diff --exclude-from=exclude --exclude=sepolgen-1.0.14 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/audit2allow/audit2allow.1 policycoreutils-2.0.60/audit2allow/audit2allow.1 --- nsapolicycoreutils/audit2allow/audit2allow.1 2009-01-13 08:45:35.000000000 -0500 +++ policycoreutils-2.0.60/audit2allow/audit2allow.1 2008-12-15 15:35:46.000000000 -0500 @@ -75,9 +75,6 @@ Generate reference policy using installed macros. This attempts to match denials against interfaces and may be inaccurate. .TP -.B "\-t " | "\-\-tefile" -Indicates input file is a te (type enforcement) file. This can be used to translate old te format to new policy format. -.TP .B "\-w" | "\-\-why" Translates SELinux audit messages into a description of why the access was denied diff --exclude-from=exclude --exclude=sepolgen-1.0.14 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/Makefile policycoreutils-2.0.60/Makefile --- nsapolicycoreutils/Makefile 2008-08-28 09:34:24.000000000 -0400 +++ policycoreutils-2.0.60/Makefile 2008-12-15 15:34:54.000000000 -0500 @@ -1,4 +1,4 @@ -SUBDIRS = setfiles semanage load_policy newrole run_init secon audit2allow audit2why scripts sestatus semodule_package semodule semodule_link semodule_expand semodule_deps setsebool po +SUBDIRS = setfiles semanage load_policy newrole run_init secon audit2allow audit2why scripts sestatus semodule_package semodule semodule_link semodule_expand semodule_deps setsebool po gui INOTIFYH = $(shell ls /usr/include/sys/inotify.h 2>/dev/null) diff --exclude-from=exclude --exclude=sepolgen-1.0.14 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/restorecond/restorecond.c policycoreutils-2.0.60/restorecond/restorecond.c --- nsapolicycoreutils/restorecond/restorecond.c 2008-08-28 09:34:24.000000000 -0400 +++ policycoreutils-2.0.60/restorecond/restorecond.c 2008-12-15 15:34:54.000000000 -0500 @@ -283,6 +283,8 @@ inotify_rm_watch(fd, master_wd); master_wd = inotify_add_watch(fd, watch_file_path, IN_MOVED_FROM | IN_MODIFY); + if (master_wd == -1) + exitApp("Error watching config file."); } /* @@ -411,7 +413,14 @@ if (!ptr) exitApp("Out of Memory"); + ptr->wd = inotify_add_watch(fd, dir, IN_CREATE | IN_MOVED_TO); + if (ptr->wd == -1) { + free(ptr); + syslog(LOG_ERR, "Unable to watch (%s) %s\n", + path, strerror(errno)); + return; + } ptr->dir = strdup(dir); if (!ptr->dir) diff --exclude-from=exclude --exclude=sepolgen-1.0.14 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/restorecond/utmpwatcher.c policycoreutils-2.0.60/restorecond/utmpwatcher.c --- nsapolicycoreutils/restorecond/utmpwatcher.c 2008-08-28 09:34:24.000000000 -0400 +++ policycoreutils-2.0.60/restorecond/utmpwatcher.c 2008-12-15 15:34:54.000000000 -0500 @@ -57,7 +57,7 @@ utmp_ptr = NULL; FILE *cfg = fopen(utmp_path, "r"); if (!cfg) - exitApp("Error reading config file."); + exitApp("Error reading utmp file."); while (fread(&u, sizeof(struct utmp), 1, cfg) > 0) { if (u.ut_type == USER_PROCESS) @@ -69,6 +69,9 @@ utmp_wd = inotify_add_watch(inotify_fd, utmp_path, IN_MOVED_FROM | IN_MODIFY); + if (utmp_wd == -1) + exitApp("Error watching utmp file."); + if (prev_utmp_ptr) { changed = strings_list_diff(prev_utmp_ptr, utmp_ptr); strings_list_free(prev_utmp_ptr); diff --exclude-from=exclude --exclude=sepolgen-1.0.14 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/semanage/semanage policycoreutils-2.0.60/semanage/semanage --- nsapolicycoreutils/semanage/semanage 2008-11-14 17:10:15.000000000 -0500 +++ policycoreutils-2.0.60/semanage/semanage 2009-01-13 08:55:07.000000000 -0500 @@ -219,6 +219,7 @@ 'seuser=', 'store=', 'range=', + 'locallist=', 'level=', 'roles=', 'type=', diff --exclude-from=exclude --exclude=sepolgen-1.0.14 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/semodule/semodule.c policycoreutils-2.0.60/semodule/semodule.c --- nsapolicycoreutils/semodule/semodule.c 2009-01-13 08:45:35.000000000 -0500 +++ policycoreutils-2.0.60/semodule/semodule.c 2009-01-06 08:56:37.000000000 -0500 @@ -359,6 +359,9 @@ mode_arg); } result = semanage_module_remove(sh, mode_arg); + if ( result == -2 ) { + continue; + } break; } case LIST_M:{