rpms
/
policycoreutils
2
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

* Sun Jul 29 2009 Dan Walsh <dwalsh@redhat.com> 2.0.68-1 

- Fix location of man pages
- Update to upstream
	* Modify setfiles to exclude mounts without seclabel option in
	/proc/mounts on kernels >= 2.6.30 from Thomas Liu.
	* Re-enable disable_dontaudit rules upon semodule -B from Christopher
	Pardy and Dan Walsh.
	* setfiles converted to fts from Thomas Liu.
This commit is contained in:
Daniel J Walsh 2009-07-29 13:43:53 +00:00
parent d34f2573e0
commit d03de9fdcd
6 changed files with 208357 additions and 111640 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
.cvsignore
View File

@ -199,3 +199,6 @@ policycoreutils-2.0.62.tgz
sepolgen-1.0.16.tgz sepolgen-1.0.16.tgz
policycoreutils-2.0.63.tgz policycoreutils-2.0.63.tgz
policycoreutils-2.0.64.tgz policycoreutils-2.0.64.tgz
policycoreutils-2.0.65.tgz
policycoreutils-2.0.67.tgz
policycoreutils-2.0.68.tgz

319802
policycoreutils-po.patch
View File

File diff suppressed because it is too large Load Diff

133
policycoreutils-rhat.patch
View File

@ -1,26 +1,15 @@
diff --exclude-from=exclude --exclude=sepolgen-1.0.16 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/audit2allow/audit2allow policycoreutils-2.0.64/audit2allow/audit2allow diff --exclude-from=exclude --exclude=sepolgen-1.0.16 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/Makefile policycoreutils-2.0.68/Makefile
--- nsapolicycoreutils/audit2allow/audit2allow 2009-01-13 08:45:35.000000000 -0500
+++ policycoreutils-2.0.64/audit2allow/audit2allow 2009-06-26 14:57:32.000000000 -0400
@@ -126,6 +126,7 @@
elif self.__options.audit:
try:
messages = audit.get_audit_msgs()
+ messages += audit.get_log_msgs()
except OSError, e:
sys.stderr.write('could not run ausearch - "%s"\n' % str(e))
sys.exit(1)
diff --exclude-from=exclude --exclude=sepolgen-1.0.16 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/Makefile policycoreutils-2.0.64/Makefile
--- nsapolicycoreutils/Makefile 2008-08-28 09:34:24.000000000 -0400 --- nsapolicycoreutils/Makefile 2008-08-28 09:34:24.000000000 -0400
+++ policycoreutils-2.0.64/Makefile 2009-06-26 14:57:32.000000000 -0400 +++ policycoreutils-2.0.68/Makefile 2009-07-29 09:34:07.000000000 -0400
@@ -1,4 +1,4 @@ @@ -1,4 +1,4 @@
-SUBDIRS = setfiles semanage load_policy newrole run_init secon audit2allow audit2why scripts sestatus semodule_package semodule semodule_link semodule_expand semodule_deps setsebool po -SUBDIRS = setfiles semanage load_policy newrole run_init secon audit2allow audit2why scripts sestatus semodule_package semodule semodule_link semodule_expand semodule_deps setsebool po
+SUBDIRS = setfiles semanage load_policy newrole run_init secon audit2allow audit2why scripts sestatus semodule_package semodule semodule_link semodule_expand semodule_deps setsebool po gui +SUBDIRS = setfiles semanage load_policy newrole run_init secon audit2allow audit2why scripts sestatus semodule_package semodule semodule_link semodule_expand semodule_deps setsebool po gui
INOTIFYH = $(shell ls /usr/include/sys/inotify.h 2>/dev/null) INOTIFYH = $(shell ls /usr/include/sys/inotify.h 2>/dev/null)
diff --exclude-from=exclude --exclude=sepolgen-1.0.16 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/restorecond/Makefile policycoreutils-2.0.64/restorecond/Makefile diff --exclude-from=exclude --exclude=sepolgen-1.0.16 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/restorecond/Makefile policycoreutils-2.0.68/restorecond/Makefile
--- nsapolicycoreutils/restorecond/Makefile 2009-02-18 16:44:47.000000000 -0500 --- nsapolicycoreutils/restorecond/Makefile 2009-02-18 16:44:47.000000000 -0500
+++ policycoreutils-2.0.64/restorecond/Makefile 2009-06-26 14:57:32.000000000 -0400 +++ policycoreutils-2.0.68/restorecond/Makefile 2009-07-29 09:30:07.000000000 -0400
@@ -2,16 +2,23 @@ @@ -2,16 +2,23 @@
PREFIX ?= ${DESTDIR}/usr PREFIX ?= ${DESTDIR}/usr
SBINDIR ?= $(PREFIX)/sbin SBINDIR ?= $(PREFIX)/sbin
@ -62,16 +51,16 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.16 --exclude=gui --exclude=po
relabel: install relabel: install
