- Fix sandbox error handling

2010-08-13 16:32:36 -04:00 · 2010-08-13 16:32:36 -04:00 · a0d0267634
parent 3efb403928
commit a0d0267634
5 changed files with 745 additions and 722 deletions
--- a/policycoreutils-po.patch
+++ b/policycoreutils-po.patch
--- a/policycoreutils-rhat.patch
+++ b/policycoreutils-rhat.patch
@ -1589,7 +1589,7 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.23 --exclude=gui --exclude=po
 	@python test_sandbox.py -v
 diff --exclude-from=exclude --exclude=sepolgen-1.0.23 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/sandbox/sandbox policycoreutils-2.0.83/sandbox/sandbox
 --- nsapolicycoreutils/sandbox/sandbox	2010-06-16 08:03:38.000000000 -0400
-+++ policycoreutils-2.0.83/sandbox/sandbox	2010-07-30 13:50:56.000000000 -0400
+++ policycoreutils-2.0.83/sandbox/sandbox	2010-08-13 15:05:03.000000000 -0400
@@ -1,5 +1,6 @@
 -#! /usr/bin/python -E
 +#! /usr/bin/python -Es
@ -1618,6 +1618,35 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.23 --exclude=gui --exclude=po
 import gettext
 gettext.bindtextdomain(PROGNAME, "/usr/share/locale")
 gettext.textdomain(PROGNAME)
+@@ -63,15 +66,15 @@
+     sys.stderr.flush()
+     sys.exit(1)
+ 
+-def copyfile(file, dir, dest):
+def copyfile(file, srcdir, dest):
+        import re
+-       if file.startswith(dir):
+       if file.startswith(srcdir):
+               dname = os.path.dirname(file)
+               bname = os.path.basename(file)
+-              if dname == dir:
+              if dname == srcdir:
+                      dest = dest + "/" + bname
+               else:
+-                     newdir = re.sub(dir, dest, dname)
+                     newdir = re.sub(srcdir, dest, dname)
+                      if not os.path.exists(newdir):
+                             os.makedirs(newdir)
+                      dest = newdir + "/" + bname
+@@ -83,7 +86,7 @@
+                             shutil.copy2(file, dest)
+               except shutil.Error, elist:
+                      for e in elist:
+-                            sys.stderr.write(e[1])
+                            sys.stderr.write(str(e[1]))
+                      
+               SAVE_FILES[file] = (dest, os.path.getmtime(dest))
+ 
@@ -161,10 +164,10 @@
                   if not self.__options.homedir or not self.__options.tmpdir:
                          self.usage(_("Homedir and tempdir required for level mounts"))
@ -2570,7 +2599,7 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.23 --exclude=gui --exclude=po
 +)
 diff --exclude-from=exclude --exclude=sepolgen-1.0.23 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/semanage/semanage policycoreutils-2.0.83/semanage/semanage
 --- nsapolicycoreutils/semanage/semanage	2010-05-19 14:45:51.000000000 -0400
-+++ policycoreutils-2.0.83/semanage/semanage	2010-07-30 13:50:40.000000000 -0400
+++ policycoreutils-2.0.83/semanage/semanage	2010-08-13 15:13:19.000000000 -0400
@@ -1,4 +1,4 @@
 -#! /usr/bin/python -E
 +#! /usr/bin/python -Es
@ -2585,7 +2614,7 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.23 --exclude=gui --exclude=po
