* Wed Nov 11 2009 Dan Walsh <dwalsh@redhat.com> 2.0.74-17
- Fix sandbox to setsid so it can run under mozilla without crashing the session
This commit is contained in:
parent
ffb6e9312b
commit
6a40271789
@ -1874,27 +1874,27 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.17 --exclude=gui --exclude=po
|
||||
+.PP
|
||||
diff --exclude-from=exclude --exclude=sepolgen-1.0.17 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/sandbox/sandboxX.sh policycoreutils-2.0.74/sandbox/sandboxX.sh
|
||||
--- nsapolicycoreutils/sandbox/sandboxX.sh 1969-12-31 19:00:00.000000000 -0500
|
||||
+++ policycoreutils-2.0.74/sandbox/sandboxX.sh 2009-11-09 16:05:58.000000000 -0500
|
||||
+++ policycoreutils-2.0.74/sandbox/sandboxX.sh 2009-11-11 16:54:17.000000000 -0500
|
||||
@@ -0,0 +1,16 @@
|
||||
+#!/bin/bash
|
||||
+export TITLE="Sandbox: `/usr/bin/tail -1 ~/.sandboxrc | /usr/bin/cut -b1-70`"
|
||||
+export SCREEN=`/usr/bin/xdpyinfo -display $DISPLAY | /bin/awk '/dimensions/ { print $2 }'`
|
||||
+
|
||||
+(/usr/bin/Xephyr -title "$TITLE" -terminate -screen 1000x700 -displayfd 5 5>&1 2>/dev/null) | while read D; do
|
||||
+export DISPLAY=:$D
|
||||
+/usr/bin/matchbox-window-manager -use_titlebar no &
|
||||
+WM_PID=$!
|
||||
+~/.sandboxrc &
|
||||
+CLIENT_PID=$!
|
||||
+wait $CLIENT_PID
|
||||
+export EXITCODE=$?
|
||||
+kill -TERM $WM_PID
|
||||
+kill -HUP 0
|
||||
+break
|
||||
+ export DISPLAY=:$D
|
||||
+ /usr/bin/matchbox-window-manager -use_titlebar no &
|
||||
+ WM_PID=$!
|
||||
+ ~/.sandboxrc &
|
||||
+ CLIENT_PID=$!
|
||||
+ wait $CLIENT_PID
|
||||
+ export EXITCODE=$?
|
||||
+ kill -TERM $WM_PID
|
||||
+ kill -HUP 0
|
||||
+ break
|
||||
+done
|
||||
diff --exclude-from=exclude --exclude=sepolgen-1.0.17 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/sandbox/seunshare.c policycoreutils-2.0.74/sandbox/seunshare.c
|
||||
--- nsapolicycoreutils/sandbox/seunshare.c 1969-12-31 19:00:00.000000000 -0500
|
||||
+++ policycoreutils-2.0.74/sandbox/seunshare.c 2009-11-09 16:05:58.000000000 -0500
|
||||
+++ policycoreutils-2.0.74/sandbox/seunshare.c 2009-11-11 16:54:05.000000000 -0500
|
||||
@@ -0,0 +1,265 @@
|
||||
+#include <signal.h>
|
||||
+#include <sys/types.h>
|
||||
@ -2150,7 +2150,7 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.17 --exclude=gui --exclude=po
|
||||
+ perror("Failed to change dir to homedir");
|
||||
+ exit(-1);
|
||||
+ }
|
||||
+
|
||||
+ setsid();
|
||||
+ execv(argv[optind], argv + optind);
|
||||
+ free(display);
|
||||
+ perror("execv");
|
||||
|
@ -6,7 +6,7 @@
|
||||
Summary: SELinux policy core utilities
|
||||
Name: policycoreutils
|
||||
Version: 2.0.74
|
||||
Release: 16%{?dist}
|
||||
Release: 17%{?dist}
|
||||
License: GPLv2+
|
||||
Group: System Environment/Base
|
||||
Source: http://www.nsa.gov/selinux/archives/policycoreutils-%{version}.tgz
|
||||
@ -296,6 +296,9 @@ fi
|
||||
exit 0
|
||||
|
||||
%changelog
|
||||
* Wed Nov 11 2009 Dan Walsh <dwalsh@redhat.com> 2.0.74-17
|
||||
- Fix sandbox to setsid so it can run under mozilla without crashing the session
|
||||
|
||||
* Mon Nov 9 2009 Dan Walsh <dwalsh@redhat.com> 2.0.74-16
|
||||
- Fix sandbox to use chcon
|
||||
- Fix semanage to report duplicate ports
|
||||
|
Loading…
Reference in New Issue
Block a user