/sbin/restorecon $(SBINDIR)/restorecond /sbin/restorecon $(SBINDIR)/restorecond
diff --exclude-from=exclude --exclude=sepolgen-1.0.16 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/restorecond/org.selinux.Restorecond.service policycoreutils-2.0.64/restorecond/org.selinux.Restorecond.service diff --exclude-from=exclude --exclude=sepolgen-1.0.16 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/restorecond/org.selinux.Restorecond.service policycoreutils-2.0.68/restorecond/org.selinux.Restorecond.service
--- nsapolicycoreutils/restorecond/org.selinux.Restorecond.service 1969-12-31 19:00:00.000000000 -0500 --- nsapolicycoreutils/restorecond/org.selinux.Restorecond.service 1969-12-31 19:00:00.000000000 -0500
+++ policycoreutils-2.0.64/restorecond/org.selinux.Restorecond.service 2009-06-26 14:57:32.000000000 -0400 +++ policycoreutils-2.0.68/restorecond/org.selinux.Restorecond.service 2009-07-29 09:30:07.000000000 -0400
@@ -0,0 +1,3 @@ @@ -0,0 +1,3 @@
+[D-BUS Service] +[D-BUS Service]
+Name=org.selinux.Restorecond +Name=org.selinux.Restorecond
+Exec=/usr/sbin/restorecond -u +Exec=/usr/sbin/restorecond -u
diff --exclude-from=exclude --exclude=sepolgen-1.0.16 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/restorecond/restorecond.c policycoreutils-2.0.64/restorecond/restorecond.c diff --exclude-from=exclude --exclude=sepolgen-1.0.16 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/restorecond/restorecond.c policycoreutils-2.0.68/restorecond/restorecond.c
--- nsapolicycoreutils/restorecond/restorecond.c 2009-02-18 16:44:47.000000000 -0500 --- nsapolicycoreutils/restorecond/restorecond.c 2009-02-18 16:44:47.000000000 -0500
+++ policycoreutils-2.0.64/restorecond/restorecond.c 2009-06-26 14:57:32.000000000 -0400 +++ policycoreutils-2.0.68/restorecond/restorecond.c 2009-07-29 09:30:07.000000000 -0400
@@ -48,294 +48,37 @@ @@ -48,294 +48,37 @@
#include <signal.h> #include <signal.h>
#include <string.h> #include <string.h>
@ -540,9 +529,9 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.16 --exclude=gui --exclude=po
} }
+ +
+ +
diff --exclude-from=exclude --exclude=sepolgen-1.0.16 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/restorecond/restorecond.conf policycoreutils-2.0.64/restorecond/restorecond.conf diff --exclude-from=exclude --exclude=sepolgen-1.0.16 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/restorecond/restorecond.conf policycoreutils-2.0.68/restorecond/restorecond.conf
--- nsapolicycoreutils/restorecond/restorecond.conf 2009-05-18 13:53:14.000000000 -0400 --- nsapolicycoreutils/restorecond/restorecond.conf 2009-05-18 13:53:14.000000000 -0400
+++ policycoreutils-2.0.64/restorecond/restorecond.conf 2009-06-26 14:57:32.000000000 -0400 +++ policycoreutils-2.0.68/restorecond/restorecond.conf 2009-07-29 09:30:07.000000000 -0400
@@ -4,8 +4,5 @@ @@ -4,8 +4,5 @@
/etc/mtab /etc/mtab
/var/run/utmp /var/run/utmp
@ -553,9 +542,9 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.16 --exclude=gui --exclude=po
/root/.ssh/* /root/.ssh/*
- -
- -
diff --exclude-from=exclude --exclude=sepolgen-1.0.16 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/restorecond/restorecond.desktop policycoreutils-2.0.64/restorecond/restorecond.desktop diff --exclude-from=exclude --exclude=sepolgen-1.0.16 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/restorecond/restorecond.desktop policycoreutils-2.0.68/restorecond/restorecond.desktop
--- nsapolicycoreutils/restorecond/restorecond.desktop 1969-12-31 19:00:00.000000000 -0500 --- nsapolicycoreutils/restorecond/restorecond.desktop 1969-12-31 19:00:00.000000000 -0500
+++ policycoreutils-2.0.64/restorecond/restorecond.desktop 2009-06-26 14:57:32.000000000 -0400 +++ policycoreutils-2.0.68/restorecond/restorecond.desktop 2009-07-29 09:30:07.000000000 -0400
@@ -0,0 +1,7 @@ @@ -0,0 +1,7 @@
+[Desktop Entry] +[Desktop Entry]
+Name=File Context maintainer +Name=File Context maintainer
@ -564,9 +553,9 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.16 --exclude=gui --exclude=po
+Encoding=UTF-8 +Encoding=UTF-8
+Type=Application +Type=Application
+StartupNotify=false +StartupNotify=false
