* Tue Dec 2 2008 Dan Walsh <dwalsh@redhat.com> 2.0.57-12
- Fix error checking in restorecond, for inotify_add_watch
This commit is contained in:
parent
e94935d28d
commit
2353cbd5a1
@ -1,4 +1,4 @@
|
|||||||
diff --exclude-from=exclude --exclude=sepolgen-1.0.13 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/Makefile policycoreutils-2.0.57/Makefile
|
diff --exclude-from=exclude --exclude=sepolgen-1.0.14 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/Makefile policycoreutils-2.0.57/Makefile
|
||||||
--- nsapolicycoreutils/Makefile 2008-09-22 13:25:07.000000000 -0400
|
--- nsapolicycoreutils/Makefile 2008-09-22 13:25:07.000000000 -0400
|
||||||
+++ policycoreutils-2.0.57/Makefile 2008-12-01 15:20:08.000000000 -0500
|
+++ policycoreutils-2.0.57/Makefile 2008-12-01 15:20:08.000000000 -0500
|
||||||
@@ -1,4 +1,4 @@
|
@@ -1,4 +1,4 @@
|
||||||
@ -7,7 +7,7 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.13 --exclude=gui --exclude=po
|
|||||||
|
|
||||||
INOTIFYH = $(shell ls /usr/include/sys/inotify.h 2>/dev/null)
|
INOTIFYH = $(shell ls /usr/include/sys/inotify.h 2>/dev/null)
|
||||||
|
|
||||||
diff --exclude-from=exclude --exclude=sepolgen-1.0.13 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/audit2allow/audit2allow policycoreutils-2.0.57/audit2allow/audit2allow
|
diff --exclude-from=exclude --exclude=sepolgen-1.0.14 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/audit2allow/audit2allow policycoreutils-2.0.57/audit2allow/audit2allow
|
||||||
--- nsapolicycoreutils/audit2allow/audit2allow 2008-09-22 13:25:08.000000000 -0400
|
--- nsapolicycoreutils/audit2allow/audit2allow 2008-09-22 13:25:08.000000000 -0400
|
||||||
+++ policycoreutils-2.0.57/audit2allow/audit2allow 2008-12-01 15:22:30.000000000 -0500
|
+++ policycoreutils-2.0.57/audit2allow/audit2allow 2008-12-01 15:22:30.000000000 -0500
|
||||||
@@ -42,10 +42,10 @@
|
@@ -42,10 +42,10 @@
|
||||||
@ -57,7 +57,7 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.13 --exclude=gui --exclude=po
|
|||||||
|
|
||||||
g = policygen.PolicyGenerator()
|
g = policygen.PolicyGenerator()
|
||||||
|
|
||||||
diff --exclude-from=exclude --exclude=sepolgen-1.0.13 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/audit2allow/audit2allow.1 policycoreutils-2.0.57/audit2allow/audit2allow.1
|
diff --exclude-from=exclude --exclude=sepolgen-1.0.14 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/audit2allow/audit2allow.1 policycoreutils-2.0.57/audit2allow/audit2allow.1
|
||||||
--- nsapolicycoreutils/audit2allow/audit2allow.1 2008-09-22 13:25:08.000000000 -0400
|
--- nsapolicycoreutils/audit2allow/audit2allow.1 2008-09-22 13:25:08.000000000 -0400
|
||||||
+++ policycoreutils-2.0.57/audit2allow/audit2allow.1 2008-12-01 15:22:34.000000000 -0500
|
+++ policycoreutils-2.0.57/audit2allow/audit2allow.1 2008-12-01 15:22:34.000000000 -0500
|
||||||
@@ -44,9 +44,6 @@
|
@@ -44,9 +44,6 @@
|
||||||
@ -79,7 +79,7 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.13 --exclude=gui --exclude=po
|
|||||||
|
|
||||||
.TP
|
.TP
|
||||||
.B "\-v" | "\-\-verbose"
