* Mon Sep 14 2009 Dan Walsh <dwalsh@redhat.com> 2.0.73-5

- Fix sandbox to handle relative paths
2009-09-16 19:48:49 +00:00 · 2009-09-16 19:48:49 +00:00 · 1696e8f7d1
parent c9fdf240be
commit 1696e8f7d1
2 changed files with 11 additions and 6 deletions
--- a/policycoreutils-rhat.patch
+++ b/policycoreutils-rhat.patch
@ -1222,8 +1222,8 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.17 --exclude=gui --exclude=po
 +relabel:
 diff --exclude-from=exclude --exclude=sepolgen-1.0.17 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/sandbox/sandbox policycoreutils-2.0.73/sandbox/sandbox
 --- nsapolicycoreutils/sandbox/sandbox	1969-12-31 19:00:00.000000000 -0500
-+++ policycoreutils-2.0.73/sandbox/sandbox	2009-09-09 17:05:42.000000000 -0400
-@@ -0,0 +1,200 @@
+++ policycoreutils-2.0.73/sandbox/sandbox	2009-09-16 15:46:50.000000000 -0400
+@@ -0,0 +1,202 @@
 +#!/usr/bin/python -E
 +import os, sys, getopt, socket, random, fcntl, shutil
 +import selinux
@ -1307,7 +1307,6 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.17 --exclude=gui --exclude=po
 +def copyfiles(newhomedir, newtmpdir, files):
 +       import pwd
 +       homedir=pwd.getpwuid(os.getuid()).pw_dir
-+       
 +       for f in files:
 +              copyfile(f,homedir, newhomedir)
 +              copyfile(f,"/tmp", newtmpdir)
@ -1389,12 +1388,15 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.17 --exclude=gui --exclude=po
 +                         os.mkdir(newtmpdir)
 +                         selinux.setfilecon(newtmpdir, filecon)
 +                         warnings.resetwarnings()
-+                         copyfiles(newhomedir, newtmpdir, init_files + cmds)
+                         paths = []
+                         for i in cmds:
+                                paths.append(os.path.realpath(i))
+                         copyfiles(newhomedir, newtmpdir, init_files + paths)
 +                         execfile = newhomedir + "/.sandboxrc"
 +                         fd = open(execfile, "w+")
 +                         fd.write("""#! /bin/sh
 +%s
-+""" % " ".join(cmds))
+""" % " ".join(paths))
 +                         fd.close()
 +                         os.chmod(execfile, 0700)
 +                         
--- a/policycoreutils.spec
+++ b/policycoreutils.spec
@ -6,7 +6,7 @@
 Summary: SELinux policy core utilities
 Name:	 policycoreutils
 Version: 2.0.73
-Release: 4%{?dist}
+Release: 5%{?dist}
 License: GPLv2+
 Group:	 System Environment/Base
 Source:	 http://www.nsa.gov/selinux/archives/policycoreutils-%{version}.tgz
@ -297,6 +297,9 @@ fi
 exit 0

 %changelog
+* Mon Sep 14 2009 Dan Walsh <dwalsh@redhat.com> 2.0.73-5
+- Fix sandbox to handle relative paths
+
 * Mon Sep 14 2009 Dan Walsh <dwalsh@redhat.com> 2.0.73-4
 - Add symbolic link to load_policy