diff --exclude-from=exclude --exclude=sepolgen-1.0.16 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/restorecond/restorecond.h policycoreutils-2.0.64/restorecond/restorecond.h diff --exclude-from=exclude --exclude=sepolgen-1.0.16 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/restorecond/restorecond.h policycoreutils-2.0.68/restorecond/restorecond.h
--- nsapolicycoreutils/restorecond/restorecond.h 2008-08-28 09:34:24.000000000 -0400 --- nsapolicycoreutils/restorecond/restorecond.h 2008-08-28 09:34:24.000000000 -0400
+++ policycoreutils-2.0.64/restorecond/restorecond.h 2009-06-26 14:57:32.000000000 -0400 +++ policycoreutils-2.0.68/restorecond/restorecond.h 2009-07-29 09:30:07.000000000 -0400
@@ -24,7 +24,22 @@ @@ -24,7 +24,22 @@
#ifndef RESTORED_CONFIG_H #ifndef RESTORED_CONFIG_H
#define RESTORED_CONFIG_H #define RESTORED_CONFIG_H
@ -592,15 +581,15 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.16 --exclude=gui --exclude=po
+extern void watch_list_free(int fd); +extern void watch_list_free(int fd);
#endif #endif
diff --exclude-from=exclude --exclude=sepolgen-1.0.16 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/restorecond/restorecond_user.conf policycoreutils-2.0.64/restorecond/restorecond_user.conf diff --exclude-from=exclude --exclude=sepolgen-1.0.16 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/restorecond/restorecond_user.conf policycoreutils-2.0.68/restorecond/restorecond_user.conf
--- nsapolicycoreutils/restorecond/restorecond_user.conf 1969-12-31 19:00:00.000000000 -0500 --- nsapolicycoreutils/restorecond/restorecond_user.conf 1969-12-31 19:00:00.000000000 -0500
+++ policycoreutils-2.0.64/restorecond/restorecond_user.conf 2009-06-26 14:57:32.000000000 -0400 +++ policycoreutils-2.0.68/restorecond/restorecond_user.conf 2009-07-29 09:30:07.000000000 -0400
@@ -0,0 +1,2 @@ @@ -0,0 +1,2 @@
+~/* +~/*
+~/public_html/* +~/public_html/*
diff --exclude-from=exclude --exclude=sepolgen-1.0.16 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/restorecond/user.c policycoreutils-2.0.64/restorecond/user.c diff --exclude-from=exclude --exclude=sepolgen-1.0.16 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/restorecond/user.c policycoreutils-2.0.68/restorecond/user.c
--- nsapolicycoreutils/restorecond/user.c 1969-12-31 19:00:00.000000000 -0500 --- nsapolicycoreutils/restorecond/user.c 1969-12-31 19:00:00.000000000 -0500
+++ policycoreutils-2.0.64/restorecond/user.c 2009-06-26 14:57:32.000000000 -0400 +++ policycoreutils-2.0.68/restorecond/user.c 2009-07-29 09:30:07.000000000 -0400
@@ -0,0 +1,220 @@ @@ -0,0 +1,220 @@
+/* +/*
+ * restorecond + * restorecond
@ -822,9 +811,9 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.16 --exclude=gui --exclude=po
+ return 0; + return 0;
+} +}
+ +
diff --exclude-from=exclude --exclude=sepolgen-1.0.16 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/restorecond/walk.c policycoreutils-2.0.64/restorecond/walk.c diff --exclude-from=exclude --exclude=sepolgen-1.0.16 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/restorecond/walk.c policycoreutils-2.0.68/restorecond/walk.c
--- nsapolicycoreutils/restorecond/walk.c 1969-12-31 19:00:00.000000000 -0500 --- nsapolicycoreutils/restorecond/walk.c 1969-12-31 19:00:00.000000000 -0500
+++ policycoreutils-2.0.64/restorecond/walk.c 2009-06-26 14:57:32.000000000 -0400 +++ policycoreutils-2.0.68/restorecond/walk.c 2009-07-29 09:30:07.000000000 -0400
@@ -0,0 +1,30 @@ @@ -0,0 +1,30 @@
+#define _XOPEN_SOURCE 500 +#define _XOPEN_SOURCE 500
+#include <ftw.h> +#include <ftw.h>
@ -856,9 +845,9 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.16 --exclude=gui --exclude=po
+ printf("Total Dirs %d\n",ctr); + printf("Total Dirs %d\n",ctr);
+ exit(EXIT_SUCCESS); + exit(EXIT_SUCCESS);
+} +}
diff --exclude-from=exclude --exclude=sepolgen-1.0.16 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/restorecond/watch.c policycoreutils-2.0.64/restorecond/watch.c diff --exclude-from=exclude --exclude=sepolgen-1.0.16 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/restorecond/watch.c policycoreutils-2.0.68/restorecond/watch.c
--- nsapolicycoreutils/restorecond/watch.c 1969-12-31 19:00:00.000000000 -0500 --- nsapolicycoreutils/restorecond/watch.c 1969-12-31 19:00:00.000000000 -0500
