diff --git a/Makefile b/Makefile deleted file mode 100644 index d13c9ca..0000000 --- a/Makefile +++ /dev/null @@ -1,21 +0,0 @@ -# Makefile for source rpm: policycoreutils -# $Id$ -NAME := policycoreutils -SPECFILE = $(firstword $(wildcard *.spec)) - -define find-makefile-common -for d in common ../common ../../common ; do if [ -f $$d/Makefile.common ] ; then if [ -f $$d/CVS/Root -a -w $$d/Makefile.common ] ; then cd $$d ; cvs -Q update ; fi ; echo "$$d/Makefile.common" ; break ; fi ; done -endef - -MAKEFILE_COMMON := $(shell $(find-makefile-common)) - -ifeq ($(MAKEFILE_COMMON),) -# attempt a checkout -define checkout-makefile-common -test -f CVS/Root && { cvs -Q -d $$(cat CVS/Root) checkout common && echo "common/Makefile.common" ; } || { echo "ERROR: I can't figure out how to checkout the 'common' module." ; exit -1 ; } >&2 -endef - -MAKEFILE_COMMON := $(shell $(checkout-makefile-common)) -endif - -include $(MAKEFILE_COMMON) diff --git a/policycoreutils-rhat.patch b/policycoreutils-rhat.patch index 0a0451f..dc789e8 100644 --- a/policycoreutils-rhat.patch +++ b/policycoreutils-rhat.patch @@ -915,3 +915,75 @@ index 17b4fa5..6947b37 100644 parse_command_line(argc, argv); if (build) +diff --git a/policycoreutils/setfiles/restorecon.8 b/policycoreutils/setfiles/restorecon.8 +index 80b6d6e..07c5ee2 100644 +--- a/policycoreutils/setfiles/restorecon.8 ++++ b/policycoreutils/setfiles/restorecon.8 +@@ -4,10 +4,10 @@ restorecon \- restore file(s) default SELinux security contexts. + + .SH "SYNOPSIS" + .B restorecon +-.I [\-o outfilename] [\-R] [\-n] [\-p] [\-v] [\-e directory] pathname... ++.I [\-R] [\-n] [\-p] [\-v] [\-e directory] pathname... + .P + .B restorecon +-.I \-f infilename [\-o outfilename] [\-e directory] [\-R] [\-n] [\-p] [\-v] [\-F] ++.I \-f infilename [\-e directory] [\-R] [\-n] [\-p] [\-v] [\-F] + + .SH "DESCRIPTION" + This manual page describes the +@@ -49,7 +49,7 @@ ignore files that do not exist. + don't change any file labels (passive check). + .TP + .B \-o outfilename +-save list of files with incorrect context in outfilename. ++Deprecated, SELinux policy will probably block this access. Use shell redirection to save list of files with incorrect context in filename. + .TP + .B \-p + show progress by printing * every STAR_COUNT files. (If you relabel the entire OS, this will show you the percentage complete.) +diff --git a/policycoreutils/setfiles/setfiles.8 b/policycoreutils/setfiles/setfiles.8 +index 89d2a49..12bca43 100644 +--- a/policycoreutils/setfiles/setfiles.8 ++++ b/policycoreutils/setfiles/setfiles.8 +@@ -4,7 +4,7 @@ setfiles \- set SELinux file security contexts. + + .SH "SYNOPSIS" + .B setfiles +-.I [\-c policy] [\-d] [\-l] [\-n] [\-e directory] [\-o filename] [\-q] [\-s] [\-v] [\-W] [\-F] spec_file pathname... ++.I [\-c policy] [\-d] [\-l] [\-n] [\-e directory] [\-q] [\-s] [\-v] [\-W] [\-F] spec_file pathname... + .SH "DESCRIPTION" + This manual page describes the + .BR setfiles +@@ -57,7 +57,7 @@ log changes in file labels to syslog. + don't change any file labels (passive check). + .TP + .B \-o filename +-save list of files with incorrect context in filename. ++Deprecated, SELinux policy will probably block this access. Use shell redirection to save list of files with incorrect context in filename. + .TP + .B \-p + show progress by printing * every STAR_COUNT files. (If you relabel the entire OS, this will show you the percentage complete.) +diff --git a/policycoreutils/setfiles/setfiles.c b/policycoreutils/setfiles/setfiles.c +index b11e49f..d3f02ae 100644 +--- a/policycoreutils/setfiles/setfiles.c ++++ b/policycoreutils/setfiles/setfiles.c +@@ -45,14 +45,14 @@ void usage(const char *const name) + { + if (iamrestorecon) { + fprintf(stderr, +- "usage: %s [-iFnprRv0] [-e excludedir] [-o filename] pathname...\n" +- "usage: %s [-iFnprRv0] [-e excludedir] [-o filename] -f filename\n", ++ "usage: %s [-iFnprRv0] [-e excludedir] pathname...\n" ++ "usage: %s [-iFnprRv0] [-e excludedir] -f filename\n", + name, name); + } else { + fprintf(stderr, +- "usage: %s [-dilnpqvFW] [-e excludedir] [-o filename] [-r alt_root_path] spec_file pathname...