From 65350da6d39029aa1301fe0854af09e29878c8a7 Mon Sep 17 00:00:00 2001 From: Dan Walsh Date: Fri, 11 Mar 2011 16:54:41 -0500 Subject: [PATCH] Change sepolgen-ifgen to search all available policy files Exit in restorecond if it can not find a UID in the passwd database --- policycoreutils-rhat.patch | 29 ++++++++++++++++++++++------- policycoreutils.spec | 8 ++++++-- 2 files changed, 28 insertions(+), 9 deletions(-) diff --git a/policycoreutils-rhat.patch b/policycoreutils-rhat.patch index ed69325..95603e6 100644 --- a/policycoreutils-rhat.patch +++ b/policycoreutils-rhat.patch @@ -192,7 +192,7 @@ index 6178cc8..b6f386d 100644 .PP .SH AUTHOR diff --git a/policycoreutils/audit2allow/sepolgen-ifgen b/policycoreutils/audit2allow/sepolgen-ifgen -index 03f95a1..5986b23 100644 +index 03f95a1..dda432e 100644 --- a/policycoreutils/audit2allow/sepolgen-ifgen +++ b/policycoreutils/audit2allow/sepolgen-ifgen @@ -1,4 +1,4 @@ @@ -220,7 +220,7 @@ index 03f95a1..5986b23 100644 def parse_options(): from optparse import OptionParser -@@ -44,14 +49,43 @@ def parse_options(): +@@ -44,14 +49,55 @@ def parse_options(): help="filename to store output") parser.add_option("-i", "--interfaces", dest="headers", default=defaults.headers(), help="location of the interface header files") @@ -235,9 +235,21 @@ index 03f95a1..5986b23 100644 return options ++def get_policy(): ++ p = selinux.selinux_binary_policy_path() + "." + str(i) ++ while i > 0 and not os.path.exists(p): ++ i = i - 1 ++ p = selinux.selinux_binary_policy_path() + "." + str(i) ++ if i > 0: ++ return p ++ return None ++ +def get_attrs(): + try: -+ policy_path = selinux.selinux_binary_policy_path() + "." + str(selinux.security_policyvers()) ++ policy_path = get_policy() ++ if not policy_path: ++ sys.stderr.write("No installed policy to check\n") ++ return None + outfile = tempfile.NamedTemporaryFile() + except IOError, e: + sys.stderr.write("could not open attribute output file\n") @@ -264,7 +276,7 @@ index 03f95a1..5986b23 100644 def main(): options = parse_options() -@@ -68,6 +102,14 @@ def main(): +@@ -68,6 +114,14 @@ def main(): else: log = None @@ -279,7 +291,7 @@ index 03f95a1..5986b23 100644 try: headers = refparser.parse_headers(options.headers, output=log, debug=options.debug) except ValueError, e: -@@ -76,7 +118,7 @@ def main(): +@@ -76,7 +130,7 @@ def main(): return 1 if_set = interfaces.InterfaceSet(output=log) @@ -414,7 +426,7 @@ index b149dcb..0c14c94 100644 .SH "SEE ALSO" .BR restorecon (8), diff --git a/policycoreutils/restorecond/restorecond.c b/policycoreutils/restorecond/restorecond.c -index 58774e6..77c8013 100644 +index 58774e6..a588e5e 100644 --- a/policycoreutils/restorecond/restorecond.c +++ b/policycoreutils/restorecond/restorecond.c @@ -30,9 +30,11 @@ @@ -853,7 +865,7 @@ index 58774e6..77c8013 100644 /* Register sighandlers */ sa.sa_flags = 0; -@@ -467,36 +174,56 @@ int main(int argc, char **argv) +@@ -467,36 +174,59 @@ int main(int argc, char **argv) set_matchpathcon_flags(MATCHPATHCON_NOTRANS); @@ -891,6 +903,9 @@ index 58774e6..77c8013 100644 + + uid_t uid = getuid(); + struct passwd *pwd = getpwuid(uid); ++ if (!pwd) ++ exitApp("getpwuid"); ++ + homedir = pwd->pw_dir; + if (uid != 0) { + if (run_as_user) diff --git a/policycoreutils.spec b/policycoreutils.spec index aa77d14..acb2d54 100644 --- a/policycoreutils.spec +++ b/policycoreutils.spec @@ -7,7 +7,7 @@ Summary: SELinux policy core utilities Name: policycoreutils Version: 2.0.85 -Release: 19%{?dist} +Release: 20%{?dist} License: GPLv2 Group: System Environment/Base # Based on git repository with tag 20101221 @@ -331,7 +331,11 @@ fi exit 0 %changelog -* Wed Mar 8 2011 Dan Walsh 2.0.85-19 +* Fri Mar 11 2011 Dan Walsh 2.0.85-20 +- Change sepolgen-ifgen to search all available policy files +- Exit in restorecond if it can not find a UID in the passwd database + +* Wed Mar 9 2011 Dan Walsh 2.0.85-19 - Fix portspage in system-config-selinux to not crash - More fixes for seunshare from Tomas Hoger