+++ policycoreutils-2.0.64/restorecond/watch.c 2009-06-26 14:57:32.000000000 -0400 +++ policycoreutils-2.0.68/restorecond/watch.c 2009-07-29 09:30:07.000000000 -0400
@@ -0,0 +1,346 @@ @@ -0,0 +1,346 @@
+#define _GNU_SOURCE +#define _GNU_SOURCE
+#include <sys/inotify.h> +#include <sys/inotify.h>
@ -1206,9 +1195,21 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.16 --exclude=gui --exclude=po
+ exitApp("Error watching config file."); + exitApp("Error watching config file.");
+} +}
+ +
diff --exclude-from=exclude --exclude=sepolgen-1.0.16 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/scripts/Makefile policycoreutils-2.0.64/scripts/Makefile diff --exclude-from=exclude --exclude=sepolgen-1.0.16 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/scripts/fixfiles policycoreutils-2.0.68/scripts/fixfiles
--- nsapolicycoreutils/scripts/fixfiles 2009-06-23 15:36:07.000000000 -0400
+++ policycoreutils-2.0.68/scripts/fixfiles 2009-07-29 09:31:44.000000000 -0400
@@ -129,7 +129,7 @@
if [ ! -z "$FILEPATH" ]; then
if [ -x /usr/bin/find ]; then
/usr/bin/find "$FILEPATH" \
- ! \( -fstype ext2 -o -fstype ext3 -o -fstype ext4 -o -fstype ext4dev -o -fstype gfs2 -o -fstype jfs -o -fstype xfs -o fstype btrfs \) -prune -o -print0 | \
+ ! \( -fstype ext2 -o -fstype ext3 -o -fstype ext4 -o -fstype ext4dev -o -fstype gfs2 -o -fstype jfs -o -fstype xfs -o -fstype btrfs \) -prune -o -print0 | \
${RESTORECON} ${OUTFILES} ${FORCEFLAG} $* -0 -f - 2>&1 >> $LOGFILE
else
${RESTORECON} ${OUTFILES} ${FORCEFLAG} -R $* $FILEPATH 2>&1 >> $LOGFILE
diff --exclude-from=exclude --exclude=sepolgen-1.0.16 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/scripts/Makefile policycoreutils-2.0.68/scripts/Makefile
--- nsapolicycoreutils/scripts/Makefile 2008-08-28 09:34:24.000000000 -0400 --- nsapolicycoreutils/scripts/Makefile 2008-08-28 09:34:24.000000000 -0400
+++ policycoreutils-2.0.64/scripts/Makefile 2009-06-26 14:57:40.000000000 -0400 +++ policycoreutils-2.0.68/scripts/Makefile 2009-07-29 09:30:07.000000000 -0400
@@ -5,11 +5,12 @@ @@ -5,11 +5,12 @@
MANDIR ?= $(PREFIX)/share/man MANDIR ?= $(PREFIX)/share/man
LOCALEDIR ?= /usr/share/locale LOCALEDIR ?= /usr/share/locale
@ -1223,9 +1224,9 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.16 --exclude=gui --exclude=po
install -m 755 fixfiles $(DESTDIR)/sbin install -m 755 fixfiles $(DESTDIR)/sbin
install -m 755 genhomedircon $(SBINDIR) install -m 755 genhomedircon $(SBINDIR)
-mkdir -p $(MANDIR)/man8 -mkdir -p $(MANDIR)/man8
diff --exclude-from=exclude --exclude=sepolgen-1.0.16 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/scripts/sandbox policycoreutils-2.0.64/scripts/sandbox diff --exclude-from=exclude --exclude=sepolgen-1.0.16 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/scripts/sandbox policycoreutils-2.0.68/scripts/sandbox
--- nsapolicycoreutils/scripts/sandbox 1969-12-31 19:00:00.000000000 -0500 --- nsapolicycoreutils/scripts/sandbox 1969-12-31 19:00:00.000000000 -0500
+++ policycoreutils-2.0.64/scripts/sandbox 2009-06-26 14:57:40.000000000 -0400 +++ policycoreutils-2.0.68/scripts/sandbox 2009-07-29 09:30:07.000000000 -0400
@@ -0,0 +1,139 @@ @@ -0,0 +1,139 @@
+#!/usr/bin/python -E +#!/usr/bin/python -E
+import os, sys, getopt, socket, random, fcntl +import os, sys, getopt, socket, random, fcntl
@ -1366,9 +1367,9 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.16 --exclude=gui --exclude=po
+ error_exit(error.args[1]) + error_exit(error.args[1])
+ +
+ sys.exit(rc) + sys.exit(rc)
diff --exclude-from=exclude --exclude=sepolgen-1.0.16 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/scripts/sandbox.8 policycoreutils-2.0.64/scripts/sandbox.8 diff --exclude-from=exclude --exclude=sepolgen-1.0.16 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/scripts/sandbox.8 policycoreutils-2.0.68/scripts/sandbox.8
--- nsapolicycoreutils/scripts/sandbox.8 1969-12-31 19:00:00.000000000 -0500 --- nsapolicycoreutils/scripts/sandbox.8 1969-12-31 19:00:00.000000000 -0500
+++ policycoreutils-2.0.64/scripts/sandbox.8 2009-06-26 14:57:40.000000000 -0400 +++ policycoreutils-2.0.68/scripts/sandbox.8 2009-07-29 09:30:07.000000000 -0400
