* Wed Feb 7 2007 Dan Walsh <dwalsh@redhat.com> 2.0.0-1
- Update to upstream * Merged new audit2allow from Karl MacMillan. This audit2allow depends on the new sepolgen python module. Note that you must run the sepolgen-ifgen tool to generate the data needed by audit2allow to generate refpolicy. * Fixed newrole non-pam build. - Fix Changelog and spelling error in man page
This commit is contained in:
parent
702971bc39
commit
f1efb4d7ce
@ -130,3 +130,4 @@ policycoreutils-1.33.15.tgz
|
|||||||
policycoreutils-1.34.0.tgz
|
policycoreutils-1.34.0.tgz
|
||||||
policycoreutils-1.34.1.tgz
|
policycoreutils-1.34.1.tgz
|
||||||
policycoreutils-2.0.0.tgz
|
policycoreutils-2.0.0.tgz
|
||||||
|
policycoreutils-2.0.1.tgz
|
||||||
|
@ -4881,17 +4881,46 @@ diff --exclude-from=exclude --exclude POTFILES.in --exclude='*.po' --exclude='*.
|
|||||||
close(fd);
|
close(fd);
|
||||||
diff --exclude-from=exclude --exclude POTFILES.in --exclude='*.po' --exclude='*.pot' -N -u -r nsapolicycoreutils/restorecond/restorecond.conf policycoreutils-2.0.0/restorecond/restorecond.conf
|
diff --exclude-from=exclude --exclude POTFILES.in --exclude='*.po' --exclude='*.pot' -N -u -r nsapolicycoreutils/restorecond/restorecond.conf policycoreutils-2.0.0/restorecond/restorecond.conf
|
||||||
--- nsapolicycoreutils/restorecond/restorecond.conf 2006-11-20 12:19:55.000000000 -0500
|
--- nsapolicycoreutils/restorecond/restorecond.conf 2006-11-20 12:19:55.000000000 -0500
|
||||||
+++ policycoreutils-2.0.0/restorecond/restorecond.conf 2007-02-07 16:40:46.000000000 -0500
|
+++ policycoreutils-2.0.0/restorecond/restorecond.conf 2007-02-08 09:48:45.000000000 -0500
|
||||||
@@ -1,4 +1,5 @@
|
@@ -1,7 +1,9 @@
|
||||||
/etc/resolv.conf
|
/etc/resolv.conf
|
||||||
+/etc/localtime
|
+/etc/localtime
|
||||||
/etc/samba/secrets.tdb
|
/etc/samba/secrets.tdb
|
||||||
/etc/mtab
|
/etc/mtab
|
||||||
/var/run/utmp
|
/var/run/utmp
|
||||||
|
+/var/run/faillog
|
||||||
|
/var/log/wtmp
|
||||||
|
~/public_html
|
||||||
|
~/.mozilla/plugins/libflashplayer.so
|
||||||
diff --exclude-from=exclude --exclude POTFILES.in --exclude='*.po' --exclude='*.pot' -N -u -r nsapolicycoreutils/scripts/chcat policycoreutils-2.0.0/scripts/chcat
|
diff --exclude-from=exclude --exclude POTFILES.in --exclude='*.po' --exclude='*.pot' -N -u -r nsapolicycoreutils/scripts/chcat policycoreutils-2.0.0/scripts/chcat
|
||||||
--- nsapolicycoreutils/scripts/chcat 2006-11-16 17:14:27.000000000 -0500
|
--- nsapolicycoreutils/scripts/chcat 2006-11-16 17:14:27.000000000 -0500
|
||||||
+++ policycoreutils-2.0.0/scripts/chcat 2007-02-07 16:40:46.000000000 -0500
|
+++ policycoreutils-2.0.0/scripts/chcat 2007-02-08 15:47:17.000000000 -0500
|
||||||
@@ -62,12 +62,20 @@
|
@@ -25,11 +25,22 @@
|
||||||
|
import commands, sys, os, pwd, string, getopt, selinux
|
||||||
|
import seobject
|
||||||
|
import gettext
|
||||||
|
+import codecs
|
||||||
|
+import locale
|
||||||
|
+sys.stderr = codecs.getwriter(locale.getpreferredencoding())(sys.__stderr__, 'replace')
|
||||||
|
+sys.stdout = codecs.getwriter(locale.getpreferredencoding())(sys.__stdout__, 'replace')
|
||||||
|
|
||||||
|
try:
|
||||||
|
gettext.install('policycoreutils')
|
||||||
|
-except:
|
||||||
|
- pass
|
||||||
|
+except IOError:
|
||||||
|
+ import __builtin__
|
||||||
|
+ __builtin__.__dict__['_'] = unicode
|
||||||
|
+
|
||||||
|
+def errorExit(error):
|
||||||
|
+ sys.stderr.write("%s: " % sys.argv[0])
|
||||||
|
+ sys.stderr.write("%s\n" % error)
|
||||||
|
+ sys.stderr.flush()
|
||||||
|
+ sys.exit(1)
|
||||||
|
|
||||||
|
def verify_users(users):
|
||||||
|
for u in users:
|
||||||
|
@@ -62,12 +73,20 @@
|
||||||
for i in newcat[1:]:
|
for i in newcat[1:]:
|
||||||
if i not in cats:
|
if i not in cats:
|
||||||
cats.append(i)
|
cats.append(i)
|
||||||
@ -4915,7 +4944,7 @@ diff --exclude-from=exclude --exclude POTFILES.in --exclude='*.po' --exclude='*.
