From 3ff1aebc515629aad5d798f105e09f008d56921f Mon Sep 17 00:00:00 2001
From: Daniel J Walsh <dwalsh@fedoraproject.org>
Date: Wed, 27 Jul 2005 14:05:30 +0000
Subject: [PATCH] * Thu Jul 27 2005 Dan Walsh <dwalsh@redhat.com> 1.25.3-1 -
 Update to match NSA 	* Merged restorecon patch from Ivan Gyurdiev.

---
 .cvsignore                 |  2 +
 policycoreutils-rhat.patch | 87 ++++----------------------------------
 policycoreutils.spec       | 14 ++++--
 sources                    |  2 +-
 4 files changed, 22 insertions(+), 83 deletions(-)

diff --git a/.cvsignore b/.cvsignore
index a6e8ceb..04fb726 100644
--- a/.cvsignore
+++ b/.cvsignore
@@ -40,3 +40,5 @@ policycoreutils-1.23.10.tgz
 policycoreutils-1.23.11.tgz
 policycoreutils-1.24.tgz
 policycoreutils-1.25.1.tgz
+policycoreutils-1.25.2.tgz
+policycoreutils-1.25.3.tgz
diff --git a/policycoreutils-rhat.patch b/policycoreutils-rhat.patch
index e85534a..d5156bb 100644
--- a/policycoreutils-rhat.patch
+++ b/policycoreutils-rhat.patch
@@ -1,80 +1,9 @@
-diff --exclude-from=exclude -N -u -r nsapolicycoreutils/load_policy/load_policy.c policycoreutils-1.23.11/load_policy/load_policy.c
---- nsapolicycoreutils/load_policy/load_policy.c	2005-04-14 07:22:16.000000000 -0400
-+++ policycoreutils-1.23.11/load_policy/load_policy.c	2005-05-28 01:25:28.000000000 -0400
-@@ -103,7 +103,7 @@
- 			if (errno == ENOENT || errno == EINVAL) {
- 				/* No booleans file or stale booleans in the file; non-fatal. */
- 				if (! quiet) 
--					fprintf(stderr, _("%s:  Warning!  Error while setting booleans from %s:  %s\n"), argv[0], boolpath, strerror(errno));
-+					fprintf(stderr, _("%s:  Warning while setting booleans from %s\n"), argv[0], boolpath);
- 			} else {
- 				fprintf(stderr, _("%s:  Error while setting booleans from %s:  %s\n"), argv[0], boolpath, strerror(errno));
- 				exit(2);
-@@ -115,7 +115,7 @@
- 		if (ret) {
- 			/* Possibly ok, as there may be no booleans. */
- 			if (! quiet) 
--				fprintf(stderr, _("%s:  Warning!  Error while getting boolean names:  %s\n"), argv[0], strerror(errno));
-+				fprintf(stderr, _("%s:  Warning! unable to get boolean names:  %s\n"), argv[0], strerror(errno));
- 			goto load;
- 		}
- 		if (!len)
-@@ -137,7 +137,7 @@
- 			if (errno == EINVAL) {
- 				/* Stale booleans in the file; non-fatal. */
- 				if (! quiet) 
--					fprintf(stderr, _("%s:  Warning!  Error while setting booleans:  %s\n"), argv[0], strerror(errno));
-+					fprintf(stderr, _("%s:  Warning!  Unable to reset all booleans\n"), argv[0]);
- 			} else {
- 				fprintf(stderr, _("%s:  Error while setting booleans:  %s\n"), argv[0], strerror(errno));
- 				exit(2);
-diff --exclude-from=exclude -N -u -r nsapolicycoreutils/newrole/newrole.c policycoreutils-1.23.11/newrole/newrole.c
---- nsapolicycoreutils/newrole/newrole.c	2005-05-20 13:15:12.000000000 -0400
-+++ policycoreutils-1.23.11/newrole/newrole.c	2005-05-28 01:25:28.000000000 -0400
-@@ -198,6 +198,11 @@
-     result = 0;  /* user authenticated OK! */
-   }
- 
-+  /* Ask PAM to verify acct_mgmt */
-+  if( PAM_SUCCESS != pam_acct_mgmt(pam_handle,0) ) {
-+    result = 0;  /* user authenticated OK! */
-+  }
-+
-   /* We're done with PAM.  Free `pam_handle'. */
-   pam_end( pam_handle, PAM_SUCCESS );
-  
-diff --exclude-from=exclude -N -u -r nsapolicycoreutils/scripts/genhomedircon policycoreutils-1.23.11/scripts/genhomedircon
---- nsapolicycoreutils/scripts/genhomedircon	2005-04-14 07:22:16.000000000 -0400
-+++ policycoreutils-1.23.11/scripts/genhomedircon	2005-06-14 13:01:12.000000000 -0400
-@@ -357,16 +357,22 @@
- 		return udict
- 
- 	def getHomeDirContext(self, user, home, role):
--		ret="\n\n#\n# Context for user %s\n#\n\n" % user
-+		ret="\n\n#\n# Home Context for user %s\n#\n\n" % user
- 		rc=commands.getstatusoutput("grep '^HOME_DIR' %s | sed -e 's|HOME_DIR|%s|' -e 's/ROLE/%s/' -e 's/system_u/%s/'" % (self.getHomeDirTemplate(), home, role, user))
- 		return ret + rc[1] + "\n"
- 
-+	def getUserContext(self, user, sel_user, role):
-+		ret="\n\n#\n# Other Context for user %s\n#\n\n" % user
-+		rc=commands.getstatusoutput("grep 'USER' %s | sed -e 's/USER/%s/' -e 's/ROLE/%s/' -e 's/system_u/%s/'" % (self.getHomeDirTemplate(), user, role, sel_user))
-+		return ret + rc[1] + "\n"
-+
- 	def genHomeDirContext(self):
- 		users = self.getUsers()
- 		ret=""
- 		# Fill in HOME and ROLE for users that are defined
- 		for u in users.keys():
- 			ret += self.getHomeDirContext (u, users[u]["home"], users[u]["role"])
-+			ret += self.getUserContext (u, u, users[u]["role"])
- 		return ret+"\n"
- 
- 	def checkExists(self, home):
-@@ -429,6 +435,7 @@
- 		for h in self.getHomeDirs():
- 			ret += self.getHomeDirContext ("user_u" , h+'/[^/]*', "user")
- 			ret += self.getHomeRootContext(h)
-+		ret += self.getUserContext(".*", "user_u", "user") + "\n"
- 		ret += self.genHomeDirContext()
- 		return ret
+diff --exclude-from=exclude -N -u -r nsapolicycoreutils/Makefile policycoreutils-1.25.3/Makefile
+--- nsapolicycoreutils/Makefile	2005-07-18 15:07:46.000000000 -0400
++++ policycoreutils-1.25.3/Makefile	2005-07-27 10:02:12.000000000 -0400
+@@ -1,4 +1,4 @@
+-SUBDIRS=setfiles load_policy newrole run_init restorecon audit2allow audit2why scripts po sestatus semodule_link semodule_expand semodule
++SUBDIRS=setfiles load_policy newrole run_init restorecon audit2allow audit2why scripts po sestatus 
  