@@ -0,0 +1,22 @@ @@ -0,0 +1,22 @@
+.TH SANDBOX "8" "May 2009" "chcat" "User Commands" +.TH SANDBOX "8" "May 2009" "chcat" "User Commands"
+.SH NAME +.SH NAME
@ -1392,9 +1393,9 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.16 --exclude=gui --exclude=po
+.TP +.TP
+runcon(1) +runcon(1)
+.PP +.PP
diff --exclude-from=exclude --exclude=sepolgen-1.0.16 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/scripts/sandbox.py policycoreutils-2.0.64/scripts/sandbox.py diff --exclude-from=exclude --exclude=sepolgen-1.0.16 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/scripts/sandbox.py policycoreutils-2.0.68/scripts/sandbox.py
--- nsapolicycoreutils/scripts/sandbox.py 1969-12-31 19:00:00.000000000 -0500 --- nsapolicycoreutils/scripts/sandbox.py 1969-12-31 19:00:00.000000000 -0500
+++ policycoreutils-2.0.64/scripts/sandbox.py 2009-06-26 14:57:40.000000000 -0400 +++ policycoreutils-2.0.68/scripts/sandbox.py 2009-07-29 09:30:07.000000000 -0400
@@ -0,0 +1,67 @@ @@ -0,0 +1,67 @@
+#!/usr/bin/python +#!/usr/bin/python
+import os, sys, getopt, socket, random, fcntl +import os, sys, getopt, socket, random, fcntl
@ -1463,9 +1464,9 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.16 --exclude=gui --exclude=po
+ mount(mount_src, filecon) + mount(mount_src, filecon)
+ umount(filecon) + umount(filecon)
+os.execvp(cmds[0], cmds) +os.execvp(cmds[0], cmds)
diff --exclude-from=exclude --exclude=sepolgen-1.0.16 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/semanage/semanage policycoreutils-2.0.64/semanage/semanage diff --exclude-from=exclude --exclude=sepolgen-1.0.16 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/semanage/semanage policycoreutils-2.0.68/semanage/semanage
--- nsapolicycoreutils/semanage/semanage 2009-05-18 13:53:14.000000000 -0400 --- nsapolicycoreutils/semanage/semanage 2009-05-18 13:53:14.000000000 -0400
+++ policycoreutils-2.0.64/semanage/semanage 2009-06-26 14:57:40.000000000 -0400 +++ policycoreutils-2.0.68/semanage/semanage 2009-07-29 09:34:44.000000000 -0400
@@ -44,16 +44,17 @@ @@ -44,16 +44,17 @@
text = _(""" text = _("""
semanage [ -S store ] -i [ input_file | - ] semanage [ -S store ] -i [ input_file | - ]
@ -1499,7 +1500,7 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.16 --exclude=gui --exclude=po
-F, --file Treat target as an input file for command, change multiple settings -F, --file Treat target as an input file for command, change multiple settings
-p, --proto Port protocol (tcp or udp) or internet protocol version of node (ipv4 or ipv6) -p, --proto Port protocol (tcp or udp) or internet protocol version of node (ipv4 or ipv6)
-M, --mask Netmask -M, --mask Netmask
+ -e, --equil Make target equil to this paths labeling + -e, --equal Make target equal to this paths labeling
-P, --prefix Prefix for home directory labeling -P, --prefix Prefix for home directory labeling
-L, --level Default SELinux Level (MLS/MCS Systems only) -L, --level Default SELinux Level (MLS/MCS Systems only)
-R, --roles SELinux Roles (ex: "sysadm_r staff_r") -R, --roles SELinux Roles (ex: "sysadm_r staff_r")
@ -1508,7 +1509,7 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.16 --exclude=gui --exclude=po
valid_option["node"] += valid_everyone + [ '-M', '--mask', '-t', '--type', '-r', '--range', '-p', '--protocol'] valid_option["node"] += valid_everyone + [ '-M', '--mask', '-t', '--type', '-r', '--range', '-p', '--protocol']
valid_option["fcontext"] = [] valid_option["fcontext"] = []
- valid_option["fcontext"] += valid_everyone + [ '-f', '--ftype', '-s', '--seuser', '-t', '--type', '-r', '--range'] - valid_option["fcontext"] += valid_everyone + [ '-f', '--ftype', '-s', '--seuser', '-t', '--type', '-r', '--range']
+ valid_option["fcontext"] += valid_everyone + [ '-e', '--equil', '-f', '--ftype', '-s', '--seuser', '-t', '--type', '-r', '--range'] + valid_option["fcontext"] += valid_everyone + [ '-e', '--equal', '-f', '--ftype', '-s', '--seuser', '-t', '--type', '-r', '--range']
valid_option["translation"] = [] valid_option["translation"] = []
