Compare commits
5 Commits
Author | SHA1 | Date | |
---|---|---|---|
|
1d1bd86701 | ||
|
60c1e5e012 | ||
|
97a9bfcb09 | ||
|
d103886454 | ||
|
da315322e8 |
@ -0,0 +1,32 @@
|
|||||||
|
From e240bf9a547374dff8e7998b0bedce1d523b3dd4 Mon Sep 17 00:00:00 2001
|
||||||
|
From: Vit Mojzis <vmojzis@redhat.com>
|
||||||
|
Date: Wed, 21 Aug 2019 17:43:25 +0200
|
||||||
|
Subject: [PATCH] policycoreutils/fixfiles: Fix unbound variable problem
|
||||||
|
|
||||||
|
Fix a typo introduced in commit d3f8b2c3cd909 ("policycoreutils/fixfiles: Fix
|
||||||
|
[-B] [-F] onboot"), which broke "fixfiles relabel":
|
||||||
|
|
||||||
|
#fixfiles relabel
|
||||||
|
/sbin/fixfiles: line 151: $1: unbound variable
|
||||||
|
|
||||||
|
Signed-off-by: Vit Mojzis <vmojzis@redhat.com>
|
||||||
|
---
|
||||||
|
policycoreutils/scripts/fixfiles | 2 +-
|
||||||
|
1 file changed, 1 insertion(+), 1 deletion(-)
|
||||||
|
|
||||||
|
diff --git a/policycoreutils/scripts/fixfiles b/policycoreutils/scripts/fixfiles
|
||||||
|
index a9d27d13..df0042aa 100755
|
||||||
|
--- a/policycoreutils/scripts/fixfiles
|
||||||
|
+++ b/policycoreutils/scripts/fixfiles
|
||||||
|
@@ -215,7 +215,7 @@ OPTION=$1
|
||||||
|
shift
|
||||||
|
|
||||||
|
# [-B | -N time ]
|
||||||
|
-if [ -z "$BOOTTIME" ]; then
|
||||||
|
+if [ -n "$BOOTTIME" ]; then
|
||||||
|
newer $BOOTTIME $*
|
||||||
|
return
|
||||||
|
fi
|
||||||
|
--
|
||||||
|
2.23.0
|
||||||
|
|
38
0025-gui-Fix-remove-module-in-system-config-selinux.patch
Normal file
38
0025-gui-Fix-remove-module-in-system-config-selinux.patch
Normal file
@ -0,0 +1,38 @@
|
|||||||
|
From eed9aca2fa1b5668b9ddca10cfe96695fa7d2b9f Mon Sep 17 00:00:00 2001
|
||||||
|
From: Petr Lautrbach <plautrba@redhat.com>
|
||||||
|
Date: Thu, 29 Aug 2019 08:58:20 +0200
|
||||||
|
Subject: [PATCH] gui: Fix remove module in system-config-selinux
|
||||||
|
|
||||||
|
When a user tried to remove a policy module with priority other than 400 via
|
||||||
|
GUI, it failed with a message:
|
||||||
|
|
||||||
|
libsemanage.semanage_direct_remove_key: Unable to remove module somemodule at priority 400. (No such file or directory).
|
||||||
|
|
||||||
|
This is fixed by calling "semodule -x PRIORITY -r NAME" instead of
|
||||||
|
"semodule -r NAME".
|
||||||
|
|
||||||
|
From Jono Hein <fredwacko40@hotmail.com>
|
||||||
|
Signed-off-by: Petr Lautrbach <plautrba@redhat.com>
|
||||||
|
---
|
||||||
|
gui/modulesPage.py | 3 ++-
|
||||||
|
1 file changed, 2 insertions(+), 1 deletion(-)
|
||||||
|
|
||||||
|
diff --git a/gui/modulesPage.py b/gui/modulesPage.py
|
||||||
|
index 26ac5404..35a0129b 100644
|
||||||
|
--- a/gui/modulesPage.py
|
||||||
|
+++ b/gui/modulesPage.py
|
||||||
|
@@ -125,9 +125,10 @@ class modulesPage(semanagePage):
|
||||||
|
def delete(self):
|
||||||
|
store, iter = self.view.get_selection().get_selected()
|
||||||
|
module = store.get_value(iter, 0)
|
||||||
|
+ priority = store.get_value(iter, 1)
|
||||||
|
try:
|
||||||
|
self.wait()
|
||||||
|
- status, output = getstatusoutput("semodule -r %s" % module)
|
||||||
|
+ status, output = getstatusoutput("semodule -X %s -r %s" % (priority, module))
|
||||||
|
self.ready()
|
||||||
|
if status != 0:
|
||||||
|
self.error(output)
|
||||||
|
--
|
||||||
|
2.23.0
|
||||||
|
|
@ -0,0 +1,30 @@
|
|||||||
|
From 4b1ede292c0de742b6fed12881c5916f3a6bc38b Mon Sep 17 00:00:00 2001
|
||||||
|
From: Petr Lautrbach <plautrba@redhat.com>
|
||||||
|
Date: Tue, 3 Sep 2019 15:17:27 +0200
|
||||||
|
Subject: [PATCH] python/semanage: Do not use default s0 range in "semanage
|
||||||
|
login -a"
|
||||||
|
|
||||||
|
Using the "s0" default means that new login mappings are always added with "s0"
|
||||||
|
range instead of the range of SELinux user.
