diff --exclude-from=exclude --exclude='*.po' -N -u -r nsapolicycoreutils/audit2allow/audit2allow policycoreutils-1.30.28/audit2allow/audit2allow --- nsapolicycoreutils/audit2allow/audit2allow 2006-08-28 16:58:19.000000000 -0400 +++ policycoreutils-1.30.28/audit2allow/audit2allow 2006-09-08 09:12:12.000000000 -0400 @@ -1,4 +1,4 @@ -#! /usr/bin/env python +#! /usr/bin/python -E # Copyright (C) 2005 Red Hat # see file 'COPYING' for use and warranty information # diff --exclude-from=exclude --exclude='*.po' -N -u -r nsapolicycoreutils/audit2allow/avc.py policycoreutils-1.30.28/audit2allow/avc.py --- nsapolicycoreutils/audit2allow/avc.py 2006-08-28 16:58:19.000000000 -0400 +++ policycoreutils-1.30.28/audit2allow/avc.py 2006-09-08 09:12:12.000000000 -0400 @@ -1,4 +1,4 @@ -#! /usr/bin/env python +#! /usr/bin/python -E # Copyright (C) 2006 Red Hat # see file 'COPYING' for use and warranty information # diff --exclude-from=exclude --exclude='*.po' -N -u -r nsapolicycoreutils/newrole/newrole.c policycoreutils-1.30.28/newrole/newrole.c --- nsapolicycoreutils/newrole/newrole.c 2006-08-28 16:58:20.000000000 -0400 +++ policycoreutils-1.30.28/newrole/newrole.c 2006-09-08 09:12:12.000000000 -0400 @@ -445,6 +445,7 @@ /* Terminate on SIGHUP. */ signal(SIGHUP, SIG_DFL); + signal(SIGPIPE, SIG_IGN); #ifdef USE_NLS setlocale(LC_ALL, ""); diff --exclude-from=exclude --exclude='*.po' -N -u -r nsapolicycoreutils/restorecon/restorecon.8 policycoreutils-1.30.28/restorecon/restorecon.8 --- nsapolicycoreutils/restorecon/restorecon.8 2006-08-28 16:58:19.000000000 -0400 +++ policycoreutils-1.30.28/restorecon/restorecon.8 2006-09-08 09:12:12.000000000 -0400 @@ -4,10 +4,10 @@ .SH "SYNOPSIS" .B restorecon -.I [\-o outfilename ] [\-R] [\-n] [\-v] [\-e directory ] pathname... +.I [-i] [\-o] [\-R] [\-n] [\-v] [\-e directory ] pathname... .P .B restorecon -.I \-f infilename [\-o outfilename ] [\-e directory ] [\-R] [\-n] [\-v] [\-F] +.I [-i] \-f infilename [\-o] [\-e directory ] [\-R] [\-n] [\-v] [\-F] .SH "DESCRIPTION" This manual page describes the @@ -23,6 +23,9 @@ .SH "OPTIONS" .TP +.B \-i +ignore files that do not exist +.TP .B \-f infilename infilename contains a list of files to be processed by application. Use \- for stdin. .TP @@ -35,8 +38,8 @@ .B \-n don't change any file labels. .TP -.B \-o outfilename -save list of files with incorrect context in outfilename. +.B \-o +print list of files with incorrect context. .TP .B \-v show changes in file labels. diff --exclude-from=exclude --exclude='*.po' -N -u -r nsapolicycoreutils/restorecon/restorecon.c policycoreutils-1.30.28/restorecon/restorecon.c --- nsapolicycoreutils/restorecon/restorecon.c 2006-09-01 22:32:11.000000000 -0400 +++ policycoreutils-1.30.28/restorecon/restorecon.c 2006-09-11 09:53:08.000000000 -0400 @@ -11,9 +11,10 @@ * restorecon [-Rnv] pathname... * * -e Specify directory to exclude + * -i Ignore error if file does not exist * -n Do not change any file labels. * -v Show changes in file labels. - * -o filename save list of files with incorrect context + * -o Print list of files with incorrect context * -F Force reset of context to match file_context for customizable files * * pathname... The file(s) to label @@ -41,12 +42,14 @@ #include static int change = 1; +static int change_ctr = 0; static int verbose = 0; static int progress = 0; -static FILE *outfile = NULL; +static int outfile = 0; static char *progname; static int errors = 0; static int recurse = 0; +static int file_exist = 1; static int force = 0; #define STAT_BLOCK_SIZE 1 static int