valid_option["translation"] += valid_everyone + [ '-T', '--trans' ] valid_option["translation"] += valid_everyone + [ '-T', '--trans' ]
valid_option["boolean"] = [] valid_option["boolean"] = []
@ -1523,7 +1524,7 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.16 --exclude=gui --exclude=po
locallist = False locallist = False
use_file = False use_file = False
store = "" store = ""
+ equil="" + equal=""
+ dontaudit = "" + dontaudit = ""
+ +
@ -1540,7 +1541,7 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.16 --exclude=gui --exclude=po
'delete', 'delete',
'deleteall', 'deleteall',
+ 'dontaudit=', + 'dontaudit=',
+ 'equil=', + 'equal=',
'ftype=', 'ftype=',
'file', 'file',
'help', 'help',
@ -1558,8 +1559,8 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.16 --exclude=gui --exclude=po
- ftype=a - ftype=a
+ ftype = a + ftype = a
+ +
+ if o == "-e" or o == "--equil": + if o == "-e" or o == "--equal":
+ equil = a + equal = a
if o == "-F" or o == "--file": if o == "-F" or o == "--file":
use_file = True use_file = True
@ -1606,10 +1607,10 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.16 --exclude=gui --exclude=po
if object == "fcontext": if object == "fcontext":
- OBJECT.add(target, setype, ftype, serange, seuser) - OBJECT.add(target, setype, ftype, serange, seuser)
+ if equil == "": + if equal == "":
+ OBJECT.add(target, setype, ftype, serange, seuser) + OBJECT.add(target, setype, ftype, serange, seuser)
+ else: + else:
+ OBJECT.add_equil(target, equil) + OBJECT.add_equal(target, equal)
if object == "permissive": if object == "permissive":
OBJECT.add(target) OBJECT.add(target)
@ -1628,10 +1629,10 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.16 --exclude=gui --exclude=po
if object == "fcontext": if object == "fcontext":
- OBJECT.modify(target, setype, ftype, serange, seuser) - OBJECT.modify(target, setype, ftype, serange, seuser)
+ if equil == "": + if equal == "":
+ OBJECT.modify(target, setype, ftype, serange, seuser) + OBJECT.modify(target, setype, ftype, serange, seuser)
+ else: + else:
+ OBJECT.modify_equil(target, equil) + OBJECT.modify_equal(target, equal)
return return
@ -1644,9 +1645,9 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.16 --exclude=gui --exclude=po
elif object == "node": elif object == "node":
OBJECT.delete(target, mask, proto) OBJECT.delete(target, mask, proto)
diff --exclude-from=exclude --exclude=sepolgen-1.0.16 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/semanage/semanage.8 policycoreutils-2.0.64/semanage/semanage.8 diff --exclude-from=exclude --exclude=sepolgen-1.0.16 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/semanage/semanage.8 policycoreutils-2.0.68/semanage/semanage.8
--- nsapolicycoreutils/semanage/semanage.8 2008-08-28 09:34:24.000000000 -0400 --- nsapolicycoreutils/semanage/semanage.8 2008-08-28 09:34:24.000000000 -0400
+++ policycoreutils-2.0.64/semanage/semanage.8 2009-06-26 14:57:40.000000000 -0400 +++ policycoreutils-2.0.68/semanage/semanage.8 2009-07-29 09:30:07.000000000 -0400
@@ -21,6 +21,8 @@ @@ -21,6 +21,8 @@
.br .br
.B semanage permissive \-{a|d} type .B semanage permissive \-{a|d} type
@ -1656,9 +1657,9 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.16 --exclude=gui --exclude=po
.B semanage translation \-{a|d|m} [\-T] level .B semanage translation \-{a|d|m} [\-T] level
.P .P
diff --exclude-from=exclude --exclude=sepolgen-1.0.16 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/semanage/seobject.py policycoreutils-2.0.64/semanage/seobject.py diff --exclude-from=exclude --exclude=sepolgen-1.0.16 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/semanage/seobject.py policycoreutils-2.0.68/semanage/seobject.py
--- nsapolicycoreutils/semanage/seobject.py 2009-05-18 13:53:14.000000000 -0400 --- nsapolicycoreutils/semanage/seobject.py 2009-05-18 13:53:14.000000000 -0400
+++ policycoreutils-2.0.64/semanage/seobject.py 2009-06-26 14:57:40.000000000 -0400 +++ policycoreutils-2.0.68/semanage/seobject.py 2009-07-29 09:35:07.000000000 -0400
@@ -1,5 +1,5 @@ @@ -1,5 +1,5 @@
#! /usr/bin/python -E #! /usr/bin/python -E
-# Copyright (C) 2005, 2006, 2007, 2008 Red Hat -# Copyright (C) 2005, 2006, 2007, 2008 Red Hat