|
.B "\-v" | "\-\-verbose"
|
||||||
diff --exclude-from=exclude --exclude=sepolgen-1.0.13 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/newrole/newrole.c policycoreutils-2.0.57/newrole/newrole.c
|
diff --exclude-from=exclude --exclude=sepolgen-1.0.14 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/newrole/newrole.c policycoreutils-2.0.57/newrole/newrole.c
|
||||||
--- nsapolicycoreutils/newrole/newrole.c 2008-09-22 13:25:08.000000000 -0400
|
--- nsapolicycoreutils/newrole/newrole.c 2008-09-22 13:25:08.000000000 -0400
|
||||||
+++ policycoreutils-2.0.57/newrole/newrole.c 2008-12-01 15:20:08.000000000 -0500
|
+++ policycoreutils-2.0.57/newrole/newrole.c 2008-12-01 15:20:08.000000000 -0500
|
||||||
@@ -553,7 +553,7 @@
|
@@ -553,7 +553,7 @@
|
||||||
@ -100,7 +100,56 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.13 --exclude=gui --exclude=po
|
|||||||
return -1;
|
return -1;
|
||||||
}
|
}
|
||||||
rc |= cap_set_flag(new_caps, CAP_PERMITTED, 6, cap_list, CAP_SET);
|
rc |= cap_set_flag(new_caps, CAP_PERMITTED, 6, cap_list, CAP_SET);
|
||||||
diff --exclude-from=exclude --exclude=sepolgen-1.0.13 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/scripts/chcat policycoreutils-2.0.57/scripts/chcat
|
diff --exclude-from=exclude --exclude=sepolgen-1.0.14 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/restorecond/restorecond.c policycoreutils-2.0.57/restorecond/restorecond.c
|
||||||
|
--- nsapolicycoreutils/restorecond/restorecond.c 2008-09-22 13:25:08.000000000 -0400
|
||||||
|
+++ policycoreutils-2.0.57/restorecond/restorecond.c 2008-12-02 08:37:59.000000000 -0500
|
||||||
|
@@ -283,6 +283,8 @@
|
||||||
|
inotify_rm_watch(fd, master_wd);
|
||||||
|
master_wd =
|
||||||
|
inotify_add_watch(fd, watch_file_path, IN_MOVED_FROM | IN_MODIFY);
|
||||||
|
+ if (master_wd == -1)
|
||||||
|
+ exitApp("Error watching config file.");
|
||||||
|
}
|
||||||
|
|
||||||
|
/*
|
||||||
|
@@ -411,7 +413,14 @@
|
||||||
|
|
||||||
|
if (!ptr)
|
||||||
|
exitApp("Out of Memory");
|
||||||
|
+
|
||||||
|
ptr->wd = inotify_add_watch(fd, dir, IN_CREATE | IN_MOVED_TO);
|
||||||
|
+ if (ptr->wd == -1) {
|
||||||
|
+ free(ptr);
|
||||||
|
+ syslog(LOG_ERR, "Unable to watch (%s) %s\n",
|
||||||
|
+ path, strerror(errno));
|
||||||
|
+ return;
|
||||||
|
+ }
|
||||||
|
|
||||||
|
ptr->dir = strdup(dir);
|
||||||
|
if (!ptr->dir)
|
||||||
|
diff --exclude-from=exclude --exclude=sepolgen-1.0.14 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/restorecond/utmpwatcher.c policycoreutils-2.0.57/restorecond/utmpwatcher.c
|
||||||
|
--- nsapolicycoreutils/restorecond/utmpwatcher.c 2008-09-22 13:25:08.000000000 -0400
|
||||||
|
+++ policycoreutils-2.0.57/restorecond/utmpwatcher.c 2008-12-02 08:38:00.000000000 -0500
|
||||||
|
@@ -57,7 +57,7 @@
|
||||||
|
utmp_ptr = NULL;
|
||||||
|
FILE *cfg = fopen(utmp_path, "r");
|
||||||
|
if (!cfg)
|
||||||
|
- exitApp("Error reading config file.");
|
||||||
|
+ exitApp("Error reading utmp file.");
|
||||||
|
|
||||||
|
while (fread(&u, sizeof(struct utmp), 1, cfg) > 0) {
|
