* Wed Feb 2 2005 Dan Walsh <dwalsh@redhat.com> 1.21.10-2

- More cleanup of fixfiles sed patch
2005-02-02 17:58:48 +00:00 · 2005-02-02 17:58:48 +00:00 · 41933ac0b5
commit 41933ac0b5
parent 829c705f9c
2 changed files with 234 additions and 7 deletions
--- a/policycoreutils-rhat.patch
+++ b/policycoreutils-rhat.patch
@ -1,6 +1,153 @@
-diff --exclude-from=exclude -N -u -r nsapolicycoreutils/scripts/fixfiles policycoreutils-1.21.9/scripts/fixfiles
+diff --exclude-from=exclude -N -u -r nsapolicycoreutils/restorecon/restorecon.8 policycoreutils-1.21.10/restorecon/restorecon.8
+--- nsapolicycoreutils/restorecon/restorecon.8	2005-01-20 15:59:21.000000000 -0500
+++ policycoreutils-1.21.10/restorecon/restorecon.8	2005-02-02 12:16:06.000000000 -0500
+@@ -4,10 +4,10 @@
+ 
+ .SH "SYNOPSIS"
+ .B restorecon
+-.I [\-o outfilename ] [\-R] [\-n] [\-v] pathname...
+.I [\-o outfilename ] [\-R] [\-n] [\-v] [\-e directory ] pathname...
+ .P
+ .B restorecon
+-.I \-f infilename [\-o outfilename ] [\-R] [\-n] [\-v] [\-F]
+.I \-f infilename [\-o outfilename ] [\-e directory ] [\-R] [\-n] [\-v] [\-F]
+ 
+ .SH "DESCRIPTION"
+ This manual page describes the
+@@ -26,6 +26,9 @@
+ .B \-f infilename
+ infilename contains a list of files to be processed by application. Use \- for stdin.
+ .TP 
+.B \-e directory
+directory to exclude (repeat option for more than one directory.)
+.TP 
+ .B \-R
+ change files and directories file labels recursively
+ .TP 
+diff --exclude-from=exclude -N -u -r nsapolicycoreutils/restorecon/restorecon.c policycoreutils-1.21.10/restorecon/restorecon.c
+--- nsapolicycoreutils/restorecon/restorecon.c	2005-01-31 09:49:15.000000000 -0500
+++ policycoreutils-1.21.10/restorecon/restorecon.c	2005-02-02 12:16:49.000000000 -0500
+@@ -10,6 +10,7 @@
+  * USAGE:
+  * restorecon [-Rnv] pathname...
+  * 
+ * -e   Specify directory to exclude
+  * -n	Do not change any file labels.
+  * -v	Show changes in file labels.  
+  * -o filename save list of files with incorrect context
+@@ -45,6 +46,54 @@
+ static int recurse=0;
+ static int force=0;
+ 
+#define MAX_EXCLUDES 100
+static int excludeCtr=0;
+struct edir {
+	char *directory;
+        int size;
+};
+static struct edir excludeArray[MAX_EXCLUDES];
+static int add_exclude(const char *directory) {
+  struct stat sb;
+  if(directory == NULL || directory[0] != '/') {
+    fprintf(stderr, "Full path required for exclude: %s.\n", 
+	    directory);
+    return 1;
+  }
+  if(lstat(directory, &sb)) {
+    fprintf(stderr, "Directory \"%s\" not found.\n", directory);
+    return 1;
+  }
+  if ((sb.st_mode & S_IFDIR) == 0 ) {
+    fprintf(stderr, "\"%s\" is not a Directory: mode %o\n", directory,sb.st_mode);
+    return 1;
+  }
+   excludeArray[excludeCtr].directory = strdup(directory);
+  if (!excludeArray[excludeCtr].directory) {
+    fprintf(stderr, "Out of memory.\n");
+    return 1;
+  }
+  excludeArray[excludeCtr++].size = strlen(directory);
+
+  if (excludeCtr > MAX_EXCLUDES) {
+    fprintf(stderr, "Maximum excludes %d exceeded.\n", MAX_EXCLUDES);
+    return 1;
+  }
+  return 0;
+}
+static int exclude(const char *file) {
+	int i=0;
+	for(i=0; i < excludeCtr; i++) { 
+		if (strncmp(file,excludeArray[i].directory,excludeArray[i].size)==0) {