@ -2208,7 +2209,7 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.16 --exclude=gui --exclude=po
def __init__(self, store = ""): def __init__(self, store = ""):
semanageRecords.__init__(self, store) semanageRecords.__init__(self, store)
+ self.equiv = {} + self.equiv = {}
+ self.equil_ind = False + self.equal_ind = False
+ try: + try:
+ fd = open(selinux.selinux_file_context_subs_path(), "r") + fd = open(selinux.selinux_file_context_subs_path(), "r")
+ for i in fd.readlines(): + for i in fd.readlines():
@ -2219,7 +2220,7 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.16 --exclude=gui --exclude=po
+ pass + pass
+ +
+ def commit(self): + def commit(self):
+ if self.equil_ind: + if self.equal_ind:
+ subs_file = selinux.selinux_file_context_subs_path() + subs_file = selinux.selinux_file_context_subs_path()
+ tmpfile = "%s.tmp" % subs_file + tmpfile = "%s.tmp" % subs_file
+ fd = open(tmpfile, "w") + fd = open(tmpfile, "w")
@ -2231,23 +2232,23 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.16 --exclude=gui --exclude=po
+ except: + except:
+ pass + pass
+ os.rename(tmpfile,subs_file) + os.rename(tmpfile,subs_file)
+ self.equil_ind = False + self.equal_ind = False
+ semanageRecords.commit(self) + semanageRecords.commit(self)
+ +
+ def add_equil(self, src, dst): + def add_equal(self, src, dst):
+ self.begin() + self.begin()
+ if src in self.equiv.keys(): + if src in self.equiv.keys():
+ raise ValueError(_("Equivalence class for %s already exists") % src) + raise ValueError(_("Equivalence class for %s already exists") % src)
+ self.equiv[src] = dst + self.equiv[src] = dst
+ self.equil_ind = True + self.equal_ind = True
+ self.commit() + self.commit()
+ +
+ def modify_equil(self, src, dst): + def modify_equal(self, src, dst):
+ self.begin() + self.begin()
+ if src not in self.equiv.keys(): + if src not in self.equiv.keys():
+ raise ValueError(_("Equivalence class for %s does not exists") % src) + raise ValueError(_("Equivalence class for %s does not exists") % src)
+ self.equiv[src] = dst + self.equiv[src] = dst
+ self.equil_ind = True + self.equal_ind = True
+ self.commit() + self.commit()
def createcon(self, target, seuser = "system_u"): def createcon(self, target, seuser = "system_u"):
@ -2323,14 +2324,14 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.16 --exclude=gui --exclude=po
- -
+ +
+ self.equiv = {} + self.equiv = {}
+ self.equil_ind = True + self.equal_ind = True
self.commit() self.commit()
def __delete(self, target, ftype): def __delete(self, target, ftype):
- (rc,k) = semanage_fcontext_key_create(self.sh, target, file_types[ftype]) - (rc,k) = semanage_fcontext_key_create(self.sh, target, file_types[ftype])
+ if target in self.equiv.keys(): + if target in self.equiv.keys():
+ self.equiv.pop(target) + self.equiv.pop(target)
+ self.equil_ind = True + self.equal_ind = True
+ return + return
+ +
+ (rc, k) = semanage_fcontext_key_create(self.sh, target, file_types[ftype]) + (rc, k) = semanage_fcontext_key_create(self.sh, target, file_types[ftype])

57
policycoreutils.spec
View File

@ -5,8 +5,8 @@
%define sepolgenver 1.0.16 %define sepolgenver 1.0.16
Summary: SELinux policy core utilities Summary: SELinux policy core utilities
Name: policycoreutils Name: policycoreutils
Version: 2.0.64 Version: 2.0.68
Release: 3%{?dist} Release: 1%{?dist}
License: GPLv2+ License: GPLv2+
Group: System Environment/Base Group: System Environment/Base
Source: http://www.nsa.gov/selinux/archives/policycoreutils-%{version}.tgz Source: http://www.nsa.gov/selinux/archives/policycoreutils-%{version}.tgz
@ -81,6 +81,7 @@ install -m 644 %{SOURCE4} %{buildroot}%{_sysconfdir}/pam.d/selinux-polgengui
install -m 644 %{SOURCE5} %{buildroot}%{_sysconfdir}/security/console.apps/system-config-selinux install -m 644 %{SOURCE5} %{buildroot}%{_sysconfdir}/security/console.apps/system-config-selinux
install -m 644 %{SOURCE7} %{buildroot}%{_sysconfdir}/security/console.apps/selinux-polgengui install -m 644 %{SOURCE7} %{buildroot}%{_sysconfdir}/security/console.apps/selinux-polgengui
tar -jxf %{SOURCE8} -C %{buildroot}/ tar -jxf %{SOURCE8} -C %{buildroot}/