|
|||||||
return errors
|
return errors
|
||||||
|
|
||||||
def chcat_add(orig, newcat, objects,login_ind):
|
def chcat_add(orig, newcat, objects,login_ind):
|
||||||
@@ -133,11 +141,17 @@
|
@@ -133,11 +152,17 @@
|
||||||
cats.remove(i)
|
cats.remove(i)
|
||||||
|
|
||||||
new_serange = "%s-%s:%s" % (serange[0], top[0], string.join(cats, ","))
|
new_serange = "%s-%s:%s" % (serange[0], top[0], string.join(cats, ","))
|
||||||
@ -4935,7 +4964,7 @@ diff --exclude-from=exclude --exclude POTFILES.in --exclude='*.po' --exclude='*.
|
|||||||
return errors
|
return errors
|
||||||
|
|
||||||
def chcat_remove(orig, newcat, objects, login_ind):
|
def chcat_remove(orig, newcat, objects, login_ind):
|
||||||
@@ -198,11 +212,17 @@
|
@@ -198,11 +223,17 @@
|
||||||
user = seusers["__default__"]
|
user = seusers["__default__"]
|
||||||
serange = user[1].split("-")
|
serange = user[1].split("-")
|
||||||
new_serange = "%s-%s:%s" % (serange[0],newcat[0], string.join(newcat[1:], ","))
|
new_serange = "%s-%s:%s" % (serange[0],newcat[0], string.join(newcat[1:], ","))
|
||||||
@ -4956,6 +4985,29 @@ diff --exclude-from=exclude --exclude POTFILES.in --exclude='*.po' --exclude='*.
|
|||||||
return errors
|
return errors
|
||||||
|
|
||||||
def chcat_replace(newcat, objects, login_ind):
|
def chcat_replace(newcat, objects, login_ind):
|
||||||
|
@@ -362,6 +393,10 @@
|
||||||
|
|
||||||
|
if list_ind == 0 and len(cmds) < 1:
|
||||||
|
usage()
|
||||||
|
+
|
||||||
|
+ except getopt.error, error:
|
||||||
|
+ errorExit(_("Options Error %s ") % error.msg)
|
||||||
|
+
|
||||||
|
except ValueError, e:
|
||||||
|
usage()
|
||||||
|
|
||||||
|
diff --exclude-from=exclude --exclude POTFILES.in --exclude='*.po' --exclude='*.pot' -N -u -r nsapolicycoreutils/scripts/fixfiles.8 policycoreutils-2.0.0/scripts/fixfiles.8
|
||||||
|
--- nsapolicycoreutils/scripts/fixfiles.8 2007-01-17 11:11:34.000000000 -0500
|
||||||
|
+++ policycoreutils-2.0.0/scripts/fixfiles.8 2007-02-07 16:52:56.000000000 -0500
|
||||||
|
@@ -54,7 +54,7 @@
|
||||||
|
change any incorrect file context labels.
|
||||||
|
.TP
|
||||||
|
.B relabel
|
||||||
|
-Prompt for removal of contents of /tmp directory and then change any inccorect file context labels to match the install file_contexts file.
|
||||||
|
+Prompt for removal of contents of /tmp directory and then change any incorrect file context labels to match the install file_contexts file.
|
||||||
|
.TP
|
||||||
|
.B verify
|
||||||
|
List out files with incorrect file context labels, but do not change them.
|
||||||
diff --exclude-from=exclude --exclude POTFILES.in --exclude='*.po' --exclude='*.pot' -N -u -r nsapolicycoreutils/semanage/seobject.py policycoreutils-2.0.0/semanage/seobject.py
|
diff --exclude-from=exclude --exclude POTFILES.in --exclude='*.po' --exclude='*.pot' -N -u -r nsapolicycoreutils/semanage/seobject.py policycoreutils-2.0.0/semanage/seobject.py
|
||||||
--- nsapolicycoreutils/semanage/seobject.py 2007-01-17 11:11:34.000000000 -0500
|
--- nsapolicycoreutils/semanage/seobject.py 2007-01-17 11:11:34.000000000 -0500
|
||||||
+++ policycoreutils-2.0.0/semanage/seobject.py 2007-02-07 16:40:46.000000000 -0500
|
+++ policycoreutils-2.0.0/semanage/seobject.py 2007-02-07 16:40:46.000000000 -0500
|
||||||
@ -4990,15 +5042,31 @@ diff --exclude-from=exclude --exclude POTFILES.in --exclude='*.po' --exclude='*.
