diff --git a/.cvsignore b/.cvsignore index b23a869..fa981ab 100644 --- a/.cvsignore +++ b/.cvsignore @@ -13,3 +13,4 @@ policycoreutils-1.21.5.tgz policycoreutils-1.21.7.tgz policycoreutils-1.21.9.tgz policycoreutils-1.21.10.tgz +policycoreutils-1.21.12.tgz diff --git a/policycoreutils-rhat.patch b/policycoreutils-rhat.patch index e2febb4..fe14c6d 100644 --- a/policycoreutils-rhat.patch +++ b/policycoreutils-rhat.patch @@ -1,352 +1,23 @@ -diff --exclude-from=exclude -N -u -r nsapolicycoreutils/debugfiles.list policycoreutils-1.21.10/debugfiles.list ---- nsapolicycoreutils/debugfiles.list 1969-12-31 19:00:00.000000000 -0500 -+++ policycoreutils-1.21.10/debugfiles.list 2005-02-02 12:17:23.000000000 -0500 -@@ -0,0 +1,8 @@ -+/usr/lib/debug/sbin/restorecon.debug -+/usr/lib/debug/usr/sbin/setfiles.debug -+/usr/lib/debug/usr/sbin/open_init_pty.debug -+/usr/lib/debug/usr/sbin/sestatus.debug -+/usr/lib/debug/usr/sbin/run_init.debug -+/usr/lib/debug/usr/sbin/load_policy.debug -+/usr/lib/debug/usr/bin/newrole.debug -+/usr/src/debug/policycoreutils-1.21.10 -Binary files nsapolicycoreutils/debugsources.list and policycoreutils-1.21.10/debugsources.list differ -Binary files nsapolicycoreutils/load_policy/load_policy and policycoreutils-1.21.10/load_policy/load_policy differ -Binary files nsapolicycoreutils/newrole/newrole and policycoreutils-1.21.10/newrole/newrole differ -Binary files nsapolicycoreutils/po/sv.gmo and policycoreutils-1.21.10/po/sv.gmo differ -diff --exclude-from=exclude -N -u -r nsapolicycoreutils/policycoreutils.lang policycoreutils-1.21.10/policycoreutils.lang ---- nsapolicycoreutils/policycoreutils.lang 1969-12-31 19:00:00.000000000 -0500 -+++ policycoreutils-1.21.10/policycoreutils.lang 2005-02-02 12:17:22.000000000 -0500 -@@ -0,0 +1,65 @@ -+%defattr (644, root, root, 755) -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+%lang(sv) /usr/share/locale/sv/LC_MESSAGES/policycoreutils.mo -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -Binary files nsapolicycoreutils/restorecon/restorecon and policycoreutils-1.21.10/restorecon/restorecon differ -diff --exclude-from=exclude -N -u -r nsapolicycoreutils/restorecon/restorecon.8 policycoreutils-1.21.10/restorecon/restorecon.8 ---- nsapolicycoreutils/restorecon/restorecon.8 2005-01-20 15:59:21.000000000 -0500 -+++ policycoreutils-1.21.10/restorecon/restorecon.8 2005-02-02 12:17:10.000000000 -0500 -@@ -4,10 +4,10 @@ - - .SH "SYNOPSIS" - .B restorecon --.I [\-o outfilename ] [\-R] [\-n] [\-v] pathname... -+.I [\-o outfilename ] [\-R] [\-n] [\-v] [\-e directory ] pathname... - .P - .B restorecon --.I \-f infilename [\-o outfilename ] [\-R] [\-n] [\-v] [\-F] -+.I \-f infilename [\-o outfilename ] [\-e directory ] [\-R] [\-n] [\-v] [\-F] - - .SH "DESCRIPTION" - This manual page describes the -@@ -26,6 +26,9 @@ - .B \-f infilename - infilename contains a list of files to be processed by application. Use \- for stdin. - .TP -+.B \-e directory -+directory to exclude (repeat option for more than one directory.) -+.TP - .B \-R - change files and directories file labels recursively - .TP -diff --exclude-from=exclude -N -u -r nsapolicycoreutils/restorecon/restorecon.c