+			if (file[excludeArray[i].size]==0 || 
+			    file[excludeArray[i].size]=='/') {
+				return 1;
+			}
+		}
+	}
+	return 0;
+}
+
+ /* Compare two contexts to see if their differences are "significant",
+  * or whether the only difference is in the user. */
+ static int only_changed_user(const char *a, const char *b)
+@@ -61,7 +110,7 @@
+ void usage(const char * const name)
+ {	
+   fprintf(stderr,
+-	  "usage:  %s [-Rnv] [-f filename | pathname... ]\n",  name);
+	  "usage:  %s [-Rnv] [-e excludedir ] [-o filename ] [-f filename | pathname... ]\n",  name);
+   exit(1);
+ }
+ int restore(char *filename) {
+@@ -79,6 +128,9 @@
+   if (len > 0 && filename[len-1]=='/' && (strcmp(filename,"/") != 0)) {
+     filename[len-1]=0;
+   }
+  if (excludeCtr > 0 && exclude(filename)) {
+      return 1;
+  }
+   if (lstat(filename, &st)!=0) {
+     fprintf(stderr,"lstat(%s) failed: %s\n", filename,strerror(errno));
+     return 1;
+@@ -184,7 +236,7 @@
+ void process(char *buf) {
+       if (recurse) {
+ 	if (nftw
+-	    (buf, apply_spec, 1024, FTW_PHYS | FTW_MOUNT)) {
+	    (buf, apply_spec, 1024, FTW_PHYS)) {
+ 	  fprintf(stderr,
+ 		  "%s:  error while labeling files under %s\n",
+ 		  progname, buf);
+@@ -202,13 +254,15 @@
+   int opt;
+   char buf[PATH_MAX];
+ 
+  memset(excludeArray,0, sizeof(excludeArray));
+
+   progname=argv[0];
+   if (is_selinux_enabled() <= 0 )
+     exit(0);
+ 
+   memset(buf,0, sizeof(buf));
+ 
+-  while ((opt = getopt(argc, argv, "FRnvf:o:")) > 0) {
+  while ((opt = getopt(argc, argv, "FRnvf:o:e:")) > 0) {
+     switch (opt) {
+     case 'n':
+       change = 0;
+@@ -219,6 +273,9 @@
+     case 'F':
+       force = 1;
+       break;
+    case 'e':
+      if ( add_exclude(optarg) ) exit(1);
+      break;
+     case 'o':
+       outfile = fopen(optarg,"w");
+       if (!outfile) {
+diff --exclude-from=exclude -N -u -r nsapolicycoreutils/scripts/fixfiles policycoreutils-1.21.10/scripts/fixfiles
 --- nsapolicycoreutils/scripts/fixfiles	2005-01-31 09:49:15.000000000 -0500
-+++ policycoreutils-1.21.9/scripts/fixfiles	2005-02-01 14:06:56.000000000 -0500
+++ policycoreutils-1.21.10/scripts/fixfiles	2005-02-02 12:16:06.000000000 -0500
@@ -60,12 +60,26 @@
 if [ -f ${PREFC} -a -x /usr/bin/diff ]; then
 	TEMPFILE=`mktemp ${FC}.XXXXXXXXXX`
@ -10,13 +157,14 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/scripts/fixfiles policyc
 -            -e 's,[[:blank:]].*,,g' -e 's,\?.*,*,g' | sort -u | \
 -        while read pattern ; do if ! echo "$pattern" | grep -q -f ${TEMPFILE} 2>/dev/null ; then echo "$pattern"; case "$pattern" in *"*") echo "$pattern" |sed 's,\*$,,g'>> ${TEMPFILE};;  esac; fi; done | \
 +	/usr/bin/diff $PREFC $FC | grep '^[<>]'|cut -c3-| grep ^/ | \
-+	sed -r -e 's|\(([/[:alnum:]]+)\)\?|{\1,}|g' \
+	sed -r -e 's,[[:blank:]].*,,g' \
+               -e 's|\(([/[:alnum:]]+)\)\?|{\1,}|g' \
 +	       -e 's|([/[:alnum:]])\?|{\1,}|g' \
 +               -e 's|\?.*|*|g' \
 +	       -e 's|\(.*|*|g' \
 +	       -e 's|\[.*|*|g' \
 +               -e 's|\.\*|*|g' \
-+               -e 's|\.\+|*|g' \
+               -e 's|\.\+|*|g' | \
 +	sort -u | \
 +        while read pattern ; \
 +	    do if ! echo "$pattern" | grep -q -f ${TEMPFILE} 2>/dev/null; then \
