rpms/policycoreutils
3
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

* Mon Mar 8 2010 Dan Walsh <dwalsh@redhat.com> 2.0.80-1

Browse Source 
- Update to upstream
	* Module enable/disable support from Dan Walsh.
This commit is contained in:
Daniel J Walsh 2010-03-09 15:34:05 +00:00
parent 1ff0435303
commit b3de7f6587
4 changed files with 8 additions and 139 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
.cvsignore
View File

@ -214,3 +214,4 @@ policycoreutils-2.0.77.tgz
policycoreutils-2.0.78.tgz
sepolgen-1.0.19.tgz
policycoreutils-2.0.79.tgz
policycoreutils-2.0.80.tgz

136
policycoreutils-rhat.patch
View File

@ -4087,142 +4087,6 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.19 --exclude=gui --exclude=po
def list(self, heading = True, locallist = False, use_file = False):
on_off = (_("off"), _("on"))
if use_file:
diff --exclude-from=exclude --exclude=sepolgen-1.0.19 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/semodule/semodule.8 policycoreutils-2.0.79/semodule/semodule.8
--- nsapolicycoreutils/semodule/semodule.8 2009-09-17 08:59:43.000000000 -0400
+++ policycoreutils-2.0.79/semodule/semodule.8 2010-02-26 14:14:26.000000000 -0500
@@ -35,6 +35,12 @@
.B \-b,\-\-base=MODULE_PKG
install/replace base module package
.TP
+.B \-d,\-\-disable=MODULE_NAME
+disable existing module
+.TP
+.B \-e,\-\-enable=MODULE_NAME
+enable existing module
+.TP
.B \-r,\-\-remove=MODULE_NAME
remove existing module
.TP
diff --exclude-from=exclude --exclude=sepolgen-1.0.19 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/semodule/semodule.c policycoreutils-2.0.79/semodule/semodule.c
--- nsapolicycoreutils/semodule/semodule.c 2009-09-17 08:59:43.000000000 -0400
+++ policycoreutils-2.0.79/semodule/semodule.c 2010-02-26 14:14:26.000000000 -0500
@@ -22,12 +22,12 @@
#include <semanage/modules.h>
-enum client_modes { NO_MODE, INSTALL_M, UPGRADE_M, BASE_M, REMOVE_M,
+enum client_modes { NO_MODE, INSTALL_M, UPGRADE_M, BASE_M, ENABLE_M, DISABLE_M, REMOVE_M,
LIST_M, RELOAD
};
/* list of modes in which one ought to commit afterwards */
static const int do_commit[] = {
- 0, 1, 1, 1, 1,
+ 0, 1, 1, 1, 1, 1, 1,
0, 0
};
@@ -104,9 +104,11 @@
printf(" -R, --reload reload policy\n");
printf(" -B, --build build and reload policy\n");
printf(" -i,--install=MODULE_PKG install a new module\n");
- printf(" -u,--upgrade=MODULE_PKG upgrades or install module to a newer version\n");
+ printf(" -u,--upgrade=MODULE_PKG upgrade existing module\n");
printf(" -b,--base=MODULE_PKG install new base module\n");
- printf(" -r,--remove=MODULE_NAME remove existing module\n");
+ printf(" -e,--enable=MODULE_PKG enable existing module\n");
+ printf(" -d,--disable=MODULE_PKG disable existing module\n");
+ printf(" -r,--remove=MODULE_NAME remove existing module\n");
printf
(" -l,--list-modules display list of installed modules\n");
printf("Other options:\n");
@@ -152,6 +154,8 @@
{"install", required_argument, NULL, 'i'},
{"list-modules", 0, NULL, 'l'},
{"verbose", 0, NULL, 'v'},
+ {"enable", required_argument, NULL, 'e'},