||||||
|
if (u.ut_type == USER_PROCESS)
|
||||||
|
@@ -69,6 +69,9 @@
|
||||||
|
|
||||||
|
utmp_wd =
|
||||||
|
inotify_add_watch(inotify_fd, utmp_path, IN_MOVED_FROM | IN_MODIFY);
|
||||||
|
+ if (utmp_wd == -1)
|
||||||
|
+ exitApp("Error watching utmp file.");
|
||||||
|
+
|
||||||
|
if (prev_utmp_ptr) {
|
||||||
|
changed = strings_list_diff(prev_utmp_ptr, utmp_ptr);
|
||||||
|
strings_list_free(prev_utmp_ptr);
|
||||||
|
diff --exclude-from=exclude --exclude=sepolgen-1.0.14 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/scripts/chcat policycoreutils-2.0.57/scripts/chcat
|
||||||
--- nsapolicycoreutils/scripts/chcat 2008-09-22 13:25:08.000000000 -0400
|
--- nsapolicycoreutils/scripts/chcat 2008-09-22 13:25:08.000000000 -0400
|
||||||
+++ policycoreutils-2.0.57/scripts/chcat 2008-12-01 15:23:46.000000000 -0500
|
+++ policycoreutils-2.0.57/scripts/chcat 2008-12-01 15:23:46.000000000 -0500
|
||||||
@@ -291,6 +291,8 @@
|
@@ -291,6 +291,8 @@
|
||||||
@ -112,7 +161,7 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.13 --exclude=gui --exclude=po
|
|||||||
return newcats
|
return newcats
|
||||||
|
|
||||||
def translate(cats):
|
def translate(cats):
|
||||||
diff --exclude-from=exclude --exclude=sepolgen-1.0.13 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/semanage/seobject.py policycoreutils-2.0.57/semanage/seobject.py
|
diff --exclude-from=exclude --exclude=sepolgen-1.0.14 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/semanage/seobject.py policycoreutils-2.0.57/semanage/seobject.py
|
||||||
--- nsapolicycoreutils/semanage/seobject.py 2008-09-22 13:25:08.000000000 -0400
|
--- nsapolicycoreutils/semanage/seobject.py 2008-09-22 13:25:08.000000000 -0400
|
||||||
+++ policycoreutils-2.0.57/semanage/seobject.py 2008-12-01 15:20:08.000000000 -0500
|
+++ policycoreutils-2.0.57/semanage/seobject.py 2008-12-01 15:20:08.000000000 -0500
|
||||||
@@ -35,7 +35,7 @@
|
@@ -35,7 +35,7 @@
|
||||||
|
@ -6,7 +6,7 @@
|
|||||||
Summary: SELinux policy core utilities
|
Summary: SELinux policy core utilities
|
||||||
Name: policycoreutils
|
Name: policycoreutils
|
||||||
Version: 2.0.57
|
Version: 2.0.57
|
||||||
Release: 12%{?dist}
|
Release: 13%{?dist}
|
||||||
License: GPLv2+
|
License: GPLv2+
|
||||||
Group: System Environment/Base
|
Group: System Environment/Base
|
||||||
Source: http://www.nsa.gov/selinux/archives/policycoreutils-%{version}.tgz
|
Source: http://www.nsa.gov/selinux/archives/policycoreutils-%{version}.tgz
|
||||||
@ -192,6 +192,9 @@ if [ "$1" -ge "1" ]; then
|
|||||||
fi
|
fi
|
||||||
|
|
||||||
%changelog
|
%changelog
|
||||||
|
* Tue Dec 2 2008 Dan Walsh <dwalsh@redhat.com> 2.0.57-12
|
||||||
|
- Fix error checking in restorecond, for inotify_add_watch
|
||||||
|
|
||||||
* Mon Dec 1 2008 Dan Walsh <dwalsh@redhat.com> 2.0.57-12
|
* Mon Dec 1 2008 Dan Walsh <dwalsh@redhat.com> 2.0.57-12
|
||||||
- Fix audit2allow getopt calls
|
- Fix audit2allow getopt calls
|
||||||
- Fix audit2allow error message
|
- Fix audit2allow error message
|
||||||
|
Loading…
Reference in New Issue
Block a user