 import sys, getopt, re
 import seobject
 import selinux
-@@ -32,25 +33,34 @@
+@@ -32,27 +33,36 @@
 try:
        gettext.install(PROGNAME,
                        localedir="/usr/share/locale",
@ -2622,8 +2651,11 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.23 --exclude=gui --exclude=po
 -semanage fcontext -{a|d|m} [-frst] file_spec
 +semanage fcontext -{a|d|m} [-efrst] file_spec
 semanage boolean -{d|m} [--on|--off|-1|-0] -F boolean | boolean_file
- semanage permissive -{d|a} type
+-semanage permissive -{d|a} type
+semanage permissive -{d|a|l} type 
 semanage dontaudit [ on | off ]
+ 
+ Primary Options:
@@ -61,7 +71,9 @@
 	-d, --delete     Delete a OBJECT record NAME
 	-m, --modify     Modify a OBJECT record NAME
--- a/policycoreutils.spec
+++ b/policycoreutils.spec
@ -7,7 +7,7 @@
 Summary: SELinux policy core utilities
 Name:	 policycoreutils
 Version: 2.0.83
-Release: 17%{?dist}
+Release: 18%{?dist}
 License: GPLv2+
 Group:	 System Environment/Base
 Source:  http://www.nsa.gov/selinux/archives/policycoreutils-%{version}.tgz
@ -315,6 +315,9 @@ fi
 exit 0

 %changelog
+* Fri Aug 13 2010 Dan Walsh <dwalsh@redhat.com> 2.0.83-18
+- Fix sandbox error handling
+
 * Fri Aug 13 2010 Dan Walsh <dwalsh@redhat.com> 2.0.83-17
 - Apply patch to restorecond from Chris Adams, which will cause restorecond 
 - to watch first user that logs in.
--- a/selinux-polgengui.desktop
+++ b/selinux-polgengui.desktop
@ -19,6 +19,7 @@ Name[pl]="Narzędzie tworzenia polityki SELinuksa"
 Name[pt]="Ferramenta de Geração de Políticas SELinux"
 Name[pt_BR]="Ferramenta de criação de políticas do SELinux"
 Name[ru]="Средство создания политики SELinux"
+Name[sv]="Genereringsverktyg för SELinuxpolicy"
 Name[ta]="SELinux பாலிசி உற்பத்தி கருவி"
 Name[te]="SELinux నిర్వహణ"
 Name[zh_CN]="SELinux 策略生成工具"
@ -43,6 +44,7 @@ Comment[pl]="Tworzenie nowych modułów polityki SELinuksa"
 Comment[pt]="Gerar módulos de políticas SELinux"
 Comment[pt_BR]="Gerar módulos de política do SELinux"
 Comment[ru]="Генерация модулей политики SELinux"
+Comment[sv]="Generera SELinux-policymoduler"
 Comment[ta]="SELinux கொள்கை தொகுதியை உருவாக்கவும்"
 Comment[te]="SELinux పాలసీ మాడ్యూళ్ళను వుద్భవింపచేయుము"
 Comment[zh_CN]="生成 SELinux 策略模块"
--- a/system-config-selinux.desktop
+++ b/system-config-selinux.desktop
@ -19,6 +19,7 @@ Name[pl]="Zarządzanie SELinuksem"
 Name[pt_BR]="Gerenciamento do SELinux"
 Name[pt]="Gestão de SELinux"
 Name[ru]="Управление SELinux"
+Name[sv]="SELinux-hantering"
 Name[ta]="SELinux மேலாண்மை"
 Name[te]="SELinux నిర్వహణ"
 Name[zh_CN]="SELinux 管理"
@ -43,6 +44,7 @@ Comment[pl]="Konfiguracja SELinuksa w trybie graficznym"
 Comment[pt]="Configurar o SELinux num ambiente gráfico"
 Comment[pt_BR]="Configure o SELinux em uma configuração gráfica"
 Comment[ru]="Настройка SELinux в графическом режиме"
+Comment[sv]="Konfigurera SELinux i en grafisk miljö"
 Comment[ta]="SELinuxஐ ஒரு வரைகலை அமைவில் கட்டமைக்கவும்"
 Comment[te]="SELinuxను గ్రాఫికల్ అమర్పునందు ఆకృతీకరించుము"
 Comment[zh_CN]="在图形设置中配置 SELinux"