+ {"disable", required_argument, NULL, 'd'},
{"remove", required_argument, NULL, 'r'},
{"upgrade", required_argument, NULL, 'u'},
{"reload", 0, NULL, 'R'},
@@ -166,7 +170,7 @@
no_reload = 0;
create_store = 0;
while ((i =
- getopt_long(argc, argv, "s:b:hi:lvqr:u:RnBD", opts,
+ getopt_long(argc, argv, "s:b:hi:lvqe:d:r:u:RnBD", opts,
NULL)) != -1) {
switch (i) {
case 'b':
@@ -185,6 +189,12 @@
case 'v':
verbose = 1;
break;
+ case 'e':
+ set_mode(ENABLE_M, optarg);
+ break;
+ case 'd':
+ set_mode(DISABLE_M, optarg);
+ break;
case 'r':
set_mode(REMOVE_M, optarg);
break;
@@ -238,6 +248,10 @@
mode = UPGRADE_M;
} else if (commands && commands[num_commands - 1].mode == REMOVE_M) {
mode = REMOVE_M;
+ } else if (commands && commands[num_commands - 1].mode == ENABLE_M) {
+ mode = ENABLE_M;
+ } else if (commands && commands[num_commands - 1].mode == DISABLE_M) {
+ mode = DISABLE_M;
} else {
fprintf(stderr, "unknown additional arguments:\n");
while (optind < argc)
@@ -352,6 +366,30 @@
semanage_module_install_base_file(sh, mode_arg);
break;
}
+ case ENABLE_M:{
+ if (verbose) {
+ printf
+ ("Attempting to enable module '%s':\n",
+ mode_arg);
+ }
+ result = semanage_module_enable(sh, mode_arg);
+ if ( result == -2 ) {
+ continue;
+ }
+ break;
+ }
+ case DISABLE_M:{
+ if (verbose) {
+ printf
+ ("Attempting to disable module '%s':\n",
+ mode_arg);
+ }
+ result = semanage_module_disable(sh, mode_arg);
+ if ( result == -2 ) {
+ continue;
+ }
+ break;
+ }
case REMOVE_M:{
if (verbose) {
printf
@@ -382,11 +420,12 @@
semanage_module_info_t *m =
semanage_module_list_nth
(modinfo, j);
- printf("%s\t%s\n",
+ printf("%s\t%s\t%s\n",
semanage_module_get_name
(m),
semanage_module_get_version
- (m));
+ (m),
+ (semanage_module_get_enabled(m) ? "" : "Disabled"));
semanage_module_info_datum_destroy
(m);
}
diff --exclude-from=exclude --exclude=sepolgen-1.0.19 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/setfiles/restore.c policycoreutils-2.0.79/setfiles/restore.c
--- nsapolicycoreutils/setfiles/restore.c 2009-11-03 09:21:40.000000000 -0500
+++ policycoreutils-2.0.79/setfiles/restore.c 2010-02-26 16:15:51.000000000 -0500

8
policycoreutils.spec
View File

@ -6,8 +6,8 @@
Summary: SELinux policy core utilities
Name: policycoreutils
Version: 2.0.79
Release: 5%{?dist}
Version: 2.0.80
Release: 1%{?dist}
License: GPLv2+
Group: System Environment/Base
Source: http://www.nsa.gov/selinux/archives/policycoreutils-%{version}.tgz
@ -305,6 +305,10 @@ fi
exit 0
%changelog
* Mon Mar 8 2010 Dan Walsh <dwalsh@redhat.com> 2.0.80-1
- Update to upstream
* Module enable/disable support from Dan Walsh.
* Mon Mar 1 2010 Dan Walsh <dwalsh@redhat.com> 2.0.79-5
- Rewrite of sandbox script, add unit test for sandbox
- Update translations

2
sources
View File

@ -1,3 +1,3 @@
2ae1a9f7242e33413aae036d2edeb1d8 sepolgen-1.0.19.tgz
e09466b2b02ca5672ce3b43e02c5498f policycoreutils-2.0.79.tgz
f0ba121158e826b5263c2cf808aa1ed2 policycoreutils-2.0.80.tgz
59d33101d57378ce69889cc078addf90 policycoreutils_man_ru2.tar.bz2