policycoreutils-1.21.10/restorecon/restorecon.c ---- nsapolicycoreutils/restorecon/restorecon.c 2005-01-31 09:49:15.000000000 -0500 -+++ policycoreutils-1.21.10/restorecon/restorecon.c 2005-02-02 12:17:10.000000000 -0500 -@@ -10,6 +10,7 @@ - * USAGE: - * restorecon [-Rnv] pathname... - * -+ * -e Specify directory to exclude - * -n Do not change any file labels. - * -v Show changes in file labels. - * -o filename save list of files with incorrect context -@@ -45,6 +46,54 @@ - static int recurse=0; - static int force=0; - -+#define MAX_EXCLUDES 100 -+static int excludeCtr=0; -+struct edir { -+ char *directory; -+ int size; -+}; -+static struct edir excludeArray[MAX_EXCLUDES]; -+static int add_exclude(const char *directory) { -+ struct stat sb; -+ if(directory == NULL || directory[0] != '/') { -+ fprintf(stderr, "Full path required for exclude: %s.\n", -+ directory); -+ return 1; -+ } -+ if(lstat(directory, &sb)) { -+ fprintf(stderr, "Directory \"%s\" not found.\n", directory); -+ return 1; -+ } -+ if ((sb.st_mode & S_IFDIR) == 0 ) { -+ fprintf(stderr, "\"%s\" is not a Directory: mode %o\n", directory,sb.st_mode); -+ return 1; -+ } -+ excludeArray[excludeCtr].directory = strdup(directory); -+ if (!excludeArray[excludeCtr].directory) { -+ fprintf(stderr, "Out of memory.\n"); -+ return 1; -+ } -+ excludeArray[excludeCtr++].size = strlen(directory); -+ -+ if (excludeCtr > MAX_EXCLUDES) { -+ fprintf(stderr, "Maximum excludes %d exceeded.\n", MAX_EXCLUDES); -+ return 1; -+ } -+ return 0; -+} -+static int exclude(const char *file) { -+ int i=0; -+ for(i=0; i < excludeCtr; i++) { -+ if (strncmp(file,excludeArray[i].directory,excludeArray[i].size)==0) { -+ if (file[excludeArray[i].size]==0 || -+ file[excludeArray[i].size]=='/') { -+ return 1; -+ } -+ } -+ } -+ return 0; -+} -+ - /* Compare two contexts to see if their differences are "significant", - * or whether the only difference is in the user. */ - static int only_changed_user(const char *a, const char *b) -@@ -61,7 +110,7 @@ - void usage(const char * const name) - { - fprintf(stderr, -- "usage: %s [-Rnv] [-f filename | pathname... ]\n", name); -+ "usage: %s [-Rnv] [-e excludedir ] [-o filename ] [-f filename | pathname... ]\n", name); - exit(1); - } - int restore(char *filename) { -@@ -79,6 +128,9 @@ - if (len > 0 && filename[len-1]=='/' && (strcmp(filename,"/") != 0)) { - filename[len-1]=0; - } -+ if (excludeCtr > 0 && exclude(filename)) { -+ return 1; -+ } - if (lstat(filename, &st)!=0) { - fprintf(stderr,"lstat(%s) failed: %s\n", filename,strerror(errno)); - return 1; -@@ -184,7 +236,7 @@ - void process(char *buf) { - if (recurse) { - if (nftw -- (buf, apply_spec, 1024, FTW_PHYS | FTW_MOUNT)) { -+ (buf, apply_spec, 1024, FTW_PHYS)) { - fprintf(stderr, - "%s: error while labeling files under %s\n", - progname, buf); -@@ -202,13 +254,15 @@ - int opt; - char buf[PATH_MAX]; - -+ memset(excludeArray,0, sizeof(excludeArray)); -+ - progname=argv[0]; - if (is_selinux_enabled() <= 0 ) - exit(0); - - memset(buf,0, sizeof(buf)); - -- while ((opt = getopt(argc, argv, "FRnvf:o:")) > 0) { -+ while ((opt = getopt(argc, argv, "FRnvf:o:e:")) > 0) { - switch (opt) { - case 'n': - change = 0; -@@ -219,6 +273,9 @@ - case 'F': - force = 1; - break; -+ case 'e': -+ if ( add_exclude(optarg) ) exit(1); -+ break; - case 'o': - outfile = fopen(optarg,"w"); - if (!outfile) { -Binary files nsapolicycoreutils/restorecon/restorecon.o and policycoreutils-1.21.10/restorecon/restorecon.o differ -Binary files nsapolicycoreutils/run_init/open_init_pty and policycoreutils-1.21.10/run_init/open_init_pty differ -Binary files nsapolicycoreutils/run_init/run_init and policycoreutils-1.21.10/run_init/run_init differ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/scripts/fixfiles policycoreutils-1.21.10/scripts/fixfiles ---- nsapolicycoreutils/scripts/fixfiles 2005-01-31 09:49:15.000000000 -0500 +--- nsapolicycoreutils/scripts/fixfiles 2005-02-02 17:20:59.000000000 -0500 +++ policycoreutils-1.21.10/scripts/fixfiles 2005-02-02 13:37:23.000000000 -0500 -@@ -60,12 +60,26 @@ - if [ -f ${PREFC} -a -x /usr/bin/diff ]; then - TEMPFILE=`mktemp ${FC}.XXXXXXXXXX` - test -z "$TEMPFILE" && exit -- /usr/bin/diff $PREFC $FC | egrep '^[<>]'|cut -c3-| grep ^/ | \ -- sed -e 's,\\.*,*,g' -e 's,(.*,*,g' -e 's,\[.*,*,g' -e 's,\..*,*,g' \ -- -e 's,[[:blank:]].*,,g' -e 's,\?.*,*,g' | sort -u | \ -- while read pattern ; do if ! echo "$pattern" | grep -q -f ${TEMPFILE} 2>/dev/null ; then echo "$pattern"; case "$pattern" in *"*") echo "$pattern" |sed 's,\*$,,g'>> ${TEMPFILE};; esac; fi; done | \ -+ /usr/bin/diff $PREFC $FC | grep '^[<>]'|cut -c3-| grep ^/ | \ -+ sed -r -e 's,[[:blank:]].*,,g' \ -+ -e 's|\(([/[:alnum:]]+)\)\?|{\1,}|g' \ -+ -e 's|([/[:alnum:]])\?|{\1,}|g' \ -+ -e 's|\?.*|*|g' \ -+ -e 's|\(.*|*|g' \ -+ -e 's|\[.*|*|g' \ +@@ -67,8 +67,8 @@ + -e 's|\?.*|*|g' \ + -e 's|\(.*|*|g' \ + -e 's|\[.*|*|g' \ +- -e 's|\.\*|*|g' \ +- -e 's|\.\+|*|g' | \ + -e 's|\.\*.*|*|g' \ + -e 's|\.\+.*|*|g' | \ -+ sort -d -u | \ -+ while read pattern ; \ -+ do if ! echo "$pattern" | grep -q -f ${TEMPFILE} 2>/dev/null; then \ -+ echo "$pattern"; \ -+ case "$pattern" in *"*") \ -+ echo "$pattern" | sed 's,\*$,,g' >> ${TEMPFILE};; -+ esac; \ -+ fi; \ -+ done | \ + sort -d -u | \ + while read pattern ; \ + do if ! echo "$pattern" | grep -q -f ${TEMPFILE} 2>/dev/null; then \ +@@ -79,7 +79,7 @@ + fi; \ + done | \ while read pattern ; do find $pattern -maxdepth 0 -print; done 2> /dev/null | \ -- ${RESTORECON} $2 -v -f -R - +- ${RESTORECON} -R $2 -v -e /root -e /home -e /tmp -e /var/tmp -e /dev -f - + ${RESTORECON} -R $2 -v -e /root -e /home -e /tmp -e /var/tmp -e /dev -f - rm -f ${TEMPFILE} fi } -Binary files nsapolicycoreutils/sestatus/sestatus and policycoreutils-1.21.10/sestatus/sestatus differ -Binary files nsapolicycoreutils/sestatus/sestatus.o and policycoreutils-1.21.10/sestatus/sestatus.o differ -Binary files nsapolicycoreutils/setfiles/setfiles and policycoreutils-1.21.10/setfiles/setfiles differ -diff --exclude-from=exclude -N -u -r nsapolicycoreutils/setfiles/setfiles.c policycoreutils-1.21.10/setfiles/setfiles.c ---- nsapolicycoreutils/setfiles/setfiles.c 2005-01-31 09:49:15.000000000 -0500 -+++ policycoreutils-1.21.10/setfiles/setfiles.c 2005-02-02 12:17:10.000000000 -0500 -@@ -116,6 +116,35 @@ - va_end(ap); - } - -+static int add_exclude(const char *directory) { -+ struct stat sb; -+ if(directory == NULL || directory[0] != '/') { -+ fprintf(stderr, "Full path required for exclude: %s.