\n" +- "usage: %s [-dilnpqvFW] [-e excludedir] [-o filename] [-r alt_root_path] spec_file -f filename\n" +- "usage: %s -s [-dilnpqvFW] [-o filename] spec_file\n" ++ "usage: %s [-dilnpqvFW] [-e excludedir] [-r alt_root_path] spec_file pathname...\n" ++ "usage: %s [-dilnpqvFW] [-e excludedir] [-r alt_root_path] spec_file -f filename\n" ++ "usage: %s -s [-dilnpqvFW] spec_file\n" + "usage: %s -c policyfile spec_file\n", + name, name, name, name); + } diff --git a/policycoreutils.spec b/policycoreutils.spec index d1cb33f..d4b1591 100644 --- a/policycoreutils.spec +++ b/policycoreutils.spec @@ -7,7 +7,7 @@ Summary: SELinux policy core utilities Name: policycoreutils Version: 2.1.14 -Release: 1%{?dist} +Release: 2%{?dist} License: GPLv2 Group: System Environment/Base # Based on git repository with tag 20101221 @@ -15,6 +15,7 @@ Source: git://oss.tresys.com/git/selinux/policycoreutils-%{version}.tgz Source1: git://oss.tresys.com/git/selinux/sepolgen-%{sepolgenver}.tgz URL: http://www.selinuxproject.org Source2: policycoreutils_man_ru2.tar.bz2 +Source3: system-config-selinux.png Patch: policycoreutils-rhat.patch Patch1: policycoreutils-sepolgen.patch Obsoletes: policycoreutils < 2.0.61-2 @@ -73,8 +74,9 @@ mkdir -p %{buildroot}%{_mandir}/man8 %{__mkdir} -p %{buildroot}/%{_usr}/share/doc/%{name}-%{version}/ cp COPYING %{buildroot}/%{_usr}/share/doc/%{name}-%{version}/ +cp %{SOURCE2} gui/ make LSPP_PRIV=y DESTDIR="%{buildroot}" SBINDIR="%{buildroot}%{_sbindir}" LIBDIR="%{buildroot}%{_libdir}" SEMODULE_PATH="/usr/sbin" install -make -C gui LSPP_PRIV=y DESTDIR="%{buildroot}" SBINDIR="%{buildroot}%{_sbindir}" LIBDIR="%{buildroot}%{_libdir}" install + # Systemd rm -rf %{buildroot}/%{_sysconfdir}/rc.d/init.d/restorecond @@ -181,7 +183,6 @@ Group: System Environment/Base Requires: policycoreutils-python = %{version}-%{release} Requires: xorg-x11-server-Xephyr /usr/bin/rsync /usr/bin/xmodmap Requires: matchbox-window-manager -Requires(post): /sbin/chkconfig BuildRequires: libcap-ng-devel %description sandbox @@ -324,8 +325,44 @@ The policycoreutils-restorecond package contains the restorecond service. %{_bindir}/systemctl try-restart restorecond.service >/dev/null 2>&1 || : %changelog +* Tue Feb 12 2013 Dan Walsh - 2.1.14-2 +- Fix empty system-config-selinux.png + * Thu Feb 7 2013 Dan Walsh - 2.1.14-1 - Update to upstream + * setfiles: estimate percent progress + * load_policy: make link at the destination directory + * Rebuild polgen.glade with glade-3 + * sepolicy: new command to unite small utilities + * sepolicy: Update Makefiles and po files + * sandbox: use sepolicy to look for sandbox_t + * gui: switch to use sepolicy + * gui: sepolgen: use sepolicy to generate + * semanage: use sepolicy for boolean dictionary + * add po file configuration information + * po: stop running update-po on all + * semanage: seobject verify policy types before allowing you to assign them. + * gui: Start using Popen, instead of os.spawnl + * sandbox: Copy /var/tmp to /tmp as they are the same inside + * qualifier to shred content + * semanage: Fix handling of boolean_sub names when using the -F flag + * semanage: man: roles instead of role + * gui: system-config-selinux: Catch no DISPLAY= error + * setfiles: print error if no default label found + * semanage: list logins file entries in semanage login -l + * semanage: good error message is sepolgen python module missing + * gui: system-config-selinux: do not use lokkit + * secon: add support for setrans color information in prompt output + * restorecond: remove /etc/mtab from default list + * gui: If you are not able to read enforcemode set it to False + * genhomedircon: regenerate genhomedircon more often + * restorecond: Add /etc/udpatedb.conf to restorecond.conf + * genhomedircon generation to allow spec file to pass in SEMODULE_PATH + * fixfiles: relabel only after specific date + * po: update translations + * sandbox: seunshare: do not reassign realloc value + * seunshare: do checking on setfsuid + * sestatus: rewrite to shut up coverity * Thu Jan 31 2013 Dan Walsh - 2.1.12-58 - Reorginize sepolicy so all get_all functions are in main module diff --git a/system-config-selinux.png b/system-config-selinux.png new file mode 100644 index 0000000..68ffcb7 Binary files /dev/null and b/system-config-selinux.png differ