From 1b7e8af4b897a3ad0ea59415217e1179419dc197 Mon Sep 17 00:00:00 2001 From: Daniel J Walsh Date: Thu, 14 Jan 2010 21:34:46 +0000 Subject: [PATCH] * Thu Jan 14 2010 Dan Walsh 2.0.78-11 - Run with the same xdmodmap in sandbox as outside - Patch from Josh Cogliati --- policycoreutils-rhat.patch | 15 ++++++++++----- policycoreutils.spec | 6 +++++- 2 files changed, 15 insertions(+), 6 deletions(-) diff --git a/policycoreutils-rhat.patch b/policycoreutils-rhat.patch index 6938906..ff47987 100644 --- a/policycoreutils-rhat.patch +++ b/policycoreutils-rhat.patch @@ -1700,8 +1700,8 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.19 --exclude=gui --exclude=po +relabel: diff --exclude-from=exclude --exclude=sepolgen-1.0.19 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/sandbox/sandbox policycoreutils-2.0.78/sandbox/sandbox --- nsapolicycoreutils/sandbox/sandbox 1969-12-31 19:00:00.000000000 -0500 -+++ policycoreutils-2.0.78/sandbox/sandbox 2009-12-17 13:50:15.000000000 -0500 -@@ -0,0 +1,318 @@ ++++ policycoreutils-2.0.78/sandbox/sandbox 2010-01-14 13:44:46.000000000 -0500 +@@ -0,0 +1,323 @@ +#! /usr/bin/python -E +# Authors: Dan Walsh +# Authors: Josh Cogliati @@ -1723,7 +1723,7 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.19 --exclude=gui --exclude=po +# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA +# + -+import os, sys, getopt, socket, random, fcntl, shutil, re ++import os, sys, getopt, socket, random, fcntl, shutil, re, subprocess +import selinux +import signal +from tempfile import mkdtemp @@ -1976,6 +1976,11 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.19 --exclude=gui --exclude=po + + copyfiles(newhomedir, newtmpdir, init_files + paths) + if X_ind: ++ xmodmapfile = newhomedir + "/.xmodmap" ++ xd = open(xmodmapfile,"w") ++ subprocess.Popen(["/usr/bin/xmodmap","-pke"],stdout=xd.wait() ++ xd.close() ++ + execfile = newhomedir + "/.sandboxrc" + fd = open(execfile, "w+") + fd.write("""#! /bin/sh @@ -2076,14 +2081,14 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.19 --exclude=gui --exclude=po +.PP diff --exclude-from=exclude --exclude=sepolgen-1.0.19 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/sandbox/sandboxX.sh policycoreutils-2.0.78/sandbox/sandboxX.sh --- nsapolicycoreutils/sandbox/sandboxX.sh 1969-12-31 19:00:00.000000000 -0500 -+++ policycoreutils-2.0.78/sandbox/sandboxX.sh 2009-12-08 17:05:49.000000000 -0500 ++++ policycoreutils-2.0.78/sandbox/sandboxX.sh 2010-01-14 13:42:00.000000000 -0500 @@ -0,0 +1,16 @@ +#!/bin/bash +export TITLE="Sandbox: `/usr/bin/tail -1 ~/.sandboxrc | /usr/bin/cut -b1-70`" -+export SCREEN=`/usr/bin/xdpyinfo -display $DISPLAY | /bin/awk '/dimensions/ { print $2 }'` + +(/usr/bin/Xephyr -title "$TITLE" -terminate -screen 1000x700 -displayfd 5 5>&1 2>/dev/null) | while read D; do + export DISPLAY=:$D ++ (/usr/bin/test -r ~/.xmodmap && /usr/bin/xmodmap ~/.xmodmap) & + /usr/bin/matchbox-window-manager -use_titlebar no & + WM_PID=$! + ~/.sandboxrc & diff --git a/policycoreutils.spec b/policycoreutils.spec index 46d33ec..dc49258 100644 --- a/policycoreutils.spec +++ b/policycoreutils.spec @@ -6,7 +6,7 @@ Summary: SELinux policy core utilities Name: policycoreutils Version: 2.0.78 -Release: 10%{?dist} +Release: 11%{?dist} License: GPLv2+ Group: System Environment/Base Source: http://www.nsa.gov/selinux/archives/policycoreutils-%{version}.tgz @@ -297,6 +297,10 @@ fi exit 0 %changelog +* Thu Jan 14 2010 Dan Walsh 2.0.78-11 +- Run with the same xdmodmap in sandbox as outside +- Patch from Josh Cogliati + * Fri Jan 8 2010 Dan Walsh 2.0.78-10 - Fix sepolgen to not generate user sh section on non user policy