@ -26,10 +174,86 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/scripts/fixfiles policyc
 +                  esac; \
 +               fi; \
 +            done | \
-+	grep -v -e ^/root -e ^/home -e ^/tmp -e ^/var/tmp | \
 	while read pattern ; do find $pattern -maxdepth 0 -print; done 2> /dev/null | \
 -	${RESTORECON} $2 -v -f -R - 
-+	${RESTORECON} -R $2 -v -f - 
+	${RESTORECON} -R $2 -v -e /root -e /home -e /tmp -e /var/tmp -f - 
 	rm -f ${TEMPFILE}
 fi
 }
+diff --exclude-from=exclude -N -u -r nsapolicycoreutils/setfiles/setfiles.c policycoreutils-1.21.10/setfiles/setfiles.c
+--- nsapolicycoreutils/setfiles/setfiles.c	2005-01-31 09:49:15.000000000 -0500
+++ policycoreutils-1.21.10/setfiles/setfiles.c	2005-02-02 12:16:16.000000000 -0500
+@@ -116,6 +116,35 @@
+ 	va_end(ap);
+ }
+ 
+static int add_exclude(const char *directory) {
+        struct stat sb;
+	if(directory == NULL || directory[0] != '/') {
+	        fprintf(stderr, "Full path required for exclude: %s.\n", 
+		        directory);
+		return 1;
+	}
+	if(lstat(directory, &sb)) {
+	        fprintf(stderr, "Directory \"%s\" not found.\n", directory);
+	        return 1;
+	}
+	if ((sb.st_mode & S_IFDIR) == 0 ) {
+	        fprintf(stderr, "\"%s\" is not a Directory: mode %o\n", directory,sb.st_mode);
+	        return 1;
+	}
+	excludeArray[excludeCtr].directory = strdup(directory);
+	if (!excludeArray[excludeCtr].directory) {
+	        fprintf(stderr, "Out of memory.\n");
+	        return 1;
+	}
+	excludeArray[excludeCtr++].size = strlen(directory);
+	
+	if (excludeCtr > MAX_EXCLUDES) {
+	        fprintf(stderr, "Maximum excludes %d exceeded.\n", MAX_EXCLUDES);
+	        return 1;
+	}
+	return 0;
+}
+
+ static int exclude(const char *file) {
+ 	int i=0;
+ 	for(i=0; i < excludeCtr; i++) { 
+@@ -402,36 +431,8 @@
+ 			break;
+ 		}
+ 		case 'e':
+-		{
+-			int len;
+-			struct stat sb;
+-			if(optarg[0] != '/') {
+-				fprintf(stderr, "Full path required for exclude: %s.\n", 
+-					optarg);
+-				exit(1);
+-			}
+-			if(lstat(optarg, &sb)) {
+-				fprintf(stderr, "Directory \"%s\" not found.\n", optarg);
+-				exit(1);
+-			}
+-			if ((sb.st_mode & S_IFDIR) == 0 ) {
+-				fprintf(stderr, "\"%s\" is not a Directory: mode %o\n", optarg,sb.st_mode);
+-				exit(1);
+-			}
+-			len=strlen(optarg);
+-			excludeArray[excludeCtr].directory = strdup(optarg);
+-			if (!excludeArray[excludeCtr].directory) {
+-				fprintf(stderr, "Out of memory.\n");
+-				exit(1);
+-			}
+-			excludeArray[excludeCtr++].size = len;
+-			if (excludeCtr > MAX_EXCLUDES) {
+-				fprintf(stderr, "Maximum excludes %d exceeded.\n", 
+-					MAX_EXCLUDES);
+-				exit(1);
+-			}
+		        if ( add_exclude(optarg) ) exit(1);
+ 			break;
+-		}
+ 			
+ 		case 'd':
+ 			debug = 1;
--- a/policycoreutils.spec
+++ b/policycoreutils.spec
@ -81,7 +81,10 @@ rm -rf ${RPM_BUILD_ROOT}
 %config(noreplace) %{_sysconfdir}/sestatus.conf

 %changelog
-* Fri Jan 28 2005 Dan Walsh <dwalsh@redhat.com> 1.21.10-1
+* Wed Feb 2 2005 Dan Walsh <dwalsh@redhat.com> 1.21.10-2
+- More cleanup of fixfiles sed patch
+
+* Mon Jan 31 2005 Dan Walsh <dwalsh@redhat.com> 1.21.10-1
 - More cleanup of fixfiles sed patch
 - Upgrade to latest from NSA
 	* Merged patch for open_init_pty from Manoj Srivastava.