|
|||||||
|
|
||||||
if len(roles) != 0:
|
if len(roles) != 0:
|
||||||
for r in rlist:
|
for r in rlist:
|
||||||
diff --exclude-from=exclude --exclude POTFILES.in --exclude='*.po' --exclude='*.pot' -N -u -r nsapolicycoreutils/semodule_deps/semodule_deps.c policycoreutils-2.0.0/semodule_deps/semodule_deps.c
|
--- newrole.c 2007-02-09 17:29:23.000000000 -0500
|
||||||
--- nsapolicycoreutils/semodule_deps/semodule_deps.c 2007-02-07 12:11:49.000000000 -0500
|
+++ newrole.c.ljk 2007-02-09 18:20:26.000000000 -0500
|
||||||
+++ policycoreutils-2.0.0/semodule_deps/semodule_deps.c 2007-02-07 16:46:18.000000000 -0500
|
@@ -636,7 +636,7 @@ static int relabel_tty(const char *ttyn,
|
||||||
@@ -16,7 +16,7 @@
|
}
|
||||||
* of avrule_blocks - even in an ABI safe way - seems undesirable.
|
|
||||||
*/
|
/* Re-open TTY descriptor */
|
||||||
#include <sepol/module.h>
|
- fd = open(ttyn, O_RDWR);
|
||||||
-#include <sepol/errno.h>
|
+ fd = open(ttyn, O_RDWR|O_NONBLOCK);
|
||||||
+#include <sepol/errcodes.h>
|
if (fd < 0) {
|
||||||
#include <sepol/policydb/policydb.h>
|
fprintf(stderr, _("Error! Could not open %s.\n"), ttyn);
|
||||||
|
return fd;
|
||||||
|
@@ -1127,13 +1127,13 @@ int main(int argc, char *argv[])
|
||||||
|
fprintf(stderr, _("Could not close descriptors.\n"));
|
||||||
|
goto err_close_pam;
|
||||||
|
}
|
||||||
|
- fd = open(ttyn, O_RDONLY);
|
||||||
|
+ fd = open(ttyn, O_RDONLY|O_NONBLOCK);
|
||||||
|
if (fd != 0)
|
||||||
|
goto err_close_pam;
|
||||||
|
- fd = open(ttyn, O_RDWR);
|
||||||
|
+ fd = open(ttyn, O_RDWR|O_NONBLOCK);
|
||||||
|
if (fd != 1)
|
||||||
|
goto err_close_pam;
|
||||||
|
- fd = open(ttyn, O_RDWR);
|
||||||
|
+ fd = open(ttyn, O_RDWR|O_NONBLOCK);
|
||||||
|
if (fd != 2)
|
||||||
|
goto err_close_pam;
|
||||||
|
|
||||||
#include <getopt.h>
|
|
||||||
|
@ -128,6 +128,7 @@ rm -rf %{buildroot}
|
|||||||
%{_bindir}/semodule_expand
|
%{_bindir}/semodule_expand
|
||||||
%{_bindir}/semodule_link
|
%{_bindir}/semodule_link
|
||||||
%{_bindir}/semodule_package
|
%{_bindir}/semodule_package
|
||||||
|
%{_bindir}/sepolgen-ifgen
|
||||||
%{_mandir}/man8/chcat.8.gz
|
%{_mandir}/man8/chcat.8.gz
|
||||||
%{_mandir}/man8/restorecond.8.gz
|
%{_mandir}/man8/restorecond.8.gz
|
||||||
%{_mandir}/man8/restorecon.8.gz
|
%{_mandir}/man8/restorecon.8.gz
|
||||||
@ -152,7 +153,6 @@ rm -rf %{buildroot}
|
|||||||
%config %{_sysconfdir}/pam.d/run_init
|
%config %{_sysconfdir}/pam.d/run_init
|
||||||
%config(noreplace) %{_sysconfdir}/sestatus.conf
|
%config(noreplace) %{_sysconfdir}/sestatus.conf
|
||||||
%{_libdir}/python?.?/site-packages/seobject.py*
|
%{_libdir}/python?.?/site-packages/seobject.py*
|
||||||
%{_libdir}/python?.?/site-packages/avc.py*
|
|
||||||
%attr(755,root,root) /etc/rc.d/init.d/restorecond
|
%attr(755,root,root) /etc/rc.d/init.d/restorecond
|
||||||
%config(noreplace) /etc/selinux/restorecond.conf
|
%config(noreplace) /etc/selinux/restorecond.conf
|
||||||
|
|
||||||
@ -175,7 +175,7 @@ fi
|
|||||||
Note that you must run the sepolgen-ifgen tool to generate
|
Note that you must run the sepolgen-ifgen tool to generate
|
||||||
the data needed by audit2allow to generate refpolicy.
|
the data needed by audit2allow to generate refpolicy.
|
||||||
* Fixed newrole non-pam build.
|
* Fixed newrole non-pam build.
|
||||||
|
- Fix Changelog and spelling error in man page
|
||||||
|
|
||||||
* Thu Feb 1 2007 Dan Walsh <dwalsh@redhat.com> 1.34.1-4
|
* Thu Feb 1 2007 Dan Walsh <dwalsh@redhat.com> 1.34.1-4
|
||||||
- Fix audit2allow on missing translations
|
- Fix audit2allow on missing translations
|
||||||
|
Loading…
Reference in New Issue
Block a user