pipe_fds[2] = { -1, -1 }; @@ -129,7 +132,7 @@ void usage(const char *const name) { fprintf(stderr, - "usage: %s [-FnrRv] [-e excludedir ] [-o filename ] [-f filename | pathname... ]\n", + "usage: %s [-iFonrRv] [-e excludedir ] [-f filename | pathname... ]\n", name); exit(1); } @@ -160,6 +163,8 @@ } if (lstat(filename, &st) != 0) { + if (!file_exist && errno == ENOENT) + return 0; fprintf(stderr, "lstat(%s) failed: %s\n", filename, strerror(errno)); return 1; @@ -197,11 +202,8 @@ return 1; } p += len; - /* ensure trailing slash of directory name */ - if (len == 0 || *(p - 1) != '/') { - *p = '/'; - p++; - } + *p = '/'; + p++; strcpy(p, file_sep); filename = path; } else { @@ -236,7 +238,7 @@ is_context_customizable(prev_context) > 0))) { if (only_changed_user(scontext, prev_context) == 0) { if (outfile) - fprintf(outfile, "%s\n", filename); + fprintf(stdout, "%s\n", filename); if (change) { if (lsetfilecon(filename, scontext) < 0) { fprintf(stderr, @@ -249,9 +251,12 @@ freecon(scontext); return 1; } - } + } + else + change_ctr++; + if (verbose) - printf("%s reset %s context %s->%s\n", + fprintf(stderr, "%s reset %s context %s->%s\n", progname, filename, (retcontext >= 0 ? prev_context : ""), @@ -259,7 +264,7 @@ } } if (verbose > 1 && !force && customizable > 0) { - printf("%s: %s not reset customized by admin to %s\n", + fprintf(stderr, "%s: %s not reset customized by admin to %s\n", progname, filename, prev_context); } @@ -322,6 +327,8 @@ close(pipe_fds[1]); if (rc == -1 || rc > 0) { if (nftw(buf, apply_spec, 1024, FTW_PHYS)) { + if (!file_exist && errno == ENOENT) + return; fprintf(stderr, "%s: error while labeling files under %s\n", progname, buf); @@ -353,11 +360,14 @@ exit(0); set_matchpathcon_flags(MATCHPATHCON_NOTRANS); - while ((opt = getopt(argc, argv, "pFrRnvf:o:e:")) > 0) { + while ((opt = getopt(argc, argv, "ipFrRnvf:oe:")) > 0) { switch (opt) { case 'n': change = 0; break; + case 'i': + file_exist = 0; + break; case 'r': case 'R': recurse = 1; @@ -370,13 +380,7 @@ exit(1); break; case 'o': - outfile = fopen(optarg, "w"); - if (!outfile) { - fprintf(stderr, "Error opening %s: %s\n", - optarg, strerror(errno)); - usage(argv[0]); - } - __fsetlocking(outfile, FSETLOCKING_BYCALLER); + outfile = 1; break; case 'v': if (progress) { @@ -425,8 +429,8 @@ process(argv[i]); } } - if (outfile) - fclose(outfile); + + if (change) return change_ctr; return errors; } diff --exclude-from=exclude --exclude='*.po' -N -u -r nsapolicycoreutils/restorecond/restorecond.init policycoreutils-1.30.28/restorecond/restorecond.init --- nsapolicycoreutils/restorecond/restorecond.init 2006-08-28 16:58:19.000000000 -0400 +++ policycoreutils-1.30.28/restorecond/restorecond.init 2006-09-08 09:12:12.000000000 -0400 @@ -3,9 +3,9 @@ # restorecond: Daemo used to maintain path file context # # chkconfig: 2345 10 90 -# description: restorecond uses inotify to look for creation of new files listed in the -# /etc/selinux/POLICYTYPE/restorefiles.conf file, and sets the correct security -# context. +# description: restorecond uses inotify to look for creation of new files \ +# listed in the /etc/selinux/restorecond.conf file, and restores the \ +# correct security context. # # Source function library. diff --exclude-from=exclude --exclude='*.po' -N -u -r nsapolicycoreutils/scripts/chcat policycoreutils-1.30.28/scripts/chcat --- nsapolicycoreutils/scripts/chcat 2006-08-28 16:58:19.000000000 -0400 +++ policycoreutils-1.30.28/scripts/chcat 2006-09-08 09:12:12.000000000 -0400 @@ -1,4 +1,4 @@ -#! /usr/bin/env python +#! /usr/bin/python -E # Copyright (C) 2005 Red Hat # see file 'COPYING' for use and warranty information # diff --exclude-from=exclude --exclude='*.po' -N -u -r nsapolicycoreutils/scripts/fixfiles policycoreutils-1.30.28/scripts/fixfiles --- nsapolicycoreutils/scripts/fixfiles 2006-09-01 22:32:11.000000000 -0400 +++ policycoreutils-1.30.28/scripts/fixfiles 2006-09-08 09:12:12.000000000 -0400 @@ -117,8 +117,8 @@ exit $? fi if [ ! -z "$RPMFILES" ]; then - for i in `echo $RPMFILES | sed 's/,/ /g'`; do - rpmlist $i | ${RESTORECON} ${OUTFILES} ${FORCEFLAG} -R $* -f - 2>&1 >> $LOGFILE + for i in `echo "$RPMFILES" | sed 's/,/ /g'`; do + rpmlist $i | ${RESTORECON} ${OUTFILES} ${FORCEFLAG} -i $* -f - 2>> $LOGFILE done exit $? fi @@ -126,10 +126,10 @@ if [ -x /usr/bin/find ]; then for d in ${DIRS} ; do find $d \ ! \( -fstype ext2 -o -fstype ext3 -o -fstype jfs -o -fstype xfs \) -prune -o -print | \ - ${RESTORECON} ${OUTFILES} ${FORCEFLAG} $* -f - 2>&1 >> $LOGFILE + ${RESTORECON} ${OUTFILES} ${FORCEFLAG} $* -f - 2>> $LOGFILE done else - ${RESTORECON} ${OUTFILES} ${FORCEFLAG} -R $* $DIRS 2>&1 >> $LOGFILE + ${RESTORECON} ${OUTFILES} ${FORCEFLAG} -R $* $DIRS 2>> $LOGFILE fi exit $? @@ -190,7 +190,7 @@ RPMFILES=$OPTARG ;; o) - OUTFILES=$OPTARG + OUTFILES="-o" ;; l) LOGFILE=$OPTARG @@ -219,7 +219,7 @@ # check if they specified both DIRS and RPMFILES # -if [ ! -z $RPMFILES ]; then +if [ ! -z "$RPMFILES" ]; then if [ $OPTIND -le $# ]; then usage fi diff --exclude-from=exclude --exclude='*.po' -N -u -r nsapolicycoreutils/scripts/genhomedircon policycoreutils-1.30.28/scripts/genhomedircon --- nsapolicycoreutils/scripts/genhomedircon 2006-08-28 16:58:19.000000000 -0400 +++ policycoreutils-1.30.28/scripts/genhomedircon 2006-09-08 09:12:12.000000000 -0400 @@ -1,4 +1,4 @@ -#! /usr/bin/python +#! /usr/bin/python -E # Copyright (C) 2004 Tresys Technology, LLC # see file 'COPYING' for use and warranty information # diff --exclude-from=exclude --exclude='*.po' -N -u -r nsapolicycoreutils/secon/Makefile policycoreutils-1.30.28/secon/Makefile --- nsapolicycoreutils/secon/Makefile 2006-08-28 16:58:20.000000000 -0400 +++ policycoreutils-1.30.28/secon/Makefile 2006-09-08 09:16:28.000000000 -0400 @@ -20,8 +20,8 @@ install: all install -m 755 secon $(BINDIR); -# test -d $(MANDIR)/man1 || install -m 755 -d $(MANDIR)/man1 -# install -m 644 ../man/secon.1 $(MANDIR)/man1 + test -d $(MANDIR)/man1 || install -m 755 -d $(MANDIR)/man1 + install -m 644 secon.1 $(MANDIR)/man1 relabel: /sbin/restorecon $(BINDIR)/secon diff --exclude-from=exclude --exclude='*.po' -N -u -r nsapolicycoreutils/semanage/semanage policycoreutils-1.30.28/semanage/semanage --- nsapolicycoreutils/semanage/semanage 2006-08-28 16:58:18.000000000 -0400 +++ policycoreutils-1.30.28/semanage/semanage 2006-09-08 09:12:12.000000000 -0400 @@ -1,4 +1,4 @@ -#! /usr/bin/env python +#! /usr/bin/python -E # Copyright (C) 2005 Red Hat # see file 'COPYING' for use and warranty information # diff --exclude-from=exclude --exclude='*.po' -N -u -r nsapolicycoreutils/semanage/seobject.py policycoreutils-1.30.28/semanage/seobject.py --- nsapolicycoreutils/semanage/seobject.py 2006-08-28 16:58:18.000000000 -0400 +++ policycoreutils-1.30.28/semanage/seobject.py 2006-09-08 09:12:12.000000000 -0400 @@ -1,4 +1,4 @@ -#! /usr/bin/env python +#! /usr/bin/python -E # Copyright (C) 2005 Red Hat # see file 'COPYING' for use and warranty information # diff --exclude-from=exclude --exclude='*.po' -N -u -r nsapolicycoreutils/setfiles/setfiles.8 policycoreutils-1.30.28/setfiles/setfiles.8 --- nsapolicycoreutils/setfiles/setfiles.8 2006-08-28 16:58:22.000000000 -0400 +++ policycoreutils-1.30.28/setfiles/setfiles.8 2006-09-08 09:12:12.000000000 -0400 @@ -4,7 +4,7 @@ .SH "SYNOPSIS" .B setfiles -.I [\-c policy ] [\-d] [\-l] [\-n] [\-e directory ] [\-o filename ] [\-q] [\-s] [\-v] [\-vv] [\-W] [\-F] spec_file pathname... +.I [\-c policy ] [\-d] [\-l] [\-n] [\-e directory ] [\-o ] [\-q] [\-s] [\-v] [\-vv] [\-W] [\-F] spec_file pathname... .SH "DESCRIPTION" This manual page describes the .BR setfiles @@ -44,8 +44,8 @@ .B \-F Force reset of context to match file_context for customizable files .TP -.B \-o filename -save list of files with incorrect context in filename. +.B \-o +Print list of files with incorrect context. .TP .B \-s take a list of files from standard input instead of using a pathname on the diff --exclude-from=exclude --exclude='*.po' -N -u -r nsapolicycoreutils/setfiles/setfiles.c policycoreutils-1.30.28/setfiles/setfiles.c --- nsapolicycoreutils/setfiles/setfiles.c 2006-08-28 16:58:22.000000000 -0400 +++ policycoreutils-1.30.28/setfiles/setfiles.c 2006-09-08 09:12:51.000000000 -0400 @@ -12,7 +12,7 @@ * the user. The program does not cross file system boundaries. * * USAGE: - * setfiles [-dnpqsvW] [-e directory ] [-c policy] [-o filename ] spec_file pathname... + * setfiles [-odnpqsvW] [-e directory ] [-c policy] spec_file pathname... * * -e Specify directory to exclude * -F Force reset of context to match file_context for customizable files @@ -26,7 +26,7 @@ * -s Use stdin for a list of files instead of searching a partition. * -v Show changes in file labels. * -W Warn about entries that have no matching file. - * -o filename write out file names with wrong context. + * -o print out file names with wrong context. * * spec_file The specification file. * pathname... The file systems to label (omit if using -s). @@ -85,7 +85,7 @@ #endif static int add_assoc = 1; -static FILE *outfile = NULL; +static int outfile = 0; static int force = 0; #define STAT_BLOCK_SIZE 1 static int pipe_fds[2] = { -1, -1 }; @@ -321,7 +321,7 @@ } if (debug) { - printf("%s: %s matched by %s\n", progname, my_file, newcon); + fprintf(stderr, "%s: %s matched by %s\n", progname, my_file, newcon); } /* Get the current context of the file. */ @@ -366,10 +366,10 @@ * same. For "-vv", emit everything. */ if (verbose > 1 || !user_only_changed) { if (context) - printf("%s: relabeling %s from %s to %s\n", + fprintf(stderr,"%s: relabeling %s from %s to %s\n", progname, my_file, context, newcon); else - printf("%s: labeling %s to %s\n", progname, + fprintf(stderr, "%s: labeling %s to %s\n", progname, my_file, newcon); } } @@ -384,7 +384,7 @@ } if (outfile && !user_only_changed) - fprintf(outfile, "%s\n", my_file); + fprintf(stdout, "%s\n", my_file); if (context) freecon(context); @@ -516,7 +516,7 @@ set_matchpathcon_flags(MATCHPATHCON_VALIDATE | MATCHPATHCON_NOTRANS); /* Process any options. */ - while ((opt = getopt(argc, argv, "Fc:dlnpqrsvWe:o:")) > 0) { + while ((opt = getopt(argc, argv, "Fc:dlnpqrsvWe:o")) > 0) { switch (opt) { case 'c': { @@ -570,14 +570,7 @@ change = 0; break; case 'o': - outfile = fopen(optarg, "w"); - if (!outfile) { - fprintf(stderr, "Error opening %s: %s\n", - optarg, strerror(errno)); - - usage(argv[0]); - } - __fsetlocking(outfile, FSETLOCKING_BYCALLER); + outfile = 1; break; case 'q': quiet = 1; @@ -750,9 +743,6 @@ if (warn_no_match) matchpathcon_checkmatches(argv[0]); - if (outfile) - fclose(outfile); - for (i = 0; i < excludeCtr; i++) { free(excludeArray[i].directory); }