\n", -+ directory); -+ return 1; -+ } -+ if(lstat(directory, &sb)) { -+ fprintf(stderr, "Directory \"%s\" not found.\n", directory); -+ return 1; -+ } -+ if ((sb.st_mode & S_IFDIR) == 0 ) { -+ fprintf(stderr, "\"%s\" is not a Directory: mode %o\n", directory,sb.st_mode); -+ return 1; -+ } -+ excludeArray[excludeCtr].directory = strdup(directory); -+ if (!excludeArray[excludeCtr].directory) { -+ fprintf(stderr, "Out of memory.\n"); -+ return 1; -+ } -+ excludeArray[excludeCtr++].size = strlen(directory); -+ -+ if (excludeCtr > MAX_EXCLUDES) { -+ fprintf(stderr, "Maximum excludes %d exceeded.\n", MAX_EXCLUDES); -+ return 1; -+ } -+ return 0; -+} -+ - static int exclude(const char *file) { - int i=0; - for(i=0; i < excludeCtr; i++) { -@@ -402,36 +431,8 @@ - break; - } - case 'e': -- { -- int len; -- struct stat sb; -- if(optarg[0] != '/') { -- fprintf(stderr, "Full path required for exclude: %s.\n", -- optarg); -- exit(1); -- } -- if(lstat(optarg, &sb)) { -- fprintf(stderr, "Directory \"%s\" not found.\n", optarg); -- exit(1); -- } -- if ((sb.st_mode & S_IFDIR) == 0 ) { -- fprintf(stderr, "\"%s\" is not a Directory: mode %o\n", optarg,sb.st_mode); -- exit(1); -- } -- len=strlen(optarg); -- excludeArray[excludeCtr].directory = strdup(optarg); -- if (!excludeArray[excludeCtr].directory) { -- fprintf(stderr, "Out of memory.\n"); -- exit(1); -- } -- excludeArray[excludeCtr++].size = len; -- if (excludeCtr > MAX_EXCLUDES) { -- fprintf(stderr, "Maximum excludes %d exceeded.\n", -- MAX_EXCLUDES); -- exit(1); -- } -+ if ( add_exclude(optarg) ) exit(1); - break; -- } - - case 'd': - debug = 1; -Binary files nsapolicycoreutils/setfiles/setfiles.o and policycoreutils-1.21.10/setfiles/setfiles.o differ diff --git a/policycoreutils.spec b/policycoreutils.spec index 2c337a5..0089ab4 100644 --- a/policycoreutils.spec +++ b/policycoreutils.spec @@ -1,7 +1,7 @@ -#define LIBSELINUXVER 1.21.5 +%define libselinuxver 1.21.5 Summary: SELinux policy core utilities. Name: policycoreutils -Version: 1.21.10 +Version: 1.21.12 Release: 1 License: GPL Group: System Environment/Base @@ -9,8 +9,8 @@ Source: http://www.nsa.gov/selinux/archives/policycoreutils-%{version}.tgz Patch: policycoreutils-rhat.patch Prefix: %{_prefix} -BuildRequires: libselinux-devel >= %{LIBSELINUXVER} pam-devel libsepol-devel >= 1.1.1 -Requires: libselinux >= %{LIBSELINUXVER} libsepol >= 1.1.1 +BuildRequires: libselinux-devel >= %{libselinuxver} pam-devel libsepol-devel >= 1.1.1 +Requires: libselinux >= %{libselinuxver} libsepol >= 1.1.1 BuildRoot: %{_tmppath}/%{name}-buildroot @@ -81,6 +81,10 @@ rm -rf ${RPM_BUILD_ROOT} %config(noreplace) %{_sysconfdir}/sestatus.conf %changelog +* Wed Feb 2 2005 Dan Walsh 1.21.12-1 +- More cleanup of fixfiles sed patch + * Merged further patches for restorecon/setfiles -e and fixfiles -C. + * Wed Feb 2 2005 Dan Walsh 1.21.10-2 - More cleanup of fixfiles sed patch diff --git a/sources b/sources index 751bbef..860359e 100644 --- a/sources +++ b/sources @@ -1 +1 @@ -6c55531633ac4377b0aba30e1d04702b policycoreutils-1.21.10.tgz +648054135b8fa75f0ed537408134aba2 policycoreutils-1.21.12.tgz