+ all install relabel clean: 
+ 	@for subdir in $(SUBDIRS); do \
diff --git a/policycoreutils.spec b/policycoreutils.spec
index a8a32f0..fe688eb 100644
--- a/policycoreutils.spec
+++ b/policycoreutils.spec
@@ -1,8 +1,8 @@
 %define libselinuxver 1.23.1-1
-%define libsepolver 1.5.9-2
+%define libsepolver 1.7-1
 Summary: SELinux policy core utilities.
 Name: policycoreutils
-Version: 1.25.1
+Version: 1.25.3
 Release: 1
 License: GPL
 Group: System Environment/Base
@@ -11,6 +11,7 @@ Patch: policycoreutils-rhat.patch
 
 Prefix: %{_prefix}
 BuildRequires: libselinux-devel >= %{libselinuxver} pam-devel libsepol-devel >= %{libsepolver}
+
 Requires: libselinux >= %{libselinuxver} libsepol >= %{libsepolver}
 
 BuildRoot: %{_tmppath}/%{name}-buildroot
@@ -35,7 +36,6 @@ context.
 %prep
 %setup -q
 %patch -p1 -b .rhat
-
 %build
 make LIBDIR="%{_libdir}" CFLAGS="%{optflags}" all 
 
@@ -84,6 +84,14 @@ rm -rf ${RPM_BUILD_ROOT}
 %config(noreplace) %{_sysconfdir}/sestatus.conf
 
 %changelog
+* Thu Jul 27 2005 Dan Walsh <dwalsh@redhat.com> 1.25.3-1
+- Update to match NSA
+	* Merged restorecon patch from Ivan Gyurdiev.
+
+* Mon Jul 18 2005 Dan Walsh <dwalsh@redhat.com> 1.25.2-1
+- Update to match NSA
+	* Merged load_policy, newrole, and genhomedircon patches from Red Hat.
+
 * Thu Jul 7 2005 Dan Walsh <dwalsh@redhat.com> 1.25.1-1
 - Update to match NSA
 	* Merged loadable module support from Tresys Technology.
diff --git a/sources b/sources
index a6ba975..f764c33 100644
--- a/sources
+++ b/sources
@@ -1 +1 @@
-9978db7cb19c52a3474c6445e9e21bfb  policycoreutils-1.25.1.tgz
+ea4ea978c040dc35db5b38ce28383bdc  policycoreutils-1.25.3.tgz