|
||||||
|
|
||||||
|
Signed-off-by: Petr Lautrbach <plautrba@redhat.com>
|
||||||
|
---
|
||||||
|
python/semanage/semanage | 2 +-
|
||||||
|
1 file changed, 1 insertion(+), 1 deletion(-)
|
||||||
|
|
||||||
|
diff --git a/python/semanage/semanage b/python/semanage/semanage
|
||||||
|
index 4c766ae3..fa78afce 100644
|
||||||
|
--- a/python/semanage/semanage
|
||||||
|
+++ b/python/semanage/semanage
|
||||||
|
@@ -221,7 +221,7 @@ def parser_add_level(parser, name):
|
||||||
|
|
||||||
|
|
||||||
|
def parser_add_range(parser, name):
|
||||||
|
- parser.add_argument('-r', '--range', default="s0",
|
||||||
|
+ parser.add_argument('-r', '--range', default='',
|
||||||
|
help=_('''
|
||||||
|
MLS/MCS Security Range (MLS/MCS Systems only)
|
||||||
|
SELinux Range for SELinux login mapping
|
||||||
|
--
|
||||||
|
2.23.0
|
||||||
|
|
@ -12,7 +12,7 @@
|
|||||||
Summary: SELinux policy core utilities
|
Summary: SELinux policy core utilities
|
||||||
Name: policycoreutils
|
Name: policycoreutils
|
||||||
Version: 2.9
|
Version: 2.9
|
||||||
Release: 3%{?dist}
|
Release: 6%{?dist}
|
||||||
License: GPLv2
|
License: GPLv2
|
||||||
# https://github.com/SELinuxProject/selinux/wiki/Releases
|
# https://github.com/SELinuxProject/selinux/wiki/Releases
|
||||||
Source0: https://github.com/SELinuxProject/selinux/releases/download/20190315/policycoreutils-2.9.tar.gz
|
Source0: https://github.com/SELinuxProject/selinux/releases/download/20190315/policycoreutils-2.9.tar.gz
|
||||||
@ -61,6 +61,9 @@ Patch0020: 0020-python-Use-ipaddress-instead-of-IPy.patch
|
|||||||
Patch0021: 0021-python-semanage-Do-not-traceback-when-the-default-po.patch
|
Patch0021: 0021-python-semanage-Do-not-traceback-when-the-default-po.patch
|
||||||
Patch0022: 0022-policycoreutils-fixfiles-Fix-B-F-onboot.patch
|
Patch0022: 0022-policycoreutils-fixfiles-Fix-B-F-onboot.patch
|
||||||
Patch0023: 0023-policycoreutils-fixfiles-Force-full-relabel-when-SEL.patch
|
Patch0023: 0023-policycoreutils-fixfiles-Force-full-relabel-when-SEL.patch
|
||||||
|
Patch0024: 0024-policycoreutils-fixfiles-Fix-unbound-variable-proble.patch
|
||||||
|
Patch0025: 0025-gui-Fix-remove-module-in-system-config-selinux.patch
|
||||||
|
Patch0026: 0026-python-semanage-Do-not-use-default-s0-range-in-seman.patch
|
||||||
|
|
||||||
Obsoletes: policycoreutils < 2.0.61-2
|
Obsoletes: policycoreutils < 2.0.61-2
|
||||||
Conflicts: filesystem < 3, selinux-policy-base < 3.13.1-138
|
Conflicts: filesystem < 3, selinux-policy-base < 3.13.1-138
|
||||||
@ -535,6 +538,15 @@ The policycoreutils-restorecond package contains the restorecond service.
|
|||||||
%systemd_postun_with_restart restorecond.service
|
%systemd_postun_with_restart restorecond.service
|
||||||
|
|
||||||
%changelog
|
%changelog
|
||||||
|
* Wed Sep 4 2019 Petr Lautrbach <plautrba@redhat.com> - 2.9-6
|
||||||
|
- semanage: Do not use default s0 range in "semanage login -a" (#1312283)
|
||||||
|
|
||||||
|
* Thu Aug 29 2019 Petr Lautrbach <plautrba@redhat.com> - 2.9-5
|
||||||
|
- gui: Fix remove module in system-config-selinux (#1740936)
|
||||||
|
|
||||||
|
* Fri Aug 23 2019 Petr Lautrbach <plautrba@redhat.com> - 2.9-4
|
||||||
|
- fixfiles: Fix unbound variable problem
|
||||||
|
|
||||||
* Mon Aug 5 2019 Petr Lautrbach <plautrba@redhat.com> - 2.9-3
|
* Mon Aug 5 2019 Petr Lautrbach <plautrba@redhat.com> - 2.9-3
|
||||||
- Drop python2-policycoreutils
|
- Drop python2-policycoreutils
|
||||||
- Update ru man page translations
|
- Update ru man page translations
|
||||||
|
Loading…
Reference in New Issue
Block a user