diff --git a/policycoreutils-rhat.patch b/policycoreutils-rhat.patch index fcf2428..26f23f2 100644 --- a/policycoreutils-rhat.patch +++ b/policycoreutils-rhat.patch @@ -3515,101 +3515,3 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/semanage/seobject.py pol os.rename(newfilename, self.filename) class semanageRecords: -diff --exclude-from=exclude -N -u -r nsapolicycoreutils/setfiles/Makefile policycoreutils-1.30.12/setfiles/Makefile ---- nsapolicycoreutils/setfiles/Makefile 2006-05-30 09:07:14.000000000 -0400 -+++ policycoreutils-1.30.12/setfiles/Makefile 2006-06-07 10:50:41.000000000 -0400 -@@ -7,6 +7,7 @@ - CFLAGS = -Werror -Wall -W - override CFLAGS += -D_FILE_OFFSET_BITS=64 -I$(PREFIX)/include - LDLIBS = -lselinux -lsepol -L$(LIBDIR) -+LDLIBS += -laudit - - all: setfiles - -diff --exclude-from=exclude -N -u -r nsapolicycoreutils/setfiles/setfiles.c policycoreutils-1.30.12/setfiles/setfiles.c ---- nsapolicycoreutils/setfiles/setfiles.c 2006-05-15 09:43:12.000000000 -0400 -+++ policycoreutils-1.30.12/setfiles/setfiles.c 2006-06-07 10:50:41.000000000 -0400 -@@ -75,6 +75,11 @@ - #include - #include - #include -+#include -+ -+#ifndef AUDIT_FS_RELABEL -+#define AUDIT_FS_RELABEL 2309 -+#endif - - static int add_assoc = 1; - static FILE *outfile=NULL; -@@ -395,7 +400,7 @@ - - /* trim trailing /, if present */ - len = strlen(rootpath); -- while ('/' == rootpath[len - 1]) -+ while (len && ('/' == rootpath[len - 1])) - rootpath[--len] = 0; - rootpathlen = len; - } -@@ -443,11 +448,35 @@ - return 0; - } - -+static void maybe_audit_mass_relabel(int done_root, int errs) -+{ -+ int audit_fd = -1; -+ int rc = 0; -+ -+ if (!done_root) /* only audit a forced full relabel */ -+ return; -+ -+ audit_fd = audit_open(); -+ -+ if (audit_fd < 0) { -+ fprintf(stderr, "Error connecting to audit system.\n"); -+ return; -+ } -+ -+ rc = audit_log_user_message(audit_fd, AUDIT_FS_RELABEL, -+ "op=mass relabel", NULL, NULL, NULL, !errs); -+ if (rc <= 0) { -+ fprintf(stderr, "Error sending audit message: %s.\n", strerror(errno)); -+ } -+ audit_close(audit_fd); -+} -+ - int main(int argc, char **argv) - { - struct stat sb; - int opt, rc, i; -- -+ int done_root = 0; /* have we processed the / directory as an arg */ -+ - memset(excludeArray,0, sizeof(excludeArray)); - - /* Validate all file contexts during matchpathcon_init. */ -@@ -618,6 +647,8 @@ - } - else for (; optind < argc; optind++) - { -+ done_root |= !strcmp(argv[optind], "/"); -+ - if (NULL != rootpath) { - qprintf("%s: labeling files, pretending %s is /\n", - argv[0], rootpath); -@@ -648,6 +679,7 @@ - fprintf(stderr, - "%s: error while labeling files under %s\n", - argv[0], argv[optind]); -+ maybe_audit_mass_relabel(done_root, 1); - exit(1); - } - } -@@ -664,6 +696,8 @@ - matchpathcon_filespec_destroy(); - } - -+ maybe_audit_mass_relabel(done_root, 0); -+ - if (warn_no_match) - matchpathcon_checkmatches(argv[0]); - diff --git a/policycoreutils.spec b/policycoreutils.spec index aa31ca1..585eb7d 100644 --- a/policycoreutils.spec +++ b/policycoreutils.spec @@ -5,7 +5,7 @@ Summary: SELinux policy core utilities. Name: policycoreutils Version: 1.30.12 -Release: 4 +Release: 5 License: GPL Group: System Environment/Base Source: http://www.nsa.gov/selinux/archives/policycoreutils-%{version}.tgz