From 520ff2e3790e2e9fa54fce0023666891005d8c5c Mon Sep 17 00:00:00 2001 From: Petr Lautrbach Date: Thu, 10 Sep 2015 17:44:43 +0200 Subject: [PATCH] policycoreutils-2.3-18 - audit2allow, audit2why - ignore setlocale errors (#1208529,#1261928) - Fix typo in semanage args for minimum policy store - Add -reset to Xephyr as it works better with it in recent Fedoras --- policycoreutils-rhat.patch | 56 ++++++++++++++++++++++++++++++++++++-- policycoreutils.spec | 9 ++++-- 2 files changed, 60 insertions(+), 5 deletions(-) diff --git a/policycoreutils-rhat.patch b/policycoreutils-rhat.patch index 68e8c3a..4c76434 100644 --- a/policycoreutils-rhat.patch +++ b/policycoreutils-rhat.patch @@ -9,10 +9,22 @@ index 83ebd45..bea9814 100644 INOTIFYH = $(shell ls /usr/include/sys/inotify.h 2>/dev/null) diff --git a/policycoreutils-2.3/audit2allow/audit2allow b/policycoreutils-2.3/audit2allow/audit2allow -index c9713a2..5c5bd6e 100644 +index c9713a2..e5e25d4 100644 --- a/policycoreutils-2.3/audit2allow/audit2allow +++ b/policycoreutils-2.3/audit2allow/audit2allow -@@ -271,7 +271,7 @@ class AuditToPolicy: +@@ -31,7 +31,10 @@ import sepolgen.module as module + from sepolgen.sepolgeni18n import _ + import selinux.audit2why as audit2why + import locale +-locale.setlocale(locale.LC_ALL, '') ++try: ++ locale.setlocale(locale.LC_ALL, '') ++except: ++ pass + + class AuditToPolicy: + VERSION = "%prog .1" +@@ -271,7 +274,7 @@ class AuditToPolicy: if rc == audit2why.CONSTRAINT: print #!!!! This avc is a constraint violation. You would need to modify the attributes of either the source or target types to allow this access.\n" print "#Constraint rule:" @@ -21,6 +33,22 @@ index c9713a2..5c5bd6e 100644 for reason in data[1:]: print "#\tPossible cause is the source %s and target %s are different.\n" % reason +diff --git a/policycoreutils-2.3/audit2allow/audit2why b/policycoreutils-2.3/audit2allow/audit2why +index 323eddd..395b414 100644 +--- a/policycoreutils-2.3/audit2allow/audit2why ++++ b/policycoreutils-2.3/audit2allow/audit2why +@@ -31,7 +31,10 @@ import sepolgen.module as module + from sepolgen.sepolgeni18n import _ + import selinux.audit2why as audit2why + import locale +-locale.setlocale(locale.LC_ALL, '') ++try: ++ locale.setlocale(locale.LC_ALL, '') ++except: ++ pass + + class AuditToPolicy: + VERSION = "%prog .1" diff --git a/policycoreutils-2.3/audit2allow/sepolgen-ifgen b/policycoreutils-2.3/audit2allow/sepolgen-ifgen index 83c7ecf..7f8caaf 100644 --- a/policycoreutils-2.3/audit2allow/sepolgen-ifgen @@ -654464,6 +654492,19 @@ index 3668abe..3678c5d 100644 if self.__options.usecaps: cmds.append('-C') if self.__mount: +diff --git a/policycoreutils-2.3/sandbox/sandboxX.sh b/policycoreutils-2.3/sandbox/sandboxX.sh +index eaa500d..4774528 100644 +--- a/policycoreutils-2.3/sandbox/sandboxX.sh ++++ b/policycoreutils-2.3/sandbox/sandboxX.sh +@@ -20,7 +20,7 @@ cat > ~/.config/openbox/rc.xml << EOF + + EOF + +-(/usr/bin/Xephyr -resizeable -title "$TITLE" -terminate -screen $SCREENSIZE -dpi $DPI -nolisten tcp -displayfd 5 5>&1 2>/dev/null) | while read D; do ++(/usr/bin/Xephyr -resizeable -title "$TITLE" -terminate -reset -screen $SCREENSIZE -dpi $DPI -nolisten tcp -displayfd 5 5>&1 2>/dev/null) | while read D; do + export DISPLAY=:$D + cat > ~/seremote << __EOF + #!/bin/sh diff --git a/policycoreutils-2.3/sandbox/seunshare.8 b/policycoreutils-2.3/sandbox/seunshare.8 index 06610c0..76b75c8 100644 --- a/policycoreutils-2.3/sandbox/seunshare.8 @@ -655039,7 +655080,7 @@ index 0000000..e2befdb + packages=["policycoreutils"], +) diff --git a/policycoreutils-2.3/semanage/semanage b/policycoreutils-2.3/semanage/semanage -index 36b41cd..209c308 100644 +index 36b41cd..bb879fe 100644 --- a/policycoreutils-2.3/semanage/semanage +++ b/policycoreutils-2.3/semanage/semanage @@ -18,24 +18,34 @@ @@ -655295,6 +655336,15 @@ index 36b41cd..209c308 100644 #To add a new subcommand define the parser for it in a function above and call it here. subparsers = commandParser.add_subparsers(dest='subcommand') setupImportParser(subparsers) +@@ -784,7 +794,7 @@ def createCommandParser(): + + def make_io_args(args): + # import/export backward compability +- args_origin = ["-S", "-o", "-i", "targeted", "minumum", "mls"] ++ args_origin = ["-S", "-o", "-i", "targeted", "minimum", "mls"] + args_file = [] + args_ie = [] + args_subcommand = [] @@ -804,6 +814,8 @@ def make_io_args(args): return args_subcommand+args_ie+args_file diff --git a/policycoreutils.spec b/policycoreutils.spec index 4ece0f9..c2afa21 100644 --- a/policycoreutils.spec +++ b/policycoreutils.spec @@ -7,7 +7,7 @@ Summary: SELinux policy core utilities Name: policycoreutils Version: 2.3 -Release: 17%{?dist} +Release: 18%{?dist} License: GPLv2 Group: System Environment/Base # https://github.com/SELinuxProject/selinux/wiki/Releases @@ -18,7 +18,7 @@ Source2: policycoreutils_man_ru2.tar.bz2 Source3: system-config-selinux.png Source4: sepolicy-icons.tgz # use make-rhat-patches.sh to create following patches from https://github.com/fedora-selinux/selinux/ -# HEAD https://github.com/fedora-selinux/selinux/commit/4395ef2b8bb086878b5fad80321ac9d32f424f51 +# HEAD https://github.com/fedora-selinux/selinux/commit/95dd1474a4b989ef142e924145077e235f60cb57 Patch: policycoreutils-rhat.patch Patch1: sepolgen-rhat.patch Obsoletes: policycoreutils < 2.0.61-2 @@ -388,6 +388,11 @@ The policycoreutils-restorecond package contains the restorecond service. %systemd_postun_with_restart restorecond.service %changelog +* Thu Sep 10 2015 Petr Lautrbach 2.3-18 +- audit2allow, audit2why - ignore setlocale errors (#1208529,#1261928) +- Fix typo in semanage args for minimum policy store +- Add -reset to Xephyr as it works better with it in recent Fedoras + * Wed May 06 2015 Petr Lautrbach 2.3-17 - setfiles/restorecon: fix -r/-R option (#1211721)