raw)
 
--- a/policycoreutils.spec
+++ b/policycoreutils.spec
@ -4,8 +4,8 @@
 %define libselinuxver 1.30.29-2
 Summary: SELinux policy core utilities.
 Name: policycoreutils
-Version: 1.33.2
-Release: 2%{?dist}
+Version: 1.33.4
+Release: 1%{?dist}
 License: GPL
 Group: System Environment/Base
 Source: http://www.nsa.gov/selinux/archives/policycoreutils-%{version}.tgz
@ -168,6 +168,12 @@ fi
 [ -x /sbin/service ] && /sbin/service restorecond condrestart

 %changelog
+* Wed Nov 22 2006 Dan Walsh <dwalsh@redhat.com> 1.33.4-1
+- Upstream accepted my patches
+	* Merged setsebool patch from Karl MacMillan. 
+	  This fixes a bug reported by Yuichi Nakamura with
+	  always setting booleans persistently on an unmanaged system.
+
 * Mon Nov 20 2006 Dan Walsh <dwalsh@redhat.com> 1.33.2-2
 - Fixes for the gui

--- a/2
+++ b/2
@ -1 +1 @@
-201ff1387a4130b60bd64f4cdf11e660  policycoreutils-1.33.2.tgz
+a9a8cd6b1175ed874d4df1d57055ddf4  policycoreutils-1.33.4.tgz