rpms/policycoreutils
3
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

* Thu Feb 11 2010 Dan Walsh <dwalsh@redhat.com> 2.0.78-21

Browse Source 
- Fix display of command in sandbox
This commit is contained in:
Daniel J Walsh 2010-02-11 21:56:38 +00:00
parent ee3649bda5
commit fce031b620
1 changed files with 12 additions and 11 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

23
policycoreutils-rhat.patch
View File

@ -1713,8 +1713,8 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.19 --exclude=gui --exclude=po
+relabel: +relabel:
diff --exclude-from=exclude --exclude=sepolgen-1.0.19 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/sandbox/sandbox policycoreutils-2.0.78/sandbox/sandbox diff --exclude-from=exclude --exclude=sepolgen-1.0.19 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/sandbox/sandbox policycoreutils-2.0.78/sandbox/sandbox
--- nsapolicycoreutils/sandbox/sandbox 1969-12-31 19:00:00.000000000 -0500 --- nsapolicycoreutils/sandbox/sandbox 1969-12-31 19:00:00.000000000 -0500
+++ policycoreutils-2.0.78/sandbox/sandbox 2010-02-11 13:22:58.000000000 -0500 +++ policycoreutils-2.0.78/sandbox/sandbox 2010-02-11 16:54:12.000000000 -0500
@@ -0,0 +1,359 @@ @@ -0,0 +1,360 @@
+#! /usr/bin/python -E +#! /usr/bin/python -E
+# Authors: Dan Walsh <dwalsh@redhat.com> +# Authors: Dan Walsh <dwalsh@redhat.com>
+# Authors: Josh Cogliati +# Authors: Josh Cogliati
@ -1882,7 +1882,6 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.19 --exclude=gui --exclude=po
+ fd.write(""" + fd.write("""
+#!/bin/sh +#!/bin/sh
+#TITLE: %s +#TITLE: %s
+/usr/bin/test -r ~/.xmodmap && /usr/bin/xmodmap ~/.xmodmap
+%s +%s
+""" % (command, command)) +""" % (command, command))
+ fd.close() + fd.close()
@ -1897,7 +1896,8 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.19 --exclude=gui --exclude=po
+ +
+ def usage(message = ""): + def usage(message = ""):
+ text = _(""" + text = _("""
+sandbox [-h] [-[X|M] [-S] [-l level ] [-H homedir] [-T tempdir]] [-I includefile ] [[-i file ] ...] [ -t type ] command +sandbox [-h] [-[X|M] [-l level ] [-H homedir] [-T tempdir]] [-I includefile ] [[-i file ] ...] [ -t type ] command
+sandbox [-h] [-[X|M] [-l level ] [-H homedir] [-T tempdir]] [-I includefile ] [[-i file ] ...] [ -t type ] -S
+""") +""")
+ error_exit("%s\n%s" % (message, text)) + error_exit("%s\n%s" % (message, text))
+ +
@ -1957,16 +1957,17 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.19 --exclude=gui --exclude=po
+ newhomedir = a + newhomedir = a
+ if o == "-T" or o == "--tmpdir": + if o == "-T" or o == "--tmpdir":
+ existing_temp = True + existing_temp = True
+ newtempdir = a + newtmpdir = a
+ if o == "-h" or o == "--help": + if o == "-h" or o == "--help":
+ usage(_("Usage")); + usage(_("Usage"));
+ +
+ if o == "-S" or o == "--session": + if o == "-S" or o == "--session":
+ session = True + session = True
+ homedir=pwd.getpwuid(os.getuid()).pw_dir + homedir=pwd.getpwuid(os.getuid()).pw_dir
+ + if setype in (DEFAULT_TYPE, DEFAULT_X_TYPE):
+ setype = selinux.getcon()[1].split(":")[2]
+ +
+ if len(cmds) == 0: + if len(cmds) == 0 and not session:
+ usage(_("Command required")) + usage(_("Command required"))
+ +
+ if (existing_home or existing_temp) and not home_and_temp: + if (existing_home or existing_temp) and not home_and_temp:
@ -1974,7 +1975,7 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.19 --exclude=gui --exclude=po
+ execcon, filecon = gen_context(setype, level) + execcon, filecon = gen_context(setype, level)
+ rc = -1 + rc = -1
+ +
+ if cmds[0][0] != "/" and cmds[0][:2] != "./" and cmds[0][:3] != "../": + if not session and cmds[0][0] != "/" and cmds[0][:2] != "./" and cmds[0][:3] != "../":
+ for i in os.environ["PATH"].split(':'): + for i in os.environ["PATH"].split(':'):
+ f = "%s/%s" % (i, cmds[0]) + f = "%s/%s" % (i, cmds[0])
+ if os.access(f, os.X_OK): + if os.access(f, os.X_OK):
@ -2003,8 +2004,8 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.19 --exclude=gui --exclude=po
+ rc = os.spawnvp(os.P_WAIT, chcon[0], chcon) + rc = os.spawnvp(os.P_WAIT, chcon[0], chcon)
+ +
+ if existing_temp: + if existing_temp:
+ if not os.path.isdir(newtempdir): + if not os.path.isdir(newtmpdir):
+ raise IOError("Temp directory "+newtempdir+" not found") + raise IOError("Temp directory "+newtmpdir+" not found")
+ if not level and not session: + if not level and not session:
+ chcon = ("/usr/bin/chcon -R %s %s" % (filecon, newtmpdir)).split() + chcon = ("/usr/bin/chcon -R %s %s" % (filecon, newtmpdir)).split()
+ rc = os.spawnvp(os.P_WAIT, chcon[0], chcon) + rc = os.spawnvp(os.P_WAIT, chcon[0], chcon)
@ -2034,7 +2035,7 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.19 --exclude=gui --exclude=po
+ +
+ execfile = newhomedir + "/.sandboxrc" + execfile = newhomedir + "/.sandboxrc"
+ if session: + if session:
+ setup_session(execfile, " ".join(paths)) + setup_session(execfile)
+ else: + else:
+ setup_executable(execfile, " ".join(paths)) + setup_executable(execfile, " ".join(paths))
+ +