rm -f %{buildroot}/usr/share/man/ru/man8/genhomedircon.8.gz
ln -sf consolehelper %{buildroot}%{_bindir}/system-config-selinux ln -sf consolehelper %{buildroot}%{_bindir}/system-config-selinux
ln -sf consolehelper %{buildroot}%{_bindir}/selinux-polgengui ln -sf consolehelper %{buildroot}%{_bindir}/selinux-polgengui
@ -121,6 +122,17 @@ The policycoreutils-python package contains the management tools use to manage a
%dir /var/lib/sepolgen %dir /var/lib/sepolgen
%dir /var/lib/selinux %dir /var/lib/selinux
/var/lib/sepolgen/perm_map /var/lib/sepolgen/perm_map
%dir %{_datadir}/sandbox
%{_mandir}/man1/audit2allow.1*
%{_mandir}/ru/man1/audit2allow.1*
%{_mandir}/man1/audit2why.1*
%{_mandir}/ru/man1/audit2why.1*
%{_mandir}/man8/chcat.8*
%{_mandir}/ru/man8/chcat.8*
%{_mandir}/man8/semanage.8*
%{_mandir}/ru/man8/semanage.8*
%{_mandir}/man8/fixfiles.8*
%{_mandir}/ru/man8/fixfiles.8*
%post python %post python
[ -f /usr/share/selinux/devel/include/build.conf ] && /usr/bin/sepolgen-ifgen [ -f /usr/share/selinux/devel/include/build.conf ] && /usr/bin/sepolgen-ifgen
@ -198,9 +210,6 @@ rm -rf %{buildroot}
%{_bindir}/semodule_expand %{_bindir}/semodule_expand
%{_bindir}/semodule_link %{_bindir}/semodule_link
%{_bindir}/semodule_package %{_bindir}/semodule_package
%{_mandir}/man*/*
# selinux-policy Requires: policycoreutils, so we own this set of directories and our files within them
%{_mandir}/ru/
%config(noreplace) %{_sysconfdir}/pam.d/newrole %config(noreplace) %{_sysconfdir}/pam.d/newrole
%config(noreplace) %{_sysconfdir}/pam.d/run_init %config(noreplace) %{_sysconfdir}/pam.d/run_init
%config(noreplace) %{_sysconfdir}/sestatus.conf %config(noreplace) %{_sysconfdir}/sestatus.conf
@ -209,6 +218,35 @@ rm -rf %{buildroot}
%config(noreplace) /etc/selinux/restorecond_user.conf %config(noreplace) /etc/selinux/restorecond_user.conf
%{_sysconfdir}/xdg/autostart/restorecond.desktop %{_sysconfdir}/xdg/autostart/restorecond.desktop
%{_datadir}/dbus-1/services/org.selinux.Restorecond.service %{_datadir}/dbus-1/services/org.selinux.Restorecond.service
# selinux-policy Requires: policycoreutils, so we own this set of directories and our files within them
%{_mandir}/man8/load_policy.8*
%{_mandir}/ru/man8/load_policy.8*
%{_mandir}/man8/open_init_pty.8*
%{_mandir}/ru/man8/open_init_pty.8*
%{_mandir}/man8/restorecon.8*
%{_mandir}/ru/man8/restorecon.8*
%{_mandir}/man8/restorecond.8*
%{_mandir}/ru/man8/restorecond.8*
%{_mandir}/man8/run_init.8*
%{_mandir}/ru/man8/run_init.8*
%{_mandir}/man8/semodule.8*
%{_mandir}/ru/man8/semodule.8*
%{_mandir}/man8/semodule_deps.8*
%{_mandir}/ru/man8/semodule_deps.8*
%{_mandir}/man8/semodule_expand.8*
%{_mandir}/ru/man8/semodule_expand.8*
%{_mandir}/man8/semodule_link.8*
%{_mandir}/ru/man8/semodule_link.8*
%{_mandir}/man8/semodule_package.8*
%{_mandir}/ru/man8/semodule_package.8*
%{_mandir}/man8/sestatus.8*
%{_mandir}/ru/man8/sestatus.8*
%{_mandir}/man8/setfiles.8*
%{_mandir}/ru/man8/setfiles.8*
%{_mandir}/man8/setsebool.8*
%{_mandir}/ru/man8/setsebool.8*
%{_mandir}/man1/secon.1*
%{_mandir}/ru/man1/secon.1*
%preun %preun
if [ $1 -eq 0 ]; then if [ $1 -eq 0 ]; then
@ -229,6 +267,15 @@ else
fi fi
%changelog %changelog
* Sun Jul 29 2009 Dan Walsh <dwalsh@redhat.com> 2.0.68-1
- Fix location of man pages
- Update to upstream
* Modify setfiles to exclude mounts without seclabel option in
/proc/mounts on kernels >= 2.6.30 from Thomas Liu.
* Re-enable disable_dontaudit rules upon semodule -B from Christopher
Pardy and Dan Walsh.
* setfiles converted to fts from Thomas Liu.
* Sun Jul 26 2009 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 2.0.64-3 * Sun Jul 26 2009 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 2.0.64-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_12_Mass_Rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_12_Mass_Rebuild

BIN
policycoreutils_man_ru2.tar.bz2
View File

Binary file not shown.

2
sources
View File

@ -1,2 +1,2 @@
e1b5416c3e0d76e5d702b3f54f4def45 sepolgen-1.0.16.tgz e1b5416c3e0d76e5d702b3f54f4def45 sepolgen-1.0.16.tgz
d70351e2caf19dd096c3329e67f22753 policycoreutils-2.0.64.tgz aed0ab49649832c19b650e9edefb3c64 policycoreutils-2.0.68.tgz